Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

This isn't good. Looks ugly. Really need help


  • This topic is locked This topic is locked
25 replies to this topic

#1 desertized

desertized

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 06 March 2014 - 03:09 PM

I ran scans with everything I could find and nothing came up, but looking at these logs something must be wrong.  I have been freezing all the time, computer running very slow, etc.  Then I looked at some files in the Windows folder in C: drive and it looked like on Feb 13 someone took over my computer. I can post the logs I found in that folder if you want, but here are the requested scan results....
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Aaron_2 at 11:16:34 on 2014-03-06
Microsoft Windows 8.1  6.3.9600.0.1252.1.1033.18.6023.3208 [GMT -8:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\skydrive.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\System32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\SettingSyncHost.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Windows\System32\WWAHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\WINDOWS\system32\wwahost.exe
C:\WINDOWS\explorer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uWindow Title = Internet Explorer provided by TOSHIBA
uDefault_Page_URL = hxxp://toshiba13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5372EB27-7466-4D11-804C-BC2A260FE4B1} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5372EB27-7466-4D11-804C-BC2A260FE4B1}\642494 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5372EB27-7466-4D11-804C-BC2A260FE4B1}\E4544574541425 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5372EB27-7466-4D11-804C-BC2A260FE4B1}\E45445745414257373 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F77EF5A9-0EAA-4ACF-946A-92018BB4159C} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://toshiba13.msn.com
x64-mWindow Title = Internet Explorer provided by TOSHIBA
x64-mDefault_Page_URL = hxxp://toshiba13.msn.com
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2014-2-13 39768]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2014-1-22 56336]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\WINDOWS\System32\drivers\tos_sps64.sys [2013-5-10 499096]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 ccSet_NAT;Norton Anti-Theft Settings Manager;C:\WINDOWS\System32\drivers\NATx64\010A000.009\ccSetx64.sys [2014-1-14 150104]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\N360x64\1501000.012\symnets.sys [2014-1-17 590936]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-17 171600]
R2 dts_apo_service;DTS APO Service;C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-9-10 19792]
R2 GenieTimelineService;Genie Timeline Service;C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [2013-9-1 672272]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-5-10 130592]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-5-10 165488]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-16 701512]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2014-1-17 264360]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-11-14 232192]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2013-5-10 132056]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-2-8 390672]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-10 366040]
R3 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-18 1526488]
R3 ccSet_N360;N360 Settings Manager;C:\WINDOWS\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2014-1-17 162392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-1-18 137648]
R3 FwLnk;FwLnk Driver;C:\WINDOWS\System32\drivers\FwLnk.sys [2013-5-10 9216]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-5-10 169752]
R3 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140304.002\IDSviA64.sys [2014-3-5 524504]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2013-10-17 27032]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-8-21 129224]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2014-1-16 25928]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2013-5-10 327240]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2013-8-21 2944216]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2013-4-9 32496]
R3 SymDS;Symantec Data Store;C:\WINDOWS\System32\drivers\N360x64\1501000.012\SymDS64.sys [2014-1-17 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2014-1-17 1147480]
R3 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\N360x64\1501000.012\Ironx64.sys [2014-1-17 264280]
R3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-7-31 53864]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\N360x64\1501000.012\SymELAM.sys [2014-1-17 23568]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-21 782176]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-21 17624]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-21 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-21 99320]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-21 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2014-2-13 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-10-17 39320]
S3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-2-27 342528]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-21 81760]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\drivers\revoflt.sys [2014-2-9 31800]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2014-2-13 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-13 57176]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-8-22 119808]
S3 tepsrv;Tracks Eraser Service;C:\Program Files (x86)\Acesoft\Tracks Eraser Pro\tepsrv.exe [2014-2-13 38184]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2013-8-22 23040]
S4 NAT;Norton Anti-Theft;C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [2014-1-14 232424]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
.
=============== File Associations ===============
.
FileExt: .txt: soffice.StarCalcDocument.6="C:\Program Files (x86)\OpenOffice 4\program\scalc.exe" -o "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-03-06 18:55:58 388096 ----a-r- C:\Users\Aaron_2\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-06 18:55:58 -------- d-----w- C:\Program Files (x86)\Trend Micro
2014-03-06 18:51:19 -------- d-----w- C:\Trend Micro
2014-03-06 17:42:39 -------- d-----w- C:\WINDOWS\ERUNT
2014-03-06 05:49:42 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-06 05:43:56 91352 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-03-06 05:31:10 -------- d-----w- C:\FRST
2014-03-06 04:59:39 -------- d-----w- C:\AdwCleaner
2014-03-05 07:06:44 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Skype
2014-03-05 04:34:40 -------- d-----w- C:\Users\Aaron_2\AppData\Roaming\WindSolutions
2014-03-05 03:34:50 -------- d-----w- C:\ProgramData\WindSolutions
2014-03-04 12:43:41 -------- d-----w- C:\WINDOWS\SysWow64\Adobe
2014-03-04 09:06:51 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-03-02 17:27:04 -------- d-----w- C:\Program Files\iPod
2014-03-02 17:27:02 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 17:27:02 -------- d-----w- C:\Program Files\iTunes
2014-03-02 17:27:02 -------- d-----w- C:\Program Files (x86)\iTunes
2014-03-01 08:26:18 -------- d-----w- C:\Users\Aaron_2\iTunesDSM
2014-03-01 08:26:12 -------- d-----w- C:\Program Files (x86)\iTunesDSM
2014-02-28 13:40:30 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-02-28 13:40:30 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-02-28 13:40:30 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-02-28 13:40:30 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-02-28 13:40:30 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-02-28 13:34:17 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Apple Computer
2014-02-28 08:19:19 -------- d-----w- C:\ProgramData\Oracle
2014-02-28 08:18:59 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2014-02-28 08:13:20 108968 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge-64.dll
2014-02-27 08:56:05 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Diagnostics
2014-02-27 08:18:26 -------- d-----w- C:\Users\Aaron_2\AppData\Local\NETGEARGenie
2014-02-27 08:17:47 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Mozilla
2014-02-26 05:54:04 -------- d-----w- C:\Users\Aaron_2\AppData\Roaming\OpenOffice
2014-02-26 02:40:45 -------- d-----w- C:\Users\Aaron_2\AppData\Local\CrashDumps
2014-02-25 21:44:49 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Apple
2014-02-25 07:50:38 -------- d-----w- C:\Users\Aaron_2\AppData\Roaming\Malwarebytes
2014-02-25 07:50:12 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Google
2014-02-25 07:15:32 -------- d-----w- C:\Users\Aaron_2\AppData\Local\VS Revo Group
2014-02-25 07:07:01 -------- d---a-r- C:\Users\Aaron_2\SkyDrive
2014-02-25 07:06:08 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Adobe
2014-02-25 07:05:06 -------- d-----r- C:\Users\Aaron_2\Searches
2014-02-25 07:05:06 -------- d-----r- C:\Users\Aaron_2\Contacts
2014-02-25 07:05:00 -------- d-----w- C:\Users\Aaron_2\AppData\Local\VirtualStore
2014-02-25 07:04:55 -------- d-----w- C:\Users\Aaron_2\AppData\Local\Packages
2014-02-20 18:58:34 17858952 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
2014-02-18 09:07:00 -------- d-----w- C:\SymCache
2014-02-18 02:30:06 -------- d-----w- C:\ProgramData\WindowsPerformanceRecorder
2014-02-18 02:23:38 -------- d-----w- C:\TEMP
2014-02-18 02:21:17 -------- d-----w- C:\ProgramData\Windows App Certification Kit
2014-02-18 02:20:56 -------- d-----w- C:\Program Files\Application Verifier
2014-02-18 02:20:56 -------- d-----w- C:\Program Files (x86)\Application Verifier
2014-02-18 02:19:32 -------- d-----w- C:\Program Files (x86)\Windows Kits
2014-02-18 02:19:32 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft
2014-02-17 03:17:46 947248 ----a-w- C:\WINDOWS\System32\SFSS_APO.dll
2014-02-17 03:14:56 -------- d-----w- C:\ProgramData\SRS Labs
2014-02-17 03:14:56 -------- d-----w- C:\Program Files (x86)\DTS, Inc
2014-02-17 03:14:27 -------- d-----w- C:\Program Files (x86)\Cisco
2014-02-17 03:11:11 4178264 ----a-w- C:\WINDOWS\SysWow64\D3DX9_41.dll
2014-02-17 03:10:43 -------- d-----w- C:\ProgramData\Package Cache
2014-02-16 20:36:09 -------- d-----w- C:\Program Files\NETGEAR
2014-02-16 20:32:53 281104 ----a-w- C:\WINDOWS\SysWow64\wpcap.dll
2014-02-16 20:32:52 96784 ----a-w- C:\WINDOWS\SysWow64\packet.dll
2014-02-16 20:32:43 -------- d-----w- C:\Program Files (x86)\NETGEAR Genie
2014-02-13 21:37:25 30208 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\CNMPDBL.DLL
2014-02-13 21:37:25 101888 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\CNMPPBL.DLL
2014-02-13 21:36:55 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2014-02-13 21:36:55 -------- d-----w- C:\Program Files\Realtek
2014-02-13 21:36:41 64000 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2014-02-13 21:36:41 60416 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2014-02-13 21:36:22 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-02-13 21:36:01 -------- d--h--w- C:\ProgramData\CanonIJFAX
2014-02-13 21:35:41 -------- d-----w- C:\Program Files\Synaptics
2014-02-13 21:33:22 -------- d-sh--w- C:\Recovery
2014-02-13 21:33:13 -------- dc----w- C:\WINDOWS\Panther
2014-02-13 21:32:05 548864 ----a-w- C:\WINDOWS\System32\vbscript.dll
2014-02-13 21:32:05 454656 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2014-02-13 21:30:52 197120 ----a-w- C:\WINDOWS\System32\scrrun.dll
2014-02-13 21:29:21 830976 ----a-w- C:\WINDOWS\SysWow64\SearchFolder.dll
2014-02-13 21:28:36 4604416 ----a-w- C:\WINDOWS\System32\d2d1.dll
2014-02-13 21:27:59 745336 ----a-w- C:\WINDOWS\System32\oleaut32.dll
2014-02-13 21:27:59 552624 ----a-w- C:\WINDOWS\SysWow64\oleaut32.dll
2014-02-13 21:27:59 403456 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2014-02-13 21:27:59 2551128 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2014-02-13 21:27:59 218112 ----a-w- C:\WINDOWS\SysWow64\Windows.Graphics.dll
2014-02-13 21:27:59 202240 ----a-w- C:\WINDOWS\System32\ubpm.dll
2014-02-13 21:27:59 19456 -c--a-w- C:\WINDOWS\System32\drivers\BtaMPM.sys
2014-02-13 21:27:59 1928144 ----a-w- C:\WINDOWS\System32\combase.dll
2014-02-13 21:27:59 1415680 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2014-02-13 21:27:59 13925888 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2014-02-13 21:27:59 1119064 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2014-02-13 21:21:47 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2014-02-13 21:21:47 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2014-02-13 21:21:47 102608 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-02-13 21:21:45 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2014-02-13 21:21:45 124112 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2014-02-13 21:21:44 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2014-02-13 16:51:39 224016 ----a-w- C:\WINDOWS\SysWow64\TabCtl32.ocx
2014-02-13 16:51:39 1081616 ----a-w- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
2014-02-13 16:51:38 277504 ----a-w- C:\WINDOWS\SysWow64\oestore.dll
2014-02-13 16:51:38 132880 ----a-w- C:\WINDOWS\SysWow64\msinet.ocx
2014-02-13 16:51:38 -------- d-----w- C:\Program Files (x86)\Acesoft
2014-02-11 22:24:16 -------- d-----r- C:\Program Files (x86)\Skype
2014-02-10 09:51:38 366080 ----a-w- C:\WINDOWS\System32\CNC_BLL.dll
2014-02-10 09:51:38 282624 ----a-w- C:\WINDOWS\System32\CNC_BLC.dll
2014-02-10 09:51:38 17920 ----a-w- C:\WINDOWS\System32\CNHMCA6.dll
2014-02-10 09:51:38 106496 ----a-w- C:\WINDOWS\System32\CNC_BLI.dll
2014-02-10 02:17:05 18816 ----a-w- C:\WINDOWS\SysWow64\drivers\NTPAMp50.sys
2014-02-10 02:17:05 17536 ----a-w- C:\WINDOWS\SysWow64\drivers\NtpaSp50.sys
2014-02-09 20:35:54 -------- d-----w- C:\Program Files (x86)\Advanced IP Scanner
2014-02-09 17:14:00 -------- d-----w- C:\ProgramData\VS Revo Group
2014-02-09 17:13:59 31800 ----a-w- C:\WINDOWS\System32\drivers\revoflt.sys
2014-02-09 17:13:58 -------- d-----w- C:\Program Files\VS Revo Group
2014-02-09 03:08:20 -------- d-----w- C:\ProgramData\install_clap
2014-02-08 19:13:02 303104 ----a-w- C:\WINDOWS\System32\CNCALBL.DLL
2014-02-08 19:12:11 390656 ----a-w- C:\WINDOWS\System32\CNMLMBL.DLL
.
==================== Find3M  ====================
.
2014-02-17 21:00:34 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-02-17 21:00:34 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-02-16 20:32:53 369168 ----a-w- C:\WINDOWS\System32\wpcap.dll
2014-02-16 20:32:53 35344 ----a-w- C:\WINDOWS\System32\drivers\npf.sys
2014-02-16 20:32:53 106000 ----a-w- C:\WINDOWS\System32\packet.dll
2014-02-13 21:30:52 156672 ----a-w- C:\WINDOWS\SysWow64\scrrun.dll
2014-02-13 21:29:21 7416832 ----a-w- C:\WINDOWS\System32\Windows.UI.Search.dll
2014-02-13 21:28:36 3936256 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2014-02-13 21:26:33 2152448 ----a-w- C:\WINDOWS\System32\msxml3.dll
2014-02-13 21:21:27 303104 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcGenral.dll
2014-02-13 21:21:26 2414592 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll
2014-01-18 00:24:12 94208 ----a-w- C:\WINDOWS\SysWow64\QuickTimeVR.qtx
2014-01-18 00:24:12 69632 ----a-w- C:\WINDOWS\SysWow64\QuickTime.qts
2014-01-17 17:57:56 177752 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
2014-01-06 19:23:36 4558848 ----a-w- C:\WINDOWS\SysWow64\GPhotos.scr
.
============= FINISH: 11:16:44.36 ===============
 


BC AdBot (Login to Remove)

 


#2 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 09 March 2014 - 07:56 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, desertized

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

---------------------------------------------------------------------------------------------------

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attached)
TDSS Killer log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

---------------------------------------------------------------------------------------------------
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#3 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 March 2014 - 06:14 PM

Thank you so much!  here we go...

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-09 15:55:03
-----------------------------
15:55:03.954    OS Version: Windows x64 6.2.9200 
15:55:03.954    Number of processors: 4 586 0x3A09
15:55:03.955    ComputerName: LAPTOP  UserName: 
15:55:04.290    Initialze error 1 
15:57:58.938    AVAST engine defs: 14030901
15:58:10.789    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002f
15:58:10.791    Disk 0 Vendor: TOSHIBA_MQ01ABF050 AM003M Size: 476940MB BusType: 11
15:58:10.820    Disk 0 MBR read successfully
15:58:10.822    Disk 0 MBR scan
15:58:10.826    Disk 0 unknown MBR code
15:58:10.829    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
15:58:10.833    Disk 0 scanning C:\WINDOWS\system32\drivers
15:58:10.835    Service scanning
15:58:11.382    Modules scanning
15:58:11.388    Disk 0 trace - called modules:
15:58:11.422    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
15:58:11.427    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00002fad060]
15:58:11.433    3 CLASSPNP.SYS[fffff800014d1abb] -> nt!IofCallDriver -> \Device\0000002f[0xffffe000010ac060]
15:58:11.442    AVAST engine scan C:\WINDOWS
15:58:11.446    AVAST engine scan C:\WINDOWS\system32
15:58:11.450    AVAST engine scan C:\WINDOWS\system32\drivers
15:58:11.454    AVAST engine scan C:\Users\Aaron_2
15:58:11.457    AVAST engine scan C:\ProgramData
15:58:11.461    Scan finished successfully
15:58:51.309    Disk 0 MBR has been saved successfully to "C:\Users\Aaron_2\Desktop\MBR.dat"
15:58:51.317    The log file has been saved successfully to "C:\Users\Aaron_2\Desktop\aswMBR.txt"
 
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-09 16:00:48
-----------------------------
16:00:48.249    OS Version: Windows x64 6.2.9200 
16:00:48.250    Number of processors: 4 586 0x3A09
16:00:48.251    ComputerName: LAPTOP  UserName: 
16:00:48.253    Initialze error 1 
16:01:09.684    AVAST engine defs: 14030901
16:01:19.359    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002f
16:01:19.361    Disk 0 Vendor: TOSHIBA_MQ01ABF050 AM003M Size: 476940MB BusType: 11
16:01:19.389    Disk 0 MBR read successfully
16:01:19.391    Disk 0 MBR scan
16:01:19.395    Disk 0 unknown MBR code
16:01:19.397    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
16:01:19.401    Disk 0 scanning C:\WINDOWS\system32\drivers
16:01:19.404    Service scanning
16:01:19.918    Modules scanning
16:01:19.926    Disk 0 trace - called modules:
16:01:19.940    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
16:01:19.950    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00002fad060]
16:01:19.959    3 CLASSPNP.SYS[fffff800014d1abb] -> nt!IofCallDriver -> \Device\0000002f[0xffffe000010ac060]
16:01:19.971    AVAST engine scan C:\WINDOWS
16:01:19.976    AVAST engine scan C:\WINDOWS\system32
16:01:19.983    AVAST engine scan C:\WINDOWS\system32\drivers
16:01:19.990    AVAST engine scan C:\Users\Aaron_2
16:01:19.994    AVAST engine scan C:\ProgramData
16:01:19.997    Scan finished successfully
16:01:37.150    Disk 0 MBR has been saved successfully to "C:\Users\Aaron_2\Desktop\MBR.dat"
16:01:37.159    The log file has been saved successfully to "C:\Users\Aaron_2\Desktop\aswMBR.txt"
 
 

 

16:06:24.0693 0x142c  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
16:06:24.0693 0x142c  UEFI system
16:06:29.0174 0x142c  ============================================================
16:06:29.0174 0x142c  Current date / time: 2014/03/09 16:06:29.0174
16:06:29.0174 0x142c  SystemInfo:
16:06:29.0174 0x142c  
16:06:29.0174 0x142c  OS Version: 6.3.9600 ServicePack: 0.0
16:06:29.0174 0x142c  Product type: Workstation
16:06:29.0174 0x142c  ComputerName: LAPTOP
16:06:29.0174 0x142c  UserName: Aaron_2
16:06:29.0174 0x142c  Windows directory: C:\WINDOWS
16:06:29.0174 0x142c  System windows directory: C:\WINDOWS
16:06:29.0174 0x142c  Running under WOW64
16:06:29.0174 0x142c  Processor architecture: Intel x64
16:06:29.0174 0x142c  Number of processors: 4
16:06:29.0174 0x142c  Page size: 0x1000
16:06:29.0174 0x142c  Boot type: Normal boot
16:06:29.0174 0x142c  ============================================================
16:06:29.0739 0x142c  KLMD registered as C:\WINDOWS\system32\drivers\14898242.sys
16:06:30.0071 0x142c  System UUID: {F4FF4E06-0187-F0FC-2A2C-4FC3D9F9472E}
16:06:30.0801 0x142c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:06:30.0812 0x142c  ============================================================
16:06:30.0812 0x142c  \Device\Harddisk0\DR0:
16:06:30.0812 0x142c  GPT partitions:
16:06:30.0813 0x142c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5A8F38D1-78B5-11E3-8445-8955B035B107}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
16:06:30.0813 0x142c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5A8F38D7-78B5-11E3-8445-8955B035B107}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x82000
16:06:30.0813 0x142c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5A8F38D9-78B5-11E3-8445-8955B035B107}, Name: Basic data partition, StartLBA 0x282800, BlocksNum 0x40000
16:06:30.0813 0x142c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5A8F38DF-78B5-11E3-8445-8955B035B107}, Name: Basic data partition, StartLBA 0x2C2800, BlocksNum 0x38B19000
16:06:30.0813 0x142c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CAC3B3A0-2480-4D97-BDC3-0FD42C706135}, Name: , StartLBA 0x38DDB800, BlocksNum 0xAF000
16:06:30.0813 0x142c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5A8F38E5-78B5-11E3-8445-8955B035B107}, Name: Basic data partition, StartLBA 0x38E8A800, BlocksNum 0x14FB800
16:06:30.0813 0x142c  MBR partitions:
16:06:30.0813 0x142c  ============================================================
16:06:30.0835 0x142c  C: <-> \Device\Harddisk0\DR0\Partition4
16:06:30.0835 0x142c  ============================================================
16:06:30.0835 0x142c  Initialize success
16:06:30.0835 0x142c  ============================================================
16:06:32.0845 0x3118  ============================================================
16:06:32.0845 0x3118  Scan started
16:06:32.0845 0x3118  Mode: Manual; 
16:06:32.0845 0x3118  ============================================================
16:06:32.0845 0x3118  KSN ping started
16:06:35.0315 0x3118  KSN ping finished: true
16:06:36.0984 0x3118  ================ Scan system memory ========================
16:06:36.0985 0x3118  System memory - ok
16:06:36.0988 0x3118  ================ Scan services =============================
16:06:37.0245 0x3118  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:06:37.0260 0x3118  1394ohci - ok
16:06:37.0309 0x3118  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:06:37.0313 0x3118  3ware - ok
16:06:37.0369 0x3118  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:06:37.0382 0x3118  ACPI - ok
16:06:37.0420 0x3118  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:06:37.0423 0x3118  acpiex - ok
16:06:37.0441 0x3118  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:06:37.0445 0x3118  acpipagr - ok
16:06:37.0463 0x3118  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:06:37.0466 0x3118  AcpiPmi - ok
16:06:37.0488 0x3118  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:06:37.0490 0x3118  acpitime - ok
16:06:37.0616 0x3118  [ BF3818B441955E4D438EC72F06F1FE61, 091A80D6A8887B4B5AFF8D12CB5A96AF4A04B125C13BED815B3A776778CD3190 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
16:06:37.0627 0x3118  AdobeActiveFileMonitor11.0 - ok
16:06:37.0706 0x3118  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:06:37.0711 0x3118  AdobeARMservice - ok
16:06:37.0830 0x3118  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:06:37.0840 0x3118  AdobeFlashPlayerUpdateSvc - ok
16:06:37.0896 0x3118  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:06:37.0919 0x3118  ADP80XX - ok
16:06:37.0961 0x3118  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
16:06:37.0969 0x3118  AeLookupSvc - ok
16:06:38.0008 0x3118  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:06:38.0033 0x3118  AFD - ok
16:06:38.0048 0x3118  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
16:06:38.0051 0x3118  agp440 - ok
16:06:38.0069 0x3118  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:06:38.0072 0x3118  ahcache - ok
16:06:38.0115 0x3118  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
16:06:38.0117 0x3118  ALG - ok
16:06:38.0154 0x3118  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:06:38.0157 0x3118  AmdK8 - ok
16:06:38.0168 0x3118  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:06:38.0172 0x3118  AmdPPM - ok
16:06:38.0190 0x3118  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:06:38.0192 0x3118  amdsata - ok
16:06:38.0212 0x3118  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:06:38.0218 0x3118  amdsbs - ok
16:06:38.0227 0x3118  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:06:38.0228 0x3118  amdxata - ok
16:06:38.0259 0x3118  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:06:38.0262 0x3118  AppID - ok
16:06:38.0301 0x3118  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:06:38.0305 0x3118  AppIDSvc - ok
16:06:38.0333 0x3118  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:06:38.0337 0x3118  Appinfo - ok
16:06:38.0436 0x3118  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:06:38.0440 0x3118  Apple Mobile Device - ok
16:06:38.0513 0x3118  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:06:38.0559 0x3118  AppReadiness - ok
16:06:38.0621 0x3118  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:06:38.0655 0x3118  AppXSvc - ok
16:06:38.0697 0x3118  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:06:38.0700 0x3118  arcsas - ok
16:06:38.0718 0x3118  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:06:38.0720 0x3118  atapi - ok
16:06:38.0766 0x3118  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:06:38.0770 0x3118  AudioEndpointBuilder - ok
16:06:38.0822 0x3118  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:06:38.0845 0x3118  Audiosrv - ok
16:06:38.0890 0x3118  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:06:38.0895 0x3118  AxInstSV - ok
16:06:38.0959 0x3118  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:06:38.0991 0x3118  b06bdrv - ok
16:06:39.0017 0x3118  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:06:39.0021 0x3118  BasicDisplay - ok
16:06:39.0042 0x3118  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:06:39.0045 0x3118  BasicRender - ok
16:06:39.0068 0x3118  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:06:39.0071 0x3118  bcmfn2 - ok
16:06:39.0112 0x3118  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:06:39.0121 0x3118  BDESVC - ok
16:06:39.0151 0x3118  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:06:39.0151 0x3118  Beep - ok
16:06:39.0188 0x3118  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
16:06:39.0219 0x3118  BFE - ok
16:06:39.0376 0x3118  [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
16:06:39.0423 0x3118  BHDrvx64 - ok
16:06:39.0503 0x3118  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
16:06:39.0535 0x3118  BITS - ok
16:06:39.0632 0x3118  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:06:39.0647 0x3118  Bonjour Service - ok
16:06:39.0662 0x3118  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:06:39.0665 0x3118  bowser - ok
16:06:39.0707 0x3118  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:06:39.0749 0x3118  BrokerInfrastructure - ok
16:06:39.0792 0x3118  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
16:06:39.0796 0x3118  Browser - ok
16:06:39.0827 0x3118  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:06:39.0830 0x3118  BthAvrcpTg - ok
16:06:39.0843 0x3118  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:06:39.0847 0x3118  BthHFEnum - ok
16:06:39.0864 0x3118  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:06:39.0869 0x3118  bthhfhid - ok
16:06:39.0882 0x3118  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:06:39.0886 0x3118  BTHMODEM - ok
16:06:39.0931 0x3118  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:06:39.0935 0x3118  bthserv - ok
16:06:40.0000 0x3118  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360x64\1501000.012\ccSetx64.sys
16:06:40.0004 0x3118  ccSet_N360 - ok
16:06:40.0073 0x3118  [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NAT       C:\WINDOWS\system32\drivers\NATx64\010A000.009\ccSetx64.sys
16:06:40.0085 0x3118  ccSet_NAT - ok
16:06:40.0111 0x3118  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:06:40.0116 0x3118  cdfs - ok
16:06:40.0146 0x3118  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:06:40.0154 0x3118  cdrom - ok
16:06:40.0194 0x3118  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:06:40.0202 0x3118  CertPropSvc - ok
16:06:40.0246 0x3118  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:06:40.0249 0x3118  circlass - ok
16:06:40.0294 0x3118  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:06:40.0308 0x3118  CLFS - ok
16:06:40.0330 0x3118  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:06:40.0332 0x3118  CmBatt - ok
16:06:40.0362 0x3118  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:06:40.0382 0x3118  CNG - ok
16:06:40.0394 0x3118  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
16:06:40.0396 0x3118  CompositeBus - ok
16:06:40.0400 0x3118  COMSysApp - ok
16:06:40.0417 0x3118  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:06:40.0419 0x3118  condrv - ok
16:06:40.0537 0x3118  [ 10CA7F8EF882104CFBA8D0871DB06AF3, A0C1A7F7C3DCF0BD0F6979F2AE632007FEC767ACF1065C371C9075E54D14FCE4 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:06:40.0554 0x3118  cphs - ok
16:06:40.0594 0x3118  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:06:40.0599 0x3118  CryptSvc - ok
16:06:40.0636 0x3118  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:06:40.0641 0x3118  dam - ok
16:06:40.0722 0x3118  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:06:40.0745 0x3118  DcomLaunch - ok
16:06:40.0792 0x3118  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:06:40.0802 0x3118  defragsvc - ok
16:06:40.0850 0x3118  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:06:40.0874 0x3118  DeviceAssociationService - ok
16:06:40.0944 0x3118  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:06:40.0951 0x3118  DeviceInstall - ok
16:06:40.0990 0x3118  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:06:40.0995 0x3118  Dfsc - ok
16:06:41.0044 0x3118  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:06:41.0064 0x3118  Dhcp - ok
16:06:41.0077 0x3118  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:06:41.0080 0x3118  disk - ok
16:06:41.0095 0x3118  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:06:41.0096 0x3118  dmvsc - ok
16:06:41.0114 0x3118  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:06:41.0120 0x3118  Dnscache - ok
16:06:41.0139 0x3118  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:06:41.0145 0x3118  dot3svc - ok
16:06:41.0161 0x3118  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
16:06:41.0165 0x3118  DPS - ok
16:06:41.0195 0x3118  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:06:41.0197 0x3118  drmkaud - ok
16:06:41.0217 0x3118  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:06:41.0222 0x3118  DsmSvc - ok
16:06:41.0246 0x3118  [ 40CFC6671B2442D32E149FF1683212D1, ADC1743CDB98EAC736783156D659364DF8613BCC4C0B6D0AC0D8F05AF18E0BF7 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
16:06:41.0247 0x3118  dts_apo_service - ok
16:06:41.0331 0x3118  [ A3D1CB64DF885ACE126543E6D7067348, AFB5EF73F7B2854669137F586171500E4EB00F12BFCFD6B743FABD165B4AEED3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:06:41.0382 0x3118  DXGKrnl - ok
16:06:41.0414 0x3118  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
16:06:41.0419 0x3118  Eaphost - ok
16:06:41.0662 0x3118  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:06:41.0757 0x3118  ebdrv - ok
16:06:41.0844 0x3118  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:06:41.0856 0x3118  eeCtrl - ok
16:06:41.0925 0x3118  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
16:06:41.0927 0x3118  EFS - ok
16:06:41.0959 0x3118  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:06:41.0961 0x3118  EhStorClass - ok
16:06:41.0983 0x3118  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:06:41.0986 0x3118  EhStorTcgDrv - ok
16:06:42.0025 0x3118  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:06:42.0029 0x3118  EraserUtilRebootDrv - ok
16:06:42.0047 0x3118  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:06:42.0049 0x3118  ErrDev - ok
16:06:42.0133 0x3118  [ 23DE163660895D178A2A6FCF785FF040, 69C4DF34D5A20D24F61E4BBE5AEC57D345EF700F944A21523C45069564A3B9C1 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys
16:06:42.0136 0x3118  ESProtectionDriver - ok
16:06:42.0182 0x3118  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
16:06:42.0194 0x3118  EventSystem - ok
16:06:42.0226 0x3118  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:06:42.0229 0x3118  exfat - ok
16:06:42.0244 0x3118  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:06:42.0249 0x3118  fastfat - ok
16:06:42.0312 0x3118  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:06:42.0328 0x3118  Fax - ok
16:06:42.0363 0x3118  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:06:42.0364 0x3118  fdc - ok
16:06:42.0390 0x3118  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:06:42.0392 0x3118  fdPHost - ok
16:06:42.0405 0x3118  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:06:42.0407 0x3118  FDResPub - ok
16:06:42.0431 0x3118  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:06:42.0434 0x3118  fhsvc - ok
16:06:42.0458 0x3118  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:06:42.0461 0x3118  FileInfo - ok
16:06:42.0498 0x3118  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:06:42.0500 0x3118  Filetrace - ok
16:06:42.0514 0x3118  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:06:42.0516 0x3118  flpydisk - ok
16:06:42.0537 0x3118  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:06:42.0545 0x3118  FltMgr - ok
16:06:42.0601 0x3118  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:06:42.0646 0x3118  FontCache - ok
16:06:42.0762 0x3118  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:06:42.0767 0x3118  FontCache3.0.0.0 - ok
16:06:42.0839 0x3118  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:06:42.0846 0x3118  FsDepends - ok
16:06:42.0871 0x3118  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:06:42.0878 0x3118  Fs_Rec - ok
16:06:42.0966 0x3118  [ 014195B03B378CFEAA029958CBC53695, 0F069F37CF83234929D618A78A58F369D0D033A4ABBC4AD02D37825E9857B731 ] fussvc          C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
16:06:42.0974 0x3118  fussvc - ok
16:06:43.0025 0x3118  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:06:43.0052 0x3118  fvevol - ok
16:06:43.0081 0x3118  [ 40A5690A50D003429E6AF655D765AAF4, FAE92750AC7F3E8507D9AAA492253E386F807F254E03F412F035CC46412C0FA5 ] FwLnk           C:\WINDOWS\System32\drivers\FwLnk.sys
16:06:43.0082 0x3118  FwLnk - ok
16:06:43.0092 0x3118  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
16:06:43.0094 0x3118  FxPPM - ok
16:06:43.0130 0x3118  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
16:06:43.0134 0x3118  gagp30kx - ok
16:06:43.0171 0x3118  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:06:43.0173 0x3118  GEARAspiWDM - ok
16:06:43.0205 0x3118  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:06:43.0207 0x3118  gencounter - ok
16:06:43.0257 0x3118  [ 24D52359C4888A4241B8BD38B067407E, 40FCDC1E444A1DBB1A2B67EB5A138C1D65D62BA7D72388873E80065405331146 ] GenieTimelineService C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
16:06:43.0269 0x3118  GenieTimelineService - ok
16:06:43.0314 0x3118  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:06:43.0320 0x3118  GPIOClx0101 - ok
16:06:43.0395 0x3118  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:06:43.0438 0x3118  gpsvc - ok
16:06:43.0472 0x3118  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:06:43.0475 0x3118  gupdate - ok
16:06:43.0480 0x3118  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:06:43.0482 0x3118  gupdatem - ok
16:06:43.0510 0x3118  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:06:43.0513 0x3118  gusvc - ok
16:06:43.0542 0x3118  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
16:06:43.0561 0x3118  HdAudAddService - ok
16:06:43.0575 0x3118  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:06:43.0577 0x3118  HDAudBus - ok
16:06:43.0615 0x3118  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:06:43.0619 0x3118  HidBatt - ok
16:06:43.0641 0x3118  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:06:43.0650 0x3118  HidBth - ok
16:06:43.0666 0x3118  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:06:43.0668 0x3118  hidi2c - ok
16:06:43.0713 0x3118  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:06:43.0715 0x3118  HidIr - ok
16:06:43.0757 0x3118  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:06:43.0760 0x3118  hidserv - ok
16:06:43.0797 0x3118  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:06:43.0799 0x3118  HidUsb - ok
16:06:43.0836 0x3118  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
16:06:43.0843 0x3118  hkmsvc - ok
16:06:43.0894 0x3118  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:06:43.0903 0x3118  HomeGroupListener - ok
16:06:43.0942 0x3118  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:06:43.0951 0x3118  HomeGroupProvider - ok
16:06:43.0963 0x3118  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:06:43.0965 0x3118  HpSAMD - ok
16:06:44.0003 0x3118  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:06:44.0035 0x3118  HTTP - ok
16:06:44.0061 0x3118  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:06:44.0063 0x3118  hwpolicy - ok
16:06:44.0096 0x3118  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:06:44.0098 0x3118  hyperkbd - ok
16:06:44.0122 0x3118  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:06:44.0124 0x3118  HyperVideo - ok
16:06:44.0135 0x3118  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:06:44.0139 0x3118  i8042prt - ok
16:06:44.0149 0x3118  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:06:44.0150 0x3118  iaLPSSi_GPIO - ok
16:06:44.0162 0x3118  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:06:44.0164 0x3118  iaLPSSi_I2C - ok
16:06:44.0198 0x3118  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
16:06:44.0209 0x3118  iaStorA - ok
16:06:44.0254 0x3118  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:06:44.0275 0x3118  iaStorAV - ok
16:06:44.0318 0x3118  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:06:44.0327 0x3118  iaStorV - ok
16:06:44.0403 0x3118  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
16:06:44.0407 0x3118  ICCS - ok
16:06:44.0534 0x3118  [ DAAA22256BCA5E6EB74CD379F3092AAA, B2F8990EE059F201A9EA7C05B56A3FA7EE99EA148240F2997DF2B0DFB2FC9071 ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140307.001\IDSvia64.sys
16:06:44.0559 0x3118  IDSVia64 - ok
16:06:44.0563 0x3118  IEEtwCollectorService - ok
16:06:44.0770 0x3118  [ 4EB6ABBF5D78E65A418BA71EF3ACE251, 261586815680E666F61FCE3CCB5D485A1D200C42FF52D451AE31D80740EA5BDB ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:06:44.0915 0x3118  igfx - ok
16:06:44.0982 0x3118  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:06:45.0017 0x3118  IKEEXT - ok
16:06:45.0022 0x3118  intaud_WaveExtensible - ok
16:06:45.0150 0x3118  [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:06:45.0262 0x3118  IntcAzAudAddService - ok
16:06:45.0300 0x3118  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:06:45.0307 0x3118  IntcDAud - ok
16:06:45.0392 0x3118  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:06:45.0448 0x3118  Intel® Capability Licensing Service Interface - ok
16:06:45.0525 0x3118  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:06:45.0551 0x3118  Intel® Capability Licensing Service TCP IP Interface - ok
16:06:45.0592 0x3118  [ 683CB8EBB08064BD98C1C300938FB82E, 6F728426D3E3A10627A319D185BE9003C8688C0A92C84C818564CF9CFC8E8B2E ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
16:06:45.0595 0x3118  Intel® ME Service - ok
16:06:45.0605 0x3118  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:06:45.0607 0x3118  intelide - ok
16:06:45.0646 0x3118  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:06:45.0652 0x3118  intelpep - ok
16:06:45.0703 0x3118  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:06:45.0708 0x3118  intelppm - ok
16:06:45.0741 0x3118  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:06:45.0746 0x3118  IpFilterDriver - ok
16:06:45.0808 0x3118  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:06:45.0841 0x3118  iphlpsvc - ok
16:06:45.0872 0x3118  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:06:45.0874 0x3118  IPMIDRV - ok
16:06:45.0922 0x3118  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:06:45.0930 0x3118  IPNAT - ok
16:06:45.0986 0x3118  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:06:46.0033 0x3118  iPod Service - ok
16:06:46.0062 0x3118  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:06:46.0063 0x3118  IRENUM - ok
16:06:46.0079 0x3118  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:06:46.0081 0x3118  isapnp - ok
16:06:46.0121 0x3118  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:06:46.0129 0x3118  iScsiPrt - ok
16:06:46.0134 0x3118  iwdbus - ok
16:06:46.0155 0x3118  [ 6542512E0F91187C65DF2B2532794F7B, 74E6965AF74DA03B712AA2F450D7F690C4CE2A1EBF82F1BC69A58D96092B9202 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
16:06:46.0159 0x3118  jhi_service - ok
16:06:46.0177 0x3118  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:06:46.0180 0x3118  kbdclass - ok
16:06:46.0191 0x3118  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:06:46.0192 0x3118  kbdhid - ok
16:06:46.0207 0x3118  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:06:46.0209 0x3118  kdnic - ok
16:06:46.0225 0x3118  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:06:46.0227 0x3118  KeyIso - ok
16:06:46.0264 0x3118  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:06:46.0267 0x3118  KSecDD - ok
16:06:46.0309 0x3118  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:06:46.0331 0x3118  KSecPkg - ok
16:06:46.0346 0x3118  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:06:46.0348 0x3118  ksthunk - ok
16:06:46.0407 0x3118  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:06:46.0424 0x3118  KtmRm - ok
16:06:46.0452 0x3118  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
16:06:46.0455 0x3118  L1C - ok
16:06:46.0506 0x3118  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:06:46.0514 0x3118  LanmanServer - ok
16:06:46.0526 0x3118  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:06:46.0534 0x3118  LanmanWorkstation - ok
16:06:46.0577 0x3118  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
16:06:46.0589 0x3118  lfsvc - ok
16:06:46.0605 0x3118  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:06:46.0607 0x3118  lltdio - ok
16:06:46.0639 0x3118  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:06:46.0645 0x3118  lltdsvc - ok
16:06:46.0679 0x3118  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:06:46.0681 0x3118  lmhosts - ok
16:06:46.0722 0x3118  [ 11A830C20B929E0AA1F4E5BBF98B666F, 54DC0240961992409FC3CA40C659A7866F1442C9767ADCA286BFBBDEE2E350CA ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:06:46.0735 0x3118  LMS - ok
16:06:46.0791 0x3118  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:06:46.0794 0x3118  LSI_SAS - ok
16:06:46.0808 0x3118  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:06:46.0810 0x3118  LSI_SAS2 - ok
16:06:46.0826 0x3118  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:06:46.0828 0x3118  LSI_SAS3 - ok
16:06:46.0838 0x3118  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:06:46.0840 0x3118  LSI_SSS - ok
16:06:46.0885 0x3118  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
16:06:46.0958 0x3118  LSM - ok
16:06:47.0006 0x3118  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:06:47.0015 0x3118  luafv - ok
16:06:47.0058 0x3118  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
16:06:47.0060 0x3118  MBAMProtector - ok
16:06:47.0131 0x3118  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:06:47.0148 0x3118  MBAMScheduler - ok
16:06:47.0181 0x3118  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:06:47.0214 0x3118  MBAMService - ok
16:06:47.0249 0x3118  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:06:47.0251 0x3118  megasas - ok
16:06:47.0281 0x3118  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:06:47.0303 0x3118  megasr - ok
16:06:47.0335 0x3118  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:06:47.0337 0x3118  MEIx64 - ok
16:06:47.0380 0x3118  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
16:06:47.0385 0x3118  MMCSS - ok
16:06:47.0410 0x3118  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:06:47.0414 0x3118  Modem - ok
16:06:47.0451 0x3118  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:06:47.0452 0x3118  monitor - ok
16:06:47.0471 0x3118  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:06:47.0474 0x3118  mouclass - ok
16:06:47.0510 0x3118  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:06:47.0512 0x3118  mouhid - ok
16:06:47.0528 0x3118  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:06:47.0533 0x3118  mountmgr - ok
16:06:47.0565 0x3118  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:06:47.0569 0x3118  MozillaMaintenance - ok
16:06:47.0587 0x3118  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:06:47.0591 0x3118  mpsdrv - ok
16:06:47.0684 0x3118  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:06:47.0714 0x3118  MpsSvc - ok
16:06:47.0743 0x3118  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:06:47.0747 0x3118  MRxDAV - ok
16:06:47.0784 0x3118  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:06:47.0793 0x3118  mrxsmb - ok
16:06:47.0807 0x3118  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:06:47.0813 0x3118  mrxsmb10 - ok
16:06:47.0847 0x3118  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:06:47.0851 0x3118  mrxsmb20 - ok
16:06:47.0893 0x3118  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
16:06:47.0896 0x3118  MsBridge - ok
16:06:47.0929 0x3118  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:06:47.0939 0x3118  MSDTC - ok
16:06:47.0964 0x3118  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:06:47.0965 0x3118  Msfs - ok
16:06:47.0981 0x3118  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:06:47.0983 0x3118  msgpiowin32 - ok
16:06:47.0999 0x3118  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:06:48.0000 0x3118  mshidkmdf - ok
16:06:48.0012 0x3118  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:06:48.0013 0x3118  mshidumdf - ok
16:06:48.0035 0x3118  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:06:48.0037 0x3118  msisadrv - ok
16:06:48.0075 0x3118  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:06:48.0082 0x3118  MSiSCSI - ok
16:06:48.0088 0x3118  msiserver - ok
16:06:48.0109 0x3118  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:06:48.0110 0x3118  MSKSSRV - ok
16:06:48.0124 0x3118  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:06:48.0127 0x3118  MsLldp - ok
16:06:48.0138 0x3118  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:06:48.0139 0x3118  MSPCLOCK - ok
16:06:48.0143 0x3118  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:06:48.0143 0x3118  MSPQM - ok
16:06:48.0181 0x3118  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:06:48.0189 0x3118  MsRPC - ok
16:06:48.0227 0x3118  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:06:48.0230 0x3118  mssmbios - ok
16:06:48.0250 0x3118  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
16:06:48.0252 0x3118  MSTEE - ok
16:06:48.0269 0x3118  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:06:48.0273 0x3118  MTConfig - ok
16:06:48.0292 0x3118  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:06:48.0294 0x3118  Mup - ok
16:06:48.0312 0x3118  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:06:48.0314 0x3118  mvumis - ok
16:06:48.0466 0x3118  [ 832303953D7BB2AE7F09BF5F7131C23E, 51EE9D7C3FA4D2AF5F6C8925075A66AE44802D9651F0279169366AC8C03E48C4 ] N360            C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
16:06:48.0481 0x3118  N360 - ok
16:06:48.0550 0x3118  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
16:06:48.0569 0x3118  napagent - ok
16:06:48.0675 0x3118  [ 8FA07AF404BC705FDEC03493644970B2, BF3B681AB11D830524607B3C5790B83A886B7CBDE397C3C7C9C96F79E2EC244D ] NAT             C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
16:06:48.0688 0x3118  NAT - ok
16:06:48.0743 0x3118  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:06:48.0757 0x3118  NativeWifiP - ok
16:06:48.0858 0x3118  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140308.007\ENG64.SYS
16:06:48.0863 0x3118  NAVENG - ok
16:06:48.0947 0x3118  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140308.007\EX64.SYS
16:06:49.0008 0x3118  NAVEX15 - ok
16:06:49.0044 0x3118  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:06:49.0048 0x3118  NcaSvc - ok
16:06:49.0062 0x3118  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:06:49.0067 0x3118  NcbService - ok
16:06:49.0080 0x3118  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:06:49.0083 0x3118  NcdAutoSetup - ok
16:06:49.0155 0x3118  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:06:49.0192 0x3118  NDIS - ok
16:06:49.0227 0x3118  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:06:49.0229 0x3118  NdisCap - ok
16:06:49.0242 0x3118  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:06:49.0245 0x3118  NdisImPlatform - ok
16:06:49.0287 0x3118  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:06:49.0288 0x3118  NdisTapi - ok
16:06:49.0303 0x3118  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:06:49.0305 0x3118  Ndisuio - ok
16:06:49.0324 0x3118  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:06:49.0325 0x3118  NdisVirtualBus - ok
16:06:49.0340 0x3118  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:06:49.0345 0x3118  NdisWan - ok
16:06:49.0353 0x3118  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:06:49.0357 0x3118  NdisWanLegacy - ok
16:06:49.0374 0x3118  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:06:49.0375 0x3118  NDProxy - ok
16:06:49.0410 0x3118  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:06:49.0413 0x3118  Ndu - ok
16:06:49.0430 0x3118  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:06:49.0432 0x3118  NetBIOS - ok
16:06:49.0453 0x3118  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:06:49.0460 0x3118  NetBT - ok
16:06:49.0505 0x3118  [ 56F5EDF40EF5D82129CF84E3915B9363, CF67C4A6C89542FBC2798D7116001FF6B757AFCB431FE03474B3934367C85C58 ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
16:06:49.0510 0x3118  NETGEARGenieDaemon - ok
16:06:49.0558 0x3118  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:06:49.0560 0x3118  Netlogon - ok
16:06:49.0597 0x3118  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
16:06:49.0611 0x3118  Netman - ok
16:06:49.0668 0x3118  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:06:49.0690 0x3118  netprofm - ok
16:06:49.0737 0x3118  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:06:49.0740 0x3118  NetTcpPortSharing - ok
16:06:49.0788 0x3118  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
16:06:49.0791 0x3118  netvsc - ok
16:06:49.0851 0x3118  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:06:49.0878 0x3118  NlaSvc - ok
16:06:49.0917 0x3118  [ 6A12E8B9CA7A29BB9A7B536F851D3DF3, 521642B755541EF1B1B5E36CE4EA72B65D547ADAB79509461C43E63DC4951ED6 ] Norton PC Checkup Application Launcher C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
16:06:49.0921 0x3118  Norton PC Checkup Application Launcher - ok
16:06:49.0941 0x3118  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\WINDOWS\system32\drivers\npf.sys
16:06:49.0943 0x3118  NPF - ok
16:06:49.0955 0x3118  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:06:49.0957 0x3118  Npfs - ok
16:06:49.0971 0x3118  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:06:49.0973 0x3118  npsvctrig - ok
16:06:50.0004 0x3118  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:06:50.0006 0x3118  nsi - ok
16:06:50.0018 0x3118  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:06:50.0020 0x3118  nsiproxy - ok
16:06:50.0113 0x3118  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:06:50.0170 0x3118  Ntfs - ok
16:06:50.0184 0x3118  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:06:50.0186 0x3118  Null - ok
16:06:50.0199 0x3118  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:06:50.0203 0x3118  nvraid - ok
16:06:50.0220 0x3118  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:06:50.0225 0x3118  nvstor - ok
16:06:50.0243 0x3118  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
16:06:50.0246 0x3118  nv_agp - ok
16:06:50.0302 0x3118  [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:06:50.0322 0x3118  p2pimsvc - ok
16:06:50.0366 0x3118  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:06:50.0375 0x3118  p2psvc - ok
16:06:50.0390 0x3118  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:06:50.0393 0x3118  Parport - ok
16:06:50.0432 0x3118  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:06:50.0434 0x3118  partmgr - ok
16:06:50.0460 0x3118  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:06:50.0471 0x3118  PcaSvc - ok
16:06:50.0489 0x3118  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:06:50.0498 0x3118  pci - ok
16:06:50.0516 0x3118  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:06:50.0517 0x3118  pciide - ok
16:06:50.0539 0x3118  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:06:50.0543 0x3118  pcmcia - ok
16:06:50.0561 0x3118  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:06:50.0563 0x3118  pcw - ok
16:06:50.0599 0x3118  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:06:50.0601 0x3118  pdc - ok
16:06:50.0645 0x3118  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:06:50.0667 0x3118  PEAUTH - ok
16:06:50.0771 0x3118  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:06:50.0776 0x3118  PerfHost - ok
16:06:50.0892 0x3118  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
16:06:50.0942 0x3118  pla - ok
16:06:50.0976 0x3118  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:06:50.0980 0x3118  PlugPlay - ok
16:06:50.0990 0x3118  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:06:50.0992 0x3118  PNRPAutoReg - ok
16:06:51.0011 0x3118  [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:06:51.0018 0x3118  PNRPsvc - ok
16:06:51.0060 0x3118  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:06:51.0069 0x3118  PolicyAgent - ok
16:06:51.0083 0x3118  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
16:06:51.0086 0x3118  Power - ok
16:06:51.0250 0x3118  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:06:51.0328 0x3118  PrintNotify - ok
16:06:51.0369 0x3118  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:06:51.0373 0x3118  Processor - ok
16:06:51.0389 0x3118  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:06:51.0396 0x3118  ProfSvc - ok
16:06:51.0410 0x3118  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
16:06:51.0413 0x3118  Psched - ok
16:06:51.0433 0x3118  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\WINDOWS\system32\Drivers\PxHlpa64.sys
16:06:51.0435 0x3118  PxHlpa64 - ok
16:06:51.0471 0x3118  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:06:51.0478 0x3118  QWAVE - ok
16:06:51.0504 0x3118  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:06:51.0506 0x3118  QWAVEdrv - ok
16:06:51.0544 0x3118  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:06:51.0546 0x3118  RasAcd - ok
16:06:51.0589 0x3118  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:06:51.0593 0x3118  RasAuto - ok
16:06:51.0619 0x3118  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:06:51.0641 0x3118  RasMan - ok
16:06:51.0674 0x3118  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:06:51.0676 0x3118  RasPppoe - ok
16:06:51.0705 0x3118  [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:06:51.0713 0x3118  rdbss - ok
16:06:51.0725 0x3118  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:06:51.0726 0x3118  rdpbus - ok
16:06:51.0752 0x3118  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:06:51.0756 0x3118  RDPDR - ok
16:06:51.0774 0x3118  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:06:51.0775 0x3118  RdpVideoMiniport - ok
16:06:51.0818 0x3118  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:06:51.0824 0x3118  rdyboost - ok
16:06:51.0899 0x3118  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
16:06:51.0942 0x3118  ReFS - ok
16:06:51.0986 0x3118  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:06:51.0992 0x3118  RemoteAccess - ok
16:06:52.0026 0x3118  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:06:52.0031 0x3118  RemoteRegistry - ok
16:06:52.0060 0x3118  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
16:06:52.0061 0x3118  Revoflt - ok
16:06:52.0200 0x3118  [ C70F30AD0A519A53544129BD723CC5FB, B93ACB75423E3DA0A9E3EA641C62265D3087FF504850E70AE87625221BE9E987 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
16:06:52.0215 0x3118  RichVideo64 - ok
16:06:52.0258 0x3118  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:06:52.0261 0x3118  RpcEptMapper - ok
16:06:52.0295 0x3118  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:06:52.0298 0x3118  RpcLocator - ok
16:06:52.0339 0x3118  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:06:52.0353 0x3118  RpcSs - ok
16:06:52.0387 0x3118  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:06:52.0390 0x3118  rspndr - ok
16:06:52.0430 0x3118  [ E7B780F2E7A124264AA487C13107BDFF, 2AE4E7227F3E28FCEF685AC54771D949845339D7881A7855810A6C33E9B179D7 ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:06:52.0437 0x3118  RSUSBVSTOR - ok
16:06:52.0546 0x3118  [ 109B480DC954126DC272AFDB85C00C6C, 1EC9E071B586F758C4F142E3645E50C217CC6366C8D04AA74034FB0EAC8ACD43 ] RTWlanE         C:\WINDOWS\system32\DRIVERS\rtwlane.sys
16:06:52.0620 0x3118  RTWlanE - ok
16:06:52.0652 0x3118  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:06:52.0653 0x3118  s3cap - ok
16:06:52.0692 0x3118  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:06:52.0694 0x3118  SamSs - ok
16:06:52.0739 0x3118  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:06:52.0743 0x3118  sbp2port - ok
16:06:52.0779 0x3118  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:06:52.0784 0x3118  SCardSvr - ok
16:06:52.0802 0x3118  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:06:52.0806 0x3118  ScDeviceEnum - ok
16:06:52.0838 0x3118  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:06:52.0840 0x3118  scfilter - ok
16:06:52.0882 0x3118  [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:06:52.0917 0x3118  Schedule - ok
16:06:52.0959 0x3118  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:06:52.0962 0x3118  SCPolicySvc - ok
16:06:52.0987 0x3118  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:06:52.0994 0x3118  sdbus - ok
16:06:53.0017 0x3118  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:06:53.0020 0x3118  sdstor - ok
16:06:53.0035 0x3118  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
16:06:53.0036 0x3118  secdrv - ok
16:06:53.0065 0x3118  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:06:53.0068 0x3118  seclogon - ok
16:06:53.0081 0x3118  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
16:06:53.0084 0x3118  SENS - ok
16:06:53.0108 0x3118  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:06:53.0114 0x3118  SensrSvc - ok
16:06:53.0148 0x3118  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:06:53.0150 0x3118  SerCx - ok
16:06:53.0188 0x3118  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:06:53.0191 0x3118  SerCx2 - ok
16:06:53.0199 0x3118  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:06:53.0201 0x3118  Serenum - ok
16:06:53.0221 0x3118  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:06:53.0224 0x3118  Serial - ok
16:06:53.0237 0x3118  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:06:53.0239 0x3118  sermouse - ok
16:06:53.0285 0x3118  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:06:53.0294 0x3118  SessionEnv - ok
16:06:53.0308 0x3118  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:06:53.0310 0x3118  sfloppy - ok
16:06:53.0352 0x3118  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:06:53.0363 0x3118  SharedAccess - ok
16:06:53.0386 0x3118  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:06:53.0408 0x3118  ShellHWDetection - ok
16:06:53.0436 0x3118  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:06:53.0438 0x3118  SiSRaid2 - ok
16:06:53.0455 0x3118  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:06:53.0457 0x3118  SiSRaid4 - ok
16:06:53.0652 0x3118  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:06:53.0749 0x3118  Skype C2C Service - ok
16:06:53.0808 0x3118  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:06:53.0816 0x3118  SkypeUpdate - ok
16:06:53.0852 0x3118  [ AFB12159FA95A97A3F42559424947993, C6C9F7922DB28D7C7D75ED05F305896AAC4EFCF62C5BDB51DAC340B474F9FB38 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
16:06:53.0854 0x3118  SmbDrvI - ok
16:06:53.0887 0x3118  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
16:06:53.0889 0x3118  smphost - ok
16:06:53.0929 0x3118  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:06:53.0931 0x3118  SNMPTRAP - ok
16:06:53.0988 0x3118  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:06:54.0003 0x3118  spaceport - ok
16:06:54.0047 0x3118  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:06:54.0053 0x3118  SpbCx - ok
16:06:54.0116 0x3118  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:06:54.0138 0x3118  Spooler - ok
16:06:54.0319 0x3118  [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:06:54.0484 0x3118  sppsvc - ok
16:06:54.0559 0x3118  [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP           C:\WINDOWS\system32\drivers\N360x64\1501000.012\SRTSP64.SYS
16:06:54.0589 0x3118  SRTSP - ok
16:06:54.0599 0x3118  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\WINDOWS\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS
16:06:54.0600 0x3118  SRTSPX - ok
16:06:54.0642 0x3118  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:06:54.0652 0x3118  srv - ok
16:06:54.0685 0x3118  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:06:54.0707 0x3118  srv2 - ok
16:06:54.0723 0x3118  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:06:54.0728 0x3118  srvnet - ok
16:06:54.0778 0x3118  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:06:54.0793 0x3118  SSDPSRV - ok
16:06:54.0850 0x3118  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:06:54.0857 0x3118  SstpSvc - ok
16:06:54.0894 0x3118  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:06:54.0897 0x3118  stexstor - ok
16:06:54.0952 0x3118  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:06:55.0029 0x3118  stisvc - ok
16:06:55.0042 0x3118  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:06:55.0046 0x3118  storahci - ok
16:06:55.0064 0x3118  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
16:06:55.0066 0x3118  storflt - ok
16:06:55.0083 0x3118  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:06:55.0085 0x3118  stornvme - ok
16:06:55.0118 0x3118  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:06:55.0121 0x3118  StorSvc - ok
16:06:55.0137 0x3118  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:06:55.0138 0x3118  storvsc - ok
16:06:55.0177 0x3118  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:06:55.0179 0x3118  svsvc - ok
16:06:55.0221 0x3118  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:06:55.0223 0x3118  swenum - ok
16:06:55.0252 0x3118  [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv           C:\WINDOWS\System32\swprv.dll
16:06:55.0270 0x3118  swprv - ok
16:06:55.0301 0x3118  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\WINDOWS\system32\drivers\N360x64\1501000.012\SYMDS64.SYS
16:06:55.0311 0x3118  SymDS - ok
16:06:55.0394 0x3118  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\WINDOWS\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS
16:06:55.0432 0x3118  SymEFA - ok
16:06:55.0453 0x3118  [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM         C:\WINDOWS\system32\drivers\N360x64\1501000.012\SymELAM.sys
16:06:55.0454 0x3118  SymELAM - ok
16:06:55.0494 0x3118  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
16:06:55.0498 0x3118  SymEvent - ok
16:06:55.0538 0x3118  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\WINDOWS\system32\drivers\N360x64\1501000.012\Ironx64.SYS
16:06:55.0544 0x3118  SymIRON - ok
16:06:55.0584 0x3118  [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS         C:\WINDOWS\system32\drivers\N360x64\1501000.012\SYMNETS.SYS
16:06:55.0606 0x3118  SymNetS - ok
16:06:55.0657 0x3118  [ 1F82AE293AB7485DA2BB539012843CBC, 97EF80D9A134A23527BCB3AD2BE09859373336B0B9140E4E26BA249F5203A1F5 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:06:55.0667 0x3118  SynTP - ok
16:06:55.0732 0x3118  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:06:55.0765 0x3118  SysMain - ok
16:06:55.0805 0x3118  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:06:55.0812 0x3118  SystemEventsBroker - ok
16:06:55.0841 0x3118  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:06:55.0846 0x3118  TabletInputService - ok
16:06:55.0872 0x3118  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:06:55.0879 0x3118  TapiSrv - ok
16:06:55.0911 0x3118  [ 185C2170CFD84F9D708276FBB5ABD77D, FCA00B5CC62F2C160326DBA2F6BF31746324BBE7D5E96291C345DCF2583CE324 ] tapSF0901       C:\WINDOWS\system32\DRIVERS\tapSF0901.sys
16:06:55.0913 0x3118  tapSF0901 - ok
16:06:56.0020 0x3118  [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:06:56.0108 0x3118  Tcpip - ok
16:06:56.0176 0x3118  [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:06:56.0218 0x3118  TCPIP6 - ok
16:06:56.0260 0x3118  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:06:56.0261 0x3118  tcpipreg - ok
16:06:56.0280 0x3118  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] TDCMDPST        C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
16:06:56.0282 0x3118  TDCMDPST - ok
16:06:56.0317 0x3118  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:06:56.0320 0x3118  tdx - ok
16:06:56.0411 0x3118  [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service      C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
16:06:56.0416 0x3118  Te.Service - ok
16:06:56.0452 0x3118  [ 83F112AB51C8F530D7EA3C492CF0C740, 626370F7619FE84989285F2B3E590FE6DAC8E0E55C98D9D4AD00B479F7AA28B5 ] tepsrv          C:\Program Files (x86)\Acesoft\Tracks Eraser Pro\tepsrv.exe
16:06:56.0454 0x3118  tepsrv - ok
16:06:56.0469 0x3118  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:06:56.0471 0x3118  terminpt - ok
16:06:56.0536 0x3118  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
16:06:56.0568 0x3118  TermService - ok
16:06:56.0586 0x3118  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
16:06:56.0590 0x3118  Themes - ok
16:06:56.0620 0x3118  [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] Thotkey         C:\WINDOWS\System32\drivers\Thotkey.sys
16:06:56.0622 0x3118  Thotkey - ok
16:06:56.0660 0x3118  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
16:06:56.0667 0x3118  THREADORDER - ok
16:06:56.0727 0x3118  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
16:06:56.0742 0x3118  TimeBroker - ok
16:06:56.0800 0x3118  [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:06:56.0803 0x3118  TMachInfo - ok
16:06:56.0833 0x3118  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
16:06:56.0844 0x3118  TODDSrv - ok
16:06:56.0914 0x3118  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\WINDOWS\system32\drivers\tos_sps64.sys
16:06:56.0928 0x3118  tos_sps64 - ok
16:06:56.0961 0x3118  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
16:06:56.0965 0x3118  TPM - ok
16:06:57.0005 0x3118  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:06:57.0010 0x3118  TrkWks - ok
16:06:57.0072 0x3118  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:06:57.0075 0x3118  TrustedInstaller - ok
16:06:57.0111 0x3118  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:06:57.0113 0x3118  TsUsbFlt - ok
16:06:57.0130 0x3118  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:06:57.0134 0x3118  TsUsbGD - ok
16:06:57.0158 0x3118  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:06:57.0164 0x3118  tunnel - ok
16:06:57.0196 0x3118  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\WINDOWS\system32\drivers\TVALZ_O.SYS
16:06:57.0199 0x3118  TVALZ - ok
16:06:57.0211 0x3118  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
16:06:57.0215 0x3118  uagp35 - ok
16:06:57.0238 0x3118  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:06:57.0243 0x3118  UASPStor - ok
16:06:57.0290 0x3118  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
16:06:57.0298 0x3118  UCX01000 - ok
16:06:57.0320 0x3118  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:06:57.0327 0x3118  udfs - ok
16:06:57.0344 0x3118  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:06:57.0345 0x3118  UEFI - ok
16:06:57.0385 0x3118  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:06:57.0388 0x3118  UI0Detect - ok
16:06:57.0415 0x3118  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
16:06:57.0417 0x3118  uliagpkx - ok
16:06:57.0426 0x3118  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:06:57.0428 0x3118  umbus - ok
16:06:57.0447 0x3118  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:06:57.0449 0x3118  UmPass - ok
16:06:57.0483 0x3118  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:06:57.0491 0x3118  UmRdpService - ok
16:06:57.0588 0x3118  [ 7F3BFCF30401B787ACF842C5F3F797E1, C5DD9A9ED6DDDC5B46C400C5AD39A9FC7BF15301C976F4A4D329DE55E5D7A492 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:06:57.0602 0x3118  UNS - ok
16:06:57.0653 0x3118  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:06:57.0663 0x3118  upnphost - ok
16:06:57.0714 0x3118  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
16:06:57.0717 0x3118  USBAAPL64 - ok
16:06:57.0768 0x3118  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:06:57.0776 0x3118  usbccgp - ok
16:06:57.0810 0x3118  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:06:57.0813 0x3118  usbcir - ok
16:06:57.0855 0x3118  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:06:57.0861 0x3118  usbehci - ok
16:06:57.0908 0x3118  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:06:57.0921 0x3118  usbhub - ok
16:06:57.0951 0x3118  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:06:57.0963 0x3118  USBHUB3 - ok
16:06:57.0984 0x3118  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:06:57.0986 0x3118  usbohci - ok
16:06:58.0005 0x3118  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:06:58.0006 0x3118  usbprint - ok
16:06:58.0036 0x3118  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:06:58.0038 0x3118  usbscan - ok
16:06:58.0070 0x3118  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:06:58.0074 0x3118  USBSTOR - ok
16:06:58.0106 0x3118  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:06:58.0107 0x3118  usbuhci - ok
16:06:58.0164 0x3118  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
16:06:58.0181 0x3118  usbvideo - ok
16:06:58.0237 0x3118  [ 3B44CB989757428208CCFCC028C13110, E71BFA4BB0F4FAEDA79606C44F7DAAB317CD99C9382942E5830F440CF96D9B35 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:06:58.0245 0x3118  USBXHCI - ok
16:06:58.0259 0x3118  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:06:58.0261 0x3118  VaultSvc - ok
16:06:58.0274 0x3118  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:06:58.0276 0x3118  vdrvroot - ok
16:06:58.0347 0x3118  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
16:06:58.0389 0x3118  vds - ok
16:06:58.0421 0x3118  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:06:58.0425 0x3118  VerifierExt - ok
16:06:58.0453 0x3118  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:06:58.0468 0x3118  vhdmp - ok
16:06:58.0504 0x3118  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
16:06:58.0505 0x3118  viaide - ok
16:06:58.0527 0x3118  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:06:58.0530 0x3118  vmbus - ok
16:06:58.0547 0x3118  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:06:58.0548 0x3118  VMBusHID - ok
16:06:58.0595 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:06:58.0617 0x3118  vmicguestinterface - ok
16:06:58.0639 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
16:06:58.0648 0x3118  vmicheartbeat - ok
16:06:58.0672 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:06:58.0681 0x3118  vmickvpexchange - ok
16:06:58.0706 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
16:06:58.0715 0x3118  vmicrdv - ok
16:06:58.0739 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
16:06:58.0748 0x3118  vmicshutdown - ok
16:06:58.0772 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
16:06:58.0781 0x3118  vmictimesync - ok
16:06:58.0812 0x3118  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
16:06:58.0833 0x3118  vmicvss - ok
16:06:58.0869 0x3118  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:06:58.0872 0x3118  volmgr - ok
16:06:58.0895 0x3118  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:06:58.0904 0x3118  volmgrx - ok
16:06:58.0924 0x3118  [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:06:58.0933 0x3118  volsnap - ok
16:06:58.0969 0x3118  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:06:58.0971 0x3118  vpci - ok
16:06:58.0992 0x3118  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:06:58.0996 0x3118  vsmraid - ok
16:06:59.0086 0x3118  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:06:59.0158 0x3118  VSS - ok
16:06:59.0190 0x3118  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:06:59.0197 0x3118  VSTXRAID - ok
16:06:59.0236 0x3118  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:06:59.0242 0x3118  vwifibus - ok
16:06:59.0265 0x3118  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:06:59.0268 0x3118  vwififlt - ok
16:06:59.0288 0x3118  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:06:59.0291 0x3118  vwifimp - ok
16:06:59.0351 0x3118  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
16:06:59.0369 0x3118  W32Time - ok
16:06:59.0432 0x3118  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:06:59.0459 0x3118  WacomPen - ok
16:06:59.0607 0x3118  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:06:59.0662 0x3118  wbengine - ok
16:06:59.0705 0x3118  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:06:59.0716 0x3118  WbioSrvc - ok
16:06:59.0735 0x3118  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:06:59.0743 0x3118  Wcmsvc - ok
16:06:59.0767 0x3118  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:06:59.0778 0x3118  wcncsvc - ok
16:06:59.0788 0x3118  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:06:59.0791 0x3118  WcsPlugInService - ok
16:06:59.0820 0x3118  [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:06:59.0822 0x3118  WdBoot - ok
16:06:59.0874 0x3118  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
16:06:59.0876 0x3118  WDC_SAM - ok
16:06:59.0930 0x3118  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:06:59.0981 0x3118  Wdf01000 - ok
16:06:59.0999 0x3118  [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:07:00.0005 0x3118  WdFilter - ok
16:07:00.0040 0x3118  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:07:00.0044 0x3118  WdiServiceHost - ok
16:07:00.0048 0x3118  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:07:00.0051 0x3118  WdiSystemHost - ok
16:07:00.0064 0x3118  [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:07:00.0067 0x3118  WdNisDrv - ok
16:07:00.0101 0x3118  WdNisSvc - ok
16:07:00.0118 0x3118  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:07:00.0124 0x3118  WebClient - ok
16:07:00.0143 0x3118  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:07:00.0150 0x3118  Wecsvc - ok
16:07:00.0165 0x3118  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:07:00.0167 0x3118  WEPHOSTSVC - ok
16:07:00.0178 0x3118  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:07:00.0182 0x3118  wercplsupport - ok
16:07:00.0192 0x3118  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:07:00.0196 0x3118  WerSvc - ok
16:07:00.0232 0x3118  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:07:00.0236 0x3118  WFPLWFS - ok
16:07:00.0266 0x3118  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:07:00.0269 0x3118  WiaRpc - ok
16:07:00.0297 0x3118  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:07:00.0298 0x3118  WIMMount - ok
16:07:00.0301 0x3118  WinDefend - ok
16:07:00.0362 0x3118  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:07:00.0384 0x3118  WinHttpAutoProxySvc - ok
16:07:00.0443 0x3118  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:07:00.0448 0x3118  Winmgmt - ok
16:07:00.0597 0x3118  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:07:00.0661 0x3118  WinRM - ok
16:07:00.0705 0x3118  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
16:07:00.0708 0x3118  WinUsb - ok
16:07:00.0801 0x3118  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:07:00.0848 0x3118  WlanSvc - ok
16:07:00.0917 0x3118  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:07:00.0960 0x3118  wlidsvc - ok
16:07:01.0000 0x3118  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:07:01.0001 0x3118  WmiAcpi - ok
16:07:01.0037 0x3118  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:07:01.0041 0x3118  wmiApSrv - ok
16:07:01.0080 0x3118  WMPNetworkSvc - ok
16:07:01.0151 0x3118  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:07:01.0196 0x3118  workfolderssvc - ok
16:07:01.0239 0x3118  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:07:01.0241 0x3118  wpcfltr - ok
16:07:01.0251 0x3118  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
16:07:01.0253 0x3118  WPCSvc - ok
16:07:01.0269 0x3118  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:07:01.0273 0x3118  WPDBusEnum - ok
16:07:01.0290 0x3118  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:07:01.0291 0x3118  WpdUpFltr - ok
16:07:01.0307 0x3118  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:07:01.0309 0x3118  ws2ifsl - ok
16:07:01.0337 0x3118  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:07:01.0342 0x3118  wscsvc - ok
16:07:01.0353 0x3118  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
16:07:01.0354 0x3118  WSDPrintDevice - ok
16:07:01.0376 0x3118  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
16:07:01.0377 0x3118  WSDScan - ok
16:07:01.0381 0x3118  WSearch - ok
16:07:01.0507 0x3118  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
16:07:01.0615 0x3118  WSService - ok
16:07:01.0735 0x3118  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:07:01.0845 0x3118  wuauserv - ok
16:07:01.0873 0x3118  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:07:01.0875 0x3118  WudfPf - ok
16:07:01.0926 0x3118  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:07:01.0936 0x3118  WUDFRd - ok
16:07:01.0953 0x3118  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:07:01.0958 0x3118  wudfsvc - ok
16:07:01.0970 0x3118  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:07:01.0975 0x3118  WUDFWpdFs - ok
16:07:01.0986 0x3118  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:07:01.0992 0x3118  WUDFWpdMtp - ok
16:07:02.0024 0x3118  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:07:02.0047 0x3118  WwanSvc - ok
16:07:02.0120 0x3118  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:07:02.0142 0x3118  YahooAUService - ok
16:07:02.0158 0x3118  ================ Scan global ===============================
16:07:02.0219 0x3118  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
16:07:02.0264 0x3118  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
16:07:02.0329 0x3118  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
16:07:02.0375 0x3118  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
16:07:02.0392 0x3118  [ Global ] - ok
16:07:02.0393 0x3118  ================ Scan MBR ==================================
16:07:02.0403 0x3118  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:07:02.0414 0x3118  \Device\Harddisk0\DR0 - ok
16:07:02.0415 0x3118  ================ Scan VBR ==================================
16:07:02.0422 0x3118  [ 5CD35539DFC1DAE006C684D665EEFB18 ] \Device\Harddisk0\DR0\Partition1
16:07:02.0439 0x3118  \Device\Harddisk0\DR0\Partition1 - ok
16:07:02.0458 0x3118  [ 733C2A2AFF71D0A4F3030908572D7FB7 ] \Device\Harddisk0\DR0\Partition2
16:07:02.0465 0x3118  \Device\Harddisk0\DR0\Partition2 - ok
16:07:02.0477 0x3118  [ BD5066D07A1B176DA82E0EDF529C086A ] \Device\Harddisk0\DR0\Partition3
16:07:02.0494 0x3118  \Device\Harddisk0\DR0\Partition3 - ok
16:07:02.0512 0x3118  [ C87023BEFA1033D944298B109615CAA7 ] \Device\Harddisk0\DR0\Partition4
16:07:02.0519 0x3118  \Device\Harddisk0\DR0\Partition4 - ok
16:07:02.0548 0x3118  [ 7E087881DC3E758565F607DA9849A8F7 ] \Device\Harddisk0\DR0\Partition5
16:07:02.0550 0x3118  \Device\Harddisk0\DR0\Partition5 - ok
16:07:02.0563 0x3118  [ 3B9B587978B5A8965054CCFBC93F8FC0 ] \Device\Harddisk0\DR0\Partition6
16:07:02.0565 0x3118  \Device\Harddisk0\DR0\Partition6 - ok
16:07:02.0566 0x3118  Waiting for KSN requests completion. In queue: 124
16:07:03.0568 0x3118  Waiting for KSN requests completion. In queue: 124
16:07:04.0568 0x3118  Waiting for KSN requests completion. In queue: 124
16:07:05.0715 0x3118  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
16:07:05.0716 0x3118  AV detected via SS2: Norton 360 Premier Edition, C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
16:07:05.0723 0x3118  FW detected via SS2: Norton 360 Premier Edition, C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
16:07:08.0262 0x3118  ============================================================
16:07:08.0262 0x3118  Scan finished
16:07:08.0262 0x3118  ============================================================
16:07:08.0286 0x3028  Detected object count: 0
16:07:08.0286 0x3028  Actual detected object count: 0
 


#4 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 March 2014 - 06:18 PM

Forgot to zip this file.  See attached



#5 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 10 March 2014 - 07:14 AM

It's ok.

Let's run ComboFix.

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#6 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 10 March 2014 - 08:35 AM

I get "combofix was not meant to run in compatibility mode.  The program will now exit"  when I try to run it.  I don't see anything on this in the manual link area, so I thought I should stop and come back here.



#7 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 10 March 2014 - 09:02 AM

That's odd. Nevermind. We will go the other way.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#8 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 10 March 2014 - 09:13 AM

Is it also odd you thought this might take some time to complete, and it only took about 15 seconds?  I did not hit the clean button, am I supposed to?    Here you go....

 

# AdwCleaner v3.020 - Report created 10/03/2014 at 07:08:03
# Updated 27/02/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Aaron_2 - LAPTOP
# Running from : C:\Users\Aaron_2\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\user.js
Folder Found : C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.146
 
[ File : C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2842 octets] - [05/03/2014 21:59:48]
AdwCleaner[R1].txt - [1022 octets] - [05/03/2014 22:09:18]
AdwCleaner[R2].txt - [1143 octets] - [06/03/2014 01:25:12]
AdwCleaner[R3].txt - [2388 octets] - [10/03/2014 07:08:03]
AdwCleaner[S0].txt - [2863 octets] - [05/03/2014 22:02:02]
AdwCleaner[S1].txt - [1084 octets] - [05/03/2014 22:10:22]
AdwCleaner[S2].txt - [1205 octets] - [06/03/2014 03:32:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [2628 octets] ##########


#9 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 11 March 2014 - 07:33 AM

Hi,

Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
===================================================

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • ===================================================

    On your next reply please post :
    AdwCleaner log
    JRT log



    Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#10 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 11 March 2014 - 01:19 PM

Thanks here you go...
 
# AdwCleaner v3.021 - Report created 11/03/2014 at 11:04:20
# Updated 10/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Aaron_2 - LAPTOP
# Running from : C:\Users\Aaron_2\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.146
 
[ File : C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2842 octets] - [05/03/2014 21:59:48]
AdwCleaner[R1].txt - [1022 octets] - [05/03/2014 22:09:18]
AdwCleaner[R2].txt - [1143 octets] - [06/03/2014 01:25:12]
AdwCleaner[R3].txt - [2708 octets] - [10/03/2014 07:08:03]
AdwCleaner[R4].txt - [2768 octets] - [11/03/2014 11:01:40]
AdwCleaner[S0].txt - [2863 octets] - [05/03/2014 22:02:02]
AdwCleaner[S1].txt - [1084 octets] - [05/03/2014 22:10:22]
AdwCleaner[S2].txt - [1205 octets] - [06/03/2014 03:32:51]
AdwCleaner[S3].txt - [2717 octets] - [11/03/2014 11:04:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2777 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by Aaron_2 on Tue 03/11/2014 at 11:11:48.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/11/2014 at 11:17:11.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#11 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 11 March 2014 - 08:06 PM

Not seeing much here..

 

Please download Farbar Recovery Scan Tool and save it to your Desktop

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.[/color]

 

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe).

 

Please also paste that along with the FRST.txt into your reply.
 


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#12 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 11 March 2014 - 08:49 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2014
Ran by Aaron_2 (administrator) on LAPTOP on 11-03-2014 18:24:25
Running from C:\Users\Aaron_2\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
() C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
(Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Aaron_2\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3014384 2013-02-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2260241804-1812669088-548696763-1007\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2260241804-1812669088-548696763-1007\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2260241804-1812669088-548696763-1007\...\Run: [Tracks Eraser Pro] - C:\Program Files (x86)\Acesoft\Tracks Eraser Pro\te.exe [1557384 2013-05-14] (Acesoft)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm?cp=1252&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
SearchScopes: HKLM - DefaultScope {73FC5BA5-8E82-41C4-B235-67FCBFE97757} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {73FC5BA5-8E82-41C4-B235-67FCBFE97757} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - {73FC5BA5-8E82-41C4-B235-67FCBFE97757} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {73FC5BA5-8E82-41C4-B235-67FCBFE97757} URL = 
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F77EF5A9-0EAA-4ACF-946A-92018BB4159C}: [NameServer]192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Aaron_2\AppData\Roaming\Mozilla\Firefox\Profiles\la31et7r.default
FF Homepage: hxxp://www.yahoo.com/?ilc=8
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mkg030&p=
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-25]
CHR Extension: (Google Drive) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-25]
CHR Extension: (Stats Checker for Google Analytics™) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhijgglehlaflknjkgjbhbjhbfgnpjm [2014-02-25]
CHR Extension: (ColorZilla) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2014-02-25]
CHR Extension: (YouTube) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-25]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2014-02-25]
CHR Extension: (PHP Ninja Manual) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbhjjdhmgeibgdccjfoliooccomjcab [2014-02-26]
CHR Extension: (Google Search) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-25]
CHR Extension: (Google+) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-02-25]
CHR Extension: (AdWords Tool -Start Now for Free) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkggmldlanmmiffgcidgipbkndgill [2014-02-25]
CHR Extension: (SEO SERP Workbench) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-02-25]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-03-04]
CHR Extension: (Video Downloader professional) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-02-25]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2014-02-25]
CHR Extension: (AdBlock) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-25]
CHR Extension: (FirePHP4Chrome) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgbmonepdpnacijbbdijfbecmgoojma [2014-02-26]
CHR Extension: (Free SEO Deal of the Week) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgnekndlomccgljphjjcmhgmbbbeeklm [2014-02-25]
CHR Extension: (Pixlr Touch Up) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jklljiahjgoglchglekebfljnmbaleig [2014-02-25]
CHR Extension: (Skype Click to Call) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-25]
CHR Extension: (Google Maps) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-25]
CHR Extension: (FlashControl) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2014-02-25]
CHR Extension: (Norton Identity Protection) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-25]
CHR Extension: (Ghostery) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-25]
CHR Extension: (PHP Console) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfhmhhlpfleoednkpnnnkolmclajemef [2014-02-25]
CHR Extension: (Google Wallet) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-25]
CHR Extension: (Picasa) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-02-25]
CHR Extension: (Gmail) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-25]
CHR Extension: (SEO serp) - C:\Users\Aaron_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnajcbokobncmoiicnkhblbgncincoam [2014-02-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-20]
 
==================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [672272 2013-09-01] (Genie9)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165488 2012-12-18] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
S4 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-11-14] (NETGEAR)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132056 2013-01-31] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
S3 tepsrv; C:\Program Files (x86)\Acesoft\Tracks Eraser Pro\tepsrv.exe [38184 2012-12-18] (Acesoft)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-01-09] (Symantec Corporation)
R3 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-16] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140309.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-13] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140311.001\ENG64.SYS [126040 2014-01-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140311.001\EX64.SYS [2099288 2014-01-16] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2014-02-16] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-13] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32496 2013-02-06] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 SymDS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R3 tapSF0901; C:\Windows\system32\DRIVERS\tapSF0901.sys [39104 2014-01-20] (Spotflux, Inc.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-11 18:24 - 2014-03-11 18:24 - 00024234 _____ () C:\Users\Aaron_2\Desktop\FRST.txt
2014-03-11 18:23 - 2014-03-11 18:23 - 02157056 _____ (Farbar) C:\Users\Aaron_2\Desktop\FRST64 (1).exe
2014-03-11 14:25 - 2014-03-11 14:25 - 00003809 _____ () C:\Users\Aaron_2\Downloads\Top Consensus - 214-446-2223 - March 2014 QUERYRESULTS.csv
2014-03-11 11:17 - 2014-03-11 11:17 - 00000782 _____ () C:\Users\Aaron_2\Desktop\JRT.txt
2014-03-11 11:00 - 2014-03-11 11:00 - 01949184 _____ () C:\Users\Aaron_2\Desktop\AdwCleaner.exe
2014-03-09 19:03 - 2014-03-09 19:03 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-03-09 16:17 - 2014-03-09 16:17 - 00000138 _____ () C:\Users\Aaron_2\Desktop\MBR.zip
2014-03-09 15:58 - 2014-03-09 16:01 - 00003366 _____ () C:\Users\Aaron_2\Desktop\aswMBR.txt
2014-03-09 15:58 - 2014-03-09 16:01 - 00000512 _____ () C:\Users\Aaron_2\Desktop\MBR.dat
2014-03-09 15:54 - 2014-03-09 15:54 - 04745728 _____ (AVAST Software) C:\Users\Aaron_2\Downloads\aswMBR.exe
2014-03-08 13:27 - 2014-03-08 13:28 - 00000000 ____D () C:\Users\Aaron_2\Desktop\New folder
2014-03-08 01:07 - 2014-03-08 01:07 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedPcoptimizer
2014-03-08 01:07 - 2014-03-08 01:07 - 00000000 ____D () C:\Program Files (x86)\SpeedPcoptimizer
2014-03-08 01:07 - 2004-04-09 12:02 - 00270336 _____ () C:\WINDOWS\SysWOW64\hiscl.ocx
2014-03-08 01:07 - 2004-02-18 11:51 - 00069632 _____ (speedMyPc.com ) C:\WINDOWS\SysWOW64\HotKeys.ocx
2014-03-08 01:07 - 2004-02-04 09:40 - 00151552 _____ (Asmw Soft Systems www.asmwsoft.com) C:\WINDOWS\SysWOW64\style.ocx
2014-03-08 01:07 - 2000-12-03 09:01 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2014-03-08 01:07 - 1999-04-25 10:37 - 00077824 _____ (Ala S. Wrawreh) C:\WINDOWS\SysWOW64\alafile.ocx
2014-03-07 04:08 - 2014-03-11 11:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-03-07 04:08 - 2014-03-11 11:07 - 00003104 _____ () C:\WINDOWS\System32\Tasks\Malwarebytes Anti-Exploit
2014-03-07 04:08 - 2014-03-11 11:07 - 00000508 _____ () C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job
2014-03-07 04:08 - 2014-03-07 04:08 - 00000930 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-03-07 04:08 - 2013-07-16 04:41 - 01858896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100d.dll
2014-03-07 04:08 - 2013-07-16 04:41 - 01498960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100d.dll
2014-03-07 04:08 - 2013-07-16 04:41 - 01014096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100d.dll
2014-03-07 04:08 - 2013-07-16 04:41 - 00743248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp100d.dll
2014-03-07 04:07 - 2014-03-07 04:07 - 14713592 _____ (Malwarebytes Corporation ) C:\Users\Aaron_2\Downloads\mbsb-setup-1.0.0.0010.exe
2014-03-07 04:07 - 2014-03-07 04:07 - 01768696 _____ (Malwarebytes ) C:\Users\Aaron_2\Desktop\mbae-setup-0.09.5.0250.exe
2014-03-07 04:05 - 2014-03-07 04:05 - 00982016 _____ (Farbar) C:\Users\Aaron_2\Desktop\MiniToolBox.exe
2014-03-07 04:02 - 2014-03-07 04:02 - 00003226 _____ () C:\WINDOWS\System32\Tasks\launchspotflux
2014-03-07 04:02 - 2014-03-07 04:02 - 00001908 _____ () C:\Users\Aaron_2\Desktop\Spotflux.lnk
2014-03-07 04:02 - 2014-03-07 04:02 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotflux
2014-03-07 03:58 - 2014-03-07 03:58 - 00000000 ____D () C:\Users\Aaron_2\.swt
2014-03-07 02:27 - 2014-03-07 02:27 - 00000017 _____ () C:\Users\Aaron_2\AppData\Local\resmon.resmoncfg
2014-03-07 02:25 - 2014-03-07 02:25 - 00000055 _____ () C:\Users\Aaron_2\Documents\etger.txt
2014-03-07 02:13 - 2014-03-07 04:02 - 00000000 ____D () C:\Program Files (x86)\Spotflux
2014-03-07 02:13 - 2014-03-07 02:13 - 00000000 ____D () C:\ProgramData\spotflux
2014-03-07 02:12 - 2014-03-11 11:08 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\.spotflux
2014-03-07 02:12 - 2014-03-07 02:12 - 05646120 _____ () C:\Users\Aaron_2\Desktop\spotflux-2.9.20-315.exe
2014-03-07 02:09 - 2014-03-07 02:09 - 00000308 _____ () C:\Users\Aaron_2\advanced_ip_scanner_MAC.bin
2014-03-06 12:13 - 2014-03-06 12:13 - 00688992 ____R (Swearware) C:\Users\Aaron_2\Desktop\dds.scr
2014-03-06 11:55 - 2014-03-06 11:55 - 00003017 _____ () C:\Users\Aaron_2\Desktop\HiJackThis.lnk
2014-03-06 11:55 - 2014-03-06 11:55 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-06 11:55 - 2014-03-06 11:55 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-06 11:51 - 2014-03-06 11:51 - 00000000 ____D () C:\Trend Micro
2014-03-06 10:42 - 2014-03-06 10:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-06 10:41 - 2014-03-06 10:41 - 01037734 _____ (Thisisu) C:\Users\Aaron_2\Desktop\JRT.exe
2014-03-06 10:37 - 2014-03-06 10:38 - 01402880 _____ () C:\Users\Aaron_2\Desktop\HiJackThis.msi
2014-03-06 09:43 - 2014-03-06 09:43 - 00494386 _____ () C:\Users\Aaron_2\Downloads\25_1394118829.wav
2014-03-06 00:08 - 2014-03-06 00:08 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Aaron_2\Desktop\tdsskiller.exe
2014-03-06 00:08 - 2014-03-06 00:08 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Aaron_2\Desktop\rkill.exe
2014-03-06 00:07 - 2014-03-06 00:07 - 05187267 _____ (Swearware) C:\Users\Aaron_2\Desktop\ComboFix.exe
2014-03-06 00:07 - 2014-03-06 00:07 - 00602112 _____ (OldTimer Tools) C:\Users\Aaron_2\Downloads\OTL.exe
2014-03-06 00:06 - 2014-03-06 00:07 - 00448512 _____ (OldTimer Tools) C:\Users\Aaron_2\Desktop\TFC.exe
2014-03-05 23:22 - 2014-03-05 23:22 - 04745728 _____ (AVAST Software) C:\Users\Aaron_2\Desktop\aswMBR.exe
2014-03-05 22:49 - 2014-03-05 23:54 - 00000000 ____D () C:\Users\Aaron_2\Desktop\mbar
2014-03-05 22:49 - 2014-03-05 23:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-05 22:48 - 2014-03-05 22:48 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Aaron_2\Downloads\mbar-1.07.0.1009.exe
2014-03-05 22:43 - 2014-03-05 22:49 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 22:31 - 2014-03-11 18:24 - 00000000 ____D () C:\FRST
2014-03-05 22:31 - 2014-03-05 22:32 - 00126874 _____ () C:\Users\Aaron_2\Downloads\FRST.txt
2014-03-05 22:31 - 2014-03-05 22:32 - 00036372 _____ () C:\Users\Aaron_2\Downloads\Addition.txt
2014-03-05 22:29 - 2014-03-05 22:29 - 02156544 _____ (Farbar) C:\Users\Aaron_2\Downloads\FRST64.exe
2014-03-05 22:21 - 2014-03-06 02:23 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-05 22:20 - 2014-03-05 22:45 - 678186548 _____ () C:\WINDOWS\MEMORY.DMP
2014-03-05 22:14 - 2014-03-05 22:17 - 00000000 ____D () C:\Users\Aaron_2\Downloads\mbam-chameleon-1.62.1.1000
2014-03-05 22:14 - 2014-03-05 22:14 - 01440846 _____ () C:\Users\Aaron_2\Downloads\mbam-chameleon-1.62.1.1000.zip
2014-03-05 21:59 - 2014-03-11 11:04 - 00000000 ____D () C:\AdwCleaner
2014-03-05 21:54 - 2014-03-05 21:54 - 00930952 _____ (CNET Download.com) C:\Users\Aaron_2\Desktop\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe
2014-03-05 21:43 - 2014-03-07 17:42 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Yahoo!
2014-03-05 19:20 - 2014-03-05 19:20 - 00762085 _____ () C:\Users\Aaron_2\Downloads\MyFontsWebfontsKit.zip
2014-03-05 19:20 - 2014-03-05 19:20 - 00350404 _____ () C:\Users\Aaron_2\Downloads\Familiar Pro 8.zip
2014-03-05 19:20 - 2014-03-05 19:20 - 00000000 ____D () C:\Users\Aaron_2\Downloads\MyFontsWebfontsKit
2014-03-05 15:34 - 2014-03-05 15:34 - 00106201 _____ () C:\Users\Aaron_2\Downloads\welcome_image.psd
2014-03-05 13:07 - 2014-03-05 13:07 - 00000000 ____D () C:\Users\Aaron_2\Downloads\please-write-me-a-song
2014-03-05 13:07 - 2014-03-05 13:07 - 00000000 ____D () C:\Users\Aaron_2\Downloads\asenine
2014-03-05 13:06 - 2014-03-05 13:06 - 00000000 ____D () C:\Users\Aaron_2\Downloads\street
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\Aaron_2\Downloads\aster
2014-03-05 12:40 - 2014-03-05 12:41 - 01051813 _____ () C:\Users\Aaron_2\Downloads\street (1).zip
2014-03-05 12:40 - 2014-03-05 12:40 - 00104627 _____ () C:\Users\Aaron_2\Downloads\asenine.zip
2014-03-05 12:36 - 2014-03-05 12:36 - 00085084 _____ () C:\Users\Aaron_2\Downloads\please-write-me-a-song.zip
2014-03-05 12:32 - 2014-03-05 12:32 - 01051813 _____ () C:\Users\Aaron_2\Downloads\street.zip
2014-03-05 12:30 - 2014-03-05 12:30 - 00054186 _____ () C:\Users\Aaron_2\Downloads\aster.zip
2014-03-05 12:27 - 2014-03-05 12:27 - 00089535 _____ () C:\Users\Aaron_2\Downloads\shade-of-adelyne.zip
2014-03-05 12:26 - 2014-03-05 12:27 - 00248725 _____ () C:\Users\Aaron_2\Downloads\neovix-basic.zip
2014-03-05 12:26 - 2014-03-05 12:26 - 00009691 _____ () C:\Users\Aaron_2\Downloads\sanseriffic.zip
2014-03-05 07:15 - 2014-03-06 21:11 - 00024315 _____ () C:\Users\Aaron_2\Desktop\Contract AgreementSigned.odt
2014-03-05 07:00 - 2014-03-05 07:00 - 00024225 _____ () C:\Users\Aaron_2\Downloads\Contract Agreement.odt
2014-03-05 00:06 - 2014-03-08 01:56 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Skype
2014-03-05 00:06 - 2014-03-05 00:06 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Skype
2014-03-04 21:40 - 2014-03-04 21:40 - 04473792 _____ (WindSolutions) C:\Users\Aaron_2\Downloads\Install_CopyTrans_Suite.exe
2014-03-04 21:40 - 2014-03-04 21:40 - 00001428 _____ () C:\Users\Aaron_2\Desktop\CopyTrans Control Center.lnk
2014-03-04 21:40 - 2014-03-04 21:40 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2014-03-04 21:34 - 2014-03-04 21:43 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\WindSolutions
2014-03-04 20:34 - 2014-03-04 21:43 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-03-04 20:34 - 2014-03-04 21:37 - 00000000 ____D () C:\Users\Aaron_2\Downloads\CopyTransTuneTasticv0.734
2014-03-04 20:34 - 2014-03-04 20:34 - 06222396 _____ () C:\Users\Aaron_2\Downloads\CopyTransTuneTasticv0.734.zip
2014-03-04 20:33 - 2014-03-04 20:33 - 04685824 _____ () C:\Users\Aaron_2\Downloads\TuneSweeperNET4.msi
2014-03-04 10:08 - 2014-03-04 10:08 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\CyberLink
2014-03-04 05:43 - 2014-03-04 05:43 - 04987736 _____ (Adobe Systems Inc.) C:\Users\Aaron_2\Downloads\Shockwave_Installer_Slim.exe
2014-03-04 05:43 - 2014-03-04 05:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-04 02:32 - 2014-03-04 02:32 - 27261142 _____ () C:\Users\Aaron_2\Desktop\IMG_0175.zip
2014-03-04 02:06 - 2014-03-07 17:42 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-03-04 02:06 - 2014-03-04 02:06 - 00692048 _____ (Yahoo! Inc.) C:\Users\Aaron_2\Downloads\msgr11us.exe
2014-03-04 01:31 - 2014-03-04 01:31 - 02546573 _____ () C:\Users\Aaron_2\Downloads\Blonde Star... always on.zip
2014-03-03 23:01 - 2014-03-03 23:10 - 00000218 ____H () C:\Users\Aaron_2\Downloads\.picasa.ini
2014-03-02 10:28 - 2014-03-02 10:28 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 10:27 - 2014-03-02 10:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 10:27 - 2014-03-02 10:27 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 10:27 - 2014-03-02 10:27 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 10:27 - 2014-03-02 10:27 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 09:24 - 2014-03-02 09:25 - 148885840 _____ (Apple Inc.) C:\Users\Aaron_2\Downloads\iTunes64Setup.exe
2014-03-01 23:09 - 2014-03-03 23:16 - 00000000 ____D () C:\Users\Aaron_2\Desktop\860OKMZO
2014-03-01 23:09 - 2014-03-01 23:14 - 00000000 ____D () C:\Users\Aaron_2\Desktop\823WGTMA
2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Aaron_2\Desktop\992MTWED
2014-03-01 04:47 - 2014-03-01 04:49 - 00003584 _____ () C:\Users\Aaron_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-01 01:26 - 2014-03-06 01:31 - 00000000 ____D () C:\Users\Aaron_2\iTunesDSM
2014-03-01 01:26 - 2014-03-05 21:41 - 00000000 ____D () C:\Program Files (x86)\iTunesDSM
2014-03-01 01:25 - 2014-03-01 01:25 - 01189073 _____ () C:\Users\Aaron_2\Downloads\iTunesDSM_0.9.6_Setup.exe
2014-02-28 19:46 - 2014-03-10 02:17 - 00238592 ___SH () C:\Users\Aaron_2\Desktop\Thumbs.db
2014-02-28 06:40 - 2014-02-28 06:40 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-28 06:36 - 2014-02-28 06:37 - 70638408 _____ (Apple Inc.) C:\Users\Aaron_2\Downloads\iCloudSetup.exe
2014-02-28 06:34 - 2014-03-02 10:28 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Apple Computer
2014-02-28 01:20 - 2014-02-28 01:20 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Oracle
2014-02-28 01:19 - 2014-02-28 01:19 - 00000000 ____D () C:\ProgramData\Sun
2014-02-28 01:19 - 2014-02-28 01:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-28 01:19 - 2014-02-28 01:18 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00921000 _____ (Oracle Corporation) C:\Users\Aaron_2\Downloads\chromeinstall-7u51 (1).exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-02-28 01:18 - 2014-02-28 01:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-28 01:17 - 2014-02-28 01:17 - 00921000 _____ (Oracle Corporation) C:\Users\Aaron_2\Downloads\chromeinstall-7u51.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-02-28 01:13 - 2014-02-28 01:13 - 00000000 ____D () C:\Program Files\Java
2014-02-28 01:11 - 2014-02-28 01:12 - 30796712 _____ (Oracle Corporation) C:\Users\Aaron_2\Downloads\jre-7u51-windows-x64.exe
2014-02-27 02:10 - 2014-03-10 23:53 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\vlc
2014-02-27 01:18 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\NETGEARGenie
2014-02-27 01:17 - 2014-02-27 01:17 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Mozilla
2014-02-27 01:17 - 2014-02-27 01:17 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Mozilla
2014-02-26 09:37 - 2014-02-26 09:37 - 00159960 _____ () C:\Users\Aaron_2\Downloads\banner_image.psd
2014-02-26 00:27 - 2014-02-26 00:27 - 00003502 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-aaronmbaker@hotmail.com
2014-02-25 22:54 - 2014-02-25 22:54 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\OpenOffice
2014-02-25 22:53 - 2014-02-25 22:53 - 00000044 _____ () C:\Users\Aaron_2\Documents\user.txt
2014-02-25 22:53 - 2014-02-25 22:53 - 00000044 _____ () C:\Users\Aaron_2\Documents\dgdfg.txt
2014-02-25 19:40 - 2014-03-04 21:43 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\CrashDumps
2014-02-25 14:44 - 2014-02-25 14:44 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Apple
2014-02-25 05:24 - 2014-02-25 05:24 - 00047745 _____ () C:\Users\Aaron_2\Downloads\Untitled-2.psd
2014-02-25 05:08 - 2014-03-05 15:34 - 00000132 _____ () C:\Users\Aaron_2\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-02-25 04:36 - 2014-02-25 04:36 - 00319841 _____ () C:\Users\Aaron_2\Downloads\Thesis Skin Editor.htm
2014-02-25 04:36 - 2014-02-25 04:36 - 00000000 ____D () C:\Users\Aaron_2\Downloads\Thesis Skin Editor_files
2014-02-25 04:34 - 2014-02-25 04:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-25 04:28 - 2014-02-25 04:28 - 00001912 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2014-02-25 03:55 - 2014-03-10 06:21 - 00345600 ___SH () C:\Users\Aaron_2\Downloads\Thumbs.db
2014-02-25 00:50 - 2014-03-04 02:17 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Google
2014-02-25 00:50 - 2014-02-25 00:50 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Malwarebytes
2014-02-25 00:15 - 2014-02-25 00:15 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\VS Revo Group
2014-02-25 00:10 - 2014-03-11 12:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2260241804-1812669088-548696763-1007
2014-02-25 00:09 - 2014-02-25 00:09 - 00000000 ____D () C:\Users\Aaron_2\Desktop\LAPTOP
2014-02-25 00:07 - 2014-03-11 11:17 - 00000000 __RDO () C:\Users\Aaron_2\SkyDrive
2014-02-25 00:06 - 2014-03-02 10:28 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Apple Computer
2014-02-25 00:06 - 2014-02-25 11:04 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Adobe
2014-02-25 00:05 - 2014-03-08 01:56 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\VirtualStore
2014-02-25 00:05 - 2014-03-07 12:24 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Adobe
2014-02-25 00:05 - 2014-02-25 00:05 - 00001453 _____ () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-25 00:05 - 2014-02-25 00:05 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-25 00:04 - 2014-02-25 00:06 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Packages
2014-02-24 23:47 - 2014-03-07 03:58 - 00000000 ____D () C:\Users\Aaron_2
2014-02-24 23:47 - 2014-02-25 00:05 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-24 23:47 - 2014-02-24 23:47 - 00000020 ___SH () C:\Users\Aaron_2\ntuser.ini
2014-02-24 23:47 - 2014-02-16 18:43 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Genie9
2014-02-24 23:47 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Macromedia
2014-02-24 23:47 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-24 23:47 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-24 23:47 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-24 23:47 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-20 11:58 - 2014-03-11 10:58 - 05777288 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-02-18 02:07 - 2014-02-18 02:07 - 00000000 ____D () C:\SymCache
2014-02-17 19:30 - 2014-02-17 19:30 - 00000000 ____D () C:\ProgramData\WindowsPerformanceRecorder
2014-02-17 19:21 - 2014-02-17 19:21 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-02-17 19:20 - 2014-02-17 19:20 - 00000000 ____D () C:\Program Files\Application Verifier
2014-02-17 19:20 - 2014-02-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-02-17 19:20 - 2014-02-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-02-17 19:19 - 2014-02-17 19:19 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-02-16 20:24 - 2014-02-16 20:24 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-16 20:24 - 2014-02-16 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 20:24 - 2014-02-16 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 20:18 - 2014-02-16 20:18 - 00003130 _____ () C:\WINDOWS\System32\Tasks\RTKCPL
2014-02-16 20:18 - 2014-02-16 20:18 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-16 20:17 - 2013-08-21 13:50 - 03591000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-02-16 20:17 - 2013-08-20 21:17 - 02809048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-02-16 20:17 - 2013-08-20 21:17 - 02585304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2014-02-16 20:17 - 2013-08-20 19:48 - 00633381 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-02-16 20:17 - 2013-08-20 19:31 - 00148184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-02-16 20:17 - 2013-08-20 14:51 - 31488000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-02-16 20:17 - 2013-08-20 11:02 - 04848920 _____ (ASUSTeKcomputer.Inc Inc) C:\WINDOWS\system32\RTKSMlfx.dll
2014-02-16 20:17 - 2013-08-16 16:46 - 00818008 _____ (ASUSTeKcomputer.Inc Inc) C:\WINDOWS\system32\RTKSMSettingsIPC.dll
2014-02-16 20:17 - 2013-08-14 17:36 - 01325312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2014-02-16 20:17 - 2013-08-14 17:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-02-16 20:17 - 2013-08-14 17:35 - 01084160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2014-02-16 20:17 - 2013-08-14 17:35 - 00907008 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2014-02-16 20:17 - 2013-08-14 17:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-02-16 20:17 - 2013-08-13 06:21 - 01019136 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2014-02-16 20:17 - 2013-08-13 06:21 - 00899328 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2014-02-16 20:17 - 2013-08-13 06:21 - 00720128 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2014-02-16 20:17 - 2013-08-13 06:21 - 00244480 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2014-02-16 20:17 - 2013-08-07 18:41 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-02-16 20:17 - 2013-08-07 18:34 - 00765184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2014-02-16 20:17 - 2013-08-06 10:47 - 00947248 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-02-16 20:17 - 2013-08-06 05:56 - 06219096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-02-16 20:17 - 2013-08-06 05:56 - 01908568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-02-16 20:17 - 2013-08-06 05:56 - 00312152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-02-16 20:17 - 2013-08-06 05:56 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-02-16 20:17 - 2013-08-05 19:11 - 02743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-02-16 20:17 - 2013-08-02 21:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-02-16 20:17 - 2013-08-01 11:59 - 05694760 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-02-16 20:17 - 2013-07-28 11:48 - 27518208 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2014-02-16 20:17 - 2013-07-26 15:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-02-16 20:17 - 2013-07-24 11:07 - 02032896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-02-16 20:17 - 2013-07-23 16:40 - 03610880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2014-02-16 20:17 - 2013-07-23 16:40 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-02-16 20:17 - 2013-07-23 16:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-02-16 20:17 - 2013-07-23 16:39 - 01916672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2014-02-16 20:17 - 2013-07-23 16:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-02-16 20:17 - 2013-07-11 15:15 - 00557880 _____ () C:\WINDOWS\system32\audioLibVc.dll
2014-02-16 20:17 - 2013-06-25 13:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2014-02-16 20:17 - 2013-06-25 13:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2014-02-16 20:17 - 2013-06-25 13:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2014-02-16 20:17 - 2013-06-21 12:01 - 00109848 _____ () C:\WINDOWS\system32\AcpiServiceVnA64.dll
2014-02-16 20:17 - 2013-06-05 22:42 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-02-16 20:17 - 2013-04-24 18:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-02-16 20:17 - 2013-04-03 16:27 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC2.dat
2014-02-16 20:17 - 2013-04-03 16:26 - 00000520 _____ () C:\WINDOWS\system32\Drivers\RTEQEX2.dat
2014-02-16 20:17 - 2013-04-03 15:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2014-02-16 20:17 - 2013-03-27 10:56 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC1.dat
2014-02-16 20:17 - 2013-03-27 10:56 - 00000520 _____ () C:\WINDOWS\system32\Drivers\RTEQEX1.dat
2014-02-16 20:14 - 2014-02-16 20:14 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-02-16 20:14 - 2014-02-16 20:14 - 00000000 ____D () C:\Program Files (x86)\DTS, Inc
2014-02-16 20:14 - 2014-02-16 20:14 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-02-16 20:11 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-02-16 20:10 - 2014-02-17 19:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Genie9
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Genie9
2014-02-16 13:36 - 2014-02-16 13:36 - 00000000 ____D () C:\Program Files\NETGEAR
2014-02-16 13:32 - 2014-02-16 13:33 - 00002077 _____ () C:\Users\Public\Desktop\NETGEAR Genie.lnk
2014-02-16 13:32 - 2014-02-16 13:32 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2014-02-16 13:32 - 2014-02-16 13:32 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\packet.dll
2014-02-16 13:32 - 2014-02-16 13:32 - 00000000 ____D () C:\Program Files (x86)\NETGEAR Genie
2014-02-13 15:10 - 2014-02-13 15:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-02-13 14:59 - 2014-03-11 11:28 - 02022715 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-13 14:58 - 2014-02-13 14:58 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2014-02-13 14:44 - 2014-02-13 14:44 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-13 14:42 - 2014-02-25 00:10 - 00000000 ____D () C:\Users\Aaron
2014-02-13 14:42 - 2014-02-13 14:59 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-02-13 14:42 - 2014-02-13 14:59 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-02-13 14:37 - 2014-02-13 14:37 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-02-13 14:36 - 2014-02-25 22:59 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-13 14:36 - 2014-02-16 20:18 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-13 14:36 - 2014-02-13 14:36 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2014-02-13 14:36 - 2014-02-13 14:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-02-13 14:36 - 2014-02-13 14:36 - 00000000 ____D () C:\Program Files\Realtek
2014-02-13 14:36 - 2013-11-04 20:22 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-02-13 14:36 - 2013-11-04 20:22 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-02-13 14:35 - 2014-02-13 14:35 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-02-13 14:35 - 2014-02-13 14:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-02-13 14:35 - 2014-02-13 14:35 - 00000000 ____D () C:\Program Files\Synaptics
2014-02-13 14:33 - 2014-02-13 15:04 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-13 14:33 - 2014-02-13 14:33 - 00000000 __SHD () C:\Recovery
2014-02-13 14:32 - 2014-02-13 14:32 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 14:32 - 2014-02-13 14:32 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-13 14:31 - 2014-02-13 14:31 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 14:31 - 2014-02-13 14:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 14:30 - 2014-02-13 14:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 14:30 - 2014-02-13 14:30 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 14:30 - 2014-02-13 14:30 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 14:30 - 2014-02-13 14:30 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 14:29 - 2014-02-13 14:29 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 14:29 - 2014-02-13 14:29 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 14:28 - 2014-02-13 14:28 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-13 14:28 - 2014-02-13 14:28 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-13 14:28 - 2014-02-13 14:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-13 14:28 - 2014-02-13 14:28 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-13 14:28 - 2014-02-13 14:28 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-13 14:28 - 2014-02-13 14:28 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-13 14:27 - 2014-02-13 14:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-13 14:27 - 2014-02-13 14:27 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-13 14:27 - 2014-02-13 14:27 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-13 14:27 - 2014-02-13 14:27 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-13 14:27 - 2014-02-13 14:27 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-13 14:26 - 2014-02-13 14:26 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-13 14:26 - 2014-02-13 14:26 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-13 14:26 - 2014-02-13 14:26 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-13 14:24 - 2014-02-13 14:24 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-13 14:21 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-02-13 14:21 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-13 14:21 - 2013-08-02 21:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-02-13 14:21 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-02-13 14:21 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-13 14:21 - 2013-08-02 21:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-02-13 13:55 - 2014-02-13 14:59 - 00006617 _____ () C:\WINDOWS\comsetup.log
2014-02-13 09:51 - 2014-02-13 09:51 - 00003296 _____ () C:\WINDOWS\System32\Tasks\tracks eraser pro
2014-02-13 09:51 - 2014-02-13 09:51 - 00000000 ____D () C:\Program Files (x86)\Acesoft
2014-02-13 09:51 - 2012-12-18 19:46 - 00277504 _____ (Nektra S.A.) C:\WINDOWS\SysWOW64\oestore.dll
2014-02-13 09:51 - 2012-12-18 19:46 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TabCtl32.ocx
2014-02-13 09:51 - 2012-12-18 19:46 - 00132880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2014-02-13 09:51 - 2004-03-09 02:00 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-02-11 15:24 - 2014-03-05 00:06 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-11 15:24 - 2014-03-05 00:06 - 00000000 ____D () C:\ProgramData\Skype
2014-02-11 15:24 - 2014-02-13 03:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-10 02:51 - 2012-09-21 10:34 - 00366080 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BLL.dll
2014-02-10 02:51 - 2012-05-25 10:21 - 00282624 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BLC.dll
2014-02-10 02:51 - 2012-05-25 10:20 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BLI.dll
2014-02-10 02:51 - 2012-05-15 16:58 - 00098048 _____ () C:\WINDOWS\system32\CNC176BD.TBL
2014-02-10 02:51 - 2008-08-25 19:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2014-02-09 19:17 - 2008-10-09 09:55 - 00018816 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\WINDOWS\SysWOW64\Drivers\NTPAMp50.sys
2014-02-09 19:17 - 2008-10-09 09:55 - 00017536 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\WINDOWS\SysWOW64\Drivers\NtpaSp50.sys
2014-02-09 19:06 - 2014-03-05 16:17 - 00000435 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-02-09 18:09 - 2014-02-13 15:36 - 00000616 _____ () C:\WINDOWS\NetopiaEvents.log
2014-02-09 18:08 - 2014-02-25 04:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-09 18:07 - 2014-02-25 04:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-09 18:07 - 2014-02-13 15:36 - 00044544 _____ () C:\WINDOWS\Netopia3l.log
2014-02-09 18:07 - 2014-02-09 18:07 - 00003028 _____ () C:\WINDOWS\System32\Tasks\{303599C3-D58A-4CEC-BAFF-B1B99DE1F311}
2014-02-09 13:35 - 2014-02-09 13:35 - 00000952 _____ () C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2014-02-09 13:35 - 2014-02-09 13:35 - 00000000 ____D () C:\Program Files (x86)\Advanced IP Scanner
2014-02-09 10:14 - 2014-02-09 10:14 - 00001088 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-09 10:14 - 2014-02-09 10:14 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-09 10:13 - 2014-02-09 10:13 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-02-09 10:13 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2014-02-09 08:38 - 2014-03-07 21:05 - 00000000 ____D () C:\Users\Public\CyberLink
 
==================== One Month Modified Files and Folders =======
 
2014-03-11 18:24 - 2014-03-11 18:24 - 00024234 _____ () C:\Users\Aaron_2\Desktop\FRST.txt
2014-03-11 18:24 - 2014-03-05 22:31 - 00000000 ____D () C:\FRST
2014-03-11 18:23 - 2014-03-11 18:23 - 02157056 _____ (Farbar) C:\Users\Aaron_2\Desktop\FRST64 (1).exe
2014-03-11 17:58 - 2014-02-05 07:33 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-11 17:56 - 2014-01-13 23:40 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-11 17:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-11 14:25 - 2014-03-11 14:25 - 00003809 _____ () C:\Users\Aaron_2\Downloads\Top Consensus - 214-446-2223 - March 2014 QUERYRESULTS.csv
2014-03-11 12:09 - 2014-02-25 00:10 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2260241804-1812669088-548696763-1007
2014-03-11 11:56 - 2014-01-13 23:41 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-11 11:56 - 2014-01-13 23:40 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-11 11:28 - 2014-02-13 14:59 - 02022715 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-11 11:17 - 2014-03-11 11:17 - 00000782 _____ () C:\Users\Aaron_2\Desktop\JRT.txt
2014-03-11 11:17 - 2014-02-25 00:07 - 00000000 __RDO () C:\Users\Aaron_2\SkyDrive
2014-03-11 11:11 - 2013-11-14 00:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-11 11:10 - 2014-03-07 04:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-03-11 11:08 - 2014-03-07 02:12 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\.spotflux
2014-03-11 11:07 - 2014-03-07 04:08 - 00003104 _____ () C:\WINDOWS\System32\Tasks\Malwarebytes Anti-Exploit
2014-03-11 11:07 - 2014-03-07 04:08 - 00000508 _____ () C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job
2014-03-11 11:06 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-11 11:05 - 2013-11-14 00:20 - 00038032 _____ () C:\WINDOWS\PFRO.log
2014-03-11 11:05 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-11 11:04 - 2014-03-05 21:59 - 00000000 ____D () C:\AdwCleaner
2014-03-11 11:00 - 2014-03-11 11:00 - 01949184 _____ () C:\Users\Aaron_2\Desktop\AdwCleaner.exe
2014-03-11 10:58 - 2014-02-20 11:58 - 05777288 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 10:58 - 2014-02-05 07:33 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-11 07:44 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-10 23:53 - 2014-02-27 02:10 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\vlc
2014-03-09 19:03 - 2014-03-09 19:03 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-03-09 19:03 - 2013-08-22 07:46 - 00294236 _____ () C:\WINDOWS\setupact.log
2014-03-09 16:17 - 2014-03-09 16:17 - 00000138 _____ () C:\Users\Aaron_2\Desktop\MBR.zip
2014-03-09 16:01 - 2014-03-09 15:58 - 00003366 _____ () C:\Users\Aaron_2\Desktop\aswMBR.txt
2014-03-09 16:01 - 2014-03-09 15:58 - 00000512 _____ () C:\Users\Aaron_2\Desktop\MBR.dat
2014-03-09 15:54 - 2014-03-09 15:54 - 04745728 _____ (AVAST Software) C:\Users\Aaron_2\Downloads\aswMBR.exe
2014-03-08 13:28 - 2014-03-08 13:27 - 00000000 ____D () C:\Users\Aaron_2\Desktop\New folder
2014-03-08 01:56 - 2014-03-05 00:06 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Skype
2014-03-08 01:56 - 2014-02-25 00:05 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\VirtualStore
2014-03-08 01:07 - 2014-03-08 01:07 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedPcoptimizer
2014-03-08 01:07 - 2014-03-08 01:07 - 00000000 ____D () C:\Program Files (x86)\SpeedPcoptimizer
2014-03-07 21:41 - 2014-03-07 21:41 - 00301798 _____ () C:\Users\Aaron_2\Downloads\47_1394248447.wav
2014-03-07 21:05 - 2014-03-07 14:36 - 00000000 ____D () C:\Users\Aaron_2\Documents\CyberLink
2014-03-07 21:05 - 2014-02-09 08:38 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-07 17:42 - 2014-03-07 17:42 - 00001164 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-03-07 17:42 - 2014-03-07 17:42 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-03-07 17:42 - 2014-03-07 17:42 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-03-07 17:42 - 2014-03-05 21:43 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Yahoo!
2014-03-07 17:42 - 2014-03-04 02:06 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-03-07 17:40 - 2014-03-07 17:40 - 00692048 _____ (Yahoo! Inc.) C:\Users\Aaron_2\Downloads\msgr11us (1).exe
2014-03-07 12:24 - 2014-02-25 00:05 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Adobe
2014-03-07 04:08 - 2014-03-07 04:08 - 00000930 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-03-07 04:07 - 2014-03-07 04:07 - 14713592 _____ (Malwarebytes Corporation ) C:\Users\Aaron_2\Downloads\mbsb-setup-1.0.0.0010.exe
2014-03-07 04:07 - 2014-03-07 04:07 - 01768696 _____ (Malwarebytes ) C:\Users\Aaron_2\Desktop\mbae-setup-0.09.5.0250.exe
2014-03-07 04:05 - 2014-03-07 04:05 - 00982016 _____ (Farbar) C:\Users\Aaron_2\Desktop\MiniToolBox.exe
2014-03-07 04:02 - 2014-03-07 04:02 - 00003226 _____ () C:\WINDOWS\System32\Tasks\launchspotflux
2014-03-07 04:02 - 2014-03-07 04:02 - 00001908 _____ () C:\Users\Aaron_2\Desktop\Spotflux.lnk
2014-03-07 04:02 - 2014-03-07 04:02 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotflux
2014-03-07 04:02 - 2014-03-07 02:13 - 00000000 ____D () C:\Program Files (x86)\Spotflux
2014-03-07 03:58 - 2014-03-07 03:58 - 00000000 ____D () C:\Users\Aaron_2\.swt
2014-03-07 03:58 - 2014-02-24 23:47 - 00000000 ____D () C:\Users\Aaron_2
2014-03-07 02:27 - 2014-03-07 02:27 - 00000017 _____ () C:\Users\Aaron_2\AppData\Local\resmon.resmoncfg
2014-03-07 02:25 - 2014-03-07 02:25 - 00000055 _____ () C:\Users\Aaron_2\Documents\etger.txt
2014-03-07 02:13 - 2014-03-07 02:13 - 00000000 ____D () C:\ProgramData\spotflux
2014-03-07 02:12 - 2014-03-07 02:12 - 05646120 _____ () C:\Users\Aaron_2\Desktop\spotflux-2.9.20-315.exe
2014-03-07 02:09 - 2014-03-07 02:09 - 00000308 _____ () C:\Users\Aaron_2\advanced_ip_scanner_MAC.bin
2014-03-06 21:11 - 2014-03-05 07:15 - 00024315 _____ () C:\Users\Aaron_2\Desktop\Contract AgreementSigned.odt
2014-03-06 12:13 - 2014-03-06 12:13 - 00688992 ____R (Swearware) C:\Users\Aaron_2\Desktop\dds.scr
2014-03-06 11:55 - 2014-03-06 11:55 - 00003017 _____ () C:\Users\Aaron_2\Desktop\HiJackThis.lnk
2014-03-06 11:55 - 2014-03-06 11:55 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-06 11:55 - 2014-03-06 11:55 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-06 11:51 - 2014-03-06 11:51 - 00000000 ____D () C:\Trend Micro
2014-03-06 10:42 - 2014-03-06 10:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-06 10:41 - 2014-03-06 10:41 - 01037734 _____ (Thisisu) C:\Users\Aaron_2\Desktop\JRT.exe
2014-03-06 10:38 - 2014-03-06 10:37 - 01402880 _____ () C:\Users\Aaron_2\Desktop\HiJackThis.msi
2014-03-06 09:43 - 2014-03-06 09:43 - 00494386 _____ () C:\Users\Aaron_2\Downloads\25_1394118829.wav
2014-03-06 02:23 - 2014-03-05 22:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-06 01:31 - 2014-03-01 01:26 - 00000000 ____D () C:\Users\Aaron_2\iTunesDSM
2014-03-06 00:08 - 2014-03-06 00:08 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Aaron_2\Desktop\tdsskiller.exe
2014-03-06 00:08 - 2014-03-06 00:08 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Aaron_2\Desktop\rkill.exe
2014-03-06 00:07 - 2014-03-06 00:07 - 05187267 _____ (Swearware) C:\Users\Aaron_2\Desktop\ComboFix.exe
2014-03-06 00:07 - 2014-03-06 00:07 - 00602112 _____ (OldTimer Tools) C:\Users\Aaron_2\Downloads\OTL.exe
2014-03-06 00:07 - 2014-03-06 00:06 - 00448512 _____ (OldTimer Tools) C:\Users\Aaron_2\Desktop\TFC.exe
2014-03-05 23:54 - 2014-03-05 22:49 - 00000000 ____D () C:\Users\Aaron_2\Desktop\mbar
2014-03-05 23:51 - 2014-03-05 22:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-05 23:22 - 2014-03-05 23:22 - 04745728 _____ (AVAST Software) C:\Users\Aaron_2\Desktop\aswMBR.exe
2014-03-05 22:49 - 2014-03-05 22:43 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 22:48 - 2014-03-05 22:48 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Aaron_2\Downloads\mbar-1.07.0.1009.exe
2014-03-05 22:45 - 2014-03-05 22:20 - 678186548 _____ () C:\WINDOWS\MEMORY.DMP
2014-03-05 22:32 - 2014-03-05 22:31 - 00126874 _____ () C:\Users\Aaron_2\Downloads\FRST.txt
2014-03-05 22:32 - 2014-03-05 22:31 - 00036372 _____ () C:\Users\Aaron_2\Downloads\Addition.txt
2014-03-05 22:29 - 2014-03-05 22:29 - 02156544 _____ (Farbar) C:\Users\Aaron_2\Downloads\FRST64.exe
2014-03-05 22:17 - 2014-03-05 22:14 - 00000000 ____D () C:\Users\Aaron_2\Downloads\mbam-chameleon-1.62.1.1000
2014-03-05 22:14 - 2014-03-05 22:14 - 01440846 _____ () C:\Users\Aaron_2\Downloads\mbam-chameleon-1.62.1.1000.zip
2014-03-05 21:54 - 2014-03-05 21:54 - 00930952 _____ (CNET Download.com) C:\Users\Aaron_2\Desktop\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe
2014-03-05 21:44 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-05 21:41 - 2014-03-01 01:26 - 00000000 ____D () C:\Program Files (x86)\iTunesDSM
2014-03-05 21:41 - 2013-08-22 07:44 - 02038000 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-05 19:20 - 2014-03-05 19:20 - 00762085 _____ () C:\Users\Aaron_2\Downloads\MyFontsWebfontsKit.zip
2014-03-05 19:20 - 2014-03-05 19:20 - 00350404 _____ () C:\Users\Aaron_2\Downloads\Familiar Pro 8.zip
2014-03-05 19:20 - 2014-03-05 19:20 - 00000000 ____D () C:\Users\Aaron_2\Downloads\MyFontsWebfontsKit
2014-03-05 16:17 - 2014-02-09 19:06 - 00000435 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-03-05 15:34 - 2014-03-05 15:34 - 00106201 _____ () C:\Users\Aaron_2\Downloads\welcome_image.psd
2014-03-05 15:34 - 2014-02-25 05:08 - 00000132 _____ () C:\Users\Aaron_2\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-03-05 13:07 - 2014-03-05 13:07 - 00000000 ____D () C:\Users\Aaron_2\Downloads\please-write-me-a-song
2014-03-05 13:07 - 2014-03-05 13:07 - 00000000 ____D () C:\Users\Aaron_2\Downloads\asenine
2014-03-05 13:06 - 2014-03-05 13:06 - 00000000 ____D () C:\Users\Aaron_2\Downloads\street
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\Aaron_2\Downloads\aster
2014-03-05 12:41 - 2014-03-05 12:40 - 01051813 _____ () C:\Users\Aaron_2\Downloads\street (1).zip
2014-03-05 12:40 - 2014-03-05 12:40 - 00104627 _____ () C:\Users\Aaron_2\Downloads\asenine.zip
2014-03-05 12:36 - 2014-03-05 12:36 - 00085084 _____ () C:\Users\Aaron_2\Downloads\please-write-me-a-song.zip
2014-03-05 12:32 - 2014-03-05 12:32 - 01051813 _____ () C:\Users\Aaron_2\Downloads\street.zip
2014-03-05 12:30 - 2014-03-05 12:30 - 00054186 _____ () C:\Users\Aaron_2\Downloads\aster.zip
2014-03-05 12:27 - 2014-03-05 12:27 - 00089535 _____ () C:\Users\Aaron_2\Downloads\shade-of-adelyne.zip
2014-03-05 12:27 - 2014-03-05 12:26 - 00248725 _____ () C:\Users\Aaron_2\Downloads\neovix-basic.zip
2014-03-05 12:26 - 2014-03-05 12:26 - 00009691 _____ () C:\Users\Aaron_2\Downloads\sanseriffic.zip
2014-03-05 07:00 - 2014-03-05 07:00 - 00024225 _____ () C:\Users\Aaron_2\Downloads\Contract Agreement.odt
2014-03-05 00:06 - 2014-03-05 00:06 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Skype
2014-03-05 00:06 - 2014-02-11 15:24 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 00:06 - 2014-02-11 15:24 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 21:43 - 2014-03-04 21:34 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\WindSolutions
2014-03-04 21:43 - 2014-03-04 20:34 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-03-04 21:43 - 2014-02-25 19:40 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\CrashDumps
2014-03-04 21:40 - 2014-03-04 21:40 - 04473792 _____ (WindSolutions) C:\Users\Aaron_2\Downloads\Install_CopyTrans_Suite.exe
2014-03-04 21:40 - 2014-03-04 21:40 - 00001428 _____ () C:\Users\Aaron_2\Desktop\CopyTrans Control Center.lnk
2014-03-04 21:40 - 2014-03-04 21:40 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2014-03-04 21:37 - 2014-03-04 20:34 - 00000000 ____D () C:\Users\Aaron_2\Downloads\CopyTransTuneTasticv0.734
2014-03-04 21:08 - 2014-02-27 01:18 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\NETGEARGenie
2014-03-04 20:34 - 2014-03-04 20:34 - 06222396 _____ () C:\Users\Aaron_2\Downloads\CopyTransTuneTasticv0.734.zip
2014-03-04 20:33 - 2014-03-04 20:33 - 04685824 _____ () C:\Users\Aaron_2\Downloads\TuneSweeperNET4.msi
2014-03-04 10:08 - 2014-03-04 10:08 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\CyberLink
2014-03-04 05:43 - 2014-03-04 05:43 - 04987736 _____ (Adobe Systems Inc.) C:\Users\Aaron_2\Downloads\Shockwave_Installer_Slim.exe
2014-03-04 05:43 - 2014-03-04 05:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-04 02:32 - 2014-03-04 02:32 - 27261142 _____ () C:\Users\Aaron_2\Desktop\IMG_0175.zip
2014-03-04 02:17 - 2014-02-25 00:50 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Google
2014-03-04 02:06 - 2014-03-04 02:06 - 00692048 _____ (Yahoo! Inc.) C:\Users\Aaron_2\Downloads\msgr11us.exe
2014-03-03 23:16 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Aaron_2\Desktop\860OKMZO
2014-03-03 23:10 - 2014-03-03 23:01 - 00000218 ____H () C:\Users\Aaron_2\Downloads\.picasa.ini
2014-03-02 10:28 - 2014-03-02 10:28 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 10:28 - 2014-03-02 10:27 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 10:28 - 2014-02-28 06:34 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Apple Computer
2014-03-02 10:28 - 2014-02-25 00:06 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Apple Computer
2014-03-02 10:27 - 2014-03-02 10:27 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 10:27 - 2014-03-02 10:27 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 10:27 - 2014-03-02 10:27 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 10:27 - 2014-01-20 01:46 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-02 09:25 - 2014-03-02 09:24 - 148885840 _____ (Apple Inc.) C:\Users\Aaron_2\Downloads\iTunes64Setup.exe
2014-03-01 23:14 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Aaron_2\Desktop\823WGTMA
2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Aaron_2\Desktop\992MTWED
2014-03-01 07:17 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-03-01 04:49 - 2014-03-01 04:47 - 00003584 _____ () C:\Users\Aaron_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-01 01:30 - 2014-01-14 11:07 - 00000000 ____D () C:\Users\Aaron_2\Desktop\iTunes
2014-03-01 01:30 - 2014-01-14 11:03 - 00000000 ____D () C:\Users\Aaron_2\Desktop\iTunes2
2014-03-01 01:25 - 2014-03-01 01:25 - 01189073 _____ () C:\Users\Aaron_2\Downloads\iTunesDSM_0.9.6_Setup.exe
2014-02-28 06:40 - 2014-02-28 06:40 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-28 06:40 - 2014-02-08 19:08 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-28 06:38 - 2014-01-20 01:45 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-28 06:37 - 2014-02-28 06:36 - 70638408 _____ (Apple Inc.) C:\Users\Aaron_2\Downloads\iCloudSetup.exe
2014-02-28 01:20 - 2014-02-28 01:20 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Oracle
2014-02-28 01:19 - 2014-02-28 01:19 - 00000000 ____D () C:\ProgramData\Sun
2014-02-28 01:19 - 2014-02-28 01:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-28 01:18 - 2014-02-28 01:19 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00921000 _____ (Oracle Corporation) C:\Users\Aaron_2\Downloads\chromeinstall-7u51 (1).exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-02-28 01:18 - 2014-02-28 01:18 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-02-28 01:18 - 2014-02-28 01:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-28 01:17 - 2014-02-28 01:17 - 00921000 _____ (Oracle Corporation) C:\Users\Aaron_2\Downloads\chromeinstall-7u51.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-02-28 01:13 - 2014-02-28 01:13 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-02-28 01:13 - 2014-02-28 01:13 - 00000000 ____D () C:\Program Files\Java
2014-02-28 01:12 - 2014-02-28 01:11 - 30796712 _____ (Oracle Corporation) C:\Users\Aaron_2\Downloads\jre-7u51-windows-x64.exe
2014-02-27 01:55 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-27 01:17 - 2014-02-27 01:17 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Mozilla
2014-02-27 01:17 - 2014-02-27 01:17 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Mozilla
2014-02-26 09:37 - 2014-02-26 09:37 - 00159960 _____ () C:\Users\Aaron_2\Downloads\banner_image.psd
2014-02-26 00:27 - 2014-02-26 00:27 - 00003502 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-aaronmbaker@hotmail.com
2014-02-25 22:59 - 2014-02-13 14:36 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-25 22:54 - 2014-02-25 22:54 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\OpenOffice
2014-02-25 22:53 - 2014-02-25 22:53 - 00000044 _____ () C:\Users\Aaron_2\Documents\user.txt
2014-02-25 22:53 - 2014-02-25 22:53 - 00000044 _____ () C:\Users\Aaron_2\Documents\dgdfg.txt
2014-02-25 14:44 - 2014-02-25 14:44 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Apple
2014-02-25 11:04 - 2014-02-25 00:06 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Adobe
2014-02-25 05:24 - 2014-02-25 05:24 - 00047745 _____ () C:\Users\Aaron_2\Downloads\Untitled-2.psd
2014-02-25 04:36 - 2014-02-25 04:36 - 00319841 _____ () C:\Users\Aaron_2\Downloads\Thesis Skin Editor.htm
2014-02-25 04:36 - 2014-02-25 04:36 - 00000000 ____D () C:\Users\Aaron_2\Downloads\Thesis Skin Editor_files
2014-02-25 04:35 - 2014-01-22 20:49 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-25 04:34 - 2014-02-25 04:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-25 04:33 - 2014-02-09 18:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-25 04:29 - 2014-02-09 18:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-25 04:28 - 2014-02-25 04:28 - 00001912 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2014-02-25 00:50 - 2014-02-25 00:50 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Malwarebytes
2014-02-25 00:15 - 2014-02-25 00:15 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\VS Revo Group
2014-02-25 00:10 - 2014-02-13 14:42 - 00000000 ____D () C:\Users\Aaron
2014-02-25 00:09 - 2014-02-25 00:09 - 00000000 ____D () C:\Users\Aaron_2\Desktop\LAPTOP
2014-02-25 00:06 - 2014-02-25 00:04 - 00000000 ____D () C:\Users\Aaron_2\AppData\Local\Packages
2014-02-25 00:05 - 2014-02-25 00:05 - 00001453 _____ () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-25 00:05 - 2014-02-25 00:05 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-25 00:05 - 2014-02-24 23:47 - 00000000 ___RD () C:\Users\Aaron_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-24 23:47 - 2014-02-24 23:47 - 00000020 ___SH () C:\Users\Aaron_2\ntuser.ini
2014-02-24 13:16 - 2014-01-10 20:43 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2260241804-1812669088-548696763-1001
2014-02-18 02:07 - 2014-02-18 02:07 - 00000000 ____D () C:\SymCache
2014-02-17 19:30 - 2014-02-17 19:30 - 00000000 ____D () C:\ProgramData\WindowsPerformanceRecorder
2014-02-17 19:21 - 2014-02-17 19:21 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-02-17 19:20 - 2014-02-17 19:20 - 00000000 ____D () C:\Program Files\Application Verifier
2014-02-17 19:20 - 2014-02-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-02-17 19:20 - 2014-02-17 19:20 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-02-17 19:19 - 2014-02-17 19:19 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-02-17 19:19 - 2014-02-16 20:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-17 14:00 - 2013-08-22 08:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 14:00 - 2013-08-22 08:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 20:24 - 2014-02-16 20:24 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-16 20:24 - 2014-02-16 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 20:24 - 2014-02-16 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 20:18 - 2014-02-16 20:18 - 00003130 _____ () C:\WINDOWS\System32\Tasks\RTKCPL
2014-02-16 20:18 - 2014-02-16 20:18 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-16 20:18 - 2014-02-13 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-16 20:14 - 2014-02-16 20:14 - 00000000 ____D () C:\ProgramData\SRS Labs
2014-02-16 20:14 - 2014-02-16 20:14 - 00000000 ____D () C:\Program Files (x86)\DTS, Inc
2014-02-16 20:14 - 2014-02-16 20:14 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-02-16 20:13 - 2013-05-10 21:49 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-02-16 20:13 - 2013-04-09 21:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 20:11 - 2013-04-09 21:41 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-02-16 20:10 - 2013-05-10 21:52 - 00067900 _____ () C:\WINDOWS\DPINST.LOG
2014-02-16 18:54 - 2013-05-10 21:43 - 00000000 ____D () C:\Program Files\Intel
2014-02-16 18:53 - 2013-04-09 22:30 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-02-16 18:43 - 2014-02-24 23:47 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Genie9
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Genie9
2014-02-16 18:43 - 2014-02-16 18:43 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Genie9
2014-02-16 13:36 - 2014-02-16 13:36 - 00000000 ____D () C:\Program Files\NETGEAR
2014-02-16 13:33 - 2014-02-16 13:32 - 00002077 _____ () C:\Users\Public\Desktop\NETGEAR Genie.lnk
2014-02-16 13:32 - 2014-02-16 13:32 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2014-02-16 13:32 - 2014-02-16 13:32 - 00096784 _____ (CACE Technologies, Inc.) C:\WINDOWS\SysWOW64\packet.dll
2014-02-16 13:32 - 2014-02-16 13:32 - 00000000 ____D () C:\Program Files (x86)\NETGEAR Genie
2014-02-16 13:32 - 2013-02-28 18:49 - 00369168 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\wpcap.dll
2014-02-16 13:32 - 2013-02-28 18:49 - 00106000 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\packet.dll
2014-02-16 13:32 - 2013-02-28 18:49 - 00035344 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2014-02-15 22:56 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-02-13 17:51 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-13 15:36 - 2014-02-09 18:09 - 00000616 _____ () C:\WINDOWS\NetopiaEvents.log
2014-02-13 15:36 - 2014-02-09 18:07 - 00044544 _____ () C:\WINDOWS\Netopia3l.log
2014-02-13 15:10 - 2014-02-13 15:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-02-13 15:07 - 2014-01-10 07:44 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-02-13 15:04 - 2014-02-13 14:33 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-13 15:04 - 2014-01-17 10:57 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-13 15:01 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-13 14:59 - 2014-02-13 14:42 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-02-13 14:59 - 2014-02-13 14:42 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-02-13 14:59 - 2014-02-13 13:55 - 00006617 _____ () C:\WINDOWS\comsetup.log
2014-02-13 14:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-13 14:58 - 2014-02-13 14:58 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-13 14:55 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-02-13 14:55 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-13 14:49 - 2014-01-29 12:30 - 00000000 ____D () C:\WINDOWS\en
2014-02-13 14:49 - 2013-11-14 00:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-02-13 14:49 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-02-13 14:49 - 2013-05-10 21:50 - 00000000 ____D () C:\WINDOWS\SysWOW64\Atheros_L1e
2014-02-13 14:46 - 2014-02-24 23:47 - 00000000 ____D () C:\Users\Aaron_2\AppData\Roaming\Macromedia
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-13 14:46 - 2014-02-13 14:46 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2014-02-13 14:46 - 2013-11-14 00:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-02-13 14:46 - 2013-11-14 00:14 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-02-13 14:46 - 2013-08-22 08:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-02-13 14:46 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-02-13 14:46 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-02-13 14:46 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-13 14:46 - 2013-05-10 21:53 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-02-13 14:46 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-13 14:45 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\IME
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Help
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-13 14:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-13 14:45 - 2013-04-09 19:48 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-13 14:44 - 2014-02-13 14:44 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-13 14:43 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-02-13 14:37 - 2014-02-13 14:37 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-02-13 14:36 - 2014-02-13 14:36 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2014-02-13 14:36 - 2014-02-13 14:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-02-13 14:36 - 2014-02-13 14:36 - 00000000 ____D () C:\Program Files\Realtek
2014-02-13 14:35 - 2014-02-13 14:35 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-02-13 14:35 - 2014-02-13 14:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-02-13 14:35 - 2014-02-13 14:35 - 00000000 ____D () C:\Program Files\Synaptics
2014-02-13 14:34 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2014-02-13 14:33 - 2014-02-13 14:33 - 00000000 __SHD () C:\Recovery
2014-02-13 14:32 - 2014-02-13 14:32 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 14:32 - 2014-02-13 14:32 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 14:32 - 2013-08-22 08:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-02-13 14:31 - 2014-02-13 14:31 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-13 14:31 - 2014-02-13 14:31 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-13 14:31 - 2014-02-13 14:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 14:31 - 2014-02-13 14:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 14:31 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-13 14:30 - 2014-02-13 14:30 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 14:30 - 2014-02-13 14:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 14:30 - 2014-02-13 14:30 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 14:30 - 2014-02-13 14:30 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 14:30 - 2014-02-13 14:30 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 14:30 - 2014-02-13 14:30 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 14:30 - 2014-02-13 14:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 14:29 - 2014-02-13 14:29 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 14:29 - 2014-02-13 14:29 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 14:29 - 2014-02-13 14:29 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 14:29 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-13 14:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 14:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 14:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 14:28 - 2014-02-13 14:28 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-13 14:28 - 2014-02-13 14:28 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-13 14:28 - 2014-02-13 14:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-13 14:28 - 2014-02-13 14:28 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-13 14:28 - 2014-02-13 14:28 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-13 14:28 - 2014-02-13 14:28 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-13 14:28 - 2014-02-13 14:28 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-13 14:28 - 2014-02-13 14:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-13 14:28 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-13 14:28 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-13 14:27 - 2014-02-13 14:27 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-13 14:27 - 2014-02-13 14:27 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-13 14:27 - 2014-02-13 14:27 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-13 14:27 - 2014-02-13 14:27 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-13 14:27 - 2014-02-13 14:27 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-13 14:27 - 2014-02-13 14:27 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-13 14:26 - 2014-02-13 14:26 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-13 14:26 - 2014-02-13 14:26 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-13 14:26 - 2014-02-13 14:26 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-13 14:26 - 2014-02-13 14:26 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-13 14:26 - 2014-02-13 14:26 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-13 14:26 - 2014-02-13 14:26 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-13 14:24 - 2014-02-13 14:24 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-13 14:22 - 2014-02-13 14:22 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-13 14:08 - 2014-01-10 07:42 - 01619790 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-02-13 13:38 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-13 10:15 - 2014-01-19 03:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-13 10:14 - 2014-01-19 03:19 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-13 09:51 - 2014-02-13 09:51 - 00003296 _____ () C:\WINDOWS\System32\Tasks\tracks eraser pro
2014-02-13 09:51 - 2014-02-13 09:51 - 00000000 ____D () C:\Program Files (x86)\Acesoft
2014-02-13 03:25 - 2014-02-11 15:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-12 12:51 - 2014-01-13 23:40 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 12:51 - 2014-01-13 23:40 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-09 18:07 - 2014-02-09 18:07 - 00003028 _____ () C:\WINDOWS\System32\Tasks\{303599C3-D58A-4CEC-BAFF-B1B99DE1F311}
2014-02-09 13:35 - 2014-02-09 13:35 - 00000952 _____ () C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2014-02-09 13:35 - 2014-02-09 13:35 - 00000000 ____D () C:\Program Files (x86)\Advanced IP Scanner
2014-02-09 10:33 - 2014-01-27 14:19 - 00000000 ____D () C:\Program Files (x86)\FTR
2014-02-09 10:14 - 2014-02-09 10:14 - 00001088 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-09 10:14 - 2014-02-09 10:14 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-09 10:13 - 2014-02-09 10:13 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-02-09 08:48 - 2014-02-08 20:08 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-09 08:14 - 2014-02-08 20:08 - 00000000 ____D () C:\ProgramData\install_clap
2014-02-09 07:54 - 2014-02-08 20:11 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
 
Some content of TEMP:
====================
C:\Users\Aaron_2\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-11 11:51
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2014
Ran by Aaron_2 at 2014-03-11 18:37:34
Running from C:\Users\Aaron_2\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier Edition (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden
Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced IP Scanner 2.3 (HKLM-x32\...\{A02F51A7-1982-4B69-8BD3-7D2B86179752}) (Version: 2.3.2161 - Famatech)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.100.25984 - Microsoft) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2420.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2420.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 Content Pack Essential (HKLM-x32\...\InstallShield_{7651DEE1-8B0D-41A0-90B8-D6D48380FE37}) (Version: 12 - CyberLink Corp.)
CyberLink PowerDirector 12 Content Pack Essential (x32 Version: 12 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 Content Pack Premium (HKLM-x32\...\InstallShield_{0219CB86-A833-4581-8FF1-78F303F93AC3}) (Version: 12 - CyberLink Corp.)
CyberLink PowerDirector 12 Content Pack Premium (x32 Version: 12 - CyberLink Corp.) Hidden
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.4203 - CyberLink Corp.)
CyberLink WaveEditor 2 (x32 Version: 2.0.4203 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Exploit version 0.09.5.0250 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 0.09.5.0250 - Malwarebytes)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyVideoConverter Pro 3.14 (HKLM-x32\...\MyVideoConverter Pro) (Version: 3.14 - MySoft, Inc.)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.16 - NETGEAR Inc.)
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for PowerDirector (HKLM\...\NewBlue Video Essentials II for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for PowerDirector (HKLM\...\NewBlue Video Essentials III for Cyberlink) (Version: 3.0 - NewBlue)
Norton 360 (HKLM-x32\...\N360) (Version: 21.1.0.18 - Symantec Corporation)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.38.0 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 3.0 - Genie9)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
SDK Debuggers (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Speed Tracks Eraser (HKLM-x32\...\Speed Tracks Eraser) (Version:  - )
Spotflux (HKLM-x32\...\Spotflux) (Version: 2.9.20 - Spotflux)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.10.4 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.0.0.7 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102  - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Tracks Eraser Pro v8.9 build 1000 (HKLM-x32\...\Tracks Eraser Pro_is1) (Version:  - Acesoft, Inc.)
Uninstall EASIS Data Recovery (HKLM-x32\...\{5A399860-BBC3-4FA2-976E-FBE94A0C62E3}_is1) (Version: 4.4.1 - EASIS Technologies)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (x32 Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{2fc72c67-2837-46c2-b20a-9acb0d3cb2b2}) (Version: 8.100.25984 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
WPT Redistributables (x32 Version: 8.100.25984 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.25984 - Microsoft) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
 
==================== Restore Points  =========================
 
02-03-2014 09:35:28 Revo Uninstaller Pro's restore point - iTunes
02-03-2014 17:26:30 Installed iTunes
05-03-2014 03:16:09 Revo Uninstaller Pro's restore point - iTunesDSM
05-03-2014 03:19:31 Revo Uninstaller Pro's restore point - iTunesDSM
05-03-2014 03:21:34 Revo Uninstaller Pro's restore point - TheBestSpinner3
06-03-2014 08:01:01 Revo Uninstaller Pro's restore point - Yahoo! Messenger
06-03-2014 17:39:00 Installed HiJackThis
06-03-2014 18:51:06 Installed HiJackThis
06-03-2014 18:54:31 Revo Uninstaller Pro's restore point - HiJackThis
06-03-2014 18:54:50 Removed HiJackThis
06-03-2014 18:55:44 Installed HiJackThis
07-03-2014 11:00:56 Revo Uninstaller Pro's restore point - Spotflux
 
==================== Hosts content: ==========================
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2B440695-D940-444E-BC19-186B4AF2746A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-06] (Synaptics Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {333E0675-9C97-43F8-B8AA-4E6A1FD4E326} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3785D248-A640-4B7A-BE21-887325E57A6C} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-aaronmbaker@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {415770BB-6EF7-4EF1-8F33-4474AD45DE78} - System32\Tasks\tracks eraser pro => c:\program files\acesoft\tracks eraser pro\te.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {54AF7254-0399-42D0-8849-F437710CE856} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {5DFD388B-08D8-4062-AD41-1D8373F4DC83} - System32\Tasks\Norton PCCU OOBE Mode => C:\Program Files (x86)\PC Checkup\OOBEHelper.exe [2013-01-31] (Symantec Corporation)
Task: {64F5DB05-C469-4DE1-99E1-88BE0573B2DB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-21] (Realtek Semiconductor)
Task: {68A1D442-7458-4102-86F5-ACC4E7E920E8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {720BF560-7FCD-4E7B-B9CD-C0DA0DE0B626} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {92A26E73-3740-4940-BFF3-B264C30AE6BD} - System32\Tasks\launchspotflux => C:\Program Files (x86)\Spotflux\spotflux.exe [2014-01-20] ()
Task: {92B87651-42BE-4A64-AB31-2CDC5578EDE5} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {99EAE10D-9441-4E37-89AA-FA4587D72B05} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A091C8D-3044-4688-86ED-3D7C576E21ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A25E666B-6DF1-4493-A260-8F4F383C8159} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {B431D72D-4875-4B2C-A52A-903D1EEFF644} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {BF7958A2-60F2-42F5-BF6D-7E081F408FB9} - System32\Tasks\Malwarebytes Anti-Exploit => C:\Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe [2013-12-17] (Malwarebytes Corporation)
Task: {C40D1455-D48E-43E7-AB2E-A7450D69F49F} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6B98F0A-CC0A-4C68-8908-8915B36484F8} - System32\Tasks\AdobeAAMUpdater-1.0-laptop-Aaron => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-10 13:54 - 2013-09-10 13:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-02-08 20:12 - 2012-08-08 22:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-09-17 02:59 - 2013-09-17 02:59 - 01357328 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe
2013-08-29 00:08 - 2013-08-29 00:08 - 00063488 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00087040 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00209920 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00490496 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll
2013-08-01 02:36 - 2013-08-01 02:36 - 00045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll
2013-08-01 02:36 - 2013-08-01 02:36 - 00058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll
2012-02-02 02:16 - 2012-02-02 02:16 - 00740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll
2013-08-01 02:36 - 2013-08-01 02:36 - 00089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll
2013-02-03 04:40 - 2013-02-03 04:40 - 00011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll
2013-08-01 02:36 - 2013-08-01 02:36 - 00093696 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll
2013-11-04 20:22 - 2013-11-04 20:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-16 13:36 - 2013-08-29 00:08 - 00163328 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl
2014-02-16 13:36 - 2013-08-01 02:36 - 00045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00209920 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
2014-02-16 13:36 - 2013-08-01 02:36 - 00089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00490496 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00710144 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.gtl
2014-02-16 13:36 - 2012-02-02 02:16 - 00740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
2014-02-16 13:36 - 2013-02-03 04:40 - 00011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00370688 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.gtl
2014-02-16 13:36 - 2013-08-29 00:08 - 00087040 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.gtl
2014-02-16 13:36 - 2013-02-03 04:40 - 00010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.gtl
2014-02-16 13:36 - 2013-08-01 02:36 - 00058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.gtl
2013-02-03 02:21 - 2013-02-03 02:21 - 00045056 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
2013-02-03 02:21 - 2013-02-03 02:21 - 00097792 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00710144 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00370688 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.dll
2013-08-29 00:08 - 2013-08-29 00:08 - 00054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.dll
2013-02-03 04:40 - 2013-02-03 04:40 - 00010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-05-10 21:43 - 2013-01-14 10:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-03-04 01:58 - 2014-03-01 19:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 01:58 - 2014-03-01 19:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 01:58 - 2014-03-01 19:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 01:58 - 2014-03-01 19:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 01:58 - 2014-03-01 19:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 01:58 - 2014-03-01 19:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Aaron_2\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/11/2014 00:43:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 4.0.3.300, time stamp: 0x521db6c9
Faulting module name: ntdll.dll, version: 6.3.9600.16408, time stamp: 0x523d5305
Exception code: 0xc0000005
Fault offset: 0x000000000004bb96
Faulting process id: 0x1640
Faulting application start time: 0xGenieTimelineService.exe0
Faulting application path: GenieTimelineService.exe1
Faulting module path: GenieTimelineService.exe2
Report Id: GenieTimelineService.exe3
Faulting package full name: GenieTimelineService.exe4
Faulting package-relative application ID: GenieTimelineService.exe5
 
Error: (03/11/2014 00:40:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 4.0.3.300, time stamp: 0x521db6c9
Faulting module name: ntdll.dll, version: 6.3.9600.16408, time stamp: 0x523d5305
Exception code: 0xc0000005
Fault offset: 0x000000000004bb96
Faulting process id: 0x5f8
Faulting application start time: 0xGenieTimelineService.exe0
Faulting application path: GenieTimelineService.exe1
Faulting module path: GenieTimelineService.exe2
Report Id: GenieTimelineService.exe3
Faulting package full name: GenieTimelineService.exe4
Faulting package-relative application ID: GenieTimelineService.exe5
 
Error: (03/11/2014 11:59:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
 
Error: (03/11/2014 11:57:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
 
 
System errors:
=============
Error: (03/11/2014 06:25:40 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:25:10 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:24:40 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:24:10 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:19:35 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:19:05 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:18:35 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:18:05 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:17:35 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/11/2014 06:17:05 PM) (Source: DCOM) (User: LAPTOP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (03/11/2014 00:43:48 PM) (Source: Application Error)(User: )
Description: GenieTimelineService.exe4.0.3.300521db6c9ntdll.dll6.3.9600.16408523d5305c0000005000000000004bb96164001cf3d61bc94ee65C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exeC:\WINDOWS\SYSTEM32\ntdll.dll76a428e5-a955-11e3-be99-008cfa4b5331
 
Error: (03/11/2014 00:40:07 PM) (Source: Application Error)(User: )
Description: GenieTimelineService.exe4.0.3.300521db6c9ntdll.dll6.3.9600.16408523d5305c0000005000000000004bb965f801cf3d54a5d0f291C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exeC:\WINDOWS\SYSTEM32\ntdll.dllf281ac54-a954-11e3-be99-008cfa4b5331
 
Error: (03/11/2014 11:59:40 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Program Files\NETGEAR\ReadySHARE Vault\x86\GenieTimeLineAgent.exe
 
Error: (03/11/2014 11:57:58 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Program Files\NETGEAR\ReadySHARE Vault\x86\GenieTimeLineAgent.exe
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 31%
Total physical RAM: 6023.27 MB
Available physical RAM: 4125.17 MB
Total Pagefile: 12167.27 MB
Available Pagefile: 10126.99 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (TI10664600G) (Fixed) (Total:453.55 GB) (Free:313.44 GB) NTFS
Drive f: () (Removable) (Total:14.83 GB) (Free:4.48 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#13 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:03 AM

Posted 12 March 2014 - 06:15 AM

I don't see anything wrong with the log. The only thing that is suspicious to me that makes the whole computer lag is Norton. In my experience, Norton has been hogging a lot of PCs that I've encountered.

I want to do a little test but I'm not sure if you're willing to or not. I'm thinking of uninstalling it for a short moment and see if there's any improvement.

Did you purchase the license for it or it came with the computer?

Edited by Conspire, 12 March 2014 - 06:15 AM.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#14 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 12 March 2014 - 09:30 PM

You are probably right, but it doesn't behave like nothing is wrong.

 

I purchased the license for Norton separately.  I am not using the version that came with this laptop.

 

I am willing to do whatever, but I must say that I remain convinced there is a problem.  I get lots of time-out's and freezing browsing the internet.  I experience parts of the screen flashing quickly when a page first starts to load sometimes.  It can be excruciating slow and the speed is consistently inconsistent.  Here is another thing that troubles me...

 

When I restart, the login screen that appears is not the one I use.  Not only that, it says that I already entered an incorrect password when I haven't entered anything.  I'm attaching a photo of this weirdness.  I have to backout, push the arrow button that points left to get to where I can select the profile I use.  I never created a profile called "other user" that is one of the options, but more importantly i never attempted to login so why does it say I entered an incorrect password?  It doesn't make any sense to me at all.  

 

Finally I am going to attach the txt file a log in Windows/Security/Logs labeled "scesetup"  that to my untrained eye screams trouble.  What the hell is this log if not something unwanted?  

 

It really feels like something is wrong.  Perhaps it's just very well hidden?  Why are there so many partitions of my hard drive, for instance?  I don't remember ever doing that, but it might have something to do with updating to Windows 8.1.  

 

Having said all that for you to consider, I am happy to experiment with Norton.

Attached Files



#15 desertized

desertized
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 12 March 2014 - 09:46 PM

Here is a typical example.  I was sitting here reading something and up pops a Norton Performance Alert. I get these a lot and they are always complaining of high disk usage.  In this case it was a warning for Malwarbytes.  I wasn't running a scan or using it myself, but in the details of this alert for PID 1672 the red highlighted section for Disk Read Activity is 2,122 MB. Everything else says normal.

 

Maybe it does have something to do with Norton because I get these performance alerts all the time for activities that don't seem particularly cumbersome.  This is the first for Malwarebytes though and I'm curious what it was doing that prompted the alert.

 

Just trying to add details of what I am experiencing... Thanks


Edited by desertized, 12 March 2014 - 09:49 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users