Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI virus and other problems


  • This topic is locked This topic is locked
49 replies to this topic

#1 paw51

paw51

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 02 January 2014 - 03:02 PM

Moderator note:  These logs were created in response to instructions posted in an AII topic which is here: http://www.bleepingcomputer.com/forums/t/517987/this-laptop-getting-screen-saying-computer-is-locked-by-the-fbi/ ~ OB :cherry:

 

Below are the logs from the instructions I sent you.  While working I also noticed the Startup folder is visible but is empty.  Also, while working I noticed the Windows security is working as well as the Avast, which is why I looked for the startup folder.  How can I show start up programs in the folder?

 

I copied and pasted the final Norton NPE log into word. It was run in Safemode.  I have the two logs from Norton, but they are too big, so I will post one or two more times with these attached.

Attached Files


Edited by Orange Blossom, 05 January 2014 - 09:27 PM.


BC AdBot (Login to Remove)

 


#2 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 02 January 2014 - 03:07 PM

The Norton NPE files are still too big to attach.  Is there another way to get them to you?

 

Pat



#3 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:01 AM

Posted 05 January 2014 - 11:38 PM

Hello paw51, and welcome to Bleeping Computer! :thumbsup:

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

A few things to keep in mind while we are working together:

  • If you have since resolved the original problem you were having, I would appreciate it if you let me know.
  • If you are unsure about any of the steps just post what you can and I will guide you!
  • Please tell me if you have your original Windows CD/DVD available.
  • Please copy and paste all logs here unless otherwise instructed!
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • Please do not run any other tools without my instruction to do so!

==========

First, we will tackle the FBI issue you are dealing with. Then we'll see what other problems you are still experiencing.

 

Malware must be removed first, so to begin, let's get two logs from FRST with the below instructions to get a deeper look into the system:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. You need the 64-bit version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 

==========

 

If you have any problems with the above instructions, please stop and let me know!

 

bloopie


Edited by bloopie, 05 January 2014 - 11:40 PM.


#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:01 AM

Posted 09 January 2014 - 06:18 PM

Hello again,
 
Are you still with me? :)

This is a Topic Bump! If you still wish to receive help, please follow the instructions in my previous post.

If you do not respond within another 48 hours I will be forced to close this topic!

bloopie

#5 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 10 January 2014 - 11:06 AM

 Very sorry about the delay.  Have been out trying to catch up with errands now that we are not snowbound.  I do not have the original windows 7 disk.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2014
Ran by heather (administrator) on HEATHER-HP on 10-01-2014 09:59:36
Running from C:\Users\heather\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe
(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Facebook Inc.) C:\Users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe
(AT&T, Inc.) C:\Program Files (x86)\AT&T Locker Uploader\AT&T Locker Uploader.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-12-02] (IDT, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-23] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-10-07] (Sendori, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-05] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-14] (Facebook Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
HKU\admin heather\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\admin heather\...\Policies\system: [LogonHoursAction] 2
HKU\admin heather\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Guest\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\Guest\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Jack\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\Jack\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Jack\...\Policies\system: [LogonHoursAction] 2
HKU\Jack\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs:   [ ] ()
Startup: C:\Users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AT&T Locker Uploader.lnk
ShortcutTarget: AT&T Locker Uploader.lnk -> C:\Program Files (x86)\AT&T Locker Uploader\AT&T Locker Uploader.exe (AT&T, Inc.)
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC4BD1E24AAF6CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {7A33AB54-887A-498C-A08B-93ED63672C78} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {95BC99B5-20E5-4B31-88A3-7129D3960ED6} URL = http://delicious.com/search?p={searchTerms}
SearchScopes: HKCU - {A30D71B0-E41A-4D01-84C5-9F4C58E93DA1} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie11
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: HP Smart Print BHO - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - No Name - {CDF97EE2-DED0-4369-835E-99DD08225FA5} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect125.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 02 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 03 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 04 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 15 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4631A88B-A0CB-4BB1-AA24-56C087CF4802}: [NameServer]208.122.23.22,208.122.23.23

FireFox:
========
FF ProfilePath: C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928
FF NewTab: hxxp://www.outfox.tv?referid=170
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\heather\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\donottrackplus@abine.com
FF Extension: MaskMe - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\idme@abine.com
FF Extension: SusBlocker - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\jid1-QSGldp2zlbyAFQ@jetpack.xpi
FF Extension: Secure Or Not - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\secureornot@tiptt.blogspot.com.xpi
FF Extension: Search Engine Security - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\{197573FA-9BF9-11DF-9D68-A441DFD72085}.xpi
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF Extension: Redirect Remover - C:\Users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\Extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [jid1-rWnnyqAYK2cvAA@jetpack] - C:\Program Files (x86)\Zen Deals\jid1-rWnnyqAYK2cvAA@jetpack

Chrome:
=======
CHR HomePage: https://www.google.com/images/srpr/logo11w.png
CHR RestoreOnStartup: "hxxp://www.yahoo.com/?fr=fp-tyc-sc&type="
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultSearchURL: http://search.yahoo.com/search?ei={inputEncoding}&fr=ctbo-tyc-sc&type=&p={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Google Wallet) - C:\Users\heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\heather\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [gijllgkkonhcdgklhffbpgbllneeblnh] - C:\Users\heather\AppData\Local\CRE\gijllgkkonhcdgklhffbpgbllneeblnh.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\heather\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
CHR HKLM-x32\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\heather\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx

==================== Services (Whitelisted) =================

R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [120096 2013-10-07] (Sendori, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2013-12-23] (AVAST Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-10-07] (sendori)
S2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-10-07] (Sendori)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-23] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-23] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-23] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2013-12-11] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [43832 2012-11-02] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15712 2012-09-30] ()
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [x]
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 09:59 - 2014-01-10 10:00 - 00024449 _____ C:\Users\heather\Desktop\FRST.txt
2014-01-10 09:55 - 2014-01-10 09:55 - 00000000 ____D C:\FRST
2014-01-10 09:54 - 2014-01-10 09:54 - 01932166 _____ (Farbar) C:\Users\heather\Desktop\FRST64.exe
2014-01-07 07:49 - 2014-01-10 09:44 - 00000560 _____ C:\Windows\setupact.log
2014-01-07 07:49 - 2014-01-07 07:49 - 00000000 _____ C:\Windows\setuperr.log
2014-01-07 07:48 - 2014-01-07 07:48 - 00000340 _____ C:\Windows\PFRO.log
2014-01-07 07:13 - 2014-01-07 07:48 - 00000000 ____D C:\Program Files (x86)\FrostWire Ultra Accelerator
2014-01-07 07:10 - 2014-01-07 07:10 - 00925080 _____ (TrafficSpeeders LLC) C:\Users\heather\Downloads\frostwire_ultra_accelerator_free.exe
2014-01-07 00:07 - 2014-01-07 00:07 - 00000000 ____D C:\Users\Jack\AppData\Roaming\HpUpdate
2014-01-06 12:53 - 2014-01-06 12:53 - 00001742 _____ C:\Users\heather\Desktop\AT&T Locker Uploader.lnk
2014-01-06 12:53 - 2014-01-06 12:53 - 00000000 ____D C:\Users\heather\AppData\Local\AT&T,_Inc
2014-01-06 12:53 - 2014-01-06 12:53 - 00000000 ____D C:\Program Files (x86)\AT&T Locker Uploader
2014-01-06 12:51 - 2014-01-06 12:51 - 04512136 _____ (AT&T, Inc.) C:\Users\heather\Downloads\Uploader-WIN-v1.0.exe
2014-01-05 17:23 - 2014-01-05 17:23 - 01022064 _____ (Symantec Corporation) C:\Users\admin heather\Downloads\NBRT-SOS-Downloader.exe
2014-01-05 17:23 - 2014-01-05 17:23 - 00000000 ____D C:\Users\Public\Downloads\Norton
2014-01-05 16:54 - 2014-01-05 17:33 - 00006580 _____ C:\Users\admin heather\Downloads\Result.txt
2014-01-05 16:52 - 2014-01-05 16:52 - 00760063 _____ (Farbar) C:\Users\admin heather\Downloads\MiniToolBox.exe
2014-01-05 16:50 - 2014-01-05 16:50 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Mozilla
2014-01-05 16:50 - 2014-01-05 16:50 - 00000000 ____D C:\Users\admin heather\AppData\Local\Mozilla
2014-01-05 16:49 - 2014-01-05 16:49 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-05 16:06 - 2014-01-05 16:06 - 00000000 ____D C:\Users\admin heather\AppData\Local\CrashDumps
2014-01-05 16:05 - 2014-01-05 16:05 - 00760063 _____ (Farbar) C:\Users\heather\Downloads\MiniToolBox(1).exe
2014-01-05 16:05 - 2014-01-05 16:05 - 00000000 ____D C:\Users\admin heather\AppData\Local\VirtualStore
2014-01-05 09:16 - 2014-01-05 09:16 - 00000000 ____D C:\Users\heather\AppData\Roaming\Yahoo!
2014-01-05 09:16 - 2014-01-05 09:16 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2014-01-05 04:44 - 2014-01-05 04:44 - 00002215 _____ C:\Users\Jack\Desktop\Google Chrome.lnk
2014-01-04 17:35 - 2014-01-04 17:35 - 00000000 ____D C:\Users\Jack\AppData\Local\Apple
2014-01-03 05:10 - 2014-01-03 05:10 - 00000000 ____D C:\Users\Jack\AppData\Local\VirtualStore
2014-01-02 14:46 - 2014-01-02 14:46 - 00000000 ____D C:\Users\Jack\AppData\Local\Macromedia
2014-01-02 14:36 - 2014-01-05 17:46 - 00000000 ____D C:\Users\Jack\AppData\Local\Mozilla
2014-01-02 14:36 - 2014-01-02 14:36 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Mozilla
2014-01-02 14:36 - 2014-01-02 14:36 - 00000000 ____D C:\Users\Jack\AppData\Roaming\hpqlog
2014-01-02 14:34 - 2014-01-06 17:20 - 00072312 _____ C:\Users\Jack\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 14:34 - 2014-01-05 04:44 - 00000000 ____D C:\Users\Jack\AppData\Local\Google
2014-01-02 14:34 - 2014-01-02 14:34 - 00001413 _____ C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-02 14:34 - 2014-01-02 14:34 - 00001230 __RSH C:\Users\Jack\ntuser.pol
2014-01-02 14:34 - 2014-01-02 14:34 - 00000020 ___SH C:\Users\Jack\ntuser.ini
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ___RD C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ___RD C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Synaptics
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Intel Corporation
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\AVAST Software
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Apple Computer
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Adobe
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Local\Apple Computer
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack
2014-01-02 14:34 - 2013-06-28 15:38 - 00000000 ____D C:\Users\Jack\AppData\LocalGoogle
2014-01-02 14:34 - 2011-11-20 20:55 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Macromedia
2014-01-02 14:34 - 2011-09-06 18:49 - 00000000 ____D C:\Users\Jack\AppData\Local\Microsoft Help
2014-01-02 14:34 - 2009-07-13 22:54 - 00000000 ___RD C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-02 14:34 - 2009-07-13 22:49 - 00000000 ___RD C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-02 14:28 - 2014-01-02 14:28 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Hewlett-Packard
2014-01-02 14:25 - 2014-01-02 14:25 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\hpqlog
2014-01-02 14:24 - 2014-01-02 14:24 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\RealNetworks
2014-01-02 14:23 - 2014-01-02 14:23 - 00071328 _____ C:\Users\admin heather\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 14:23 - 2014-01-02 14:23 - 00002215 _____ C:\Users\admin heather\Desktop\Google Chrome.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00001413 _____ C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ___RD C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ___RD C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Intel Corporation
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\AVAST Software
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Apple Computer
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Adobe
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Local\Apple Computer
2014-01-02 14:22 - 2014-01-05 17:33 - 00000000 ____D C:\Users\admin heather
2014-01-02 14:22 - 2014-01-02 14:29 - 00000632 __RSH C:\Users\admin heather\ntuser.pol
2014-01-02 14:22 - 2014-01-02 14:22 - 00000020 ___SH C:\Users\admin heather\ntuser.ini
2014-01-02 14:22 - 2014-01-02 14:22 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Synaptics
2014-01-02 14:22 - 2013-06-28 15:38 - 00000000 ____D C:\Users\admin heather\AppData\LocalGoogle
2014-01-02 14:22 - 2013-06-28 15:38 - 00000000 ____D C:\Users\admin heather\AppData\Local\Google
2014-01-02 14:22 - 2011-11-20 20:55 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Macromedia
2014-01-02 14:22 - 2011-09-06 18:49 - 00000000 ____D C:\Users\admin heather\AppData\Local\Microsoft Help
2014-01-02 14:22 - 2009-07-13 22:54 - 00000000 ___RD C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-02 14:22 - 2009-07-13 22:49 - 00000000 ___RD C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-02 13:34 - 2014-01-02 13:34 - 00019108 _____ C:\Users\heather\Documents\cc_20140102_133351.reg
2014-01-02 12:39 - 2014-01-02 12:39 - 00067009 _____ C:\Users\heather\Desktop\JRT.txt
2014-01-02 12:30 - 2014-01-02 12:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-02 08:39 - 2014-01-02 08:39 - 00033058 _____ C:\Users\heather\Downloads\Result.minitoolbox.txt
2014-01-02 08:37 - 2014-01-02 13:21 - 00000000 ____D C:\Users\heather\AppData\Local\NPE
2014-01-02 08:30 - 2014-01-02 08:30 - 00760063 _____ (Farbar) C:\Users\heather\Downloads\MiniToolBox.exe
2013-12-31 00:08 - 2013-12-31 00:08 - 00000000 ____D C:\Users\Guest\AppData\Local\SearchProtect
2013-12-23 01:09 - 2013-12-23 01:09 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-18 15:36 - 2014-01-07 07:46 - 00000000 ____D C:\AdwCleaner
2013-12-18 15:27 - 2013-12-18 15:27 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 01485312 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV6.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT6.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00542208 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00448312 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00389120 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00338536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL6.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00043832 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WSDPrint.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00015712 _____ C:\Windows\system32\Drivers\SWDUMon.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:27 - 00539240 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 12306848 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 05434368 _____ (Intel Corporation) C:\Windows\system32\Drivers\netw5v64.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 03678720 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00032512 _____ C:\Windows\system32\Drivers\hitmanpro37.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031088 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-18 15:25 - 2013-12-18 15:26 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-18 15:18 - 2014-01-02 13:23 - 00003370 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690564705-488001411-2100272750-1000
2013-12-15 03:01 - 2013-11-26 05:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-15 03:01 - 2013-11-26 04:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-15 03:01 - 2013-11-26 04:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-15 03:01 - 2013-11-26 03:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-15 03:01 - 2013-11-26 03:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-15 03:01 - 2013-11-26 03:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-15 03:01 - 2013-11-26 03:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-15 03:01 - 2013-11-26 03:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-15 03:01 - 2013-11-26 03:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-15 03:01 - 2013-11-26 03:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-15 03:01 - 2013-11-26 03:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-15 03:01 - 2013-11-26 03:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-15 03:01 - 2013-11-26 03:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-15 03:01 - 2013-11-26 02:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-15 03:01 - 2013-11-26 02:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-15 03:01 - 2013-11-26 02:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-15 03:01 - 2013-11-26 02:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-15 03:01 - 2013-11-26 02:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-15 03:01 - 2013-11-26 02:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-15 03:01 - 2013-11-26 01:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-15 03:01 - 2013-11-26 01:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-15 03:01 - 2013-11-26 01:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-15 03:01 - 2013-11-26 01:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-15 03:01 - 2013-11-26 00:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-15 03:01 - 2013-11-26 00:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-15 03:01 - 2013-11-26 00:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-15 03:01 - 2013-11-26 00:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-15 03:01 - 2013-11-26 00:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-15 03:00 - 2013-11-26 04:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-15 03:00 - 2013-11-26 02:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-15 03:00 - 2013-11-26 02:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-14 05:12 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-14 05:09 - 2013-12-14 05:09 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-14 05:09 - 2013-12-14 05:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-14 05:09 - 2013-12-14 05:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-14 05:09 - 2013-12-14 05:09 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-14 05:09 - 2013-12-14 05:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-14 05:09 - 2013-12-14 05:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-14 05:09 - 2013-12-14 05:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-11 20:59 - 2013-12-11 20:59 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Oracle
2013-12-11 20:35 - 2013-12-11 20:35 - 00000000 ____D C:\Program Files\McAfee
2013-12-11 20:31 - 2013-12-11 20:41 - 00000800 _____ C:\Users\Guest\Desktop\Mobogenie.lnk
2013-12-11 20:31 - 2013-12-11 20:31 - 00001224 _____ C:\Users\Guest\Desktop\Revo Uninstaller.lnk
2013-12-11 20:31 - 2013-12-11 20:31 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-11 20:30 - 2013-12-11 20:30 - 00923784 _____ (CNET Download.com) C:\Users\Guest\Downloads\cbsidlm-cbsi145-Revo_Uninstaller-SEO-10687648.exe
2013-12-11 20:15 - 2013-12-30 23:37 - 00000000 ____D C:\ProgramData\Sendori
2013-12-11 20:15 - 2013-12-30 23:34 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-12-11 20:15 - 2013-10-07 13:50 - 00325920 _____ (Sendori) C:\Windows\SysWOW64\Sendori.dll
2013-12-11 20:14 - 2013-12-11 20:14 - 00000000 ____D C:\Users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
2013-12-11 16:11 - 2014-01-10 04:10 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForheather.job
2013-12-11 16:11 - 2014-01-05 10:10 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForheather
2013-12-11 14:34 - 2013-05-09 23:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 14:34 - 2013-05-09 23:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 14:34 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 14:34 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 14:07 - 2014-01-02 13:23 - 00003240 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690564705-488001411-2100272750-1000
2013-12-11 14:05 - 2013-12-11 14:05 - 00032512 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2013-12-11 14:03 - 2013-12-11 14:03 - 00007416 _____ C:\Windows\system32\.crusader
2013-12-11 13:51 - 2013-12-11 14:04 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-11 13:51 - 2013-12-11 13:51 - 00000600 _____ C:\Users\heather\AppData\Roaming\winscp.rnd
2013-12-11 13:51 - 2013-12-11 13:51 - 00000000 ____D C:\CSV
2013-12-11 13:50 - 2013-12-11 13:51 - 00000000 ____D C:\remote-service
2013-12-11 13:28 - 2013-11-23 12:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 13:28 - 2013-11-23 11:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 13:28 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 13:28 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 13:28 - 2013-10-29 19:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 13:27 - 2013-11-11 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 13:27 - 2013-11-11 20:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 13:27 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 13:27 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 13:27 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 13:27 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 13:27 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 13:27 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 13:27 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 13:27 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 13:27 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 13:27 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 13:27 - 2013-10-03 20:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 13:27 - 2013-10-03 19:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 13:19 - 2013-12-11 13:19 - 00000000 ____D C:\Users\heather\Desktop\Browsers
2013-12-11 01:40 - 2013-12-11 01:40 - 00002327 _____ C:\browserhelper.log

==================== One Month Modified Files and Folders =======

2014-01-10 10:00 - 2014-01-10 09:59 - 00024449 _____ C:\Users\heather\Desktop\FRST.txt
2014-01-10 09:59 - 2012-09-23 13:01 - 01058420 _____ C:\Windows\WindowsUpdate.log
2014-01-10 09:55 - 2014-01-10 09:55 - 00000000 ____D C:\FRST
2014-01-10 09:54 - 2014-01-10 09:54 - 01932166 _____ (Farbar) C:\Users\heather\Desktop\FRST64.exe
2014-01-10 09:53 - 2009-07-13 22:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 09:53 - 2009-07-13 22:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 09:52 - 2012-04-24 19:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 09:47 - 2013-05-08 12:21 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 09:45 - 2012-10-01 00:17 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-10 09:45 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 09:44 - 2014-01-07 07:49 - 00000560 _____ C:\Windows\setupact.log
2014-01-10 04:10 - 2013-12-11 16:11 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForheather.job
2014-01-10 03:41 - 2013-05-08 12:21 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 02:09 - 2012-05-07 00:58 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000UA.job
2014-01-09 23:09 - 2012-05-07 00:58 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000Core.job
2014-01-09 16:59 - 2012-11-11 17:13 - 00000310 _____ C:\Windows\Tasks\PCCleaners-Daily-16-59-34.job
2014-01-09 14:23 - 2013-06-05 12:59 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-08 17:32 - 2013-06-05 19:21 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys
2014-01-07 14:42 - 2011-08-12 18:01 - 00000000 ____D C:\Users\heather\.frostwire5
2014-01-07 07:49 - 2014-01-07 07:49 - 00000000 _____ C:\Windows\setuperr.log
2014-01-07 07:48 - 2014-01-07 07:48 - 00000340 _____ C:\Windows\PFRO.log
2014-01-07 07:48 - 2014-01-07 07:13 - 00000000 ____D C:\Program Files (x86)\FrostWire Ultra Accelerator
2014-01-07 07:46 - 2013-12-18 15:36 - 00000000 ____D C:\AdwCleaner
2014-01-07 07:42 - 2011-08-18 23:02 - 00000000 ____D C:\Users\heather\AppData\Local\CrashDumps
2014-01-07 07:10 - 2014-01-07 07:10 - 00925080 _____ (TrafficSpeeders LLC) C:\Users\heather\Downloads\frostwire_ultra_accelerator_free.exe
2014-01-07 00:07 - 2014-01-07 00:07 - 00000000 ____D C:\Users\Jack\AppData\Roaming\HpUpdate
2014-01-06 17:20 - 2014-01-02 14:34 - 00072312 _____ C:\Users\Jack\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-06 13:38 - 2009-07-13 23:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-06 13:36 - 2009-07-13 22:45 - 00342032 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-06 13:34 - 2011-08-11 17:08 - 00072312 _____ C:\Users\heather\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-06 12:53 - 2014-01-06 12:53 - 00001742 _____ C:\Users\heather\Desktop\AT&T Locker Uploader.lnk
2014-01-06 12:53 - 2014-01-06 12:53 - 00000000 ____D C:\Users\heather\AppData\Local\AT&T,_Inc
2014-01-06 12:53 - 2014-01-06 12:53 - 00000000 ____D C:\Program Files (x86)\AT&T Locker Uploader
2014-01-06 12:53 - 2011-08-11 17:09 - 00000000 ___RD C:\Users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-06 12:51 - 2014-01-06 12:51 - 04512136 _____ (AT&T, Inc.) C:\Users\heather\Downloads\Uploader-WIN-v1.0.exe
2014-01-06 12:42 - 2011-08-11 21:14 - 00000000 ____D C:\Users\heather\AppData\Local\Mozilla
2014-01-05 17:46 - 2014-01-02 14:36 - 00000000 ____D C:\Users\Jack\AppData\Local\Mozilla
2014-01-05 17:40 - 2013-06-05 17:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-05 17:33 - 2014-01-05 16:54 - 00006580 _____ C:\Users\admin heather\Downloads\Result.txt
2014-01-05 17:33 - 2014-01-02 14:22 - 00000000 ____D C:\Users\admin heather
2014-01-05 17:23 - 2014-01-05 17:23 - 01022064 _____ (Symantec Corporation) C:\Users\admin heather\Downloads\NBRT-SOS-Downloader.exe
2014-01-05 17:23 - 2014-01-05 17:23 - 00000000 ____D C:\Users\Public\Downloads\Norton
2014-01-05 17:23 - 2011-05-05 03:42 - 00000000 ____D C:\ProgramData\Norton
2014-01-05 16:52 - 2014-01-05 16:52 - 00760063 _____ (Farbar) C:\Users\admin heather\Downloads\MiniToolBox.exe
2014-01-05 16:50 - 2014-01-05 16:50 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Mozilla
2014-01-05 16:50 - 2014-01-05 16:50 - 00000000 ____D C:\Users\admin heather\AppData\Local\Mozilla
2014-01-05 16:49 - 2014-01-05 16:49 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-05 16:49 - 2012-12-08 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-05 16:06 - 2014-01-05 16:06 - 00000000 ____D C:\Users\admin heather\AppData\Local\CrashDumps
2014-01-05 16:05 - 2014-01-05 16:05 - 00760063 _____ (Farbar) C:\Users\heather\Downloads\MiniToolBox(1).exe
2014-01-05 16:05 - 2014-01-05 16:05 - 00000000 ____D C:\Users\admin heather\AppData\Local\VirtualStore
2014-01-05 10:33 - 2011-08-11 19:31 - 00000000 ____D C:\ProgramData\Blio
2014-01-05 10:33 - 2011-08-11 19:28 - 00000000 ____D C:\Users\heather\AppData\Roaming\Blio
2014-01-05 10:10 - 2013-12-11 16:11 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForheather
2014-01-05 09:16 - 2014-01-05 09:16 - 00000000 ____D C:\Users\heather\AppData\Roaming\Yahoo!
2014-01-05 09:16 - 2014-01-05 09:16 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2014-01-05 09:16 - 2011-09-12 18:28 - 00000000 ___HD C:\Windows\msdownld.tmp
2014-01-05 09:16 - 2011-09-04 21:40 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2014-01-05 04:44 - 2014-01-05 04:44 - 00002215 _____ C:\Users\Jack\Desktop\Google Chrome.lnk
2014-01-05 04:44 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Local\Google
2014-01-04 17:35 - 2014-01-04 17:35 - 00000000 ____D C:\Users\Jack\AppData\Local\Apple
2014-01-03 05:10 - 2014-01-03 05:10 - 00000000 ____D C:\Users\Jack\AppData\Local\VirtualStore
2014-01-02 14:46 - 2014-01-02 14:46 - 00000000 ____D C:\Users\Jack\AppData\Local\Macromedia
2014-01-02 14:36 - 2014-01-02 14:36 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Mozilla
2014-01-02 14:36 - 2014-01-02 14:36 - 00000000 ____D C:\Users\Jack\AppData\Roaming\hpqlog
2014-01-02 14:34 - 2014-01-02 14:34 - 00001413 _____ C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-02 14:34 - 2014-01-02 14:34 - 00001230 __RSH C:\Users\Jack\ntuser.pol
2014-01-02 14:34 - 2014-01-02 14:34 - 00000020 ___SH C:\Users\Jack\ntuser.ini
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ___RD C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ___RD C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Synaptics
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Intel Corporation
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\AVAST Software
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Apple Computer
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Roaming\Adobe
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack\AppData\Local\Apple Computer
2014-01-02 14:34 - 2014-01-02 14:34 - 00000000 ____D C:\Users\Jack
2014-01-02 14:29 - 2014-01-02 14:22 - 00000632 __RSH C:\Users\admin heather\ntuser.pol
2014-01-02 14:29 - 2013-03-02 19:56 - 00000632 __RSH C:\Users\heather\ntuser.pol
2014-01-02 14:29 - 2011-08-11 17:00 - 00000000 ____D C:\Users\heather
2014-01-02 14:28 - 2014-01-02 14:28 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Hewlett-Packard
2014-01-02 14:25 - 2014-01-02 14:25 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\hpqlog
2014-01-02 14:24 - 2014-01-02 14:24 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\RealNetworks
2014-01-02 14:23 - 2014-01-02 14:23 - 00071328 _____ C:\Users\admin heather\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 14:23 - 2014-01-02 14:23 - 00002215 _____ C:\Users\admin heather\Desktop\Google Chrome.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00001413 _____ C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ___RD C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ___RD C:\Users\admin heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Intel Corporation
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\AVAST Software
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Apple Computer
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Adobe
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Users\admin heather\AppData\Local\Apple Computer
2014-01-02 14:22 - 2014-01-02 14:22 - 00000020 ___SH C:\Users\admin heather\ntuser.ini
2014-01-02 14:22 - 2014-01-02 14:22 - 00000000 ____D C:\Users\admin heather\AppData\Roaming\Synaptics
2014-01-02 13:35 - 2009-09-06 19:57 - 00000000 ____D C:\Windows\Panther
2014-01-02 13:34 - 2014-01-02 13:34 - 00019108 _____ C:\Users\heather\Documents\cc_20140102_133351.reg
2014-01-02 13:33 - 2013-03-20 03:34 - 00000000 ____D C:\Program Files\CCleaner
2014-01-02 13:23 - 2013-12-18 15:18 - 00003370 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690564705-488001411-2100272750-1000
2014-01-02 13:23 - 2013-12-11 14:07 - 00003240 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690564705-488001411-2100272750-1000
2014-01-02 13:21 - 2014-01-02 08:37 - 00000000 ____D C:\Users\heather\AppData\Local\NPE
2014-01-02 12:54 - 2011-09-06 09:29 - 00000000 ____D C:\Users\Guest
2014-01-02 12:39 - 2014-01-02 12:39 - 00067009 _____ C:\Users\heather\Desktop\JRT.txt
2014-01-02 12:30 - 2014-01-02 12:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-02 12:26 - 2011-08-11 19:44 - 00000000 ___RD C:\Users\heather\Desktop\pc security
2014-01-02 12:24 - 2011-09-03 15:36 - 00000000 ____D C:\ProgramData\Uniblue
2014-01-02 11:56 - 2012-12-08 21:59 - 00000000 ____D C:\Program Files (x86)\FrostWire 5
2014-01-02 08:39 - 2014-01-02 08:39 - 00033058 _____ C:\Users\heather\Downloads\Result.minitoolbox.txt
2014-01-02 08:30 - 2014-01-02 08:30 - 00760063 _____ (Farbar) C:\Users\heather\Downloads\MiniToolBox.exe
2013-12-31 00:08 - 2013-12-31 00:08 - 00000000 ____D C:\Users\Guest\AppData\Local\SearchProtect
2013-12-30 23:37 - 2013-12-11 20:15 - 00000000 ____D C:\ProgramData\Sendori
2013-12-30 23:34 - 2013-12-11 20:15 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-12-30 23:34 - 2013-04-07 12:38 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-12-30 23:34 - 2013-03-02 19:30 - 00000000 ____D C:\ProgramData\Real
2013-12-30 23:34 - 2012-11-21 11:15 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-30 23:34 - 2011-01-16 15:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-30 23:34 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-30 23:34 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2013-12-25 11:30 - 2009-07-13 23:08 - 00032648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-25 11:30 - 2009-07-13 23:08 - 00032648 _____ C:\Windows\Tasks\SCHEDLGU(48).TXT
2013-12-25 00:45 - 2011-09-06 20:52 - 00000000 ____D C:\Users\Guest\AppData\Local\CrashDumps
2013-12-23 01:09 - 2013-12-23 01:09 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-23 01:08 - 2013-06-05 12:59 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-23 01:08 - 2013-06-05 12:59 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-23 01:08 - 2013-06-05 12:59 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-23 01:08 - 2013-06-05 12:59 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-23 01:08 - 2013-06-05 12:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-23 01:08 - 2013-02-12 00:54 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-19 13:28 - 2011-09-06 09:29 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-19 10:10 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2013-12-18 15:27 - 2013-12-18 15:27 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 01485312 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV6.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT6.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00542208 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00448312 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00389120 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00338536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL6.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00043832 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WSDPrint.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00015712 _____ C:\Windows\system32\Drivers\SWDUMon.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-18 15:27 - 2013-12-18 15:27 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-18 15:27 - 2013-12-18 15:26 - 00539240 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 12306848 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 05434368 _____ (Intel Corporation) C:\Windows\system32\Drivers\netw5v64.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 03678720 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00032512 _____ C:\Windows\system32\Drivers\hitmanpro37.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00031088 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-18 15:26 - 2013-12-18 15:26 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-18 15:26 - 2013-12-18 15:25 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-18 15:25 - 2013-12-18 15:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-14 17:13 - 2011-09-06 09:29 - 00001413 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-14 16:23 - 2013-09-18 13:23 - 00000000 ____D C:\Users\heather\AppData\Local\1B045EE7-FCCC-464B-9D80-4459E83989BA.aplzod
2013-12-14 15:53 - 2011-08-11 17:09 - 00002309 _____ C:\Users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-14 15:49 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-14 05:09 - 2013-12-14 05:09 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-14 05:09 - 2013-12-14 05:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-14 05:09 - 2013-12-14 05:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-14 05:09 - 2013-12-14 05:09 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-14 05:09 - 2013-12-14 05:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-14 05:09 - 2013-12-14 05:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-14 05:09 - 2013-12-14 05:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-14 05:09 - 2013-12-14 05:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-14 05:09 - 2013-12-14 05:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-14 05:08 - 2013-08-14 05:15 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 05:05 - 2011-08-15 11:09 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-11 21:47 - 2012-09-05 00:58 - 00000000 ____D C:\ProgramData\McAfee
2013-12-11 20:59 - 2013-12-11 20:59 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Oracle
2013-12-11 20:41 - 2013-12-11 20:31 - 00000800 _____ C:\Users\Guest\Desktop\Mobogenie.lnk
2013-12-11 20:35 - 2013-12-11 20:35 - 00000000 ____D C:\Program Files\McAfee
2013-12-11 20:31 - 2013-12-11 20:31 - 00001224 _____ C:\Users\Guest\Desktop\Revo Uninstaller.lnk
2013-12-11 20:31 - 2013-12-11 20:31 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-11 20:30 - 2013-12-11 20:30 - 00923784 _____ (CNET Download.com) C:\Users\Guest\Downloads\cbsidlm-cbsi145-Revo_Uninstaller-SEO-10687648.exe
2013-12-11 20:14 - 2013-12-11 20:14 - 00000000 ____D C:\Users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
2013-12-11 16:12 - 2011-09-05 18:57 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-11 14:49 - 2009-07-13 23:13 - 00783394 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 14:34 - 2011-09-06 09:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 14:12 - 2013-06-05 17:23 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-12-11 14:05 - 2013-12-11 14:05 - 00032512 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2013-12-11 14:04 - 2013-12-11 13:51 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-11 14:03 - 2013-12-11 14:03 - 00007416 _____ C:\Windows\system32\.crusader
2013-12-11 13:51 - 2013-12-11 13:51 - 00000600 _____ C:\Users\heather\AppData\Roaming\winscp.rnd
2013-12-11 13:51 - 2013-12-11 13:51 - 00000000 ____D C:\CSV
2013-12-11 13:51 - 2013-12-11 13:50 - 00000000 ____D C:\remote-service
2013-12-11 13:19 - 2013-12-11 13:19 - 00000000 ____D C:\Users\heather\Desktop\Browsers
2013-12-11 01:40 - 2013-12-11 01:40 - 00002327 _____ C:\browserhelper.log

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\auukrlnmsuov.exe
C:\Users\Guest\AppData\Local\Temp\install_flashplayer11x32ax_gtba_chra_dy_aih.exe
C:\Users\Guest\AppData\Local\Temp\lpuninstall.exe
C:\Users\heather\AppData\Local\Temp\bitool.dll
C:\Users\heather\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 11:02

==================== End Of Log =======================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2014
Ran by heather at 2014-01-10 10:01:03
Running from C:\Users\heather\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.8.612 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.5.146 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AT&T Locker Uploader (x32 Version: 1.0 - AT&T, Inc.)
Atheros Driver Installation Program (x32 Version: 9.2 - Atheros)
avast! Internet Security (x32 Version: 9.0.2011 - Avast Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big City Adventure - San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Desktop (x32 Version: 1.3.174.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brink of Consciousness Dorian Gray Syndrome Standard Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink DVD Suite (x32 Version: 7.0.3525 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3525 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.5.1.4606 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4606 - CyberLink Corp.) Hidden
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Disney Toontown Online (x32 Version:  - Walt Disney Internet Group)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dracula Series Part 2: The Myth of the Vampire (x32 Version: 2.2.0.97 - WildTangent) Hidden
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
Fallen Shadows (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FrostWire 5.6.9 (x32 Version: 5.6.9.2 - FrostWire LLC)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Haunted Past Realm of Ghosts Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hide and Secret (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP CloudDrive (x32 Version:  - Zecter Inc.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (Version: 14.0 - HP)
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP ePrint (x32 Version: 6.0.12230.783 - Hewlett-Packard)
HP Games (x32 Version: 1.0.3.0 - WildTangent)
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP MovieStore (x32 Version: 1.0.036 - Hewlett-Packard) Hidden
HP MovieStore (x32 Version: 2.0 - Hewlett-Packard)
HP On Screen Display (x32 Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (x32 Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0 - HP)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Power Manager (x32 Version: 1.4.7 - Hewlett-Packard Company)
HP Product Detection (x32 Version: 11.14.0001 - HP)
HP Product Detection (x32 Version: 11.15.0004 - HP)
HP Quick Launch (x32 Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.4.4487.3576 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.0.12845.3522 - Hewlett-Packard Company)
HP Smart Print 1.1.5.2 (x32 Version: 1.1.5.2 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.1.13.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
HP Unified IO (Version: 2.0.0.404 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.404 - HP) Hidden
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HP Wireless Assistant (Version: 4.0.10.0 - Hewlett-Packard Company)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6365.0 - IDT)
InstaCodecs (x32 Version: 1.0 - )
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
LightScribe Applications (x32 Version: 1.18.15.1 - LightScribe)
LightScribe Diagnostic Utility (x32 Version: 1.18.24.1 - LightScribe)
LightScribe System Software (x32 Version: 1.18.24.1 - LightScribe)
Lost Souls 2: Enchanted Paintings Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Encyclopedia Bundle (x32 Version: 2.2.0.110 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (x32 Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Minecraft - 1.6.2 Packages (HKCU Version:  - )
MobileMe Control Panel (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Oddly Enough: Pied Piper (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (x32 Version:  - )
PictureMover (x32 Version: 3.5.0.35 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (x32 Version: 6.1.4725 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4725 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.3.0 - Eastman Kodak Company) Hidden
Princess Isabella: Return of the Curse -- Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.31.1025.2010 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.81 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group)
Sacra Terra: Angelic Night (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Sendori (x32 Version: 2.0.16 - Sendori, Inc.)
Shutterfly Express Uploader (x32 Version: 1.1.0 - Shutterfly, Inc.) Hidden
Shutterfly Express Uploader (x32 Version: 1.1.0.0 - Shutterfly, Inc.)
Simple Adblock (x32 Version: 1.1.5 - Simple Adblock)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SMPlayer 0.6.9 (x32 Version: 0.6.9 - RVM)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SPORE™ Creature Creator Trial Edition (x32 Version: 1.00.0000 - Electronic Arts)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (Version: 16.2.10.12 - Synaptics Incorporated)
System Requirements Lab for Intel (x32 Version: 4.4.24.0 - Husdawg, LLC)
Them: The Summoning, Part 1 of 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Twisted: A Haunted Carol (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unsolved Mystery Club®: Ancient Astronauts® Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veetle TV (x32 Version: 0.9.19 - Veetle, Inc)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Web Games Player Plugin (x32 Version:  - Zylom Games)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
White Haven Mysteries Standard Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Yahoo Toolbar (x32 Version:  - Yahoo Inc.)
Youda Mystery: The Stanwick Legacy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

02-01-2014 19:25:42 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 1.75.0.1300
03-01-2014 22:46:59 Windows Update
05-01-2014 15:28:39 Revo Uninstaller's restore point - Blio
06-01-2014 18:52:36 Installed AT&T Locker Uploader.
07-01-2014 06:20:37 Windows Update
07-01-2014 13:15:20 Revo Uninstaller's restore point - FrostWire Ultra Accelerator
10-01-2014 15:57:02 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03E80EB0-0752-4492-AA32-EE3B426A04F6} - System32\Tasks\{6DB31AD0-058E-4808-AF92-C35B96544A8F} => Firefox.exe
Task: {07E2A25E-D056-4DCD-AB96-4F0ED77243EB} - System32\Tasks\{00119698-F655-4491-82CD-E3247D8431EC} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {09ABFEC7-C4E3-41BC-8D1E-CF31639394F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08] (Google Inc.)
Task: {1493ACA6-DB50-446F-AF10-F7630486F68E} - System32\Tasks\PCCleaners-Daily-16-59-34 => C:\Program Files (x86)\PC Cleaners\PCCleaners.exe <==== ATTENTION
Task: {14CB01DD-BA9A-41FD-B82D-AC23B5D0EE23} - System32\Tasks\{08B67148-A07D-4DC0-B14E-F8AEF3B91845} => C:\Program Files (x86)\FrostWire 5\FrostWire.exe [2013-01-14] (FrostWire)
Task: {199DBD34-A259-437E-A478-2171F9583E56} - System32\Tasks\{200F8E69-DC78-4709-9643-51A757CB8535} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {1EEED38C-2FFE-45FB-B140-238D429FC161} - System32\Tasks\{1A4AB78D-7A45-4D26-80AD-6A21AA703E61} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {25D39B4D-8A27-4769-A1A1-A7D843A0F032} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690564705-488001411-2100272750-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {284CE88F-647E-4194-A288-AD207996ACDE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {3BEE5F32-65F7-43CA-AF79-2C95E9DE7DD1} - System32\Tasks\{637D7477-DEDB-41AA-B1FA-A50D8760B844} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {43AEF806-56CB-4283-BACB-58A137A158C8} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {44B34877-7948-45EB-B6F1-6B59E8557001} - System32\Tasks\{D88A7012-17A2-411E-8FFE-AA564EE18529} => C:\Program Files (x86)\PC Cleaners\PCCleaners.exe <==== ATTENTION
Task: {46CF2DED-2CA5-4F99-9253-84F31E3982D5} - System32\Tasks\{15B782AA-3EAF-4A17-B0A9-5C8C64AA1E96} => Firefox.exe
Task: {4931F84E-5614-4AA0-9553-8898176245BD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690564705-488001411-2100272750-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {4A52A22B-DB55-4C3D-A361-095023297A6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4BDBACF5-3696-41B1-9128-17C47D864598} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {4FF52529-9F94-4B33-8B2D-A453A8775841} - System32\Tasks\{5A67D462-92C2-48D0-ABB6-B0BC4DCB2349} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {51F70CE3-8A68-4EAD-B7A5-3B69089E429E} - System32\Tasks\{D04B4D8D-076D-45CA-B9F3-AEDA0C39D4D1} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {5546D646-9E64-466B-B65D-EDD2EB05F9D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {5A750C41-0D28-459E-8396-0F9D74AABB33} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-23] (AVAST Software)
Task: {5D1DCC2F-84D9-4F00-BBCE-A72FFF32C0CC} - System32\Tasks\{D10EB9EC-E893-4CCC-8ACC-BF13E5F6426E} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {6C6C04EB-783C-46B1-8F6A-95E77E76E38F} - System32\Tasks\{AB028132-52D2-4E1B-B24A-1B5D9889FD1B} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {73302D13-CE5A-4A37-9D5D-B8A6C78182F6} - System32\Tasks\{80DBA2E3-7379-44A8-BD95-69DE402B2BEF} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {8836E1DF-88D6-42CC-B13D-9C7C772DCABE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {8CDF6502-DA93-4A3D-86CB-86FD4B2E4505} - System32\Tasks\{6397C36A-2ADC-41E1-91C5-82120D7B4850} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {8E6A40B8-3E27-4FD2-867B-A872241FB387} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {91639D2A-CA38-4233-BA83-ADB10B8A6582} - System32\Tasks\{0E33D902-4058-43B2-A810-73016048C9F5} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {9B9BAA6F-099A-446A-9CCC-E6B59DECC6ED} - System32\Tasks\{753FC32B-97E6-43E8-8F26-CE1697040938} => C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Task: {A0597A2A-833B-4AC2-8F6D-925C0821885A} - System32\Tasks\{F57B2982-69B4-4BCE-B5C1-D86335F78EE0} => C:\Program Files (x86)\FrostWire 5\FrostWire.exe [2013-01-14] (FrostWire)
Task: {A5040C55-D308-450A-A5D6-62629B01F841} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {A53FD62B-39B7-4714-9BC7-E16778FFB30F} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [2011-10-28] (Hewlett-Packard)
Task: {A711A557-EB60-4952-A959-86B17BCF2866} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08] (Google Inc.)
Task: {AA935DFF-5C9C-4114-8F0F-107692DA0A1E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3690564705-488001411-2100272750-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {B0F878E9-DE4F-4A92-B52F-D7C310DFAF96} - System32\Tasks\{3201418E-F567-45A6-9F75-FA7D49AFE4C8} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {B2A00D32-4B83-483A-B36A-3833C8333EE8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000Core => C:\Users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-14] (Facebook Inc.)
Task: {B796BAB9-6D23-434E-8E15-29F8B922A350} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-06] (CyberLink)
Task: {B9736E8F-531F-4176-BA13-47A797E65249} - System32\Tasks\{BBAF5E46-865A-4FDF-A234-2951A36DEC36} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.)
Task: {BFB6A74D-87C5-45D2-92EA-A731272CECA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {CF358F8E-8F14-4025-BB1C-C25A0E02AFF8} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {D4C849B7-E3BF-48F8-A7EE-11B86367FEF0} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-02] (Synaptics Incorporated)
Task: {E2292FBE-8CBD-42BD-9E37-C0E0237E9D70} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000UA => C:\Users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-14] (Facebook Inc.)
Task: {E9FE9517-8A20-4E1D-8B79-8D0342962080} - System32\Tasks\HPCeeScheduleForheather => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {EC013DA0-F8DE-4267-9B4D-85FB82DA694D} - System32\Tasks\{D1621D20-DA94-4B1C-BF62-05234C9B722C} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Task: {ECD17797-FE45-4BE7-941F-0299FA5DAE24} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {F43A0FF4-06A3-4666-9B7D-0E4935F1FB32} - System32\Tasks\{5B69238F-77E8-4A6A-A997-506C3E1D6988} => C:\Program Files (x86)\FrostWire 5\FrostWire.exe [2013-01-14] (FrostWire)
Task: {F4E11B11-E458-47FB-B620-74BC0D944F01} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {F88E67B0-DB2D-454F-ADE3-ECAF1AF81C16} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000Core.job => C:\Users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000UA.job => C:\Users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForheather.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCCleaners-Daily-16-59-34.job => C:\Program Files (x86)\PC Cleaners\PCCleaners.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2010-12-07 15:05 - 2010-12-07 15:05 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-21 16:33 - 2010-07-21 16:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2014-01-09 16:17 - 2014-01-09 15:14 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14010902\algo.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-22 17:28 - 2013-10-22 17:28 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-07-23 14:20 - 2013-12-05 13:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-18 11:28 - 2013-08-18 11:28 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2011-05-05 03:33 - 2011-04-29 23:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8
AlternateDataStreams: C:\ProgramData\Temp:1F96ED45

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Deskjet 3050 J610 series
Description: Deskjet 3050 J610 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Deskjet 3050 J610 series
Description: Deskjet 3050 J610 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2014 10:00:32 AM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/10/2014 09:55:32 AM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/10/2014 09:50:33 AM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/10/2014 09:45:31 AM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/09/2014 08:11:34 PM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/09/2014 08:06:34 PM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/09/2014 08:01:35 PM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/09/2014 07:56:35 PM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/09/2014 07:51:35 PM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.

Error: (01/09/2014 07:46:34 PM) (Source: SendoriService) (User: )
Description: In the enable methodRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80040154.


System errors:
=============
Error: (01/10/2014 09:46:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/10/2014 09:45:24 AM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053

Error: (01/10/2014 09:45:24 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the sndappv2 service to connect.

Error: (01/10/2014 04:11:33 AM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053

Error: (01/10/2014 04:11:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the sndappv2 service to connect.

Error: (01/10/2014 04:06:33 AM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053

Error: (01/10/2014 04:06:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the sndappv2 service to connect.

Error: (01/10/2014 04:01:33 AM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053

Error: (01/10/2014 04:01:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the sndappv2 service to connect.

Error: (01/10/2014 03:56:33 AM) (Source: Service Control Manager) (User: )
Description: The sndappv2 service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-03-20 02:58:08.749
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:58:08.603
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:57:30.739
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:57:30.577
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:56:52.774
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:56:52.623
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:55:36.864
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:55:36.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:54:58.557
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-20 02:54:58.412
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 55%
Total physical RAM: 3893.86 MB
Available physical RAM: 1723.9 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5177.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.56 GB) (Free:97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.9 GB) (Free:14.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: FEB7AE86)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================


Edited by paw51, 10 January 2014 - 11:09 AM.


#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:01 AM

Posted 11 January 2014 - 01:29 PM

Hello again,
 
I'm not seeing an active FBI infection in your logs. Exactly what problems are you experiencing with this machine right now?
 
There are a few policy changes made to your machine, are you aware of them?
 
==========
 
Now, for a few warnings:
 
Warning  :step1:

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Microsoft Security Essentials or Avast!.

==========

Warning :step2:

Going over your logs I noticed that you have FrostWire installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall FrostWire, however that choice is up to you. If you choose to remove these programs, you can do so via Start Orb > Control Panel > Programs and Features.
If you wish to keep it, please do not use it until your computer is cleaned.

==========

Warning :step3:

Online Gaming Warning!

Online gaming sites are a security risk which can make your computer susceptible to a large number of malware infections, remote attacks, exposure of personal information, and identity theft. They can lead to other sites containing malware which you can inadvertently download without knowledge. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Gaming sites can put you at risk to fraud, phishing and theft of personal data. Even if the gaming site is a clean site, there is always the potential of some type of malware making its way there and then onto your system. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. In those cases, recovery is not possible and the only option is to reformat/reinstall the OS.

More specifically, I noticed you had WildTangent on your computer.
WildTangent Program Warning

Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including:

  • Operating System Version
  • CPU Type and Speed
  • Memory Amount
  • Video Card type and Driver Version
  • Sound Card type and Driver Version
  • DirectX Version
  • Location that the Web Driver was installed from

For that reason I would suggest you uninstalled it via add/remove.

Reboot after the uninstallation.<- Important.

==============================

 

Now that we've got those out of the way, let's get another log:

Run Combofix

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out here or here

Combofix may need to reboot your computer more than once to do its job...this is normal.

You can download Combofix from one of these links.

  • Close any open browsers or any other programs that are open.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you C:\Combofix.txt. Please include that in your next reply.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

==========

In your next reply, please include the Combofix log, and an answer to my questions!

bloopie



#7 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 11 January 2014 - 04:09 PM

Problems:   Computer freezes due to "script" problems,  Netflix won't load, keeps saying connection was broken.  And can't get rid of Outfox as home page to browers even though I deleted it.

 

I am aware of two anti virus programs running, but can't seem to find the Microsoft one to stop it. Just search Microsoft Security Essentials and it says there is no real time protection.  I also cancelled any scans which were set up.  But I want to exclude it from the start menu. Start up folder is empty and can't figure out how to put programs back in it.  I want to run Avast exclusively.

 

Users of this computer want Frostwire and on Mozilla Firefox I have added an adblocker from their add-on offerings.

 

Wild Tangent is not found under "remove programs" or when using Revo Uninstaller.  Was not aware it was still on here.

 

Help me close Microsoft security suite and I will run ComboFix.



#8 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 11 January 2014 - 04:15 PM

Found Wild Tangent under HP Games and removed it.  Many other games listed under HP Games also.  Do they all have to be removed?

 

Am not aware of any policy changes.


Edited by paw51, 11 January 2014 - 04:25 PM.


#9 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:01 AM

Posted 11 January 2014 - 04:23 PM

Hello again,

 

Thanks for letting me know! :)

 

We can remove other Wild Tangent entries later...you've got the main entry so we can continue.

 

As for Microsoft Security Essentials, go here: http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/

 

Download and run the removal tool from the link above. Once that's done, have a look at this thread from the Windows 7 forum and give that a try to repopulate your startup folder.

 

==========

 

Once all of that is done, disable Avast and run Combofix as previously instructed. Let me know if you have any problems! :)

 

bloopie



#10 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 11 January 2014 - 05:08 PM

Here is the ComboFix log:

 

ComboFix 14-01-08.03 - heather 01/11/2014  15:38:44.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.1899 [GMT -6:00]
Running from: c:\users\heather\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-11 to 2014-01-11  )))))))))))))))))))))))))))))))
.
.
2014-01-11 21:51 . 2014-01-11 21:51    --------    d-----w-    c:\users\Guest\AppData\Local\temp
2014-01-11 21:51 . 2014-01-11 21:51    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-01-11 20:59 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E511441-9A59-43E8-AE63-081EF818414F}\mpengine.dll
2014-01-10 15:57 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-10 15:55 . 2014-01-10 15:55    --------    d-----w-    C:\FRST
2014-01-07 13:13 . 2014-01-07 13:48    --------    d-----w-    c:\program files (x86)\FrostWire Ultra Accelerator
2014-01-06 18:53 . 2014-01-06 18:53    --------    d-----w-    c:\users\heather\AppData\Local\AT&T,_Inc
2014-01-06 18:53 . 2014-01-06 18:53    --------    d-----w-    c:\program files (x86)\AT&T Locker Uploader
2014-01-05 22:49 . 2013-12-05 19:41    272496    ----a-w-    c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-01-05 15:16 . 2014-01-05 15:16    --------    d-----w-    c:\programdata\Yahoo! Companion
2014-01-05 15:16 . 2014-01-05 15:16    --------    d-----w-    c:\users\heather\AppData\Roaming\Yahoo!
2014-01-02 20:34 . 2014-01-02 20:34    --------    d-----w-    c:\users\Jack
2014-01-02 20:22 . 2014-01-05 23:33    --------    d-----w-    c:\users\admin heather
2014-01-02 18:30 . 2014-01-02 18:30    --------    d-----w-    c:\windows\ERUNT
2014-01-02 14:37 . 2014-01-02 19:21    --------    d-----w-    c:\users\heather\AppData\Local\NPE
2013-12-31 06:08 . 2013-12-31 06:08    --------    d-----w-    c:\users\Guest\AppData\Local\SearchProtect
2013-12-31 06:04 . 2013-12-31 06:04    --------    d-----w-    c:\users\Guest\AppData\Roaming\HPAppData
2013-12-23 07:09 . 2013-12-23 07:09    79672    ----a-w-    c:\windows\system32\drivers\aswstm.sys
2013-12-18 21:36 . 2014-01-07 13:46    --------    d-----w-    C:\AdwCleaner
2013-12-18 21:26 . 2013-12-18 21:26    76800    ----a-w-    c:\windows\system32\drivers\rspndr.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    339536    ----a-w-    c:\windows\system32\drivers\adpahci.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    182864    ----a-w-    c:\windows\system32\drivers\adpu320.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    491088    ----a-w-    c:\windows\system32\drivers\adp94xx.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    334208    ----a-w-    c:\windows\system32\drivers\acpi.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    229888    ----a-w-    c:\windows\system32\drivers\1394ohci.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    12800    ----a-w-    c:\windows\system32\drivers\acpipmi.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    68096    ----a-w-    c:\windows\system32\drivers\1394bus.sys.bak
2013-12-15 09:00 . 2013-11-26 08:16    4243968    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-12-15 09:00 . 2013-11-26 08:35    5769216    ----a-w-    c:\windows\system32\jscript9.dll
2013-12-14 11:12 . 2013-10-15 00:00    28368    ----a-w-    c:\windows\system32\IEUDINIT.EXE
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-08 23:32 . 2013-06-06 01:21    439648    ----a-w-    c:\windows\system32\drivers\aswndisflt.sys
2013-12-23 07:08 . 2013-06-05 18:59    207904    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-12-23 07:08 . 2013-06-05 18:59    1034464    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-12-23 07:08 . 2013-06-05 18:59    422216    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2013-12-23 07:08 . 2013-06-05 18:59    78648    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-12-23 07:08 . 2013-02-12 06:54    334136    ----a-w-    c:\windows\system32\aswBoot.exe
2013-12-23 07:08 . 2013-06-05 18:59    43152    ----a-w-    c:\windows\avastSS.scr
2013-12-14 11:05 . 2011-08-15 17:09    90708896    ----a-w-    c:\windows\system32\MRT.exe
2013-12-11 20:05 . 2013-12-11 20:05    32512    ----a-w-    c:\windows\system32\drivers\hitmanpro37.sys
2013-12-11 00:52 . 2012-04-25 01:18    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 00:52 . 2011-08-12 04:26    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-23 18:26 . 2013-12-11 19:28    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 19:28    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-11-19 10:21 . 2011-08-12 01:14    267936    ------w-    c:\windows\system32\MpSigStub.exe
2013-11-15 18:32 . 2013-06-05 20:37    12788736    ----a-w-    c:\program files (x86)\Common Files\lpuninstall.exe
2013-11-12 02:23 . 2013-12-11 19:27    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 19:27    2048    ----a-w-    c:\windows\SysWow64\tzres.dll
2013-10-30 02:32 . 2013-12-11 19:28    335360    ----a-w-    c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-11 19:28    301568    ----a-w-    c:\windows\SysWow64\msieftp.dll
2013-10-30 01:24 . 2013-12-11 19:28    3155968    ----a-w-    c:\windows\system32\win32k.sys
2013-10-22 23:28 . 2013-06-05 18:59    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-10-22 23:28 . 2013-06-05 18:59    92544    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2013-10-22 23:27 . 2013-06-06 01:21    28184    ----a-w-    c:\windows\system32\drivers\aswKbd.sys
2013-10-19 02:18 . 2013-12-11 19:27    81408    ----a-w-    c:\windows\system32\imagehlp.dll
2013-10-19 01:36 . 2013-12-11 19:27    159232    ----a-w-    c:\windows\SysWow64\imagehlp.dll
2013-10-14 17:41 . 2013-06-06 01:21    270824    ----a-w-    c:\windows\system32\drivers\aswNdis2.sys
2013-10-14 17:41 . 2013-06-06 01:21    131232    ----a-w-    c:\windows\system32\drivers\aswFW.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-23 3764024]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"Sendori Tray"="c:\program files (x86)\Sendori\SendoriTray.exe" [2013-10-07 83232]
.
c:\users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AT&T Locker Uploader.lnk - c:\program files (x86)\AT&T Locker Uploader\AT&T Locker Uploader.exe startup [2013-12-2 617472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ROC_ROC_NT"="c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
"Conime"=%windir%\system32\conime.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 sndappv2;sndappv2;c:\program files (x86)\Sendori\sndappv2.exe;c:\program files (x86)\Sendori\sndappv2.exe [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 Application Sendori;Application Sendori;c:\program files (x86)\Sendori\SendoriSvc.exe;c:\program files (x86)\Sendori\SendoriSvc.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Service Sendori;Service Sendori;c:\program files (x86)\Sendori\Sendori.Service.exe;c:\program files (x86)\Sendori\Sendori.Service.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 21:05    451872    ----a-w-    c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-04 17:35    1210320    ----a-w-    c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-07-14 01:14    126464    ----a-w-    c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 00:52]
.
2014-01-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000Core.job
- c:\users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-07 04:04]
.
2014-01-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000UA.job
- c:\users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-07 04:04]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08 18:21]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08 18:21]
.
2014-01-10 c:\windows\Tasks\HPCeeScheduleForheather.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-23 07:08    287280    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-03 1424896]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4631A88B-A0CB-4BB1-AA24-56C087CF4802}: NameServer = 208.122.23.22,208.122.23.23
FF - ProfilePath - c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\
FF - prefs.js: browser.startup.homepage - google.com
FF - ExtSQL: 2013-12-11 13:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-12-11 15:24; jid1-QSGldp2zlbyAFQ@jetpack; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\jid1-QSGldp2zlbyAFQ@jetpack.xpi
FF - ExtSQL: 2013-12-11 15:41; {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi
FF - ExtSQL: 2013-12-11 15:41; {197573FA-9BF9-11DF-9D68-A441DFD72085}; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\{197573FA-9BF9-11DF-9D68-A441DFD72085}.xpi
FF - ExtSQL: 2013-12-11 15:41; secureornot@tiptt.blogspot.com; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\secureornot@tiptt.blogspot.com.xpi
FF - ExtSQL: 2013-12-11 15:41; donottrackplus@abine.com; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\donottrackplus@abine.com
FF - ExtSQL: 2013-12-11 15:41; idme@abine.com; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\idme@abine.com
FF - ExtSQL: 2013-12-18 15:39; {4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF - ExtSQL: !HIDDEN! 2011-08-13 18:09; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
WebBrowser-{CDF97EE2-DED0-4369-835E-99DD08225FA5} - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2014-01-11  16:04:58 - machine was rebooted
ComboFix-quarantined-files.txt  2014-01-11 22:04
.
Pre-Run: 103,250,825,216 bytes free
Post-Run: 103,809,945,600 bytes free
.
- - End Of File - - C135CD814206492E045486E3ECDC23B9
 



#11 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 14 January 2014 - 02:11 PM

UPDATE:  Sometimes when opening a new tab the FBI warning comes up (it now includes a picture of Obama on it) but just closing that tab makes it go away for a while.  Avast has been corrupted and is saying my protection has expired which is not true.  Since I ran the above program for Windows Security, I'm assuming I now have no virus protection.  Will continue to work on getting Avast back up.  Below is the Combo Fix log.

 

ComboFix 14-01-14.02 - heather 01/14/2014  12:42:11.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.1998 [GMT -6:00]
Running from: c:\users\heather\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-14 to 2014-01-14  )))))))))))))))))))))))))))))))
.
.
2014-01-14 18:55 . 2014-01-14 18:55    --------    d-----w-    c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-01-14 18:55 . 2014-01-14 18:55    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-01-14 17:55 . 2014-01-14 17:55    16632    ----a-w-    C:\FixitRegBackup.reg
2014-01-14 17:48 . 2013-04-25 05:23    905296    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE570279-6E37-50EE-F757-1BF787AE0301}\GapaEngine.dll
2014-01-14 00:48 . 2014-01-14 00:48    --------    d-----w-    c:\windows\Migration
2014-01-14 00:46 . 2013-09-04 12:11    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2014-01-14 00:46 . 2013-09-04 12:11    52736    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2014-01-14 00:46 . 2013-09-04 12:12    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2014-01-14 00:46 . 2013-09-04 12:11    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2014-01-14 00:46 . 2013-09-04 12:11    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2014-01-14 00:46 . 2013-09-04 12:11    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2014-01-14 00:46 . 2013-09-04 12:11    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2014-01-14 00:42 . 2014-01-14 00:42    --------    d-----w-    c:\users\heather\AppData\Roaming\AVAST Software
2014-01-13 23:41 . 2014-01-13 23:41    --------    d-----w-    c:\users\heather\AppData\Local\SearchProtect
2014-01-13 22:44 . 2014-01-13 22:44    75888    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D945ACDF-224B-4232-904C-8BFF3DCD4B31}\offreg.dll
2014-01-13 22:42 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D945ACDF-224B-4232-904C-8BFF3DCD4B31}\mpengine.dll
2014-01-13 08:33 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-13 08:06 . 2014-01-13 08:06    --------    d-----w-    C:\found.000
2014-01-10 15:55 . 2014-01-10 15:55    --------    d-----w-    C:\FRST
2014-01-07 13:13 . 2014-01-07 13:48    --------    d-----w-    c:\program files (x86)\FrostWire Ultra Accelerator
2014-01-06 18:53 . 2014-01-06 18:53    --------    d-----w-    c:\users\heather\AppData\Local\AT&T,_Inc
2014-01-06 18:53 . 2014-01-06 18:53    --------    d-----w-    c:\program files (x86)\AT&T Locker Uploader
2014-01-05 22:49 . 2013-12-05 19:41    272496    ----a-w-    c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-01-05 15:16 . 2014-01-05 15:16    --------    d-----w-    c:\programdata\Yahoo! Companion
2014-01-05 15:16 . 2014-01-05 15:16    --------    d-----w-    c:\users\heather\AppData\Roaming\Yahoo!
2014-01-02 20:34 . 2014-01-14 00:24    --------    d-----w-    c:\users\Jack
2014-01-02 20:22 . 2014-01-14 00:24    --------    d-----w-    c:\users\admin heather
2014-01-02 18:30 . 2014-01-02 18:30    --------    d-----w-    c:\windows\ERUNT
2014-01-02 14:37 . 2014-01-02 19:21    --------    d-----w-    c:\users\heather\AppData\Local\NPE
2013-12-31 06:08 . 2013-12-31 06:08    --------    d-----w-    c:\users\Guest\AppData\Local\SearchProtect
2013-12-31 06:04 . 2013-12-31 06:04    --------    d-----w-    c:\users\Guest\AppData\Roaming\HPAppData
2013-12-18 21:36 . 2014-01-07 13:46    --------    d-----w-    C:\AdwCleaner
2013-12-18 21:26 . 2013-12-18 21:26    76800    ----a-w-    c:\windows\system32\drivers\rspndr.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    339536    ----a-w-    c:\windows\system32\drivers\adpahci.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    182864    ----a-w-    c:\windows\system32\drivers\adpu320.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    491088    ----a-w-    c:\windows\system32\drivers\adp94xx.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    334208    ----a-w-    c:\windows\system32\drivers\acpi.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    229888    ----a-w-    c:\windows\system32\drivers\1394ohci.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    12800    ----a-w-    c:\windows\system32\drivers\acpipmi.sys.bak
2013-12-18 21:25 . 2013-12-18 21:25    68096    ----a-w-    c:\windows\system32\drivers\1394bus.sys.bak
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-14 17:51 . 2013-06-06 01:21    439648    ----a-w-    c:\windows\system32\drivers\aswndisflt.sys
2013-12-23 07:08 . 2013-06-05 18:59    43152    ----a-w-    c:\windows\avastSS.scr
2013-12-14 11:09 . 2013-12-14 11:09    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-14 11:09 . 2013-12-14 11:09    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-12-14 11:09 . 2013-12-14 11:09    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-12-14 11:09 . 2013-12-14 11:09    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-12-14 11:09 . 2013-12-14 11:09    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-12-14 11:09 . 2013-12-14 11:09    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-12-14 11:09 . 2013-12-14 11:09    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-12-14 11:09 . 2013-12-14 11:09    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-12-14 11:09 . 2013-12-14 11:09    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-12-14 11:09 . 2013-12-14 11:09    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-12-14 11:09 . 2013-12-14 11:09    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-12-14 11:09 . 2013-12-14 11:09    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-14 11:09 . 2013-12-14 11:09    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-14 11:09 . 2013-12-14 11:09    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-12-14 11:09 . 2013-12-14 11:09    626176    ----a-w-    c:\windows\system32\msfeeds.dll
2013-12-14 11:09 . 2013-12-14 11:09    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-12-14 11:09 . 2013-12-14 11:09    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-12-14 11:09 . 2013-12-14 11:09    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-12-14 11:09 . 2013-12-14 11:09    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-12-14 11:09 . 2013-12-14 11:09    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-12-14 11:09 . 2013-12-14 11:09    548352    ----a-w-    c:\windows\system32\vbscript.dll
2013-12-14 11:09 . 2013-12-14 11:09    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-12-14 11:09 . 2013-12-14 11:09    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2013-12-14 11:09 . 2013-12-14 11:09    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-12-14 11:09 . 2013-12-14 11:09    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-12-14 11:09 . 2013-12-14 11:09    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-12-14 11:09 . 2013-12-14 11:09    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-12-14 11:09 . 2013-12-14 11:09    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-12-14 11:09 . 2013-12-14 11:09    413696    ----a-w-    c:\windows\system32\html.iec
2013-12-14 11:09 . 2013-12-14 11:09    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-14 11:09 . 2013-12-14 11:09    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-12-14 11:09 . 2013-12-14 11:09    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-14 11:09 . 2013-12-14 11:09    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-12-14 11:09 . 2013-12-14 11:09    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-12-14 11:09 . 2013-12-14 11:09    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-12-14 11:09 . 2013-12-14 11:09    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-12-14 11:09 . 2013-12-14 11:09    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-12-14 11:09 . 2013-12-14 11:09    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-12-14 11:09 . 2013-12-14 11:09    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-12-14 11:09 . 2013-12-14 11:09    235520    ----a-w-    c:\windows\system32\url.dll
2013-12-14 11:09 . 2013-12-14 11:09    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-12-14 11:09 . 2013-12-14 11:09    195584    ----a-w-    c:\windows\system32\msrating.dll
2013-12-14 11:09 . 2013-12-14 11:09    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-12-14 11:09 . 2013-12-14 11:09    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-12-14 11:09 . 2013-12-14 11:09    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-12-14 11:09 . 2013-12-14 11:09    147968    ----a-w-    c:\windows\system32\occache.dll
2013-12-14 11:09 . 2013-12-14 11:09    143872    ----a-w-    c:\windows\system32\wextract.exe
2013-12-14 11:09 . 2013-12-14 11:09    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-12-14 11:09 . 2013-12-14 11:09    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-12-14 11:09 . 2013-12-14 11:09    135680    ----a-w-    c:\windows\system32\iepeers.dll
2013-12-14 11:09 . 2013-12-14 11:09    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-12-14 11:09 . 2013-12-14 11:09    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-12-14 11:09 . 2013-12-14 11:09    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-12-14 11:09 . 2013-12-14 11:09    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-12-14 11:09 . 2013-12-14 11:09    112128    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-12-14 11:09 . 2013-12-14 11:09    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-12-14 11:09 . 2013-12-14 11:09    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2013-12-14 11:09 . 2013-12-14 11:09    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-12-14 11:09 . 2013-12-14 11:09    101376    ----a-w-    c:\windows\system32\inseng.dll
2013-12-14 11:05 . 2011-08-15 17:09    90708896    ----a-w-    c:\windows\system32\MRT.exe
2013-12-11 20:05 . 2013-12-11 20:05    32512    ----a-w-    c:\windows\system32\drivers\hitmanpro37.sys
2013-12-11 00:52 . 2012-04-25 01:18    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 00:52 . 2011-08-12 04:26    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-26 11:54 . 2013-12-15 09:01    23183360    ----a-w-    c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-15 09:01    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-15 09:01    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-15 09:01    66048    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-15 09:01    48640    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-15 09:01    2764288    ----a-w-    c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-15 09:01    53760    ----a-w-    c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-15 09:01    33792    ----a-w-    c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-15 09:01    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-15 09:01    574976    ----a-w-    c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-15 09:01    139264    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-15 09:01    111616    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-15 09:01    708608    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-15 09:01    218624    ----a-w-    c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-15 09:00    5769216    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-15 09:01    553472    ----a-w-    c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-15 09:00    4243968    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-15 09:01    1995264    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-15 09:01    12996608    ----a-w-    c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-15 09:01    1928192    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-15 09:01    2334208    ----a-w-    c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-15 09:01    1395200    ----a-w-    c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-15 09:01    817664    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-15 09:01    1820160    ----a-w-    c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 19:28    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 19:28    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-11-19 10:21 . 2011-08-12 01:14    267936    ------w-    c:\windows\system32\MpSigStub.exe
2013-11-15 18:32 . 2013-06-05 20:37    12788736    ----a-w-    c:\program files (x86)\Common Files\lpuninstall.exe
2013-11-12 02:23 . 2013-12-11 19:27    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 19:27    2048    ----a-w-    c:\windows\SysWow64\tzres.dll
2013-10-30 02:32 . 2013-12-11 19:28    335360    ----a-w-    c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-11 19:28    301568    ----a-w-    c:\windows\SysWow64\msieftp.dll
2013-10-30 01:24 . 2013-12-11 19:28    3155968    ----a-w-    c:\windows\system32\win32k.sys
2013-10-19 02:18 . 2013-12-11 19:27    81408    ----a-w-    c:\windows\system32\imagehlp.dll
2013-10-19 01:36 . 2013-12-11 19:27    159232    ----a-w-    c:\windows\SysWow64\imagehlp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"Sendori Tray"="c:\program files (x86)\Sendori\SendoriTray.exe" [2013-10-07 83232]
.
c:\users\heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AT&T Locker Uploader.lnk - c:\program files (x86)\AT&T Locker Uploader\AT&T Locker Uploader.exe startup [2013-12-2 617472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ROC_ROC_NT"="c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
"Conime"=%windir%\system32\conime.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 sndappv2;sndappv2;c:\program files (x86)\Sendori\sndappv2.exe;c:\program files (x86)\Sendori\sndappv2.exe [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S2 Application Sendori;Application Sendori;c:\program files (x86)\Sendori\SendoriSvc.exe;c:\program files (x86)\Sendori\SendoriSvc.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Service Sendori;Service Sendori;c:\program files (x86)\Sendori\Sendori.Service.exe;c:\program files (x86)\Sendori\Sendori.Service.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 21:05    451872    ----a-w-    c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-04 17:35    1210320    ----a-w-    c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-07-14 01:14    126464    ----a-w-    c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 00:52]
.
2014-01-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000Core.job
- c:\users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-07 04:04]
.
2014-01-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690564705-488001411-2100272750-1000UA.job
- c:\users\heather\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-07 04:04]
.
2014-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08 18:21]
.
2014-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-08 18:21]
.
2014-01-14 c:\windows\Tasks\HPCeeScheduleForheather.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32    2240000    ----a-w-    c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 21:47    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-03 1424896]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4631A88B-A0CB-4BB1-AA24-56C087CF4802}: NameServer = 208.122.23.22,208.122.23.23
FF - ProfilePath - c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\
FF - prefs.js: browser.startup.homepage - google.com
FF - ExtSQL: 2013-12-11 13:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-12-11 15:24; jid1-QSGldp2zlbyAFQ@jetpack; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\jid1-QSGldp2zlbyAFQ@jetpack.xpi
FF - ExtSQL: 2013-12-11 15:41; {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi
FF - ExtSQL: 2013-12-11 15:41; {197573FA-9BF9-11DF-9D68-A441DFD72085}; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\{197573FA-9BF9-11DF-9D68-A441DFD72085}.xpi
FF - ExtSQL: 2013-12-11 15:41; secureornot@tiptt.blogspot.com; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\secureornot@tiptt.blogspot.com.xpi
FF - ExtSQL: 2013-12-11 15:41; donottrackplus@abine.com; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\donottrackplus@abine.com
FF - ExtSQL: 2013-12-11 15:41; idme@abine.com; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\idme@abine.com
FF - ExtSQL: 2013-12-18 15:39; {4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}; c:\users\heather\AppData\Roaming\Mozilla\Firefox\Profiles\emq59klk.default-1386796477928\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF - ExtSQL: !HIDDEN! 2011-08-13 18:09; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
WebBrowser-{CDF97EE2-DED0-4369-835E-99DD08225FA5} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-01-14  13:04:45 - machine was rebooted
ComboFix-quarantined-files.txt  2014-01-14 19:04
ComboFix2.txt  2014-01-11 22:05
.
Pre-Run: 106,081,357,824 bytes free
Post-Run: 105,451,024,384 bytes free
.
- - End Of File - - BD9E8388DDD73785B6746A0D13255911
 



#12 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 14 January 2014 - 02:28 PM

UPDATE: Avast reinstalled operating again.



#13 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:01 AM

Posted 14 January 2014 - 03:56 PM

Hello again,

Sorry for the delay!

Have you repopulated your startup folder?

I'd like you to run these two tools for me next:

Step :step1:

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan
==========

Step :step2:
  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg
  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now
  • After rebooting, please make sure all boxes are still checked before performing the scan!


    2012081514h0118.png
  • Click Start Scan and allow the scan process to run


    tds4-1.jpg
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply
==========

Please provide both requested logs in your next reply and let me know how the machine is running now!

bloopie

#14 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 17 January 2014 - 10:10 AM

Hi Bloopie,  Logs follow below.  Since the last programs run there has been an error message during start up.  It is from Microsoft Security Essentials and the error code is 0x8007002.  I did get Avast into the folder and will have to ask my daughter what else she had in there.  TDSS Killer has created a file too big.  I will copy and paste in the next two messages.

 

RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : heather [Admin rights]
Mode : Scan -- Date : 01/17/2014 08:41:14
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 13 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{4631A88B-A0CB-4BB1-AA24-56C087CF4802} : NameServer (208.122.23.22,208.122.23.23 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{22139CDF-8E53-4B9A-BCE9-7D7E21E6C1B0} : NameServer (8.26.56.26,156.154.70.22 [UNITED STATES (US) - PHILIPPINES (PH)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{4631A88B-A0CB-4BB1-AA24-56C087CF4802} : NameServer (208.122.23.22,208.122.23.23 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS003\[...]\{4631A88B-A0CB-4BB1-AA24-56C087CF4802} : NameServer (208.122.23.22,208.122.23.23 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] 7ddd13d7dd4bfbdeee4ccfb0dfca119a
[BSP] 1ac05a33202522a1059339c1fa85067a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461374 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 945303552 | Size: 15262 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 5a597428d1462f0429b025938554ea94
[BSP] 1ac05a33202522a1059339c1fa85067a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 159793152 | Size: 4000 Mo
2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167985152 | Size: 2000 Mo
3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 172081152 | Size: 20000 Mo

Finished : << RKreport[0]_S_01172014_084114.txt >>

**************************************************************************************

08:42:30.0464 5576  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:42:36.0767 5576  Perform update action was selected
08:42:36.0770 2136  Deinitialize success
**************************

08:43:41.0444 2392  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:43:43.0445 2392  ============================================================
08:43:43.0445 2392  Current date / time: 2014/01/17 08:43:43.0445
08:43:43.0445 2392  SystemInfo:
08:43:43.0445 2392  
08:43:43.0445 2392  OS Version: 6.1.7601 ServicePack: 1.0
08:43:43.0445 2392  Product type: Workstation
08:43:43.0446 2392  ComputerName: HEATHER-HP
08:43:43.0446 2392  UserName: heather
08:43:43.0446 2392  Windows directory: C:\Windows
08:43:43.0446 2392  System windows directory: C:\Windows
08:43:43.0446 2392  Running under WOW64
08:43:43.0446 2392  Processor architecture: Intel x64
08:43:43.0446 2392  Number of processors: 4
08:43:43.0446 2392  Page size: 0x1000
08:43:43.0446 2392  Boot type: Normal boot
08:43:43.0446 2392  ============================================================
08:43:44.0068 2392  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:43:44.0075 2392  ============================================================
08:43:44.0075 2392  \Device\Harddisk0\DR0:
08:43:44.0075 2392  MBR partitions:
08:43:44.0075 2392  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:43:44.0075 2392  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3851F000
08:43:44.0075 2392  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38583000, BlocksNum 0x1DCF000
08:43:44.0075 2392  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
08:43:44.0075 2392  ============================================================
08:43:44.0108 2392  C: <-> \Device\Harddisk0\DR0\Partition2
08:43:44.0170 2392  D: <-> \Device\Harddisk0\DR0\Partition3
08:43:44.0180 2392  F: <-> \Device\Harddisk0\DR0\Partition4
08:43:44.0180 2392  ============================================================
08:43:44.0180 2392  Initialize success
08:43:44.0180 2392  ============================================================
08:45:27.0542 3372  Deinitialize success
***********************************



#15 paw51

paw51
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:01 PM

Posted 17 January 2014 - 10:12 AM

First part of TDSS long file.

 

08:47:47.0620 4224  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:47:55.0014 4224  ============================================================
08:47:55.0014 4224  Current date / time: 2014/01/17 08:47:55.0014
08:47:55.0014 4224  SystemInfo:
08:47:55.0014 4224  
08:47:55.0014 4224  OS Version: 6.1.7601 ServicePack: 1.0
08:47:55.0014 4224  Product type: Workstation
08:47:55.0014 4224  ComputerName: HEATHER-HP
08:47:55.0014 4224  UserName: heather
08:47:55.0014 4224  Windows directory: C:\Windows
08:47:55.0014 4224  System windows directory: C:\Windows
08:47:55.0014 4224  Running under WOW64
08:47:55.0014 4224  Processor architecture: Intel x64
08:47:55.0014 4224  Number of processors: 4
08:47:55.0014 4224  Page size: 0x1000
08:47:55.0014 4224  Boot type: Normal boot
08:47:55.0014 4224  ============================================================
08:48:20.0273 4224  BG loaded
08:48:24.0501 4224  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:48:24.0501 4224  ============================================================
08:48:24.0501 4224  \Device\Harddisk0\DR0:
08:48:24.0501 4224  MBR partitions:
08:48:24.0501 4224  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:48:24.0501 4224  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3851F000
08:48:24.0501 4224  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38583000, BlocksNum 0x1DCF000
08:48:24.0501 4224  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
08:48:24.0501 4224  ============================================================
08:48:24.0563 4224  C: <-> \Device\Harddisk0\DR0\Partition2
08:48:29.0196 4224  D: <-> \Device\Harddisk0\DR0\Partition3
08:48:29.0212 4224  F: <-> \Device\Harddisk0\DR0\Partition4
08:48:29.0212 4224  ============================================================
08:48:29.0212 4224  Initialize success
08:48:29.0212 4224  ============================================================
08:48:48.0402 6136  ============================================================
08:48:48.0402 6136  Scan started
08:48:48.0402 6136  Mode: Manual; SigCheck; TDLFS;
08:48:48.0402 6136  ============================================================
08:48:51.0191 6136  ================ Scan system memory ========================
08:48:51.0191 6136  System memory - ok
08:48:51.0191 6136  ================ Scan services =============================
08:48:52.0377 6136  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:48:52.0558 6136  1394ohci - ok
08:48:52.0617 6136  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:48:52.0638 6136  ACPI - ok
08:48:52.0652 6136  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:48:52.0701 6136  AcpiPmi - ok
08:48:52.0842 6136  [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:48:52.0855 6136  AdobeARMservice - ok
08:48:53.0488 6136  [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:48:53.0507 6136  AdobeFlashPlayerUpdateSvc - ok
08:48:53.0539 6136  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:48:53.0563 6136  adp94xx - ok
08:48:53.0632 6136  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:48:53.0651 6136  adpahci - ok
08:48:53.0734 6136  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:48:53.0751 6136  adpu320 - ok
08:48:53.0781 6136  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:48:53.0869 6136  AeLookupSvc - ok
08:48:53.0946 6136  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
08:48:53.0999 6136  AFD - ok
08:48:54.0030 6136  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:48:54.0046 6136  agp440 - ok
08:48:54.0101 6136  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:48:54.0208 6136  ALG - ok
08:48:54.0254 6136  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:48:54.0269 6136  aliide - ok
08:48:54.0337 6136  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:48:54.0351 6136  amdide - ok
08:48:54.0386 6136  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:48:54.0428 6136  AmdK8 - ok
08:48:54.0455 6136  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:48:54.0571 6136  AmdPPM - ok
08:48:54.0606 6136  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:48:54.0624 6136  amdsata - ok
08:48:54.0666 6136  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:48:54.0685 6136  amdsbs - ok
08:48:54.0706 6136  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:48:54.0724 6136  amdxata - ok
08:48:54.0764 6136  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:48:54.0908 6136  AppID - ok
08:48:54.0941 6136  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:48:55.0038 6136  AppIDSvc - ok
08:48:55.0218 6136  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:48:55.0273 6136  Appinfo - ok
08:48:55.0365 6136  [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:48:55.0375 6136  Apple Mobile Device - ok
08:48:55.0489 6136  [ F522D5FFE47200FED198873969FEAB7E ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe
08:48:55.0501 6136  Application Sendori - ok
08:48:55.0612 6136  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:48:55.0627 6136  arc - ok
08:48:55.0688 6136  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:48:55.0703 6136  arcsas - ok
08:48:55.0863 6136  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:48:55.0960 6136  aspnet_state - ok
08:48:56.0019 6136  [ 9C2BEA3957EFFD45F352F0938DFB3721 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
08:48:56.0075 6136  aswMonFlt - ok
08:48:56.0103 6136  [ 679712B7A353EE665B9301592164A172 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
08:48:56.0118 6136  aswRdr - ok
08:48:56.0180 6136  [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
08:48:56.0196 6136  aswRvrt - ok
08:48:56.0253 6136  [ 52B5F8FAF7E78C02D26B0B6E3A05F596 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
08:48:56.0284 6136  aswSnx - ok
08:48:56.0381 6136  [ 251360C2FCA22BAFE0583314B3262F98 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
08:48:56.0402 6136  aswSP - ok
08:48:56.0476 6136  [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F ] aswStm          C:\Windows\system32\drivers\aswStm.sys
08:48:56.0491 6136  aswStm - ok
08:48:56.0515 6136  [ 90399625F341AB76BA4B85A5E860EB1F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
08:48:56.0535 6136  aswVmm - ok
08:48:56.0557 6136  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:48:56.0634 6136  AsyncMac - ok
08:48:56.0749 6136  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:48:56.0765 6136  atapi - ok
08:48:57.0209 6136  [ B4421D8CDADC441F76BA39532A3E3414 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
08:48:57.0295 6136  athr - ok
08:48:57.0414 6136  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:48:57.0478 6136  AudioEndpointBuilder - ok
08:48:57.0732 6136  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:48:57.0778 6136  AudioSrv - ok
08:48:58.0390 6136  [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:48:58.0406 6136  avast! Antivirus - ok
08:48:58.0409 6136  AVFSFilter - ok
08:48:58.0472 6136  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:48:58.0541 6136  AxInstSV - ok
08:48:58.0652 6136  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:48:58.0692 6136  b06bdrv - ok
08:48:58.0792 6136  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:48:58.0868 6136  b57nd60a - ok
08:48:58.0957 6136  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:48:59.0008 6136  BDESVC - ok
08:48:59.0092 6136  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:48:59.0194 6136  Beep - ok
08:48:59.0265 6136  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
08:48:59.0315 6136  BFE - ok
08:48:59.0442 6136  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
08:48:59.0533 6136  BITS - ok
08:48:59.0563 6136  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:48:59.0577 6136  blbdrive - ok
08:48:59.0642 6136  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:48:59.0662 6136  Bonjour Service - ok
08:48:59.0683 6136  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:48:59.0719 6136  bowser - ok
08:48:59.0748 6136  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:48:59.0799 6136  BrFiltLo - ok
08:48:59.0818 6136  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:48:59.0844 6136  BrFiltUp - ok
08:48:59.0919 6136  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
08:48:59.0982 6136  BridgeMP - ok
08:49:00.0065 6136  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:49:00.0115 6136  Browser - ok
08:49:00.0165 6136  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:49:00.0242 6136  Brserid - ok
08:49:00.0275 6136  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:49:00.0317 6136  BrSerWdm - ok
08:49:00.0358 6136  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:49:00.0423 6136  BrUsbMdm - ok
08:49:00.0443 6136  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:49:00.0477 6136  BrUsbSer - ok
08:49:00.0513 6136  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:49:00.0563 6136  BTHMODEM - ok
08:49:00.0636 6136  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:49:00.0704 6136  bthserv - ok
08:49:00.0777 6136  catchme - ok
08:49:00.0807 6136  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:49:00.0865 6136  cdfs - ok
08:49:00.0891 6136  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:49:00.0933 6136  cdrom - ok
08:49:00.0964 6136  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:49:01.0025 6136  CertPropSvc - ok
08:49:01.0065 6136  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:49:01.0101 6136  circlass - ok
08:49:01.0169 6136  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:49:01.0187 6136  CLFS - ok
08:49:01.0360 6136  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:49:01.0374 6136  clr_optimization_v2.0.50727_32 - ok
08:49:01.0412 6136  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:49:01.0431 6136  clr_optimization_v2.0.50727_64 - ok
08:49:01.0556 6136  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:49:01.0801 6136  clr_optimization_v4.0.30319_32 - ok
08:49:01.0855 6136  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:49:02.0033 6136  clr_optimization_v4.0.30319_64 - ok
08:49:02.0067 6136  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
08:49:02.0078 6136  clwvd - ok
08:49:02.0119 6136  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:49:02.0175 6136  CmBatt - ok
08:49:02.0223 6136  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:49:02.0251 6136  cmdide - ok
08:49:02.0283 6136  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
08:49:02.0318 6136  CNG - ok
08:49:02.0348 6136  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:49:02.0363 6136  Compbatt - ok
08:49:02.0387 6136  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:49:02.0435 6136  CompositeBus - ok
08:49:02.0438 6136  COMSysApp - ok
08:49:02.0444 6136  CpqDfw - ok
08:49:02.0471 6136  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:49:02.0485 6136  crcdisk - ok
08:49:02.0524 6136  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:49:02.0570 6136  CryptSvc - ok
08:49:02.0618 6136  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:49:02.0681 6136  DcomLaunch - ok
08:49:02.0738 6136  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:49:02.0811 6136  defragsvc - ok
08:49:02.0832 6136  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:49:02.0896 6136  DfsC - ok
08:49:02.0938 6136  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:49:02.0984 6136  Dhcp - ok
08:49:03.0014 6136  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:49:03.0079 6136  discache - ok
08:49:03.0127 6136  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:49:03.0149 6136  Disk - ok
08:49:03.0174 6136  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:49:03.0218 6136  Dnscache - ok
08:49:03.0270 6136  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:49:03.0331 6136  dot3svc - ok
08:49:03.0373 6136  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:49:03.0439 6136  DPS - ok
08:49:03.0487 6136  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:49:03.0518 6136  drmkaud - ok
08:49:03.0619 6136  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:49:03.0647 6136  DXGKrnl - ok
08:49:03.0678 6136  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:49:03.0734 6136  EapHost - ok
08:49:03.0951 6136  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:49:04.0092 6136  ebdrv - ok
08:49:04.0137 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
08:49:04.0197 6136  EFS - ok
08:49:04.0264 6136  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:49:04.0316 6136  ehRecvr - ok
08:49:04.0348 6136  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:49:04.0381 6136  ehSched - ok
08:49:04.0488 6136  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:49:04.0526 6136  elxstor - ok
08:49:04.0548 6136  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:49:04.0583 6136  ErrDev - ok
08:49:04.0626 6136  esgiguard - ok
08:49:04.0683 6136  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:49:04.0761 6136  EventSystem - ok
08:49:04.0786 6136  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:49:04.0846 6136  exfat - ok
08:49:04.0876 6136  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:49:04.0938 6136  fastfat - ok
08:49:05.0013 6136  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:49:05.0072 6136  Fax - ok
08:49:05.0111 6136  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:49:05.0149 6136  fdc - ok
08:49:05.0200 6136  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:49:05.0264 6136  fdPHost - ok
08:49:05.0282 6136  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:49:05.0363 6136  FDResPub - ok
08:49:05.0380 6136  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:49:05.0393 6136  FileInfo - ok
08:49:05.0404 6136  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:49:05.0461 6136  Filetrace - ok
08:49:05.0483 6136  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:49:05.0499 6136  flpydisk - ok
08:49:05.0529 6136  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:49:05.0546 6136  FltMgr - ok
08:49:05.0799 6136  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:49:05.0827 6136  FontCache - ok
08:49:05.0975 6136  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:49:05.0989 6136  FontCache3.0.0.0 - ok
08:49:06.0013 6136  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:49:06.0027 6136  FsDepends - ok
08:49:06.0065 6136  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:49:06.0079 6136  Fs_Rec - ok
08:49:06.0108 6136  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:49:06.0126 6136  fvevol - ok
08:49:06.0160 6136  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:49:06.0176 6136  gagp30kx - ok
08:49:06.0390 6136  [ 2139BB5D8F4861B74DAB96ECE69EE520 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
08:49:06.0410 6136  GamesAppIntegrationService - ok
08:49:06.0586 6136  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:49:06.0608 6136  GamesAppService - ok
08:49:06.0632 6136  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:49:06.0643 6136  GEARAspiWDM - ok
08:49:06.0675 6136  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:49:06.0738 6136  gpsvc - ok
08:49:06.0832 6136  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:49:06.0843 6136  gupdate - ok
08:49:06.0849 6136  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:49:06.0861 6136  gupdatem - ok
08:49:06.0886 6136  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:49:06.0941 6136  hcw85cir - ok
08:49:06.0982 6136  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:49:07.0029 6136  HdAudAddService - ok
08:49:07.0079 6136  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:49:07.0129 6136  HDAudBus - ok
08:49:07.0171 6136  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
08:49:07.0184 6136  HECIx64 - ok
08:49:07.0200 6136  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:49:07.0217 6136  HidBatt - ok
08:49:07.0236 6136  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:49:07.0288 6136  HidBth - ok
08:49:07.0330 6136  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:49:07.0375 6136  HidIr - ok
08:49:07.0422 6136  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
08:49:07.0482 6136  hidserv - ok
08:49:07.0506 6136  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:49:07.0522 6136  HidUsb - ok
08:49:07.0584 6136  [ FCE2251FE4464DCAA2F4684F19A8EE9B ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
08:49:07.0600 6136  hitmanpro37 - ok
08:49:07.0622 6136  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:49:07.0703 6136  hkmsvc - ok
08:49:07.0740 6136  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:49:07.0782 6136  HomeGroupListener - ok
08:49:07.0829 6136  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:49:07.0876 6136  HomeGroupProvider - ok
08:49:07.0957 6136  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
08:49:07.0984 6136  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
08:49:07.0984 6136  HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
08:49:08.0069 6136  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
08:49:08.0083 6136  HP Wireless Assistant Service - ok
08:49:08.0105 6136  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
08:49:08.0118 6136  HPClientSvc - ok
08:49:08.0161 6136  [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:49:08.0173 6136  HPDrvMntSvc.exe - ok
08:49:08.0371 6136  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:49:08.0383 6136  hpqcxs08 - ok
08:49:08.0410 6136  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:49:08.0420 6136  hpqddsvc - ok
08:49:08.0525 6136  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
08:49:08.0550 6136  hpqwmiex - ok
08:49:08.0576 6136  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:49:08.0598 6136  HpSAMD - ok
08:49:08.0653 6136  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:49:08.0690 6136  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
08:49:08.0690 6136  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
08:49:08.0744 6136  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
08:49:08.0754 6136  HPWMISVC - ok
08:49:08.0933 6136  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:49:09.0015 6136  HTTP - ok
08:49:09.0039 6136  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:49:09.0051 6136  hwpolicy - ok
08:49:09.0076 6136  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
08:49:09.0092 6136  i8042prt - ok
08:49:09.0184 6136  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
08:49:09.0205 6136  iaStor - ok
08:49:09.0328 6136  [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:49:09.0347 6136  IAStorDataMgrSvc - ok
08:49:09.0408 6136  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:49:09.0443 6136  iaStorV - ok
08:49:09.0673 6136  [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
08:49:09.0743 6136  IconMan_R ( UnsignedFile.Multi.Generic ) - warning
08:49:09.0744 6136  IconMan_R - detected UnsignedFile.Multi.Generic (1)
08:49:09.0821 6136  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:49:09.0855 6136  IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:49:09.0855 6136  IDriverT - detected UnsignedFile.Multi.Generic (1)
08:49:09.0997 6136  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:49:10.0060 6136  idsvc - ok
08:49:10.0125 6136  IEEtwCollectorService - ok
08:49:11.0059 6136  [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
08:49:11.0226 6136  igfx - ok
08:49:11.0252 6136  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:49:11.0266 6136  iirsp - ok
08:49:11.0323 6136  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
08:49:11.0380 6136  IKEEXT - ok
08:49:11.0406 6136  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
08:49:11.0446 6136  Impcd - ok
08:49:11.0533 6136  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
08:49:11.0574 6136  IntcDAud - ok
08:49:11.0615 6136  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:49:11.0633 6136  intelide - ok
08:49:11.0658 6136  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:49:11.0688 6136  intelppm - ok
08:49:11.0724 6136  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:49:11.0793 6136  IPBusEnum - ok
08:49:11.0856 6136  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:49:11.0921 6136  IpFilterDriver - ok
08:49:12.0000 6136  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:49:12.0038 6136  iphlpsvc - ok
08:49:12.0098 6136  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:49:12.0137 6136  IPMIDRV - ok
08:49:12.0163 6136  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:49:12.0224 6136  IPNAT - ok
08:49:12.0335 6136  [ 33B286326BD2B1A7748C43391058FB19 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:49:12.0354 6136  iPod Service - ok
08:49:12.0391 6136  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:49:12.0431 6136  IRENUM - ok
08:49:12.0459 6136  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:49:12.0472 6136  isapnp - ok
08:49:12.0494 6136  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:49:12.0514 6136  iScsiPrt - ok
08:49:12.0532 6136  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:49:12.0545 6136  kbdclass - ok
08:49:12.0561 6136  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:49:12.0595 6136  kbdhid - ok
08:49:12.0621 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
08:49:12.0637 6136  KeyIso - ok
08:49:12.0676 6136  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:49:12.0695 6136  KSecDD - ok
08:49:12.0734 6136  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:49:12.0751 6136  KSecPkg - ok
08:49:12.0769 6136  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:49:12.0833 6136  ksthunk - ok
08:49:12.0866 6136  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:49:12.0930 6136  KtmRm - ok
08:49:13.0015 6136  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
08:49:13.0107 6136  LanmanServer - ok
08:49:13.0144 6136  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:49:13.0207 6136  LanmanWorkstation - ok
08:49:13.0262 6136  [ 71C6A95A5F0CCC87298C4DD0F2C3635A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:49:13.0283 6136  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
08:49:13.0283 6136  LightScribeService - detected UnsignedFile.Multi.Generic (1)
08:49:13.0313 6136  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:49:13.0368 6136  lltdio - ok
08:49:13.0406 6136  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:49:13.0474 6136  lltdsvc - ok
08:49:13.0494 6136  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:49:13.0534 6136  lmhosts - ok
08:49:13.0784 6136  [ 9D8B95C0EAE145C46BC4A727B23DA395 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:49:13.0887 6136  LMS - ok
08:49:13.0919 6136  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:49:13.0935 6136  LSI_FC - ok
08:49:13.0968 6136  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:49:13.0986 6136  LSI_SAS - ok
08:49:14.0010 6136  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:49:14.0026 6136  LSI_SAS2 - ok
08:49:14.0041 6136  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:49:14.0057 6136  LSI_SCSI - ok
08:49:14.0083 6136  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:49:14.0125 6136  luafv - ok
08:49:14.0151 6136  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:49:14.0188 6136  Mcx2Svc - ok
08:49:14.0224 6136  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:49:14.0238 6136  megasas - ok
08:49:14.0298 6136  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:49:14.0318 6136  MegaSR - ok
08:49:14.0337 6136  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:49:14.0396 6136  MMCSS - ok
08:49:14.0421 6136  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:49:14.0484 6136  Modem - ok
08:49:14.0503 6136  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:49:14.0539 6136  monitor - ok
08:49:14.0578 6136  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:49:14.0590 6136  mouclass - ok
08:49:14.0602 6136  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:49:14.0632 6136  mouhid - ok
08:49:14.0661 6136  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:49:14.0675 6136  mountmgr - ok
08:49:14.0760 6136  [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:49:14.0780 6136  MozillaMaintenance - ok
08:49:14.0837 6136  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
08:49:14.0856 6136  MpFilter - ok
08:49:14.0875 6136  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:49:14.0890 6136  mpio - ok
08:49:14.0926 6136  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:49:14.0967 6136  mpsdrv - ok
08:49:15.0045 6136  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:49:15.0132 6136  MpsSvc - ok
08:49:15.0158 6136  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:49:15.0193 6136  MRxDAV - ok
08:49:15.0227 6136  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:49:15.0260 6136  mrxsmb - ok
08:49:15.0285 6136  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:49:15.0328 6136  mrxsmb10 - ok
08:49:15.0358 6136  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:49:15.0374 6136  mrxsmb20 - ok
08:49:15.0433 6136  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:49:15.0447 6136  msahci - ok
08:49:15.0484 6136  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:49:15.0501 6136  msdsm - ok
08:49:15.0529 6136  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:49:15.0568 6136  MSDTC - ok
08:49:15.0632 6136  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:49:15.0672 6136  Msfs - ok
08:49:15.0730 6136  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:49:15.0794 6136  mshidkmdf - ok
08:49:15.0823 6136  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:49:15.0838 6136  msisadrv - ok
08:49:15.0867 6136  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:49:15.0928 6136  MSiSCSI - ok
08:49:15.0932 6136  msiserver - ok
08:49:15.0970 6136  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:49:16.0027 6136  MSKSSRV - ok
08:49:16.0106 6136  [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:49:16.0119 6136  MsMpSvc - ok
08:49:16.0145 6136  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:49:16.0215 6136  MSPCLOCK - ok
08:49:16.0246 6136  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:49:16.0305 6136  MSPQM - ok
08:49:16.0346 6136  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:49:16.0366 6136  MsRPC - ok
08:49:16.0426 6136  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:49:16.0439 6136  mssmbios - ok
08:49:16.0459 6136  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:49:16.0531 6136  MSTEE - ok
08:49:16.0557 6136  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:49:16.0575 6136  MTConfig - ok
08:49:16.0628 6136  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:49:16.0641 6136  Mup - ok
08:49:16.0706 6136  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:49:16.0750 6136  napagent - ok
08:49:16.0886 6136  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:49:16.0927 6136  NativeWifiP - ok
08:49:16.0980 6136  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:49:17.0006 6136  NDIS - ok
08:49:17.0081 6136  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:49:17.0140 6136  NdisCap - ok
08:49:17.0188 6136  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:49:17.0251 6136  NdisTapi - ok
08:49:17.0282 6136  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:49:17.0348 6136  Ndisuio - ok
08:49:17.0386 6136  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:49:17.0463 6136  NdisWan - ok
08:49:17.0510 6136  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:49:17.0566 6136  NDProxy - ok
08:49:17.0643 6136  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:49:17.0671 6136  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:49:17.0671 6136  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:49:17.0719 6136  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:49:17.0786 6136  NetBIOS - ok
08:49:17.0851 6136  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:49:17.0893 6136  NetBT - ok
08:49:17.0905 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
08:49:17.0921 6136  Netlogon - ok
08:49:18.0011 6136  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:49:18.0078 6136  Netman - ok
08:49:18.0120 6136  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:49:18.0179 6136  NetMsmqActivator - ok
08:49:18.0185 6136  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:49:18.0199 6136  NetPipeActivator - ok
08:49:18.0314 6136  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:49:18.0405 6136  netprofm - ok
08:49:18.0461 6136  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:49:18.0475 6136  NetTcpActivator - ok
08:49:18.0482 6136  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:49:18.0497 6136  NetTcpPortSharing - ok
08:49:18.0892 6136  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
08:49:19.0105 6136  netw5v64 - ok
08:49:19.0162 6136  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:49:19.0177 6136  nfrd960 - ok
08:49:19.0239 6136  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:49:19.0256 6136  NisDrv - ok
08:49:19.0315 6136  [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
08:49:19.0374 6136  NisSrv - ok
08:49:19.0422 6136  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:49:19.0458 6136  NlaSvc - ok
08:49:19.0506 6136  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:49:19.0547 6136  Npfs - ok
08:49:19.0593 6136  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:49:19.0659 6136  nsi - ok
08:49:19.0677 6136  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:49:19.0718 6136  nsiproxy - ok
08:49:19.0876 6136  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:49:19.0940 6136  Ntfs - ok
08:49:19.0975 6136  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:49:20.0016 6136  Null - ok
08:49:20.0080 6136  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:49:20.0097 6136  nvraid - ok
08:49:20.0135 6136  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:49:20.0153 6136  nvstor - ok
08:49:20.0182 6136  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:49:20.0198 6136  nv_agp - ok
08:49:20.0262 6136  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:49:20.0283 6136  odserv - ok
08:49:20.0314 6136  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:49:20.0332 6136  ohci1394 - ok
08:49:20.0346 6136  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:49:20.0362 6136  ose - ok
08:49:20.0431 6136  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:49:20.0493 6136  p2pimsvc - ok
08:49:20.0542 6136  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:49:20.0563 6136  p2psvc - ok
08:49:20.0580 6136  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:49:20.0597 6136  Parport - ok
08:49:20.0648 6136  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:49:20.0661 6136  partmgr - ok
08:49:20.0677 6136  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:49:20.0718 6136  PcaSvc - ok
08:49:20.0741 6136  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:49:20.0758 6136  pci - ok
08:49:20.0805 6136  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:49:20.0819 6136  pciide - ok
08:49:20.0851 6136  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:49:20.0869 6136  pcmcia - ok
08:49:20.0893 6136  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:49:20.0907 6136  pcw - ok
08:49:20.0930 6136  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:49:20.0995 6136  PEAUTH - ok
08:49:21.0190 6136  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:49:21.0239 6136  PerfHost - ok
08:49:21.0380 6136  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:49:21.0461 6136  pla - ok
08:49:21.0549 6136  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:49:21.0624 6136  PlugPlay - ok
08:49:21.0672 6136  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:49:21.0703 6136  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:49:21.0703 6136  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:49:21.0739 6136  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:49:21.0803 6136  PNRPAutoReg - ok
08:49:22.0015 6136  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:49:22.0035 6136  PNRPsvc - ok
08:49:22.0180 6136  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:49:22.0242 6136  PolicyAgent - ok
08:49:22.0268 6136  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:49:22.0340 6136  Power - ok
08:49:22.0383 6136  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:49:22.0445 6136  PptpMiniport - ok
08:49:22.0466 6136  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:49:22.0504 6136  Processor - ok
08:49:22.0535 6136  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:49:22.0553 6136  ProfSvc - ok
08:49:22.0582 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
08:49:22.0597 6136  ProtectedStorage - ok
08:49:22.0634 6136  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:49:22.0747 6136  Psched - ok
08:49:23.0025 6136  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:49:23.0110 6136  ql2300 - ok
08:49:23.0141 6136  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:49:23.0163 6136  ql40xx - ok
08:49:23.0202 6136  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:49:23.0244 6136  QWAVE - ok
08:49:23.0273 6136  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:49:23.0322 6136  QWAVEdrv - ok
08:49:23.0337 6136  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:49:23.0402 6136  RasAcd - ok
08:49:23.0441 6136  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:49:23.0490 6136  RasAgileVpn - ok
08:49:23.0543 6136  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:49:23.0621 6136  RasAuto - ok
08:49:23.0648 6136  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:49:23.0720 6136  Rasl2tp - ok
08:49:23.0761 6136  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:49:23.0806 6136  RasMan - ok
08:49:23.0843 6136  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:49:23.0883 6136  RasPppoe - ok
08:49:23.0892 6136  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:49:23.0951 6136  RasSstp - ok
08:49:24.0079 6136  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:49:24.0182 6136  rdbss - ok
08:49:24.0669 6136  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:49:24.0714 6136  rdpbus - ok
08:49:24.0743 6136  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:49:24.0809 6136  RDPCDD - ok
08:49:24.0832 6136  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:49:24.0900 6136  RDPENCDD - ok
08:49:24.0932 6136  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:49:24.0972 6136  RDPREFMP - ok
08:49:25.0024 6136  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:49:25.0041 6136  RdpVideoMiniport - ok
08:49:25.0150 6136  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:49:25.0228 6136  RDPWD - ok
08:49:25.0271 6136  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:49:25.0318 6136  rdyboost - ok
08:49:25.0448 6136  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
08:49:25.0458 6136  RealNetworks Downloader Resolver Service - ok
08:49:25.0512 6136  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:49:25.0593 6136  RemoteAccess - ok
08:49:25.0627 6136  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:49:25.0690 6136  RemoteRegistry - ok
08:49:25.0728 6136  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:49:25.0801 6136  RpcEptMapper - ok
08:49:25.0830 6136  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:49:25.0845 6136  RpcLocator - ok
08:49:25.0873 6136  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:49:25.0919 6136  RpcSs - ok
08:49:25.0975 6136  [ CFDFD15D2D26BB50B6F4BF2D4FE6FA70 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
08:49:25.0992 6136  RSPCIESTOR - ok
08:49:26.0029 6136  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:49:26.0085 6136  rspndr - ok
08:49:26.0182 6136  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:49:26.0203 6136  RTL8167 - ok
08:49:26.0225 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
08:49:26.0240 6136  SamSs - ok
08:49:26.0285 6136  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:49:26.0308 6136  sbp2port - ok
08:49:26.0342 6136  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:49:26.0387 6136  SCardSvr - ok
08:49:26.0446 6136  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:49:26.0509 6136  scfilter - ok
08:49:26.0598 6136  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:49:26.0698 6136  Schedule - ok
08:49:26.0717 6136  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:49:26.0756 6136  SCPolicySvc - ok
08:49:26.0800 6136  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
08:49:26.0873 6136  sdbus - ok
08:49:26.0904 6136  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:49:26.0946 6136  SDRSVC - ok
08:49:26.0987 6136  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:49:27.0029 6136  secdrv - ok
08:49:27.0060 6136  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:49:27.0120 6136  seclogon - ok
08:49:27.0197 6136  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
08:49:27.0241 6136  SENS - ok
08:49:27.0306 6136  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:49:27.0343 6136  SensrSvc - ok
08:49:27.0364 6136  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:49:27.0442 6136  Serenum - ok
08:49:27.0551 6136  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:49:27.0572 6136  Serial - ok
08:49:27.0592 6136  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:49:28.0033 6136  sermouse - ok
08:49:28.0140 6136  [ 192C159DA850C18D5C859E9BA95E9515 ] Service Sendori C:\Program Files (x86)\Sendori\Sendori.Service.exe
08:49:28.0149 6136  Service Sendori - ok
08:49:28.0229 6136  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:49:28.0310 6136  SessionEnv - ok
08:49:28.0342 6136  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:49:28.0384 6136  sffdisk - ok
08:49:28.0410 6136  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:49:28.0447 6136  sffp_mmc - ok
08:49:28.0478 6136  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:49:28.0521 6136  sffp_sd - ok
08:49:28.0565 6136  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:49:28.0614 6136  sfloppy - ok
08:49:28.0695 6136  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:49:28.0741 6136  SharedAccess - ok
08:49:28.0815 6136  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:49:28.0886 6136  ShellHWDetection - ok
08:49:28.0916 6136  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:49:28.0939 6136  SiSRaid2 - ok
08:49:28.0953 6136  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:49:28.0975 6136  SiSRaid4 - ok
08:49:29.0058 6136  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:49:29.0069 6136  SkypeUpdate - ok
08:49:29.0112 6136  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:49:29.0180 6136  Smb - ok
08:49:29.0213 6136  [ 19555D03CB179BED8B8AAA239A36BDA4 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
08:49:29.0226 6136  SmbDrvI - ok
08:49:29.0427 6136  [ 0376EB78E8A8E52CB46E6A7BB1B419E3 ] sndappv2        C:\Program Files (x86)\Sendori\sndappv2.exe
08:49:29.0490 6136  sndappv2 - ok
08:49:29.0513 6136  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:49:29.0555 6136  SNMPTRAP - ok
08:49:29.0613 6136  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:49:29.0626 6136  spldr - ok
08:49:29.0681 6136  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:49:29.0705 6136  Spooler - ok
08:49:29.0904 6136  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:49:30.0083 6136  sppsvc - ok
08:49:30.0241 6136  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:49:30.0858 6136  sppuinotify - ok
08:49:30.0947 6136  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:49:31.0050 6136  srv - ok
08:49:31.0105 6136  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:49:31.0183 6136  srv2 - ok
08:49:31.0347 6136  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
08:49:31.0608 6136  SrvHsfHDA - ok
08:49:31.0726 6136  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:49:31.0801 6136  SrvHsfV92 - ok
08:49:31.0879 6136  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
08:49:31.0922 6136  SrvHsfWinac - ok
08:49:31.0961 6136  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:49:31.0979 6136  srvnet - ok
08:49:32.0176 6136  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:49:32.0307 6136  SSDPSRV - ok
08:49:32.0333 6136  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:49:32.0376 6136  SstpSvc - ok
08:49:32.0539 6136  [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
08:49:32.0569 6136  STacSV - ok
08:49:32.0617 6136  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:49:32.0641 6136  stexstor - ok
08:49:32.0697 6136  [ DDB926338200FC230FC9AAE803D053C2 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
08:49:32.0764 6136  STHDA - ok
08:49:32.0781 6136  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
08:49:32.0810 6136  StillCam - ok
08:49:32.0867 6136  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:49:32.0942 6136  stisvc - ok
08:49:32.0970 6136  [ 3C52D09979C4E808E810CB03D1DF305F ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
08:49:32.0994 6136  SWDUMon - ok
08:49:33.0037 6136  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:49:33.0051 6136  swenum - ok
08:49:33.0089 6136  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:49:33.0163 6136  swprv - ok
08:49:33.0224 6136  [ 3F45C3FE208CA5E68832B65C597A35A6 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
08:49:33.0243 6136  SynTP - ok
08:49:33.0405 6136  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:49:33.0468 6136  SysMain - ok
08:49:33.0524 6136  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:49:33.0550 6136  TabletInputService - ok
08:49:33.0618 6136  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:49:33.0713 6136  TapiSrv - ok
08:49:33.0774 6136  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:49:33.0827 6136  TBS - ok
08:49:34.0076 6136  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:49:34.0154 6136  Tcpip - ok
08:49:34.0309 6136  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:49:34.0360 6136  TCPIP6 - ok
08:49:34.0423 6136  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:49:34.0441 6136  tcpipreg - ok
08:49:34.0475 6136  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:49:34.0542 6136  TDPIPE - ok
08:49:34.0587 6136  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:49:34.0634 6136  TDTCP - ok
08:49:34.0731 6136  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:49:34.0783 6136  tdx - ok
08:49:34.0870 6136  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:49:34.0886 6136  TermDD - ok
08:49:34.0979 6136  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:49:35.0034 6136  TermService - ok
08:49:35.0087 6136  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:49:35.0133 6136  Themes - ok
08:49:35.0160 6136  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:49:35.0199 6136  THREADORDER - ok
08:49:35.0242 6136  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:49:35.0304 6136  TrkWks - ok
08:49:35.0354 6136  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:49:35.0421 6136  TrustedInstaller - ok
08:49:35.0478 6136  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:49:35.0524 6136  tssecsrv - ok
08:49:35.0553 6136  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:49:35.0593 6136  TsUsbFlt - ok
08:49:35.0636 6136  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:49:35.0722 6136  tunnel - ok
08:49:35.0793 6136  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:49:35.0810 6136  uagp35 - ok
08:49:35.0883 6136  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:49:35.0951 6136  udfs - ok
08:49:35.0994 6136  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:49:36.0013 6136  UI0Detect - ok
08:49:36.0096 6136  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:49:36.0110 6136  uliagpkx - ok
08:49:36.0140 6136  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:49:36.0190 6136  umbus - ok
08:49:36.0214 6136  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:49:36.0273 6136  UmPass - ok
08:49:36.0637 6136  [ 0B0B9F55B12767A755932C26B5FED715 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:49:36.0686 6136  UNS - ok
08:49:36.0778 6136  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:49:36.0842 6136  upnphost - ok
08:49:36.0886 6136  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
08:49:36.0924 6136  USBAAPL64 - ok
08:49:36.0994 6136  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:49:37.0009 6136  usbccgp - ok
08:49:37.0040 6136  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:49:37.0090 6136  usbcir - ok
08:49:37.0132 6136  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
08:49:37.0171 6136  usbehci - ok
08:49:37.0245 6136  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:49:37.0292 6136  usbhub - ok
08:49:37.0331 6136  [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:49:37.0372 6136  usbohci - ok
08:49:37.0416 6136  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:49:37.0452 6136  usbprint - ok
08:49:37.0488 6136  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:49:37.0532 6136  USBSTOR - ok
08:49:37.0610 6136  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:49:37.0625 6136  usbuhci - ok
08:49:37.0652 6136  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
08:49:37.0691 6136  usbvideo - ok
08:49:37.0734 6136  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:49:37.0800 6136  UxSms - ok
08:49:37.0814 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
08:49:37.0830 6136  VaultSvc - ok
08:49:37.0862 6136  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:49:37.0876 6136  vdrvroot - ok
08:49:37.0920 6136  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:49:38.0009 6136  vds - ok
08:49:38.0044 6136  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:49:38.0067 6136  vga - ok
08:49:38.0096 6136  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:49:38.0161 6136  VgaSave - ok
08:49:38.0245 6136  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:49:38.0264 6136  vhdmp - ok
08:49:38.0300 6136  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:49:38.0314 6136  viaide - ok
08:49:38.0330 6136  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:49:38.0346 6136  volmgr - ok
08:49:38.0375 6136  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:49:38.0393 6136  volmgrx - ok
08:49:38.0434 6136  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:49:38.0453 6136  volsnap - ok
08:49:38.0480 6136  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:49:38.0496 6136  vsmraid - ok
08:49:38.0558 6136  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:49:38.0627 6136  VSS - ok
08:49:38.0668 6136  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:49:38.0707 6136  vwifibus - ok
08:49:38.0734 6136  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:49:38.0777 6136  vwififlt - ok
08:49:38.0804 6136  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
08:49:38.0847 6136  vwifimp - ok
08:49:38.0895 6136  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:49:38.0957 6136  W32Time - ok
08:49:39.0015 6136  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:49:39.0057 6136  WacomPen - ok
08:49:39.0105 6136  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:49:39.0162 6136  WANARP - ok
08:49:39.0167 6136  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:49:39.0206 6136  Wanarpv6 - ok
08:49:39.0351 6136  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:49:39.0430 6136  WatAdminSvc - ok
08:49:39.0486 6136  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:49:39.0544 6136  wbengine - ok
08:49:39.0599 6136  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:49:39.0622 6136  WbioSrvc - ok
08:49:39.0672 6136  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:49:39.0745 6136  wcncsvc - ok
08:49:39.0775 6136  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:49:39.0811 6136  WcsPlugInService - ok
08:49:39.0839 6136  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:49:39.0853 6136  Wd - ok
08:49:39.0912 6136  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:49:39.0938 6136  Wdf01000 - ok
08:49:39.0964 6136  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:49:40.0000 6136  WdiServiceHost - ok
08:49:40.0006 6136  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:49:40.0029 6136  WdiSystemHost - ok
08:49:40.0053 6136  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
08:49:40.0070 6136  WebClient - ok
08:49:40.0149 6136  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:49:40.0210 6136  Wecsvc - ok
08:49:40.0237 6136  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:49:40.0306 6136  wercplsupport - ok
08:49:40.0338 6136  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:49:40.0402 6136  WerSvc - ok
08:49:40.0441 6136  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:49:40.0483 6136  WfpLwf - ok
08:49:40.0524 6136  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:49:40.0543 6136  WIMMount - ok
08:49:40.0582 6136  WinDefend - ok
08:49:40.0616 6136  WinHttpAutoProxySvc - ok
08:49:40.0669 6136  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:49:40.0741 6136  Winmgmt - ok
08:49:41.0032 6136  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:49:41.0129 6136  WinRM - ok
08:49:41.0176 6136  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:49:41.0212 6136  WinUsb - ok
08:49:41.0260 6136  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:49:41.0311 6136  Wlansvc - ok
08:49:41.0701 6136  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:49:41.0747 6136  wlidsvc - ok
08:49:41.0850 6136  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:49:41.0896 6136  WmiAcpi - ok
08:49:41.0943 6136  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:49:41.0986 6136  wmiApSrv - ok
08:49:42.0018 6136  WMPNetworkSvc - ok
08:49:42.0116 6136  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:49:42.0132 6136  WPCSvc - ok
08:49:42.0246 6136  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:49:42.0265 6136  WPDBusEnum - ok
08:49:42.0319 6136  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:49:42.0388 6136  ws2ifsl - ok
08:49:42.0427 6136  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
08:49:42.0470 6136  wscsvc - ok
08:49:42.0534 6136  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
08:49:42.0578 6136  WSDPrintDevice - ok
08:49:42.0586 6136  WSearch - ok
08:49:42.0726 6136  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:49:42.0780 6136  wuauserv - ok
08:49:42.0826 6136  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:49:42.0875 6136  WudfPf - ok
08:49:42.0904 6136  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:49:42.0937 6136  WUDFRd - ok
08:49:42.0996 6136  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:49:43.0030 6136  wudfsvc - ok
08:49:43.0074 6136  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:49:43.0107 6136  WwanSvc - ok
08:49:43.0185 6136  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:49:43.0202 6136  YahooAUService - ok
08:49:43.0242 6136  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
08:49:43.0319 6136  yukonw7 - ok
08:49:43.0349 6136  ================ Scan global ===============================
08:49:43.0446 6136  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:49:43.0493 6136  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:49:43.0501 6136  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:49:43.0547 6136  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:49:43.0646 6136  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:49:43.0650 6136  [Global] - ok
08:49:43.0650 6136  ================ Scan MBR ==================================
08:49:43.0668 6136  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:49:46.0815 6136  \Device\Harddisk0\DR0 - ok
08:49:46.0816 6136  ================ Scan VBR ==================================
08:49:46.0838 6136  [ 228B2FA333C36706C61EFFF51A3A7183 ] \Device\Harddisk0\DR0\Partition1
08:49:46.0848 6136  \Device\Harddisk0\DR0\Partition1 - ok
08:49:46.0864 6136  [ 87A14B3C77BD9C723350B2B9DB2DEA44 ] \Device\Harddisk0\DR0\Partition2
08:49:46.0874 6136  \Device\Harddisk0\DR0\Partition2 - ok
08:49:46.0934 6136  [ 3297493BC81833840BD9DA12680159BD ] \Device\Harddisk0\DR0\Partition3
08:49:46.0944 6136  \Device\Harddisk0\DR0\Partition3 - ok
08:49:47.0015 6136  [ 9C9A6D808C79475D2D89122EF13E274F ] \Device\Harddisk0\DR0\Partition4
08:49:47.0019 6136  \Device\Harddisk0\DR0\Partition4 - ok
08:49:47.0019 6136  ================ Scan active images ========================
08:49:47.0022 6136  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
08:49:47.0022 6136  C:\Windows\System32\drivers\crashdmp.sys - ok
08:49:47.0025 6136  [ 26CF4275034214ECEDD8EC17B0A18A99 ] C:\Windows\System32\drivers\iaStor.sys
08:49:47.0025 6136  C:\Windows\System32\drivers\iaStor.sys - ok
08:49:47.0029 6136  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
08:49:47.0029 6136  C:\Windows\System32\drivers\dumpfve.sys - ok
08:49:47.0033 6136  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
08:49:47.0033 6136  C:\Windows\System32\drivers\cdrom.sys - ok
08:49:47.0036 6136  [ 52B5F8FAF7E78C02D26B0B6E3A05F596 ] C:\Windows\System32\drivers\aswSnx.sys
08:49:47.0036 6136  C:\Windows\System32\drivers\aswSnx.sys - ok
08:49:47.0040 6136  [ 251360C2FCA22BAFE0583314B3262F98 ] C:\Windows\System32\drivers\aswSP.sys
08:49:47.0040 6136  C:\Windows\System32\drivers\aswSP.sys - ok
08:49:47.0044 6136  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
08:49:47.0044 6136  C:\Windows\System32\drivers\beep.sys - ok
08:49:47.0048 6136  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
08:49:47.0048 6136  C:\Windows\System32\drivers\null.sys - ok
08:49:47.0052 6136  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
08:49:47.0052 6136  C:\Windows\System32\drivers\RDPCDD.sys - ok
08:49:47.0055 6136  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
08:49:47.0055 6136  C:\Windows\System32\drivers\vga.sys - ok
08:49:47.0059 6136  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
08:49:47.0060 6136  C:\Windows\System32\drivers\videoprt.sys - ok
08:49:47.0064 6136  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
08:49:47.0064 6136  C:\Windows\System32\drivers\watchdog.sys - ok
08:49:47.0068 6136  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
08:49:47.0068 6136  C:\Windows\System32\drivers\RDPENCDD.sys - ok
08:49:47.0073 6136  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
08:49:47.0073 6136  C:\Windows\System32\drivers\RDPREFMP.sys - ok
08:49:47.0077 6136  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
08:49:47.0077 6136  C:\Windows\System32\drivers\msfs.sys - ok
08:49:47.0081 6136  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
08:49:47.0081 6136  C:\Windows\System32\drivers\npfs.sys - ok
08:49:47.0085 6136  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
08:49:47.0085 6136  C:\Windows\System32\drivers\tdi.sys - ok
08:49:47.0089 6136  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
08:49:47.0089 6136  C:\Windows\System32\drivers\tdx.sys - ok
08:49:47.0093 6136  [ 79059559E89D06E8B80CE2944BE20228 ] C:\Windows\System32\drivers\afd.sys
08:49:47.0093 6136  C:\Windows\System32\drivers\afd.sys - ok
08:49:47.0098 6136  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
08:49:47.0098 6136  C:\Windows\System32\drivers\netbt.sys - ok
08:49:47.0102 6136  [ 679712B7A353EE665B9301592164A172 ] C:\Windows\System32\drivers\aswRdr2.sys
08:49:47.0102 6136  C:\Windows\System32\drivers\aswRdr2.sys - ok
08:49:47.0107 6136  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
08:49:47.0108 6136  C:\Windows\System32\drivers\netbios.sys - ok
08:49:47.0112 6136  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
08:49:47.0112 6136  C:\Windows\System32\drivers\pacer.sys - ok
08:49:47.0117 6136  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
08:49:47.0117 6136  C:\Windows\System32\drivers\termdd.sys - ok
08:49:47.0121 6136  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
08:49:47.0121 6136  C:\Windows\System32\drivers\vwififlt.sys - ok
08:49:47.0125 6136  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
08:49:47.0125 6136  C:\Windows\System32\drivers\wanarp.sys - ok
08:49:47.0129 6136  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
08:49:47.0129 6136  C:\Windows\System32\drivers\wfplwf.sys - ok
08:49:47.0133 6136  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
08:49:47.0133 6136  C:\Windows\System32\drivers\ws2ifsl.sys - ok
08:49:47.0137 6136  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
08:49:47.0137 6136  C:\Windows\System32\drivers\blbdrive.sys - ok
08:49:47.0141 6136  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
08:49:47.0141 6136  C:\Windows\System32\drivers\dfsc.sys - ok
08:49:47.0144 6136  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
08:49:47.0145 6136  C:\Windows\System32\drivers\discache.sys - ok
08:49:47.0148 6136  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
08:49:47.0148 6136  C:\Windows\System32\drivers\mssmbios.sys - ok
08:49:47.0152 6136  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
08:49:47.0152 6136  C:\Windows\System32\drivers\nsiproxy.sys - ok
08:49:47.0156 6136  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
08:49:47.0156 6136  C:\Windows\System32\drivers\rdbss.sys - ok
08:49:47.0160 6136  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
08:49:47.0160 6136  C:\Windows\System32\drivers\tunnel.sys - ok
08:49:47.0164 6136  [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe
08:49:47.0165 6136  C:\Windows\System32\smss.exe - ok
08:49:47.0169 6136  [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll
08:49:47.0169 6136  C:\Windows\System32\ntdll.dll - ok
08:49:47.0173 6136  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
08:49:47.0173 6136  C:\Windows\System32\autochk.exe - ok
08:49:47.0176 6136  [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] C:\Windows\System32\drivers\igdkmd64.sys
08:49:47.0176 6136  C:\Windows\System32\drivers\igdkmd64.sys - ok
08:49:47.0180 6136  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
08:49:47.0180 6136  C:\Windows\System32\drivers\fastfat.sys - ok
08:49:47.0184 6136  [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys
08:49:47.0184 6136  C:\Windows\System32\drivers\dxgkrnl.sys - ok
08:49:47.0188 6136  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
08:49:47.0188 6136  C:\Windows\System32\drivers\dxgmms1.sys - ok
08:49:47.0192 6136  [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
08:49:47.0192 6136  C:\Windows\System32\drivers\HECIx64.sys - ok
08:49:47.0196 6136  [ 12FEB33791920678F8433701C822BCFD ] C:\Windows\System32\drivers\usbport.sys
08:49:47.0196 6136  C:\Windows\System32\drivers\usbport.sys - ok
08:49:47.0200 6136  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
08:49:47.0200 6136  C:\Windows\System32\drivers\hdaudbus.sys - ok
08:49:47.0203 6136  [ 18A85013A3E0F7E1755365D287443965 ] C:\Windows\System32\drivers\usbehci.sys
08:49:47.0203 6136  C:\Windows\System32\drivers\usbehci.sys - ok
08:49:47.0207 6136  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
08:49:47.0207 6136  C:\Windows\System32\drivers\Rt64win7.sys - ok
08:49:47.0211 6136  [ B4421D8CDADC441F76BA39532A3E3414 ] C:\Windows\System32\drivers\athrx.sys
08:49:47.0211 6136  C:\Windows\System32\drivers\athrx.sys - ok
08:49:47.0214 6136  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
08:49:47.0214 6136  C:\Windows\System32\drivers\i8042prt.sys - ok
08:49:47.0218 6136  [ CFDFD15D2D26BB50B6F4BF2D4FE6FA70 ] C:\Windows\System32\drivers\RtsPStor.sys
08:49:47.0218 6136  C:\Windows\System32\drivers\RtsPStor.sys - ok
08:49:47.0222 6136  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
08:49:47.0222 6136  C:\Windows\System32\drivers\vwifibus.sys - ok
08:49:47.0226 6136  [ FFA06EF43987ED0DD42AD59B260C0C78 ] C:\Windows\System32\drivers\usbd.sys
08:49:47.0226 6136  C:\Windows\System32\drivers\usbd.sys - ok
08:49:47.0231 6136  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
08:49:47.0231 6136  C:\Windows\System32\drivers\kbdclass.sys - ok
08:49:47.0235 6136  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
08:49:47.0235 6136  C:\Windows\System32\drivers\mouclass.sys - ok
08:49:47.0239 6136  [ 3F45C3FE208CA5E68832B65C597A35A6 ] C:\Windows\System32\drivers\SynTP.sys
08:49:47.0239 6136  C:\Windows\System32\drivers\SynTP.sys - ok
08:49:47.0243 6136  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
08:49:47.0243 6136  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
08:49:47.0247 6136  [ DD587A55390ED2295BCE6D36AD567DA9 ] C:\Windows\System32\drivers\Impcd.sys
08:49:47.0247 6136  C:\Windows\System32\drivers\Impcd.sys - ok
08:49:47.0251 6136  [ 19555D03CB179BED8B8AAA239A36BDA4 ] C:\Windows\System32\drivers\Smb_driver_Intel.sys
08:49:47.0251 6136  C:\Windows\System32\drivers\Smb_driver_Intel.sys - ok
08:49:47.0256 6136  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
08:49:47.0256 6136  C:\Windows\System32\drivers\CmBatt.sys - ok
08:49:47.0260 6136  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
08:49:47.0260 6136  C:\Windows\System32\drivers\CompositeBus.sys - ok
08:49:47.0263 6136  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
08:49:47.0263 6136  C:\Windows\System32\drivers\intelppm.sys - ok
08:49:47.0267 6136  [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
08:49:47.0267 6136  C:\Windows\System32\drivers\serscan.sys - ok
08:49:47.0271 6136  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
08:49:47.0271 6136  C:\Windows\System32\drivers\wmiacpi.sys - ok
08:49:47.0275 6136  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
08:49:47.0275 6136  C:\Windows\System32\drivers\agilevpn.sys - ok
08:49:47.0279 6136  [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
08:49:47.0279 6136  C:\Windows\System32\drivers\clwvd.sys - ok
08:49:47.0282 6136  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
08:49:47.0282 6136  C:\Windows\System32\drivers\ks.sys - ok
08:49:47.0286 6136  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
08:49:47.0286 6136  C:\Windows\System32\drivers\ksthunk.sys - ok
08:49:47.0290 6136  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
08:49:47.0290 6136  C:\Windows\System32\drivers\ndistapi.sys - ok
08:49:47.0293 6136  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
08:49:47.0293 6136  C:\Windows\System32\drivers\ndiswan.sys - ok
08:49:47.0297 6136  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
08:49:47.0297 6136  C:\Windows\System32\drivers\rasl2tp.sys - ok
08:49:47.0300 6136  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
08:49:47.0300 6136  C:\Windows\System32\drivers\raspppoe.sys - ok
08:49:47.0304 6136  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
08:49:47.0304 6136  C:\Windows\System32\drivers\raspptp.sys - ok
08:49:47.0308 6136  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
08:49:47.0308 6136  C:\Windows\System32\drivers\rassstp.sys - ok
08:49:47.0312 6136  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
08:49:47.0312 6136  C:\Windows\System32\drivers\swenum.sys - ok
08:49:47.0315 6136  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
08:49:47.0315 6136  C:\Windows\System32\drivers\umbus.sys - ok
08:49:47.0319 6136  [ 8D1196CFBB223621F2C67D45710F25BA ] C:\Windows\System32\drivers\usbhub.sys
08:49:47.0320 6136  C:\Windows\System32\drivers\usbhub.sys - ok
08:49:47.0324 6136  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
08:49:47.0324 6136  C:\Windows\System32\drivers\ndproxy.sys - ok
08:49:47.0328 6136  [ E0D3CD5841E5C7BE7B94BA946AF1E498 ] C:\Windows\System32\drivers\drmk.sys
08:49:47.0328 6136  C:\Windows\System32\drivers\drmk.sys - ok
08:49:47.0333 6136  [ 1E0B4CBBA91C6B041A14ECC2186F7E24 ] C:\Windows\System32\drivers\portcls.sys
08:49:47.0333 6136  C:\Windows\System32\drivers\portcls.sys - ok
08:49:47.0337 6136  [ DDB926338200FC230FC9AAE803D053C2 ] C:\Windows\System32\drivers\stwrt64.sys
08:49:47.0337 6136  C:\Windows\System32\drivers\stwrt64.sys - ok
08:49:47.0341 6136  [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
08:49:47.0341 6136  C:\Windows\System32\drivers\IntcDAud.sys - ok
08:49:47.0345 6136  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
08:49:47.0345 6136  C:\Windows\System32\clbcatq.dll - ok
08:49:47.0349 6136  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
08:49:47.0349 6136  C:\Windows\System32\normaliz.dll - ok
08:49:47.0353 6136  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
08:49:47.0353 6136  C:\Windows\System32\nsi.dll - ok
08:49:47.0357 6136  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
08:49:47.0357 6136  C:\Windows\System32\setupapi.dll - ok
08:49:47.0361 6136  [ D8973E71F1B35CD3F3DEA7C12D49D0F0 ] C:\Windows\System32\kernel32.dll
08:49:47.0362 6136  C:\Windows\System32\kernel32.dll - ok
08:49:47.0366 6136  [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll
08:49:47.0366 6136  C:\Windows\System32\lpk.dll - ok
08:49:47.0370 6136  [ DCA68B0943D6FA415F0C56C92158A83A ] C:\Windows\System32\drivers\usbccgp.sys
08:49:47.0370 6136  C:\Windows\System32\drivers\usbccgp.sys - ok
08:49:47.0374 6136  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] C:\Windows\System32\drivers\usbvideo.sys
08:49:47.0374 6136  C:\Windows\System32\drivers\usbvideo.sys - ok
08:49:47.0378 6136  [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll
08:49:47.0378 6136  C:\Windows\System32\shell32.dll - ok
08:49:47.0382 6136  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
08:49:47.0382 6136  C:\Windows\System32\user32.dll - ok
08:49:47.0386 6136  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
08:49:47.0386 6136  C:\Windows\System32\ws2_32.dll - ok
08:49:47.0390 6136  [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll
08:49:47.0390 6136  C:\Windows\System32\advapi32.dll - ok
08:49:47.0394 6136  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
08:49:47.0394 6136  C:\Windows\System32\ole32.dll - ok
08:49:47.0398 6136  [ 9B6678DB9C6A232C5A84D2FDFFF8B0E1 ] C:\Windows\System32\wininet.dll
08:49:47.0398 6136  C:\Windows\System32\wininet.dll - ok
08:49:47.0402 6136  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
08:49:47.0402 6136  C:\Windows\System32\comdlg32.dll - ok
08:49:47.0406 6136  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
08:49:47.0406 6136  C:\Windows\System32\imm32.dll - ok
08:49:47.0410 6136  [ 7016991D493B9F9FA492E75BD13D031D ] C:\Windows\System32\iertutil.dll
08:49:47.0410 6136  C:\Windows\System32\iertutil.dll - ok
08:49:47.0414 6136  [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll
08:49:47.0414 6136  C:\Windows\System32\rpcrt4.dll - ok
08:49:47.0418 6136  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
08:49:47.0418 6136  C:\Windows\System32\msvcrt.dll - ok
08:49:47.0422 6136  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
08:49:47.0422 6136  C:\Windows\System32\oleaut32.dll - ok
08:49:47.0426 6136  [ B4F29F65AD3114051F01E9403346047F ] C:\Windows\System32\imagehlp.dll
08:49:47.0426 6136  C:\Windows\System32\imagehlp.dll - ok
08:49:47.0430 6136  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
08:49:47.0430 6136  C:\Windows\System32\usp10.dll - ok
08:49:47.0434 6136  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
08:49:47.0434 6136  C:\Windows\System32\msctf.dll - ok
08:49:47.0439 6136  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
08:49:47.0439 6136  C:\Windows\System32\difxapi.dll - ok
08:49:47.0443 6136  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
08:49:47.0443 6136  C:\Windows\System32\sechost.dll - ok
08:49:47.0446 6136  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
08:49:47.0446 6136  C:\Windows\System32\shlwapi.dll - ok
08:49:47.0449 6136  [ C8CF11D73017CC588411FCB936891CF4 ] C:\Windows\System32\urlmon.dll
08:49:47.0450 6136  C:\Windows\System32\urlmon.dll - ok
08:49:47.0453 6136  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
08:49:47.0453 6136  C:\Windows\System32\Wldap32.dll - ok
08:49:47.0456 6136  [ 56325BB1FF19F2A5AC8713756AC41140 ] C:\Windows\System32\gdi32.dll
08:49:47.0456 6136  C:\Windows\System32\gdi32.dll - ok
08:49:47.0460 6136  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
08:49:47.0460 6136  C:\Windows\System32\psapi.dll - ok
08:49:47.0464 6136  [ 780F6ECC4F55D76C9730E6B6C9B31913 ] C:\Windows\System32\crypt32.dll
08:49:47.0464 6136  C:\Windows\System32\crypt32.dll - ok
08:49:47.0468 6136  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll
08:49:47.0469 6136  C:\Windows\System32\comctl32.dll - ok
08:49:47.0473 6136  [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll
08:49:47.0473 6136  C:\Windows\System32\wintrust.dll - ok
08:49:47.0477 6136  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
08:49:47.0477 6136  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
08:49:47.0482 6136  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
08:49:47.0482 6136  C:\Windows\System32\cfgmgr32.dll - ok
08:49:47.0486 6136  [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll
08:49:47.0486 6136  C:\Windows\System32\KernelBase.dll - ok
08:49:47.0490 6136  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
08:49:47.0490 6136  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
08:49:47.0494 6136  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
08:49:47.0495 6136  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
08:49:47.0499 6136  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
08:49:47.0499 6136  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
08:49:47.0504 6136  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
08:49:47.0505 6136  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
08:49:47.0510 6136  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
08:49:47.0510 6136  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
08:49:47.0514 6136  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
08:49:47.0514 6136  C:\Windows\System32\devobj.dll - ok
08:49:47.0520 6136  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
08:49:47.0520 6136  C:\Windows\System32\msasn1.dll - ok
08:49:47.0524 6136  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
08:49:47.0524 6136  C:\Windows\SysWOW64\normaliz.dll - ok
08:49:47.0528 6136  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
08:49:47.0528 6136  C:\Windows\System32\drivers\dxapi.sys - ok
08:49:47.0533 6136  [ F2BF71FCEAB8FB8A691408C478E2FF4C ] C:\Windows\System32\win32k.sys
08:49:47.0533 6136  C:\Windows\System32\win32k.sys - ok
08:49:47.0537 6136  [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll
08:49:47.0537 6136  C:\Windows\System32\csrsrv.dll - ok
08:49:47.0542 6136  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
08:49:47.0542 6136  C:\Windows\System32\csrss.exe - ok
08:49:47.0546 6136  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
08:49:47.0546 6136  C:\Windows\System32\basesrv.dll - ok
08:49:47.0549 6136  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll
08:49:47.0549 6136  C:\Windows\System32\winsrv.dll - ok
08:49:47.0553 6136  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
08:49:47.0553 6136  C:\Windows\System32\drivers\monitor.sys - ok
08:49:47.0558 6136  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
08:49:47.0558 6136  C:\Windows\System32\sxssrv.dll - ok
08:49:47.0561 6136  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
08:49:47.0562 6136  C:\Windows\System32\tsddd.dll - ok
08:49:47.0566 6136  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
08:49:47.0566 6136  C:\Windows\System32\wininit.exe - ok
08:49:47.0569 6136  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
08:49:47.0570 6136  C:\Windows\System32\cdd.dll - ok
08:49:47.0574 6136  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
08:49:47.0574 6136  C:\Windows\System32\KBDUS.DLL - ok
08:49:47.0578 6136  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
08:49:47.0578 6136  C:\Windows\System32\profapi.dll - ok
08:49:47.0584 6136  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
08:49:47.0584 6136  C:\Windows\System32\RpcRtRemote.dll - ok
08:49:47.0589 6136  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
08:49:47.0589 6136  C:\Windows\System32\sxs.dll - ok
08:49:47.0595 6136  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
08:49:47.0595 6136  C:\Windows\System32\WlS0WndH.dll - ok
08:49:47.0601 6136  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
08:49:47.0601 6136  C:\Windows\System32\cryptbase.dll - ok
08:49:47.0607 6136  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
08:49:47.0607 6136  C:\Windows\System32\apphelp.dll - ok
08:49:47.0614 6136  [ 086F906B1D30C0A5D35FE0F6362DAB21 ] C:\Windows\System32\lsasrv.dll
08:49:47.0614 6136  C:\Windows\System32\lsasrv.dll - ok
08:49:47.0619 6136  [ 4D71227301DD8D09097B9E4CC6527E5A ] C:\Windows\System32\lsass.exe
08:49:47.0619 6136  C:\Windows\System32\lsass.exe - ok
08:49:47.0623 6136  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
08:49:47.0623 6136  C:\Windows\System32\lsm.exe - ok
08:49:47.0627 6136  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
08:49:47.0627 6136  C:\Windows\System32\services.exe - ok
08:49:47.0631 6136  [ 7C46EC9CCDE6E793713FA01DB2EB918E ] C:\Windows\System32\sspisrv.dll
08:49:47.0631 6136  C:\Windows\System32\sspisrv.dll - ok
08:49:47.0635 6136  [ B08EA91C774AA734E0B9881F85CD9F42 ] C:\Windows\System32\sspicli.dll
08:49:47.0635 6136  C:\Windows\System32\sspicli.dll - ok
08:49:47.0639 6136  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
08:49:47.0639 6136  C:\Windows\System32\scesrv.dll - ok
08:49:47.0643 6136  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
08:49:47.0643 6136  C:\Windows\System32\scext.dll - ok
08:49:47.0647 6136  [ 208EAAFF40DA400190AA0605C797BEA2 ] C:\Windows\System32\secur32.dll
08:49:47.0647 6136  C:\Windows\System32\secur32.dll - ok
08:49:47.0651 6136  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
08:49:47.0651 6136  C:\Windows\System32\winlogon.exe - ok
08:49:47.0656 6136  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
08:49:47.0656 6136  C:\Windows\System32\samsrv.dll - ok
08:49:47.0661 6136  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
08:49:47.0661 6136  C:\Windows\System32\winsta.dll - ok
08:49:47.0667 6136  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
08:49:47.0667 6136  C:\Windows\System32\srvcli.dll - ok
08:49:47.0671 6136  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
08:49:47.0672 6136  C:\Windows\System32\aelupsvc.dll - ok
08:49:47.0676 6136  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
08:49:47.0676 6136  C:\Windows\System32\sysntfy.dll - ok
08:49:47.0680 6136  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
08:49:47.0680 6136  C:\Windows\System32\wmsgapi.dll - ok
08:49:47.0684 6136  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
08:49:47.0684 6136  C:\Windows\System32\cryptdll.dll - ok
08:49:47.0688 6136  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
08:49:47.0688 6136  C:\Windows\System32\wevtapi.dll - ok
08:49:47.0691 6136  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
08:49:47.0691 6136  C:\Windows\System32\authz.dll - ok
08:49:47.0695 6136  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
08:49:47.0695 6136  C:\Windows\System32\cngaudit.dll - ok
08:49:47.0698 6136  [ 747B9BA5412422F27934CB21131F0A3E ] C:\Windows\System32\ncrypt.dll
08:49:47.0698 6136  C:\Windows\System32\ncrypt.dll - ok
08:49:47.0702 6136  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
08:49:47.0702 6136  C:\Windows\System32\bcrypt.dll - ok
08:49:47.0704 6136  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
08:49:47.0704 6136  C:\Windows\System32\msprivs.dll - ok
08:49:47.0709 6136  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
08:49:47.0709 6136  C:\Windows\System32\netjoin.dll - ok
08:49:47.0714 6136  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
08:49:47.0714 6136  C:\Windows\System32\kerberos.dll - ok
08:49:47.0718 6136  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
08:49:47.0718 6136  C:\Windows\System32\negoexts.dll - ok
08:49:47.0722 6136  [ E1BB958681BE311E7CFF06CFEC5F1F2B ] C:\Windows\System32\atmfd.dll
08:49:47.0722 6136  C:\Windows\System32\atmfd.dll - ok
08:49:47.0727 6136  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
08:49:47.0727 6136  C:\Windows\System32\version.dll - ok
08:49:47.0731 6136  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
08:49:47.0731 6136  C:\Windows\System32\cryptsp.dll - ok
08:49:47.0735 6136  [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll
08:49:47.0735 6136  C:\Windows\System32\mswsock.dll - ok
08:49:47.0739 6136  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
08:49:47.0739 6136  C:\Windows\System32\msv1_0.dll - ok
08:49:47.0743 6136  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
08:49:47.0743 6136  C:\Windows\System32\wship6.dll - ok
08:49:47.0746 6136  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
08:49:47.0746 6136  C:\Windows\System32\netlogon.dll - ok
08:49:47.0749 6136  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
08:49:47.0749 6136  C:\Windows\System32\dnsapi.dll - ok
08:49:47.0753 6136  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
08:49:47.0753 6136  C:\Windows\System32\logoncli.dll - ok
08:49:47.0757 6136  [ 31FFED18C7B836CEC1B559347E32E151 ] C:\Windows\System32\schannel.dll
08:49:47.0757 6136  C:\Windows\System32\schannel.dll - ok
08:49:47.0760 6136  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
08:49:47.0760 6136  C:\Windows\System32\wdigest.dll - ok
08:49:47.0763 6136  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
08:49:47.0764 6136  C:\Windows\System32\rsaenh.dll - ok
08:49:47.0767 6136  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
08:49:47.0767 6136  C:\Windows\System32\pku2u.dll - ok
08:49:47.0771 6136  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
08:49:47.0771 6136  C:\Windows\System32\TSpkg.dll - ok
08:49:47.0776 6136  [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
08:49:47.0776 6136  C:\Windows\System32\LIVESSP.DLL - ok
08:49:47.0781 6136  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
08:49:47.0781 6136  C:\Windows\System32\bcryptprimitives.dll - ok
08:49:47.0785 6136  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
08:49:47.0785 6136  C:\Windows\System32\credssp.dll - ok
08:49:47.0790 6136  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
08:49:47.0790 6136  C:\Windows\System32\efslsaext.dll - ok
08:49:47.0794 6136  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
08:49:47.0794 6136  C:\Windows\System32\scecli.dll - ok
08:49:47.0798 6136  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
08:49:47.0798 6136  C:\Windows\System32\alg.exe - ok
08:49:47.0803 6136  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
08:49:47.0803 6136  C:\Windows\System32\appidsvc.dll - ok
08:49:47.0807 6136  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
08:49:47.0807 6136  C:\Windows\System32\appinfo.dll - ok
08:49:47.0811 6136  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
08:49:47.0811 6136  C:\Windows\System32\rascfg.dll - ok
08:49:47.0815 6136  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
08:49:47.0815 6136  C:\Windows\System32\audiosrv.dll - ok
08:49:47.0818 6136  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
08:49:47.0819 6136  C:\Windows\System32\AxInstSv.dll - ok
08:49:47.0822 6136  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
08:49:47.0822 6136  C:\Windows\System32\bdesvc.dll - ok
08:49:47.0826 6136  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
08:49:47.0826 6136  C:\Windows\System32\BFE.DLL - ok
08:49:47.0829 6136  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
08:49:47.0829 6136  C:\Windows\System32\qmgr.dll - ok
08:49:47.0832 6136  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
08:49:47.0833 6136  C:\Windows\System32\browser.dll - ok
08:49:47.0837 6136  [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll
08:49:47.0837 6136  C:\Windows\System32\bridgeres.dll - ok
08:49:47.0841 6136  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
08:49:47.0841 6136  C:\Windows\System32\bthserv.dll - ok
08:49:47.0844 6136  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
08:49:47.0844 6136  C:\Windows\System32\certprop.dll - ok
08:49:47.0848 6136  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
08:49:47.0848 6136  C:\Windows\System32\clfs.sys - ok
08:49:47.0851 6136  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
08:49:47.0851 6136  C:\Windows\System32\comres.dll - ok
08:49:47.0855 6136  [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll
08:49:47.0855 6136  C:\Windows\System32\cryptsvc.dll - ok
08:49:47.0858 6136  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
08:49:47.0858 6136  C:\Windows\System32\oleres.dll - ok
08:49:47.0862 6136  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
08:49:47.0862 6136  C:\Windows\System32\defragsvc.dll - ok
08:49:47.0865 6136  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
08:49:47.0865 6136  C:\Windows\System32\dhcpcore.dll - ok
08:49:47.0868 6136  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
08:49:47.0869 6136  C:\Windows\System32\dot3svc.dll - ok
08:49:47.0872 6136  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
08:49:47.0872 6136  C:\Windows\System32\dps.dll - ok
08:49:47.0876 6136  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
08:49:47.0876 6136  C:\Windows\System32\eapsvc.dll - ok
08:49:47.0879 6136  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
08:49:47.0879 6136  C:\Windows\System32\efssvc.dll - ok
08:49:47.0882 6136  [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
08:49:47.0883 6136  C:\Windows\ehome\ehrecvr.exe - ok
08:49:47.0886 6136  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
08:49:47.0886 6136  C:\Windows\ehome\ehsched.exe - ok
08:49:47.0889 6136  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
08:49:47.0889 6136  C:\Windows\System32\wevtsvc.dll - ok
08:49:47.0893 6136  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
08:49:47.0893 6136  C:\Windows\System32\FXSRESM.dll - ok
08:49:47.0897 6136  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
08:49:47.0897 6136  C:\Windows\System32\fdPHost.dll - ok
08:49:47.0901 6136  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
08:49:47.0901 6136  C:\Windows\System32\drivers\fileinfo.sys - ok
08:49:47.0905 6136  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
08:49:47.0905 6136  C:\Windows\System32\FDResPub.dll - ok
08:49:47.0910 6136  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
08:49:47.0910 6136  C:\Windows\System32\drivers\filetrace.sys - ok
08:49:47.0915 6136  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
08:49:47.0915 6136  C:\Windows\System32\drivers\fltMgr.sys - ok
08:49:47.0920 6136  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
08:49:47.0920 6136  C:\Windows\System32\FntCache.dll - ok
08:49:47.0924 6136  [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
08:49:47.0924 6136  C:\Windows\System32\PresentationHost.exe - ok
08:49:47.0928 6136  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
08:49:47.0928 6136  C:\Windows\System32\drivers\fsdepends.sys - ok
08:49:47.0931 6136  [ 8F6322049018354F45F05A2FD2D4E5E0 ] C:\Windows\System32\drivers\fvevol.sys
08:49:47.0931 6136  C:\Windows\System32\drivers\fvevol.sys - ok
08:49:47.0935 6136  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
08:49:47.0935 6136  C:\Windows\System32\gpapi.dll - ok
08:49:47.0938 6136  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
08:49:47.0938 6136  C:\Windows\System32\hidserv.dll - ok
08:49:47.0942 6136  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
08:49:47.0942 6136  C:\Windows\System32\KMSVC.DLL - ok
08:49:47.0945 6136  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
08:49:47.0945 6136  C:\Windows\System32\ListSvc.dll - ok
08:49:47.0951 6136  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
08:49:47.0951 6136  C:\Windows\System32\provsvc.dll - ok
08:49:47.0956 6136  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
08:49:47.0956 6136  C:\Windows\System32\drivers\http.sys - ok
08:49:47.0958 6136  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
08:49:47.0958 6136  C:\Windows\System32\drivers\hwpolicy.sys - ok
08:49:47.0963 6136  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
08:49:47.0963 6136  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
08:49:47.0967 6136  [ FB13F4873F6747AB4E3C37CAFEA8ACAE ] C:\Windows\System32\ieetwcollectorres.dll
08:49:47.0967 6136  C:\Windows\System32\ieetwcollectorres.dll - ok
08:49:47.0971 6136  [ 344789398EC3EE5A4E00C52B31847946 ] C:\Windows\System32\IKEEXT.DLL
08:49:47.0971 6136  C:\Windows\System32\IKEEXT.DLL - ok
08:49:47.0975 6136  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
08:49:47.0975 6136  C:\Windows\System32\IPBusEnum.dll - ok
08:49:47.0979 6136  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
08:49:47.0979 6136  C:\Windows\System32\iphlpsvc.dll - ok
08:49:47.0983 6136  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
08:49:47.0983 6136  C:\Windows\System32\drivers\irenum.sys - ok
08:49:47.0986 6136  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
08:49:47.0986 6136  C:\Windows\System32\keyiso.dll - ok
08:49:47.0990 6136  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
08:49:47.0990 6136  C:\Windows\System32\srvsvc.dll - ok
08:49:47.0993 6136  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
08:49:47.0993 6136  C:\Windows\System32\wkssvc.dll - ok
08:49:47.0997 6136  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
08:49:47.0997 6136  C:\Windows\System32\drivers\luafv.sys - ok
08:49:48.0000 6136  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
08:49:48.0000 6136  C:\Windows\System32\lltdres.dll - ok
08:49:48.0004 6136  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
08:49:48.0004 6136  C:\Windows\System32\lmhsvc.dll - ok
08:49:48.0007 6136  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
08:49:48.0007 6136  C:\Windows\ehome\ehres.dll - ok
08:49:48.0011 6136  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
08:49:48.0011 6136  C:\Windows\System32\drivers\mountmgr.sys - ok
08:49:48.0014 6136  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
08:49:48.0014 6136  C:\Windows\System32\mmcss.dll - ok
08:49:48.0018 6136  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
08:49:48.0018 6136  C:\Windows\System32\FirewallAPI.dll - ok
08:49:48.0022 6136  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] C:\Windows\System32\WebClnt.dll
08:49:48.0022 6136  C:\Windows\System32\WebClnt.dll - ok
08:49:48.0026 6136  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
08:49:48.0026 6136  C:\Windows\System32\drivers\mshidkmdf.sys - ok
08:49:48.0030 6136  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
08:49:48.0031 6136  C:\Windows\System32\iscsidsc.dll - ok
08:49:48.0035 6136  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
08:49:48.0035 6136  C:\Windows\System32\msimsg.dll - ok
08:49:48.0038 6136  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
08:49:48.0038 6136  C:\Windows\System32\drivers\mup.sys - ok
08:49:48.0042 6136  [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
08:49:48.0042 6136  C:\Windows\System32\drivers\ndis.sys - ok
08:49:48.0045 6136  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
08:49:48.0045 6136  C:\Windows\System32\QAGENTRT.DLL - ok
08:49:48.0049 6136  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
08:49:48.0049 6136  C:\Windows\System32\netman.dll - ok
08:49:48.0053 6136  [ 82C136E9E2FA0B1CFBA49BC7A18F72FD ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll
08:49:48.0053 6136  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll - ok
08:49:48.0057 6136  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
08:49:48.0057 6136  C:\Windows\System32\netprofm.dll - ok
08:49:48.0061 6136  [ B26B5EB92C3D91885CC8595B03DFB3DB ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
08:49:48.0061 6136  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
08:49:48.0065 6136  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
08:49:48.0065 6136  C:\Windows\System32\nlasvc.dll - ok
08:49:48.0069 6136  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
08:49:48.0069 6136  C:\Windows\System32\nsisvc.dll - ok
08:49:48.0073 6136  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
08:49:48.0073 6136  C:\Windows\System32\pnrpsvc.dll - ok
08:49:48.0077 6136  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
08:49:48.0077 6136  C:\Windows\System32\drivers\partmgr.sys - ok
08:49:48.0080 6136  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
08:49:48.0080 6136  C:\Windows\System32\p2psvc.dll - ok
08:49:48.0084 6136  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
08:49:48.0084 6136  C:\Windows\System32\pcasvc.dll - ok
08:49:48.0088 6136  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
08:49:48.0088 6136  C:\Windows\System32\pla.dll - ok
08:49:48.0092 6136  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
08:49:48.0092 6136  C:\Windows\System32\umpnpmgr.dll - ok
08:49:48.0096 6136  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
08:49:48.0096 6136  C:\Windows\System32\pnrpauto.dll - ok
08:49:48.0100 6136  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
08:49:48.0100 6136  C:\Windows\System32\polstore.dll - ok
08:49:48.0105 6136  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
08:49:48.0105 6136  C:\Windows\System32\umpo.dll - ok
08:49:48.0110 6136  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
08:49:48.0110 6136  C:\Windows\System32\profsvc.dll - ok
08:49:48.0114 6136  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
08:49:48.0114 6136  C:\Windows\System32\psbase.dll - ok
08:49:48.0118 6136  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
08:49:48.0118 6136  C:\Windows\System32\qwave.dll - ok
08:49:48.0122 6136  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
08:49:48.0122 6136  C:\Windows\System32\drivers\qwavedrv.sys - ok
08:49:48.0125 6136  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
08:49:48.0126 6136  C:\Windows\System32\rasauto.dll - ok
08:49:48.0129 6136  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
08:49:48.0129 6136  C:\Windows\System32\rasmans.dll - ok
08:49:48.0132 6136  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
08:49:48.0132 6136  C:\Windows\System32\sstpsvc.dll - ok
08:49:48.0136 6136  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
08:49:48.0136 6136  C:\Windows\System32\mprdim.dll - ok
08:49:48.0139 6136  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
08:49:48.0139 6136  C:\Windows\System32\regsvc.dll - ok
08:49:48.0143 6136  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
08:49:48.0143 6136  C:\Windows\System32\RpcEpMap.dll - ok
08:49:48.0146 6136  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
08:49:48.0146 6136  C:\Windows\System32\Locator.exe - ok
08:49:48.0150 6136  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
08:49:48.0150 6136  C:\Windows\System32\SCardSvr.dll - ok
08:49:48.0153 6136  [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
08:49:48.0154 6136  C:\Windows\System32\drivers\scfilter.sys - ok
08:49:48.0157 6136  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
08:49:48.0157 6136  C:\Windows\System32\schedsvc.dll - ok
08:49:48.0161 6136  [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
08:49:48.0161 6136  C:\Windows\System32\sdrsvc.dll - ok
08:49:48.0165 6136  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
08:49:48.0165 6136  C:\Windows\System32\seclogon.dll - ok
08:49:48.0169 6136  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
08:49:48.0169 6136  C:\Windows\System32\Sens.dll - ok
08:49:48.0173 6136  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
08:49:48.0173 6136  C:\Windows\System32\sensrsvc.dll - ok
08:49:48.0177 6136  [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
08:49:48.0177 6136  C:\Windows\System32\SessEnv.dll - ok
08:49:48.0181 6136  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
08:49:48.0181 6136  C:\Windows\System32\ipnathlp.dll - ok
08:49:48.0185 6136  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
08:49:48.0185 6136  C:\Windows\System32\shsvcs.dll - ok
08:49:48.0189 6136  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
08:49:48.0189 6136  C:\Windows\System32\tcpipcfg.dll - ok
08:49:48.0193 6136  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
08:49:48.0193 6136  C:\Windows\System32\snmptrap.exe - ok
08:49:48.0197 6136  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
08:49:48.0197 6136  C:\Windows\System32\sppsvc.exe - ok
08:49:48.0200 6136  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
08:49:48.0200 6136  C:\Windows\System32\sppuinotify.dll - ok
08:49:48.0204 6136  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
08:49:48.0204 6136  C:\Windows\System32\ssdpsrv.dll - ok
08:49:48.0208 6136  [ FB4580C75A21EC408D1D2EF2DC37A321 ] C:\Windows\System32\stlang64.dll
08:49:48.0208 6136  C:\Windows\System32\stlang64.dll - ok
08:49:48.0212 6136  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
08:49:48.0212 6136  C:\Windows\System32\wiaservc.dll - ok
08:49:48.0216 6136  [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
08:49:48.0216 6136  C:\Windows\System32\swprv.dll - ok
08:49:48.0220 6136  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
08:49:48.0220 6136  C:\Windows\System32\sysmain.dll - ok
08:49:48.0224 6136  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
08:49:48.0224 6136  C:\Windows\System32\TabSvc.dll - ok
08:49:48.0227 6136  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
08:49:48.0228 6136  C:\Windows\System32\tapisrv.dll - ok
08:49:48.0231 6136  [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
08:49:48.0231 6136  C:\Windows\System32\tbssvc.dll - ok
08:49:48.0234 6136  [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
08:49:48.0234 6136  C:\Windows\System32\termsrv.dll - ok
08:49:48.0238 6136  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
08:49:48.0238 6136  C:\Windows\System32\themeservice.dll - ok
08:49:48.0242 6136  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
08:49:48.0242 6136  C:\Windows\System32\trkwks.dll - ok
08:49:48.0245 6136  [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
08:49:48.0245 6136  C:\Windows\servicing\TrustedInstaller.exe - ok
08:49:48.0249 6136  [ 4CE278FC9671BA81A138D70823FCAA09 ] C:\Windows\System32\drivers\tssecsrv.sys
08:49:48.0249 6136  C:\Windows\System32\drivers\tssecsrv.sys - ok
08:49:48.0252 6136  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
08:49:48.0252 6136  C:\Windows\System32\UI0Detect.exe - ok
08:49:48.0256 6136  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
08:49:48.0256 6136  C:\Windows\System32\upnphost.dll - ok
08:49:48.0260 6136  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
08:49:48.0260 6136  C:\Windows\System32\dwm.exe - ok
08:49:48.0263 6136  [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
08:49:48.0263 6136  C:\Windows\System32\vaultsvc.dll - ok
08:49:48.0267 6136  [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
08:49:48.0267 6136  C:\Windows\System32\vds.exe - ok
08:49:48.0271 6136  [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
08:49:48.0271 6136  C:\Windows\System32\drivers\volmgrx.sys - ok
08:49:48.0275 6136  [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
08:49:48.0275 6136  C:\Windows\System32\VSSVC.exe - ok
08:49:48.0278 6136  [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
08:49:48.0278 6136  C:\Windows\System32\w32time.dll - ok
08:49:48.0282 6136  [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
08:49:48.0282 6136  C:\Windows\System32\Wat\WatUX.exe - ok
08:49:48.0285 6136  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
08:49:48.0285 6136  C:\Windows\System32\wbengine.exe - ok
08:49:48.0289 6136  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
08:49:48.0289 6136  C:\Windows\System32\wbiosrvc.dll - ok
08:49:48.0293 6136  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
08:49:48.0293 6136  C:\Windows\System32\wcncsvc.dll - ok
08:49:48.0296 6136  [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
08:49:48.0296 6136  C:\Windows\System32\WcsPlugInService.dll - ok
08:49:48.0300 6136  [ E2C933EDBC389386EBE6D2BA953F43D8 ] C:\Windows\System32\drivers\Wdf01000.sys
08:49:48.0300 6136  C:\Windows\System32\drivers\Wdf01000.sys - ok
08:49:48.0304 6136  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
08:49:48.0304 6136  C:\Windows\System32\wdi.dll - ok
08:49:48.0308 6136  [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
08:49:48.0308 6136  C:\Windows\System32\wecsvc.dll - ok
08:49:48.0312 6136  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
08:49:48.0312 6136  C:\Windows\System32\wercplsupport.dll - ok
08:49:48.0316 6136  [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
08:49:48.0316 6136  C:\Windows\System32\wersvc.dll - ok
08:49:48.0320 6136  [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
08:49:48.0320 6136  C:\Program Files\Windows Defender\MsMpRes.dll - ok
08:49:48.0324 6136  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
08:49:48.0324 6136  C:\Windows\System32\winhttp.dll - ok
08:49:48.0327 6136  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
08:49:48.0327 6136  C:\Windows\System32\wbem\WMIsvc.dll - ok
08:49:48.0331 6136  [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
08:49:48.0331 6136  C:\Windows\System32\WsmSvc.dll - ok
08:49:48.0334 6136  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
08:49:48.0334 6136  C:\Windows\System32\wlansvc.dll - ok
08:49:48.0337 6136  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
08:49:48.0338 6136  C:\Windows\System32\wbem\WmiApSrv.exe - ok
08:49:48.0341 6136  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
08:49:48.0341 6136  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
08:49:48.0345 6136  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
08:49:48.0345 6136  C:\Windows\System32\wpcsvc.dll - ok
08:49:48.0348 6136  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
08:49:48.0348 6136  C:\Windows\System32\wpdbusenum.dll - ok
08:49:48.0352 6136  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
08:49:48.0352 6136  C:\Windows\System32\wscsvc.dll - ok
08:49:48.0356 6136  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
08:49:48.0356 6136  C:\Windows\System32\SearchIndexer.exe - ok
08:49:48.0359 6136  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
08:49:48.0359 6136  C:\Windows\System32\wuaueng.dll - ok
08:49:48.0363 6136  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
08:49:48.0363 6136  C:\Windows\System32\drivers\WUDFPf.sys - ok
08:49:48.0366 6136  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
08:49:48.0367 6136  C:\Windows\System32\WUDFSvc.dll - ok
08:49:48.0370 6136  [ FE90B750AB808FB9DD8FBB428B5FF83B ] C:\Windows\System32\wwansvc.dll
08:49:48.0370 6136  C:\Windows\System32\wwansvc.dll - ok
08:49:48.0374 6136  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
08:49:48.0374 6136  C:\Windows\System32\ubpm.dll - ok
08:49:48.0377 6136  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
08:49:48.0378 6136  C:\Windows\System32\SPInf.dll - ok
08:49:48.0381 6136  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
08:49:48.0381 6136  C:\Windows\System32\svchost.exe - ok
08:49:48.0385 6136  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
08:49:48.0385 6136  C:\Windows\System32\devrtl.dll - ok
08:49:48.0389 6136  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
08:49:48.0389 6136  C:\Windows\System32\userenv.dll - ok
08:49:48.0393 6136  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
08:49:48.0393 6136  C:\Windows\System32\pcwum.dll - ok
08:49:48.0397 6136  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
08:49:48.0397 6136  C:\Windows\System32\powrprof.dll - ok
08:49:48.0403 6136  [ 9C2BEA3957EFFD45F352F0938DFB3721 ] C:\Windows\System32\drivers\aswMonFlt.sys
08:49:48.0403 6136  C:\Windows\System32\drivers\aswMonFlt.sys - ok
08:49:48.0405 6136  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
08:49:48.0405 6136  C:\Windows\System32\rpcss.dll - ok
08:49:48.0409 6136  [ 8077537B1600AF493E7EE1A7A5C90799 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
08:49:48.0409 6136  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
08:49:48.0413 6136  [ 7675E15D1B2180745E4DA4D26AAD7385 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
08:49:48.0413 6136  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
08:49:48.0416 6136  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
08:49:48.0416 6136  C:\Windows\System32\wshqos.dll - ok
08:49:48.0420 6136  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
08:49:48.0420 6136  C:\Windows\System32\WSHTCPIP.DLL - ok
08:49:48.0424 6136  [ 34152997FB906895290E0199AC94B85F ] C:\Windows\System32\authui.dll
08:49:48.0424 6136  C:\Windows\System32\authui.dll - ok
08:49:48.0427 6136  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
08:49:48.0428 6136  C:\Windows\System32\LogonUI.exe - ok
08:49:48.0431 6136  [ 1C3588802EE33660E620A046A505A337 ] C:\Program Files\Microsoft Security Client\MpClient.dll
08:49:48.0431 6136  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
08:49:48.0435 6136  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
08:49:48.0435 6136  C:\Windows\System32\wtsapi32.dll - ok
08:49:48.0439 6136  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
08:49:48.0439 6136  C:\Windows\System32\cryptui.dll - ok
08:49:48.0443 6136  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
08:49:48.0443 6136  C:\Windows\System32\adtschema.dll - ok
08:49:48.0446 6136  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
08:49:48.0446 6136  C:\Windows\System32\MMDevAPI.dll - ok
08:49:48.0451 6136  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
08:49:48.0451 6136  C:\Windows\System32\avrt.dll - ok
08:49:48.0455 6136  [ 7BF818B11C1FEDC3E76D233124470A30 ] C:\Program Files\IDT\WDM\stacsv64.exe
08:49:48.0456 6136  C:\Program Files\IDT\WDM\stacsv64.exe - ok
08:49:48.0460 6136  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
08:49:48.0460 6136  C:\Windows\System32\atl.dll - ok
08:49:48.0464 6136  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
08:49:48.0464 6136  C:\Windows\System32\dsound.dll - ok
08:49:48.0467 6136  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
08:49:48.0467 6136  C:\Windows\System32\propsys.dll - ok
08:49:48.0471 6136  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
08:49:48.0471 6136  C:\Windows\System32\winmm.dll - ok
08:49:48.0475 6136  [ 4DAF653178A21566E5D8A8286AC0F18D ] C:\Windows\System32\stapi64.dll
08:49:48.0475 6136  C:\Windows\System32\stapi64.dll - ok
08:49:48.0479 6136  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
08:49:48.0479 6136  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
08:49:48.0483 6136  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
08:49:48.0483 6136  C:\Windows\System32\audiodg.exe - ok
08:49:48.0487 6136  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
08:49:48.0487 6136  C:\Windows\System32\ntmarta.dll - ok
08:49:48.0491 6136  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
08:49:48.0491 6136  C:\Windows\System32\AudioSes.dll - ok
08:49:48.0494 6136  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
08:49:48.0494 6136  C:\Windows\System32\es.dll - ok
08:49:48.0498 6136  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
08:49:48.0498 6136  C:\Windows\System32\gpsvc.dll - ok
08:49:48.0502 6136  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
08:49:48.0502 6136  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
08:49:48.0506 6136  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
08:49:48.0506 6136  C:\Windows\System32\PSHED.DLL - ok
08:49:48.0510 6136  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
08:49:48.0510 6136  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
08:49:48.0514 6136  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
08:49:48.0514 6136  C:\Windows\System32\nlaapi.dll - ok
08:49:48.0517 6136  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
08:49:48.0517 6136  C:\Windows\System32\drivers\lltdio.sys - ok
08:49:48.0521 6136  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
08:49:48.0521 6136  C:\Windows\System32\dsrole.dll - ok
08:49:48.0525 6136  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
08:49:48.0525 6136  C:\Windows\System32\slc.dll - ok
08:49:48.0529 6136  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
08:49:48.0529 6136  C:\Windows\System32\uxsms.dll - ok
08:49:48.0532 6136  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
08:49:48.0532 6136  C:\Windows\System32\drivers\nwifi.sys - ok
08:49:48.0536 6136  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
08:49:48.0536 6136  C:\Windows\System32\drivers\ndisuio.sys - ok
08:49:48.0540 6136  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
08:49:48.0540 6136  C:\Windows\System32\drivers\rspndr.sys - ok
08:49:48.0544 6136  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
08:49:48.0544 6136  C:\Windows\System32\IPHLPAPI.DLL - ok
08:49:48.0548 6136  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
08:49:48.0548 6136  C:\Windows\System32\MPSSVC.dll - ok
08:49:48.0552 6136  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
08:49:48.0552 6136  C:\Windows\System32\nrpsrv.dll - ok
08:49:48.0555 6136  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
08:49:48.0555 6136  C:\Windows\System32\winnsi.dll - ok
08:49:48.0559 6136  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
08:49:48.0559 6136  C:\Windows\System32\shacct.dll - ok
08:49:48.0562 6136  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
08:49:48.0562 6136  C:\Windows\System32\dhcpcore6.dll - ok
08:49:48.0567 6136  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
08:49:48.0567 6136  C:\Windows\System32\dnsrslvr.dll - ok
08:49:48.0574 6136  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
08:49:48.0574 6136  C:\Windows\System32\eapphost.dll - ok
08:49:48.0576 6136  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
08:49:48.0576 6136  C:\Windows\System32\samlib.dll - ok
08:49:48.0580 6136  [ 138BE04BF17193B27184DEDFE3028548 ] C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
08:49:48.0580 6136  C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
08:49:48.0584 6136  [ D07EB640618F96490DB88C3CE58DB608 ] C:\Windows\System32\FWPUCLNT.DLL
08:49:48.0584 6136  C:\Windows\System32\FWPUCLNT.DLL - ok
08:49:48.0588 6136  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
08:49:48.0588 6136  C:\Windows\System32\uxtheme.dll - ok
08:49:48.0592 6136  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
08:49:48.0592 6136  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
08:49:48.0596 6136  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
08:49:48.0596 6136  C:\Windows\System32\dnsext.dll - ok






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users