Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ad Choice infection


  • This topic is locked This topic is locked
23 replies to this topic

#1 trnsprt

trnsprt

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 25 March 2014 - 10:12 AM

Hello

 

I've had trouble with Ad Choice pop ups.  I have run a number of removal tools for malware and followed the on line advice that you can find by googleing Ad Choice malware removal.  But nothing seems to help.  I would love to receive some assistance with this problem. Thank you in advance.



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 25 March 2014 - 10:29 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

What´s your Internet Service Provider?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 25 March 2014 - 11:00 AM

Ok, thank you Marius.



#4 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 25 March 2014 - 11:03 AM

My ISP is Verizon FIOS.



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 25 March 2014 - 11:06 AM

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 25 March 2014 - 11:23 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Mabrey Family (administrator) on COMPUREX2 on 25-03-2014 12:18:02
Running from C:\Users\Mabrey Family\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Adobe Systems Incorporated) c:\Program Files x86\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTsvcCDA.EXE
() C:\Program Files\DCE\dce.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\esClient.exe
(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() c:\Program Files x86\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\WHSConnector.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Home Server\WHSTrayApp.exe
(Dropbox, Inc.) C:\Users\Mabrey Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
() C:\$RECYCLE.BIN\S-1-5-21-2439817470-3289111343-960963232-1000\PEV.DAT
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Mabrey Family\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [AsioReg] - REGSVR32.EXE /S CTASIO.DLL
HKLM\...\Run: [Seagate Scheduler2 Service] - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395152 2011-06-30] (Seagate)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3767096 2014-02-09] (AVAST Software)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [AsioThk32Reg] - REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [P17RunE] - RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-02-09] (AVAST Software)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] - C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [2638152 2011-06-30] (Seagate)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - c:\Program Files x86\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-04] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\e1b7f757-a5a8-4c96-b091-3c71bf2e36e6.exe /check [181136 2014-03-25] (AVAST Software)
HKU\.DEFAULT\...\Run: [CtxfiReg] - CTXFIREG.exe /FAIL1
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2439817470-3289111343-960963232-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2439817470-3289111343-960963232-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2439817470-3289111343-960963232-1000\...\Run: [ContourCameraFinder] - C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe [233112 2013-05-06] ()
HKU\S-1-5-21-2439817470-3289111343-960963232-1000\...\Run: [AudialsNotifier] - C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [473352 2014-02-18] ()
Startup: C:\Users\Mabrey Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mabrey Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Mabrey Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x76B2D7EE31C1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM-x32 - DefaultScope {DA48DB29-162D-476B-BB9A-F2DC34FFF1E8} URL = 
SearchScopes: HKCU - DefaultScope {DA48DB29-162D-476B-BB9A-F2DC34FFF1E8} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3316751&CUI=UN17009446392591716&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: BrowserHelper Class - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Home Server Banner - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {01025D1C-BB03-4369-8344-732CD0DCCCF0} http://www.geforce.com/services_toolkit/ShimGen/1.1.28.1/GPU_Reader.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.msnbc.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Mabrey Family\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Mabrey Family\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Mabrey Family\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Extension: (Angry Birds) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-03-25]
CHR Extension: (Google Drive) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-23]
CHR Extension: (YouTube) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (Google Search) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (avast! Online Security) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-18]
CHR Extension: (WeatherSpark) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakodohdejcohkcpokmkiejimmpfaegp [2012-09-04]
CHR Extension: (Picnik) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmnggcpelemfookhlhkdfbechcdadfp [2012-03-07]
CHR Extension: (Google Wallet) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Mabrey Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MABREY~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Mabrey Family\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [kepfgejmidkmoiimkfdjocdjhbcpmlmg] - C:\Users\Mabrey Family\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Mabrey Family\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [kepfgejmidkmoiimkfdjocdjhbcpmlmg] - C:\Users\Mabrey Family\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-12-23]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-30] (Adobe Systems)
R2 Adobe Version Cue CS2; c:\Program Files x86\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-04] (Adobe Systems Incorporated)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S3 AllShare; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [6638080 2010-07-16] ()
R2 arXfrSvc; C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [231280 2011-01-10] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-02-09] (AVAST Software)
R2 Creative Service for CDROM Access; C:\Windows\SysWOW64\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd)
R2 DCE; C:\Program Files\DCE\dce.exe [59392 2013-12-18] ()
R2 esClient; C:\Program Files\Windows Home Server\esClient.exe [109936 2011-01-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WHSConnector; C:\Program Files\Windows Home Server\WHSConnector.exe [489840 2011-01-10] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-01] ()
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
R3 hcwPP2; C:\Windows\System32\DRIVERS\hcwPP2.sys [227328 2007-02-06] (Hauppauge Computer Works, Inc.)
S3 HSF_DP; C:\Windows\System32\DRIVERS\CAX_DP.sys [1485824 2009-02-13] (Conexant Systems, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-15] (RapidSolution Software AG)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-18] (Audials AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-15] (RapidSolution Software AG)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-09-09] (RapidSolution Software AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-12-20] (Acronis)
S3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.)
S3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-25 12:18 - 2014-03-25 12:19 - 00023278 _____ () C:\Users\Mabrey Family\Desktop\FRST.txt
2014-03-25 12:18 - 2014-03-25 12:18 - 04113320 _____ () C:\Users\Mabrey Family\Desktop\tdsskiller.zip
2014-03-25 12:18 - 2014-03-25 12:18 - 00000000 ____D () C:\Users\Mabrey Family\Desktop\TDSSKiller
2014-03-25 12:17 - 2014-03-25 12:17 - 02157056 _____ (Farbar) C:\Users\Mabrey Family\Desktop\FRST64 (1).exe
2014-03-25 12:08 - 2014-03-25 12:18 - 00000000 ____D () C:\FRST
2014-03-25 12:08 - 2014-03-25 12:08 - 02157056 _____ (Farbar) C:\Users\Mabrey Family\Downloads\FRST64.exe
2014-03-25 11:16 - 2014-03-25 11:16 - 00688992 ____R (Swearware) C:\Users\Mabrey Family\Downloads\dds.com
2014-03-17 12:46 - 2014-03-04 07:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-17 12:39 - 2014-03-17 12:40 - 00000000 ____D () C:\Windows\LastGood
2014-03-17 12:35 - 2014-03-04 10:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-17 12:35 - 2014-03-04 10:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-17 12:35 - 2014-03-04 10:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-12 01:39 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 01:39 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 01:39 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 01:39 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 01:39 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 01:39 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 01:39 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 01:39 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 01:39 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 01:39 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 01:39 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 01:39 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 01:39 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 01:39 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 01:39 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 01:39 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 01:39 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 01:39 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 01:39 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 01:39 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 01:39 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 01:39 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 01:39 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 01:39 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 01:39 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 01:39 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 01:39 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 01:39 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 01:39 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 01:39 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 01:39 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 01:39 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 01:39 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 01:39 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 01:39 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 01:39 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 01:39 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 01:39 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 01:39 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 01:39 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 01:39 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 01:39 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 01:39 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 01:39 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 01:38 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 01:38 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 01:38 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 01:38 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 09:04 - 2014-03-11 09:04 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\{065C2794-3919-4A4A-B8E5-D891EC5B87B6}
2014-03-10 21:02 - 2014-03-10 21:03 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\{0F0EEE64-602C-4138-B3BA-A7EED6AA5929}
2014-03-10 20:04 - 2014-03-10 20:04 - 00003194 _____ () C:\Windows\System32\Tasks\{4D74A326-0DC7-4ACF-B81B-365C8B52A8D2}
2014-03-10 20:03 - 2014-03-10 20:03 - 09785424 _____ () C:\Users\Mabrey Family\Desktop\mpnmp830win222ea13.exe
2014-03-10 20:00 - 2014-03-10 20:00 - 00003326 _____ () C:\Windows\System32\Tasks\{822C9D5B-B49E-441A-B8B2-B47A1F9A5ED4}
2014-03-10 19:58 - 2014-03-10 19:59 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\Canon Easy-PhotoPrint EX
2014-03-10 19:55 - 2014-03-10 19:55 - 00002994 _____ () C:\Windows\System32\Tasks\{4EF0B9A7-846E-4465-89B5-546B8F089DDE}
2014-03-10 19:54 - 2014-03-10 19:54 - 00002994 _____ () C:\Windows\System32\Tasks\{D499DF56-BDF2-4522-96D1-788B613492BF}
2014-03-09 09:52 - 2014-03-09 09:52 - 00006948 _____ () C:\Users\Mabrey Family\Downloads\Bear Church Rock Loop.gpx
2014-03-03 12:36 - 2014-03-03 12:36 - 00001780 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-03 12:35 - 2014-03-03 12:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-03 12:35 - 2014-03-03 12:36 - 00000000 ____D () C:\Program Files\iTunes
2014-03-03 12:35 - 2014-03-03 12:35 - 00000000 ____D () C:\Program Files\iPod
2014-03-03 12:12 - 2014-03-03 12:13 - 148885840 _____ (Apple Inc.) C:\Users\Mabrey Family\Desktop\iTunes64Setup.exe
2014-03-03 11:58 - 2014-03-03 11:59 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-28 22:41 - 2014-02-28 22:41 - 00526871 _____ () C:\Users\Mabrey Family\Desktop\search.htm
2014-02-28 20:25 - 2014-02-28 20:25 - 00000950 _____ () C:\Users\Public\Desktop\Audials 11.lnk
2014-02-28 20:21 - 2014-02-28 20:21 - 54041344 _____ () C:\Users\Mabrey Family\Downloads\Audials_One-Setup (17).exe
2014-02-24 18:42 - 2014-03-04 10:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-02-24 18:42 - 2014-02-08 14:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-24 18:42 - 2014-02-08 14:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
 
==================== One Month Modified Files and Folders =======
 
2014-03-25 12:19 - 2014-03-25 12:18 - 00023278 _____ () C:\Users\Mabrey Family\Desktop\FRST.txt
2014-03-25 12:18 - 2014-03-25 12:18 - 04113320 _____ () C:\Users\Mabrey Family\Desktop\tdsskiller.zip
2014-03-25 12:18 - 2014-03-25 12:18 - 00000000 ____D () C:\Users\Mabrey Family\Desktop\TDSSKiller
2014-03-25 12:18 - 2014-03-25 12:08 - 00000000 ____D () C:\FRST
2014-03-25 12:17 - 2014-03-25 12:17 - 02157056 _____ (Farbar) C:\Users\Mabrey Family\Desktop\FRST64 (1).exe
2014-03-25 12:08 - 2014-03-25 12:08 - 02157056 _____ (Farbar) C:\Users\Mabrey Family\Downloads\FRST64.exe
2014-03-25 11:45 - 2012-05-11 06:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-25 11:45 - 2011-02-06 18:19 - 02118656 ___SH () C:\Users\Mabrey Family\Downloads\Thumbs.db
2014-03-25 11:42 - 2010-11-26 13:37 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Roaming\vlc
2014-03-25 11:39 - 2013-11-19 22:10 - 00000000 ____D () C:\Users\Mabrey Family\Documents\Tom Credit Disputes
2014-03-25 11:29 - 2010-11-13 09:43 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-25 11:25 - 2012-12-01 15:37 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\3F5B29A7-EC68-4E56-B8B6-0EF6E2C04E15.aplzod
2014-03-25 11:16 - 2014-03-25 11:16 - 00688992 ____R (Swearware) C:\Users\Mabrey Family\Downloads\dds.com
2014-03-25 09:37 - 2010-11-13 09:43 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-25 09:28 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 09:05 - 2014-01-06 06:20 - 01480053 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 12:20 - 2010-12-06 19:49 - 01026560 ___SH () C:\Users\Mabrey Family\Desktop\Thumbs.db
2014-03-19 18:04 - 2012-08-12 12:30 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Roaming\Canon
2014-03-19 12:19 - 2009-07-14 00:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-19 12:19 - 2009-07-14 00:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-19 03:04 - 2013-07-17 04:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2010-11-12 12:11 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 12:47 - 2011-09-08 09:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-17 12:47 - 2010-11-28 11:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-17 12:45 - 2014-01-06 12:06 - 00004463 _____ () C:\Windows\setupact.log
2014-03-17 12:40 - 2014-03-17 12:39 - 00000000 ____D () C:\Windows\LastGood
2014-03-15 14:33 - 2012-03-06 18:15 - 00002180 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 17:03 - 2013-12-23 23:18 - 00000000 ___RD () C:\Users\Mabrey Family\Google Drive
2014-03-13 17:03 - 2013-07-16 15:37 - 00000000 ___RD () C:\Users\Mabrey Family\Dropbox
2014-03-13 17:03 - 2013-07-16 15:31 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Roaming\Dropbox
2014-03-13 02:06 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-12 05:45 - 2012-05-11 06:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 05:45 - 2012-05-11 06:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 05:45 - 2011-06-18 07:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 03:26 - 2009-07-14 00:45 - 00421544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 03:24 - 2013-12-23 19:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 03:24 - 2013-12-23 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 03:03 - 2010-11-29 13:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 20:04 - 2010-11-27 06:28 - 00007607 _____ () C:\Users\Mabrey Family\AppData\Local\Resmon.ResmonCfg
2014-03-11 09:04 - 2014-03-11 09:04 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\{065C2794-3919-4A4A-B8E5-D891EC5B87B6}
2014-03-10 21:35 - 2013-12-11 11:02 - 00007168 ___SH () C:\Users\Mabrey Family\Documents\Thumbs.db
2014-03-10 21:03 - 2014-03-10 21:02 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\{0F0EEE64-602C-4138-B3BA-A7EED6AA5929}
2014-03-10 20:04 - 2014-03-10 20:04 - 00003194 _____ () C:\Windows\System32\Tasks\{4D74A326-0DC7-4ACF-B81B-365C8B52A8D2}
2014-03-10 20:03 - 2014-03-10 20:03 - 09785424 _____ () C:\Users\Mabrey Family\Desktop\mpnmp830win222ea13.exe
2014-03-10 20:00 - 2014-03-10 20:00 - 00003326 _____ () C:\Windows\System32\Tasks\{822C9D5B-B49E-441A-B8B2-B47A1F9A5ED4}
2014-03-10 19:59 - 2014-03-10 19:58 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Local\Canon Easy-PhotoPrint EX
2014-03-10 19:58 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-10 19:55 - 2014-03-10 19:55 - 00002994 _____ () C:\Windows\System32\Tasks\{4EF0B9A7-846E-4465-89B5-546B8F089DDE}
2014-03-10 19:54 - 2014-03-10 19:54 - 00002994 _____ () C:\Windows\System32\Tasks\{D499DF56-BDF2-4522-96D1-788B613492BF}
2014-03-09 09:52 - 2014-03-09 09:52 - 00006948 _____ () C:\Users\Mabrey Family\Downloads\Bear Church Rock Loop.gpx
2014-03-04 10:35 - 2014-03-17 12:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 10:35 - 2014-03-17 12:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 10:35 - 2014-03-17 12:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 10:35 - 2014-02-24 18:42 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 10:35 - 2013-02-26 00:32 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 10:35 - 2013-02-26 00:32 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 10:35 - 2012-02-04 21:13 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 10:35 - 2012-02-04 20:52 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 10:35 - 2012-02-01 19:00 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 09:06 - 2012-02-03 22:43 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 09:06 - 2012-02-03 22:43 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 09:05 - 2012-02-04 21:16 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 09:05 - 2012-02-03 22:43 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 09:05 - 2012-02-03 22:43 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 09:05 - 2012-02-03 22:43 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 07:32 - 2014-03-17 12:46 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-03 12:36 - 2014-03-03 12:36 - 00001780 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-03 12:36 - 2014-03-03 12:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-03 12:36 - 2014-03-03 12:35 - 00000000 ____D () C:\Program Files\iTunes
2014-03-03 12:36 - 2010-12-21 12:22 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-03 12:35 - 2014-03-03 12:35 - 00000000 ____D () C:\Program Files\iPod
2014-03-03 12:13 - 2014-03-03 12:12 - 148885840 _____ (Apple Inc.) C:\Users\Mabrey Family\Desktop\iTunes64Setup.exe
2014-03-03 11:59 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-01 02:05 - 2014-03-12 01:39 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-12 01:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-12 01:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-12 01:39 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-12 01:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-12 01:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-12 01:39 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-12 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-12 01:39 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-12 01:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-12 01:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-12 01:39 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-12 01:39 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-12 01:39 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-12 01:39 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-12 01:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-12 01:39 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-12 01:39 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-12 01:39 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-12 01:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-12 01:39 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-12 01:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-12 01:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-12 01:39 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-12 01:39 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-12 01:39 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-12 01:39 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-12 01:39 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-12 01:39 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-12 01:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-12 01:39 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 01:39 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 01:39 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-12 01:39 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-12 01:39 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:41 - 2014-02-28 22:41 - 00526871 _____ () C:\Users\Mabrey Family\Desktop\search.htm
2014-02-28 22:38 - 2014-03-12 01:39 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 01:39 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-12 01:39 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 01:39 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 01:39 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 20:25 - 2014-02-28 20:25 - 00000950 _____ () C:\Users\Public\Desktop\Audials 11.lnk
2014-02-28 20:21 - 2014-02-28 20:21 - 54041344 _____ () C:\Users\Mabrey Family\Downloads\Audials_One-Setup (17).exe
2014-02-27 18:03 - 2012-10-28 11:15 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-27 04:03 - 2012-10-30 12:14 - 00774632 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 18:08 - 2013-12-24 18:55 - 00000000 ____D () C:\Users\Mabrey Family\AppData\Roaming\newnext.me
2014-02-26 04:38 - 2014-01-18 11:41 - 00260976 _____ () C:\Windows\PFRO.log
 
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.5728.dll
 
 
Some content of TEMP:
====================
C:\Users\Mabrey Family\AppData\Local\Temp\jna4538329811890153058.dll
C:\Users\Mabrey Family\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Mabrey Family\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Mabrey Family\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 00:38
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Mabrey Family at 2014-03-25 12:19:51
Running from C:\Users\Mabrey Family\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.09 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.09 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0.1 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0.1 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content (HKLM-x32\...\Adobe Premiere Elements 9 Content) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 Content (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 1 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 2 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 1 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 2 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Version Cue CS2 (x32 Version: 2.0 - Adobe Systems, Inc.) Hidden
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version:  - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audials (HKLM-x32\...\{CA50136F-9F9E-4AFC-ADD4-471F896AC922}) (Version: 11.0.51800.0 - Audials AG)
Audials (HKLM-x32\...\{DE8C6C19-F18F-4114-809D-B5FCCCEB7382}) (Version: 10.2.28800.0 - Audials AG)
Audials TV (HKLM-x32\...\{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}) (Version: 1.3.10803.300 - RapidSolution Software AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon MP Navigator 2.2 (HKLM-x32\...\MP Navigator 2.2) (Version:  - )
Canon MP830 (HKLM\...\{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Contour Storyteller (HKLM-x32\...\Contour Storyteller 3.5.2) (Version: 3.5.3 - Contour)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource (HKLM-x32\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative System Information (HKLM-x32\...\SysInfo) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.12 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Distributed Computing Experiment (HKLM\...\Distributed Computing Experiment) (Version:  - )
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
GalaxyMDT (HKLM-x32\...\GalaxyMDT) (Version:  - )
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}) (Version: 2.9.3 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin Trip and Waypoint Manager v4 (HKLM-x32\...\{67B9AF41-C0B9-4960-84D9-A61D23DE85D8}) (Version: 4.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPSBabel 1.4.4 (HKLM-x32\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version:  - GPSBabel)
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IL-2 Sturmovik 1946 (HKLM-x32\...\InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}) (Version: 1.00.0000 - Ubisoft)
IL-2 Sturmovik 1946 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
Lock On: Modern Air Combat (HKLM-x32\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - )
Lockon Flaming Cliffs 1.2.1 patch (HKLM-x32\...\LockOn Flaming Cliffs 2_is1) (Version:  - )
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{5241FB1B-9CF5-448C-3BFD-1AE58B061033}) (Version: 7.01.0741 - Nero AG)
Nero 9 (HKLM-x32\...\{31fd9905-ceba-40c4-9670-b8311f4c78f9}) (Version:  - Nero AG)
Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0017.1 - Nero AG)
Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.17002 - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.11002 - Nero AG)
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero Recode (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 2.4.14.100 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.21.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.16.100 - Nero AG) Hidden
Nero WaveEditor (x32 Version: 5.4.37.1 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.4.26.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.26.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Rinse (HKLM-x32\...\rinsebyreal) (Version: 1.85P - UNKNOWN)
Rinse (x32 Version: 1.85 - UNKNOWN) Hidden
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\{4C5D15D2-5351-4F05-A96E-56C20554F977}) (Version: 1.00.000 - )
RunAlyzer (HKLM-x32\...\{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1) (Version: 1.6.1.24 - Safer Networking Limited)
SAMSUNG PC Share Manager (HKLM-x32\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG)
SAMSUNG PC Share Manager (x32 Version: 4.0 - SAMSUNG) Hidden
Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.80.4.50 - Conexant Systems)
Sound Blaster Audigy (HKLM-x32\...\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}) (Version: 1.0 - )
SoundTrax (x32 Version: 4.4.37.1 - Nero AG) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1030 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TEXAS TOPO (HKLM-x32\...\txtopo11) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Vimeo Uploader (HKLM-x32\...\vimeo.Duplo.3E2F2984357E7A95AE95C69EF2C5C14640284048.1) (Version: 0.9.5.4 - UNKNOWN)
Vimeo Uploader (x32 Version: 0.9.5 - UNKNOWN) Hidden
virginia_topo (HKLM-x32\...\mt77_va) (Version:  - )
Visual Studio C++ 9.0 Runtime (HKLM-x32\...\{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}) (Version: 1.0.0 - TomTom International B.V.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Home Server Connector (HKLM\...\{21E49794-7C13-4E84-8659-55BD378267D5}) (Version: 6.0.3436.0 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
XtremeTuner HD (HKLM-x32\...\XtremeTuner HD) (Version:  - )
 
==================== Restore Points  =========================
 
12-03-2014 07:00:24 Windows Update
18-03-2014 22:25:50 Windows Update
19-03-2014 07:00:10 Windows Update
25-03-2014 12:05:54 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2013-10-20 17:45 - 00431614 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {16AE6A82-8F60-49C2-985E-801390DB1BEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {2627C70E-F867-42C3-A9A1-10E29C7E022A} - System32\Tasks\{74226392-206D-4620-A3B9-56747FB22CAB} => C:\Program Files (x86)\iTunes\iTunes.exe [2014-02-21] (Apple Inc.)
Task: {3BC9D982-8582-4AA0-8021-BDAE7010CFC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13] (Google Inc.)
Task: {4090E6DE-871B-4DEF-B725-D2B02E51F309} - System32\Tasks\{FFA8A862-88F5-4C41-BAE0-E150EE84F09D} => C:\Program Files (x86)\Adobe\Adobe Premiere Elements 9\Adobe Premiere Elements 9.exe [2010-09-30] (Adobe Systems Incorporated)
Task: {471356C5-8986-4CEB-BF1A-E07AA2B886B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13] (Google Inc.)
Task: {5CA96770-ED45-461A-8776-DE13F5384294} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-02-09] (AVAST Software)
Task: {61012DA6-6D00-41F3-8BAB-81766D1648EB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7AB44415-89DC-4556-9936-B16B8EEC364C} - System32\Tasks\AdobeAAMUpdater-1.0-CompuRex2-Mabrey Family => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {8742634B-EB1C-4FE6-A8C6-EBD578AEC375} - System32\Tasks\{D499DF56-BDF2-4522-96D1-788B613492BF} => C:\Program Files (x86)\Canon\MP Navigator 2.2\mpn22.exe [2006-09-28] (CANON INC.)
Task: {902BC913-409E-48C5-AFE9-438F1F62D3AE} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {B2630E09-EE61-4952-BADD-C546442697CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {D595533B-E173-4B36-B1EB-68A4EDD4C4F6} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx2-COMPUREX2 => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {E18F7A9B-778B-4869-B5BB-DE7F33935DBF} - System32\Tasks\SyncToy => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
Task: {F58293DC-ED20-41A5-810A-BFC453082252} - System32\Tasks\{4EF0B9A7-846E-4465-89B5-546B8F089DDE} => C:\Program Files (x86)\Canon\MP Navigator 2.2\mpn22.exe [2006-09-28] (CANON INC.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-18 17:26 - 2013-12-18 17:26 - 00059392 _____ () C:\Program Files\DCE\dce.exe
2005-04-04 19:58 - 2005-04-04 19:58 - 03502080 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2012-02-03 22:43 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00473352 _____ () C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
2014-03-12 17:47 - 2014-03-12 15:20 - 02186752 _____ () C:\Program Files\Alwil Software\Avast5\defs\14031201\algo.dll
2014-03-25 08:37 - 2014-03-25 05:55 - 02189312 _____ () C:\Program Files\Alwil Software\Avast5\defs\14032500\algo.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00028791 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00057453 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00102515 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00053364 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00057455 _____ () C:\Program Files x86\Adobe\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00032880 _____ () C:\Program Files x86\Adobe\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 00434255 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-04 19:58 - 2005-04-04 19:58 - 01019904 _____ () c:\Program Files x86\Adobe\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-20 17:35 - 2013-10-20 17:35 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2013-03-03 18:57 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2013-03-03 18:57 - 2009-07-10 10:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-10-18 19:55 - 2013-10-18 19:55 - 25100288 _____ () C:\Users\Mabrey Family\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00046080 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_thread-vc90-mt-1_39.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00045056 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_date_time-vc90-mt-1_39.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00545032 _____ () C:\Program Files (x86)\Audials\Audials 11\StreamingClient.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00012800 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_system-vc90-mt-1_39.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00068360 _____ () C:\Program Files (x86)\Audials\Audials 11\CrashRpt.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00409352 _____ () C:\Program Files (x86)\Audials\Audials 11\SQLite3.dll
2014-02-18 16:24 - 2014-02-18 16:24 - 00614912 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_regex-vc90-mt-1_39.dll
2014-02-28 20:25 - 2014-02-28 20:25 - 00292352 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Utils\af16ebd1e50ef1965b462df82a34e4d7\Utils.ni.dll
2014-02-28 20:25 - 2014-02-28 20:25 - 00585728 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\1bcf9e3b8507cc6d127e61d0dcaa1b55\ManagedInterfaces.ni.dll
2014-02-28 20:25 - 2014-02-28 20:25 - 02958336 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\AudialsComponents\0dc5c83bd8507d74201071ce793199eb\AudialsComponents.ni.dll
2014-02-28 20:25 - 2014-02-28 20:25 - 00178688 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\fastJSON\49f31a7287ef1c756904f99df67ccf8f\fastJSON.ni.dll
2014-02-28 20:25 - 2014-02-28 20:25 - 00519680 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\RSControls\4b3c705f850c463ad5b6fcc588b8cb3a\RSControls.ni.dll
2014-03-15 14:33 - 2014-03-14 20:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 14:33 - 2014-03-14 20:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 14:33 - 2014-03-14 20:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-03-15 14:33 - 2014-03-14 20:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 14:33 - 2014-03-14 20:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 14:33 - 2014-03-14 20:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164
AlternateDataStreams: C:\Users\Mabrey Family\Downloads\all.rss:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mabrey Family\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 9 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
MSCONFIG\startupreg: ContourCameraFinder => "C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe" 
MSCONFIG\startupreg: Creative Detector => "C:\Program Files (x86)\Creative\MediaSource\Detector\CTDetect.exe" /R
MSCONFIG\startupreg: CTHelper => CTHELPER.EXE
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MyTomTomSA.exe => "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: P17RunE => RunDll32 P17RunE.dll,RunDLLEntry
MSCONFIG\startupreg: PhotoshopElements8SyncAgent => C:\Program Files (x86)\Adobe\Elements 9 Organizer\ElementsOrganizerSyncAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: StereoLinksInstall => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: XtremeTuner HD => C:\Program Files\XtremeTuner HD\XtremeTuner HD.exe OnlyApplySettings
 
==================== Faulty Device Manager Devices =============
 
Name: HP 802.11b/g Wireless Network Adapter
Description: HP 802.11b/g Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/25/2014 11:31:25 AM) (Source: Application Hang) (User: )
Description: The program dds.com version 2012.11.20.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: fc4
 
Start Time: 01cf483d43522f06
 
Termination Time: 3
 
Application Path: C:\Users\Mabrey Family\Downloads\dds.com
 
Report Id:
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (03/24/2014 00:22:30 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
Error: (03/24/2014 00:22:24 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
 
 
System errors:
=============
Error: (03/23/2014 06:24:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/13/2014 02:06:36 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:02:27 AM on ‎3/‎13/‎2014 was unexpected.
 
Error: (03/12/2014 03:25:11 AM) (Source: iaStorV) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (03/12/2014 03:24:38 AM) (Source: iaStorV) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (03/12/2014 03:24:28 AM) (Source: iaStorV) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (03/12/2014 03:24:24 AM) (Source: iaStorV) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (03/11/2014 08:03:56 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/11/2014 08:03:37 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Version Cue CS2 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/11/2014 08:03:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (03/10/2014 08:30:52 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2011-02-05 16:17:52.543
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 16:17:52.531
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 16:12:55.227
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 16:12:55.215
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 13:44:53.158
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 13:44:53.142
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 13:44:36.113
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-02-05 13:44:36.098
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\grmnusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 47%
Total physical RAM: 6142.45 MB
Available physical RAM: 3196.48 MB
Total Pagefile: 12283.09 MB
Available Pagefile: 8796.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1095.04 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:2794.39 GB) (Free:2551.94 GB) NTFS
Drive f: () (Fixed) (Total:279.46 GB) (Free:279.26 GB) NTFS
Drive m: () (Fixed) (Total:1863.02 GB) (Free:1862.83 GB) NTFS
Drive o: (LACIE) (Fixed) (Total:189.92 GB) (Free:189.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 21EE3622)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198730317824) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 2795 GB) (Disk ID: D0F41A69)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 7 (Size: 279 GB) (Disk ID: 807417F4)
Partition 1: (Not Active) - (Size=279 GB) - (Type=OF Extended)
 
========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: BB70DD39)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 9 (Size: 190 GB) (Disk ID: 12345678)
Partition 1: (Active) - (Size=190 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 25 March 2014 - 11:27 AM

12:23:54.0344 0x0fd0  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
12:23:58.0638 0x0fd0  ============================================================
12:23:58.0638 0x0fd0  Current date / time: 2014/03/25 12:23:58.0638
12:23:58.0639 0x0fd0  SystemInfo:
12:23:58.0639 0x0fd0  
12:23:58.0639 0x0fd0  OS Version: 6.1.7601 ServicePack: 1.0
12:23:58.0639 0x0fd0  Product type: Workstation
12:23:58.0639 0x0fd0  ComputerName: COMPUREX2
12:23:58.0639 0x0fd0  UserName: Mabrey Family
12:23:58.0639 0x0fd0  Windows directory: C:\Windows
12:23:58.0639 0x0fd0  System windows directory: C:\Windows
12:23:58.0639 0x0fd0  Running under WOW64
12:23:58.0639 0x0fd0  Processor architecture: Intel x64
12:23:58.0639 0x0fd0  Number of processors: 2
12:23:58.0639 0x0fd0  Page size: 0x1000
12:23:58.0639 0x0fd0  Boot type: Normal boot
12:23:58.0639 0x0fd0  ============================================================
12:24:05.0026 0x0fd0  KLMD registered as C:\Windows\system32\drivers\68979649.sys
12:24:05.0333 0x0fd0  System UUID: {55A444E6-121E-5FD5-B14B-830E4F1965AF}
12:24:06.0330 0x0fd0  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:24:06.0331 0x0fd0  Drive \Device\Harddisk1\DR1 - Size: 0xBAA1476000 (746.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:24:06.0600 0x0fd0  Drive \Device\Harddisk7\DR7 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:24:06.0621 0x0fd0  Drive \Device\Harddisk8\DR10 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:24:06.0624 0x0fd0  Drive \Device\Harddisk9\DR11 - Size: 0x2F7B100000 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:24:06.0625 0x0fd0  ============================================================
12:24:06.0625 0x0fd0  \Device\Harddisk0\DR0:
12:24:06.0626 0x0fd0  MBR partitions:
12:24:06.0626 0x0fd0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:24:06.0626 0x0fd0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD6000
12:24:06.0626 0x0fd0  \Device\Harddisk1\DR1:
12:24:06.0626 0x0fd0  GPT partitions:
12:24:06.0645 0x0fd0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4F99810F-5A73-4F38-9DAF-5B6EF3716319}, Name: , StartLBA 0x22, BlocksNum 0x40000
12:24:06.0645 0x0fd0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CE74388F-7359-44B1-A9FA-E06ECFCA8A3C}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
12:24:06.0645 0x0fd0  MBR partitions:
12:24:06.0645 0x0fd0  \Device\Harddisk7\DR7:
12:24:06.0650 0x0fd0  MBR partitions:
12:24:06.0650 0x0fd0  \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22EEA000
12:24:06.0650 0x0fd0  \Device\Harddisk8\DR10:
12:24:06.0651 0x0fd0  MBR partitions:
12:24:06.0651 0x0fd0  \Device\Harddisk8\DR10\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E08871
12:24:06.0651 0x0fd0  \Device\Harddisk9\DR11:
12:24:06.0652 0x0fd0  MBR partitions:
12:24:06.0652 0x0fd0  \Device\Harddisk9\DR11\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x17BD5299
12:24:06.0652 0x0fd0  ============================================================
12:24:06.0758 0x0fd0  C: <-> \Device\Harddisk0\DR0\Partition2
12:24:06.0765 0x0fd0  F: <-> \Device\Harddisk7\DR7\Partition1
12:24:06.0832 0x0fd0  M: <-> \Device\Harddisk8\DR10\Partition1
12:24:06.0854 0x0fd0  O: <-> \Device\Harddisk9\DR11\Partition1
12:24:06.0887 0x0fd0  D: <-> \Device\Harddisk1\DR1\Partition2
12:24:06.0887 0x0fd0  ============================================================
12:24:06.0888 0x0fd0  Initialize success
12:24:06.0888 0x0fd0  ============================================================
12:24:09.0311 0x09ac  ============================================================
12:24:09.0312 0x09ac  Scan started
12:24:09.0312 0x09ac  Mode: Manual; 
12:24:09.0312 0x09ac  ============================================================
12:24:09.0312 0x09ac  KSN ping started
12:24:12.0336 0x09ac  KSN ping finished: true
12:24:13.0927 0x09ac  ================ Scan system memory ========================
12:24:13.0927 0x09ac  System memory - ok
12:24:13.0928 0x09ac  ================ Scan services =============================
12:24:14.0321 0x09ac  [ ABDCD326E1DD1C62509ED94C278A7453, 51E2722C7D2588BE1C29A1680C988B9BE45433E147CCE285C3A918216418E44B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:24:14.0325 0x09ac  !SASCORE - ok
12:24:14.0944 0x09ac  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
12:24:14.0951 0x09ac  1394ohci - ok
12:24:15.0084 0x09ac  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
12:24:15.0086 0x09ac  61883 - ok
12:24:15.0192 0x09ac  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:24:15.0200 0x09ac  ACPI - ok
12:24:15.0242 0x09ac  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:24:15.0243 0x09ac  AcpiPmi - ok
12:24:15.0487 0x09ac  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:24:15.0489 0x09ac  Adobe LM Service - ok
12:24:15.0713 0x09ac  [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Program Files x86\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
12:24:15.0718 0x09ac  Adobe Version Cue CS2 - ok
12:24:16.0018 0x09ac  [ 1474F121C3DF1232D3E7239C03691EE6, 26D0F55010CB7C51269D94ECB5C5AA94802607685B9E9791A78B643C6227214F ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
12:24:16.0023 0x09ac  AdobeActiveFileMonitor9.0 - ok
12:24:16.0334 0x09ac  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:24:16.0339 0x09ac  AdobeARMservice - ok
12:24:16.0867 0x09ac  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:24:16.0874 0x09ac  AdobeFlashPlayerUpdateSvc - ok
12:24:17.0065 0x09ac  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:24:17.0079 0x09ac  adp94xx - ok
12:24:17.0158 0x09ac  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:24:17.0168 0x09ac  adpahci - ok
12:24:17.0240 0x09ac  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:24:17.0246 0x09ac  adpu320 - ok
12:24:17.0305 0x09ac  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:24:17.0308 0x09ac  AeLookupSvc - ok
12:24:17.0532 0x09ac  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:24:17.0545 0x09ac  AFD - ok
12:24:17.0620 0x09ac  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:24:17.0621 0x09ac  agp440 - ok
12:24:18.0693 0x09ac  [ BBE9054FDADC8D49D29C5DA4FB84A803, 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
12:24:18.0693 0x09ac  Suspicious file ( Hidden ): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803, sha256: 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF
12:24:18.0703 0x09ac  Akamai - detected HiddenFile.Multi.Generic ( 1 )
12:24:28.0805 0x09ac  Akamai ( HiddenFile.Multi.Generic ) - warning
12:24:28.0805 0x09ac  Force sending object to P2P due to detect: c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
12:24:42.0796 0x09ac  Object send P2P result: true
12:24:45.0346 0x09ac  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:24:45.0349 0x09ac  ALG - ok
12:24:45.0446 0x09ac  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:24:45.0447 0x09ac  aliide - ok
12:24:46.0301 0x09ac  [ AAA1F9D4CF4C976C21BCA8AFA2BAE6A4, E8625FC2676A5E1C70E2F8AF40A4B1FF908748401B9B169285E2A7277B6E123E ] AllShare        C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
12:24:46.0487 0x09ac  AllShare - ok
12:24:46.0560 0x09ac  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:24:46.0561 0x09ac  amdide - ok
12:24:46.0657 0x09ac  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:24:46.0659 0x09ac  AmdK8 - ok
12:24:46.0691 0x09ac  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:24:46.0693 0x09ac  AmdPPM - ok
12:24:46.0764 0x09ac  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:24:46.0766 0x09ac  amdsata - ok
12:24:46.0851 0x09ac  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:24:46.0856 0x09ac  amdsbs - ok
12:24:46.0870 0x09ac  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:24:46.0871 0x09ac  amdxata - ok
12:24:46.0934 0x09ac  [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
12:24:46.0936 0x09ac  androidusb - ok
12:24:47.0042 0x09ac  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:24:47.0044 0x09ac  AppID - ok
12:24:47.0114 0x09ac  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:24:47.0116 0x09ac  AppIDSvc - ok
12:24:47.0231 0x09ac  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:24:47.0234 0x09ac  Appinfo - ok
12:24:47.0465 0x09ac  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:24:47.0468 0x09ac  Apple Mobile Device - ok
12:24:47.0587 0x09ac  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:24:47.0589 0x09ac  arc - ok
12:24:47.0618 0x09ac  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:24:47.0621 0x09ac  arcsas - ok
12:24:47.0832 0x09ac  [ 9149EC69ACD3EFC97B01D5A1BAEB3B57, AD3FF0011DA87D53EB167DE640C4EEB8DECBEEB0AE630275EF133E1702959486 ] arXfrSvc        C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
12:24:47.0838 0x09ac  arXfrSvc - ok
12:24:48.0397 0x09ac  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:24:48.0399 0x09ac  aspnet_state - ok
12:24:48.0609 0x09ac  [ 0ACC3F49015E628590CA4372322EB46B, EB4E22EB4E840261168AF750E878E7A28CC080A89CEF77B5037C2897C40D1DE3 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:24:48.0611 0x09ac  aswMonFlt - ok
12:24:48.0749 0x09ac  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:24:48.0752 0x09ac  aswRdr - ok
12:24:48.0907 0x09ac  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:24:48.0909 0x09ac  aswRvrt - ok
12:24:49.0332 0x09ac  [ 43599E630DFC30AD4E6A2B4B269EB1C0, DA6C7FDC1F6A57117B17F697A94190CC0BB9E32B8CBB4F8C042AA461361CC74C ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:24:49.0357 0x09ac  aswSnx - ok
12:24:49.0553 0x09ac  [ F22DE5F5BA8ADA0A861441B624B51EB5, 58EF9FB3328B6B470F3652DBCE8ACEDAEE6839AC393889A02052298CA204689B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:24:49.0564 0x09ac  aswSP - ok
12:24:49.0614 0x09ac  [ FD3EA14ADF6216BDF4030DB2EFD43D96, 2D3009008AAE93285301B5844DC214D6B05ECB05D37AE08895D8E7187A0BB619 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
12:24:49.0616 0x09ac  aswStm - ok
12:24:49.0745 0x09ac  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:24:49.0750 0x09ac  aswVmm - ok
12:24:49.0788 0x09ac  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:24:49.0789 0x09ac  AsyncMac - ok
12:24:49.0850 0x09ac  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:24:49.0852 0x09ac  atapi - ok
12:24:50.0235 0x09ac  [ 8C56E93749BA53A4B645963D3439E01E, 5B33294474756A423E850A4B29B1D071D7A3235A88BE2C96F57DA5E5D0554566 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:24:50.0284 0x09ac  athr - ok
12:24:50.0506 0x09ac  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:24:50.0524 0x09ac  AudioEndpointBuilder - ok
12:24:50.0545 0x09ac  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:24:50.0560 0x09ac  AudioSrv - ok
12:24:50.0853 0x09ac  [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
12:24:50.0856 0x09ac  avast! Antivirus - ok
12:24:50.0959 0x09ac  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
12:24:50.0961 0x09ac  Avc - ok
12:24:51.0090 0x09ac  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:24:51.0094 0x09ac  AxInstSV - ok
12:24:51.0306 0x09ac  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:24:51.0317 0x09ac  b06bdrv - ok
12:24:51.0474 0x09ac  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:24:51.0482 0x09ac  b57nd60a - ok
12:24:51.0568 0x09ac  [ A8A70D355EBE700798CF53764507D621, 07C72058AC5DBF4D8CC6F7ED3381D598D0CD7B5D68DC15E708CF520C4324DBBE ] BackupReader    C:\Windows\system32\DRIVERS\BackupReader.sys
12:24:51.0570 0x09ac  BackupReader - ok
12:24:51.0710 0x09ac  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:24:51.0714 0x09ac  BDESVC - ok
12:24:51.0799 0x09ac  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:24:51.0799 0x09ac  Beep - ok
12:24:52.0097 0x09ac  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:24:52.0117 0x09ac  BFE - ok
12:24:52.0269 0x09ac  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:24:52.0299 0x09ac  BITS - ok
12:24:52.0351 0x09ac  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:24:52.0353 0x09ac  blbdrive - ok
12:24:52.0674 0x09ac  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:24:52.0687 0x09ac  Bonjour Service - ok
12:24:52.0768 0x09ac  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:24:52.0770 0x09ac  bowser - ok
12:24:52.0811 0x09ac  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:24:52.0812 0x09ac  BrFiltLo - ok
12:24:52.0827 0x09ac  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:24:52.0828 0x09ac  BrFiltUp - ok
12:24:52.0979 0x09ac  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:24:52.0981 0x09ac  BridgeMP - ok
12:24:53.0063 0x09ac  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:24:53.0068 0x09ac  Browser - ok
12:24:53.0183 0x09ac  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:24:53.0190 0x09ac  Brserid - ok
12:24:53.0217 0x09ac  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:24:53.0219 0x09ac  BrSerWdm - ok
12:24:53.0245 0x09ac  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:24:53.0246 0x09ac  BrUsbMdm - ok
12:24:53.0274 0x09ac  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:24:53.0275 0x09ac  BrUsbSer - ok
12:24:53.0361 0x09ac  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:24:53.0363 0x09ac  BTHMODEM - ok
12:24:53.0454 0x09ac  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:24:53.0458 0x09ac  bthserv - ok
12:24:53.0659 0x09ac  [ 46F088D1247E825B313200254EDD9E5B, 085D0FA43BFA2BF88F3949F634A59CC24B0765EAA7EC539FB36C61133A7BB633 ] CAXHWBS2        C:\Windows\system32\DRIVERS\CAXHWBS2.sys
12:24:53.0672 0x09ac  CAXHWBS2 - ok
12:24:53.0770 0x09ac  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:24:53.0773 0x09ac  cdfs - ok
12:24:53.0888 0x09ac  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:24:53.0892 0x09ac  cdrom - ok
12:24:54.0019 0x09ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:24:54.0023 0x09ac  CertPropSvc - ok
12:24:54.0153 0x09ac  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:24:54.0155 0x09ac  circlass - ok
12:24:54.0256 0x09ac  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:24:54.0267 0x09ac  CLFS - ok
12:24:54.0488 0x09ac  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:24:54.0491 0x09ac  clr_optimization_v2.0.50727_32 - ok
12:24:54.0688 0x09ac  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:24:54.0691 0x09ac  clr_optimization_v2.0.50727_64 - ok
12:24:55.0133 0x09ac  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:24:55.0137 0x09ac  clr_optimization_v4.0.30319_32 - ok
12:24:55.0166 0x09ac  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:24:55.0169 0x09ac  clr_optimization_v4.0.30319_64 - ok
12:24:55.0221 0x09ac  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:24:55.0222 0x09ac  CmBatt - ok
12:24:55.0263 0x09ac  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:24:55.0264 0x09ac  cmdide - ok
12:24:55.0390 0x09ac  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:24:55.0401 0x09ac  CNG - ok
12:24:55.0506 0x09ac  [ F38ACFF40E9EDC2B3476EDD724CEA4A0, 2F6CB415F405F70BE1D40D0B912A1D4405E6F68E61A49AABD5C4C7F82681FF16 ] COMMONFX        C:\Windows\system32\drivers\COMMONFX.SYS
12:24:55.0510 0x09ac  COMMONFX - ok
12:24:55.0678 0x09ac  [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2, 2735CF9220E0AD5013540F4BFCDEAC2D5616DADA6245E61F86B35AAD577FD8B2 ] COMMONFX.DLL    C:\Windows\system32\COMMONFX.DLL
12:24:55.0682 0x09ac  COMMONFX.DLL - ok
12:24:55.0753 0x09ac  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:24:55.0754 0x09ac  Compbatt - ok
12:24:55.0807 0x09ac  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:24:55.0809 0x09ac  CompositeBus - ok
12:24:55.0838 0x09ac  COMSysApp - ok
12:24:55.0855 0x09ac  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:24:55.0856 0x09ac  crcdisk - ok
12:24:55.0966 0x09ac  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
12:24:55.0968 0x09ac  Creative ALchemy AL6 Licensing Service - ok
12:24:56.0034 0x09ac  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:24:56.0037 0x09ac  Creative Audio Engine Licensing Service - ok
12:24:56.0606 0x09ac  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\Windows\SysWOW64\CTsvcCDA.EXE
12:24:56.0608 0x09ac  Creative Service for CDROM Access - ok
12:24:56.0774 0x09ac  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:24:56.0795 0x09ac  CryptSvc - ok
12:24:57.0133 0x09ac  [ 01BBD5CB85423B12E445209D243A49A9, 3E223E76ED97EB6A13E4A9957C564D2E5B1979ED1C3CCFBE687C18452C3EA3CD ] CT20XUT.DLL     C:\Windows\system32\CT20XUT.DLL
12:24:57.0150 0x09ac  CT20XUT.DLL - ok
12:24:57.0402 0x09ac  [ 095C566746217CD1482EDE40A70D87D2, FE8F9505C15E85222EC2DC21F239D9613EDB1E07FF4EE33A931AC0271A35B5B7 ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
12:24:57.0417 0x09ac  ctac32k - ok
12:24:57.0611 0x09ac  [ 157E2196FCCD002A2EDF3B06DF7B0C9A, 54FCAE9C37D64B66D0339B397F2C270095FCC47A33F0D59A3077E5DC37475796 ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
12:24:57.0632 0x09ac  ctaud2k - ok
12:24:57.0788 0x09ac  [ 17979EE857E930CBFDF24A12E89D77A1, AEAACA78B36F26A735F20295A74645C2EFDE5498C70156B902DF853B42B5D8AD ] CTAUDFX         C:\Windows\system32\drivers\CTAUDFX.SYS
12:24:57.0806 0x09ac  CTAUDFX - ok
12:24:58.0023 0x09ac  [ E873319F281115EBEA75E519C5B4D0C4, C3BEC888669BD059C7F7124895F7EAC90BE0972D724663A3813DF104D1D09492 ] CTAUDFX.DLL     C:\Windows\system32\CTAUDFX.DLL
12:24:58.0044 0x09ac  CTAUDFX.DLL - ok
12:24:58.0104 0x09ac  [ 06300545BEDF49B6A51FDFE1861F9CAF, EA1FF3A67DE3AAFD8A2F542B681FCD0720C4995C0FDB1E0ADF02203B45083F75 ] CTEAPSFX.DLL    C:\Windows\system32\CTEAPSFX.DLL
12:24:58.0110 0x09ac  CTEAPSFX.DLL - ok
12:24:58.0194 0x09ac  [ 2D902F8EC247F0ED0D458CDCAF786544, F027D63849C88A4714F391F0DFCFB56B36599BE410F53636457A3D6323AF6C6E ] CTEDSPFX.DLL    C:\Windows\system32\CTEDSPFX.DLL
12:24:58.0203 0x09ac  CTEDSPFX.DLL - ok
12:24:58.0256 0x09ac  [ 0D3F99CDA2BEA14E4911A698441F1A29, BEB89B59B241482B8771016F952DBE2553414F3BB1BAA5CBB3E464BE38401F7F ] CTEDSPIO.DLL    C:\Windows\system32\CTEDSPIO.DLL
12:24:58.0261 0x09ac  CTEDSPIO.DLL - ok
12:24:58.0285 0x09ac  [ 9D26AA450AC1CAADDE25F1621BA89842, 8C3316CE5BC1377FFB2D4378A4AA5D1979D96BBFBF6534A1EFDB966C34A47D25 ] CTEDSPSY.DLL    C:\Windows\system32\CTEDSPSY.DLL
12:24:58.0294 0x09ac  CTEDSPSY.DLL - ok
12:24:58.0351 0x09ac  [ FE3EAE37536C02D087E5C5D339663779, 4FE08D6EC273241C789F3FE51235CCF5DD70C1196329347C12793B518EE3D33A ] CTERFXFX        C:\Windows\system32\drivers\CTERFXFX.SYS
12:24:58.0355 0x09ac  CTERFXFX - ok
12:24:58.0361 0x09ac  [ E5F88DAD5EC69665DFA3E5E87791F800, B971F144F8BBC975835B6C958D59ED4114DD3002E8E84832D258AE83A5AD9D70 ] CTERFXFX.DLL    C:\Windows\system32\CTERFXFX.DLL
12:24:58.0366 0x09ac  CTERFXFX.DLL - ok
12:24:58.0408 0x09ac  [ FA6DCA331835997D2F7C83B9AAABC4BB, 47014DC40220461E4CA268C30AD4126226E9E4E1CF7818E7D11C7C5D154BB430 ] CTEXFIFX.DLL    C:\Windows\system32\CTEXFIFX.DLL
12:24:58.0448 0x09ac  CTEXFIFX.DLL - ok
12:24:58.0499 0x09ac  [ 9E6A0A3CA3825BB568D42F5F3CB09453, 0C2A69AAFF1841C81942E2A252F220F18EBE27E5E9D9619C3EB876C29854B1C0 ] CTHWIUT.DLL     C:\Windows\system32\CTHWIUT.DLL
12:24:58.0503 0x09ac  CTHWIUT.DLL - ok
12:24:58.0521 0x09ac  [ 4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C, 59DA2CAF7E4DF97072E71BCE29DEEA764E7552E7539B25BB38FBF9A9CDB0CFEC ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
12:24:58.0522 0x09ac  ctprxy2k - ok
12:24:58.0688 0x09ac  [ 4A7DE2E30B2B9253933A157401EC76D5, 2AFEF3C4340791D2F0368911A35EF2554C59267D0BB8CFECF93EFC08D610A9D1 ] CTSBLFX         C:\Windows\system32\drivers\CTSBLFX.SYS
12:24:58.0705 0x09ac  CTSBLFX - ok
12:24:58.0868 0x09ac  [ 99047FCEBAB495410CD58AB17284720A, 6F1BC73E25AB3FCB163915ECE2FE185DB0A87E7984E2029F37CFFDA557E436A0 ] CTSBLFX.DLL     C:\Windows\system32\CTSBLFX.DLL
12:24:58.0886 0x09ac  CTSBLFX.DLL - ok
12:24:58.0965 0x09ac  [ 065ADE032A044D518AB1407D3586B7D5, 09BA9FB3B5685775811C95A4C09EE9DF770AB6DC497211C99EC9A6216119CC9E ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
12:24:58.0972 0x09ac  ctsfm2k - ok
12:24:59.0134 0x09ac  [ C91B3B78B694E358AFA8EEC132567BFD, D51FE602F89CB834B7BEFB9206E1F2D36EC16AB86F44F19F7A24A45C15833AD0 ] DCE             C:\Program Files\DCE\dce.exe
12:24:59.0136 0x09ac  DCE - ok
12:24:59.0273 0x09ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:24:59.0288 0x09ac  DcomLaunch - ok
12:24:59.0455 0x09ac  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:24:59.0464 0x09ac  defragsvc - ok
12:24:59.0535 0x09ac  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:24:59.0537 0x09ac  DfsC - ok
12:24:59.0647 0x09ac  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:24:59.0656 0x09ac  Dhcp - ok
12:24:59.0737 0x09ac  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:24:59.0739 0x09ac  discache - ok
12:24:59.0847 0x09ac  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:24:59.0849 0x09ac  Disk - ok
12:24:59.0957 0x09ac  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:24:59.0962 0x09ac  Dnscache - ok
12:25:00.0105 0x09ac  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:25:00.0113 0x09ac  dot3svc - ok
12:25:00.0237 0x09ac  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:25:00.0243 0x09ac  DPS - ok
12:25:00.0320 0x09ac  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:25:00.0321 0x09ac  drmkaud - ok
12:25:00.0606 0x09ac  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:25:00.0635 0x09ac  DXGKrnl - ok
12:25:00.0753 0x09ac  [ 099E01A94167CA8BDA2CF72037AD0E28, 937501E15A9C8E195DC778DBC9C3A45EB5DD024AF9E4C188ED5B69F94EEC233D ] e1express       C:\Windows\system32\DRIVERS\e1e6232e.sys
12:25:00.0764 0x09ac  e1express - ok
12:25:00.0841 0x09ac  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:25:00.0846 0x09ac  EapHost - ok
12:25:01.0375 0x09ac  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:25:01.0456 0x09ac  ebdrv - ok
12:25:01.0501 0x09ac  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
12:25:01.0505 0x09ac  EFS - ok
12:25:01.0870 0x09ac  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:25:01.0889 0x09ac  ehRecvr - ok
12:25:01.0933 0x09ac  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:25:01.0937 0x09ac  ehSched - ok
12:25:02.0114 0x09ac  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:25:02.0129 0x09ac  elxstor - ok
12:25:02.0186 0x09ac  [ F380FF5D6D80CECC6DBBC15569757613, D882947D41396DB6E57691A7971B27664E7CB14475B48A37FC63D0BA3C908112 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
12:25:02.0191 0x09ac  emupia - ok
12:25:02.0215 0x09ac  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:25:02.0216 0x09ac  ErrDev - ok
12:25:02.0528 0x09ac  [ 94B3C06DCF580695EBA5304F3C750256, DB977CC1E82D5826BCF95A05A33271D2E4DF4F916E09F04A32F2BEEA9FE29D5D ] esClient        C:\Program Files\Windows Home Server\esClient.exe
12:25:02.0531 0x09ac  esClient - ok
12:25:02.0689 0x09ac  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:25:02.0702 0x09ac  EventSystem - ok
12:25:02.0755 0x09ac  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:25:02.0760 0x09ac  exfat - ok
12:25:02.0801 0x09ac  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:25:02.0807 0x09ac  fastfat - ok
12:25:03.0025 0x09ac  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:25:03.0044 0x09ac  Fax - ok
12:25:03.0099 0x09ac  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:25:03.0100 0x09ac  fdc - ok
12:25:03.0154 0x09ac  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:25:03.0157 0x09ac  fdPHost - ok
12:25:03.0183 0x09ac  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:25:03.0186 0x09ac  FDResPub - ok
12:25:03.0212 0x09ac  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:25:03.0214 0x09ac  FileInfo - ok
12:25:03.0242 0x09ac  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:25:03.0243 0x09ac  Filetrace - ok
12:25:03.0489 0x09ac  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:25:03.0511 0x09ac  FLEXnet Licensing Service - ok
12:25:03.0580 0x09ac  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:25:03.0581 0x09ac  flpydisk - ok
12:25:03.0677 0x09ac  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:25:03.0684 0x09ac  FltMgr - ok
12:25:03.0989 0x09ac  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:25:04.0019 0x09ac  FontCache - ok
12:25:04.0103 0x09ac  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:25:04.0105 0x09ac  FontCache3.0.0.0 - ok
12:25:04.0140 0x09ac  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:25:04.0142 0x09ac  FsDepends - ok
12:25:04.0247 0x09ac  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
12:25:04.0249 0x09ac  fssfltr - ok
12:25:04.0645 0x09ac  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:25:04.0681 0x09ac  fsssvc - ok
12:25:04.0736 0x09ac  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:25:04.0738 0x09ac  Fs_Rec - ok
12:25:04.0859 0x09ac  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:25:04.0864 0x09ac  fvevol - ok
12:25:04.0957 0x09ac  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:25:04.0959 0x09ac  gagp30kx - ok
12:25:05.0114 0x09ac  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:25:05.0115 0x09ac  GEARAspiWDM - ok
12:25:05.0328 0x09ac  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:25:05.0350 0x09ac  gpsvc - ok
12:25:05.0407 0x09ac  [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
12:25:05.0408 0x09ac  grmnusb - ok
12:25:05.0577 0x09ac  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:25:05.0581 0x09ac  gupdate - ok
12:25:05.0682 0x09ac  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:25:05.0685 0x09ac  gupdatem - ok
12:25:06.0030 0x09ac  [ 82B68F585110AE8500A6D23623AE1F74, 1ADCFA2D77E3BB9BDCDD15DC21E7F6707823788A1CFB31ED959BC470595EE89B ] ha10kx2k        C:\Windows\system32\drivers\ha10kx2k.sys
12:25:06.0076 0x09ac  ha10kx2k - ok
12:25:06.0143 0x09ac  [ 83F647F9ACE9192556F758E528024F68, 1007C2E3C8FDB3CB5FB3C336F9904AD076DC31BB263E633EF17E3813B9ED6EF6 ] hap16v2k        C:\Windows\system32\drivers\hap16v2k.sys
12:25:06.0150 0x09ac  hap16v2k - ok
12:25:06.0217 0x09ac  [ E815D29361DE89D24C8DBE3E5A7006C9, 2B9075CC6A2425D06E6C3CB77E0755727F8B0920575C660CF261981464D190F0 ] hap17v2k        C:\Windows\system32\drivers\hap17v2k.sys
12:25:06.0225 0x09ac  hap17v2k - ok
12:25:06.0273 0x09ac  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:25:06.0275 0x09ac  hcw85cir - ok
12:25:06.0385 0x09ac  [ AF844D328BB8EF0943BCAF10FA1FC263, 14C00769F26EC5CC82E0E5906E437D3E4AC48412332DEB0F9A2057C92906692C ] hcwPP2          C:\Windows\system32\DRIVERS\hcwPP2.sys
12:25:06.0391 0x09ac  hcwPP2 - ok
12:25:06.0538 0x09ac  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:25:06.0547 0x09ac  HdAudAddService - ok
12:25:06.0637 0x09ac  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:25:06.0640 0x09ac  HDAudBus - ok
12:25:06.0662 0x09ac  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:25:06.0663 0x09ac  HidBatt - ok
12:25:06.0705 0x09ac  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:25:06.0707 0x09ac  HidBth - ok
12:25:06.0772 0x09ac  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:25:06.0774 0x09ac  HidIr - ok
12:25:06.0823 0x09ac  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:25:06.0826 0x09ac  hidserv - ok
12:25:06.0931 0x09ac  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:25:06.0932 0x09ac  HidUsb - ok
12:25:06.0999 0x09ac  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:25:07.0005 0x09ac  hkmsvc - ok
12:25:07.0059 0x09ac  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:25:07.0071 0x09ac  HomeGroupListener - ok
12:25:07.0130 0x09ac  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:25:07.0138 0x09ac  HomeGroupProvider - ok
12:25:07.0200 0x09ac  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:25:07.0202 0x09ac  HpSAMD - ok
12:25:07.0395 0x09ac  [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
12:25:07.0409 0x09ac  HsfXAudioService - ok
12:25:07.0800 0x09ac  [ 64667D9808FD09FABEDCCF62E8F52662, 7DFD66065E7FF625FDE0A0665EBD1CECA70DE29C1CDE9D6B6C30677DB2292F1B ] HSF_DP          C:\Windows\system32\DRIVERS\CAX_DP.sys
12:25:07.0838 0x09ac  HSF_DP - ok
12:25:08.0053 0x09ac  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:25:08.0072 0x09ac  HTTP - ok
12:25:08.0104 0x09ac  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:25:08.0105 0x09ac  hwpolicy - ok
12:25:08.0168 0x09ac  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:25:08.0170 0x09ac  i8042prt - ok
12:25:08.0293 0x09ac  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:25:08.0302 0x09ac  iaStorV - ok
12:25:08.0559 0x09ac  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:25:08.0580 0x09ac  idsvc - ok
12:25:08.0719 0x09ac  IEEtwCollectorService - ok
12:25:08.0766 0x09ac  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:25:08.0767 0x09ac  iirsp - ok
12:25:09.0003 0x09ac  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:25:09.0026 0x09ac  IKEEXT - ok
12:25:09.0555 0x09ac  [ BFBABCB231628A4551DBB10D0EA25D62, F5F20E06040CD9527EF02A43E7FB2F2C0FDA1284FB465B7C71B3817D2D450F0A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:25:09.0604 0x09ac  IntcAzAudAddService - ok
12:25:09.0641 0x09ac  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:25:09.0642 0x09ac  intelide - ok
12:25:09.0697 0x09ac  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:25:09.0699 0x09ac  intelppm - ok
12:25:09.0778 0x09ac  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:25:09.0783 0x09ac  IPBusEnum - ok
12:25:09.0818 0x09ac  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:25:09.0821 0x09ac  IpFilterDriver - ok
12:25:09.0965 0x09ac  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:25:09.0981 0x09ac  iphlpsvc - ok
12:25:10.0028 0x09ac  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:25:10.0030 0x09ac  IPMIDRV - ok
12:25:10.0055 0x09ac  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:25:10.0059 0x09ac  IPNAT - ok
12:25:10.0335 0x09ac  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:25:10.0354 0x09ac  iPod Service - ok
12:25:10.0445 0x09ac  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:25:10.0446 0x09ac  IRENUM - ok
12:25:10.0473 0x09ac  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:25:10.0474 0x09ac  isapnp - ok
12:25:10.0566 0x09ac  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:25:10.0573 0x09ac  iScsiPrt - ok
12:25:10.0613 0x09ac  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:25:10.0615 0x09ac  kbdclass - ok
12:25:10.0655 0x09ac  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:25:10.0656 0x09ac  kbdhid - ok
12:25:10.0681 0x09ac  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
12:25:10.0684 0x09ac  KeyIso - ok
12:25:10.0728 0x09ac  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:25:10.0731 0x09ac  KSecDD - ok
12:25:10.0781 0x09ac  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:25:10.0786 0x09ac  KSecPkg - ok
12:25:10.0837 0x09ac  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:25:10.0838 0x09ac  ksthunk - ok
12:25:10.0964 0x09ac  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:25:10.0976 0x09ac  KtmRm - ok
12:25:11.0091 0x09ac  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:25:11.0101 0x09ac  LanmanServer - ok
12:25:11.0171 0x09ac  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:25:11.0178 0x09ac  LanmanWorkstation - ok
12:25:11.0322 0x09ac  [ B1E1C8BB1392537E4D415FCDCB93B1D3, 8F47F88743C1FA0CD9EABF712BD42FDAE04BEFD8568A5BD74CA3146AA975D08E ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:25:11.0324 0x09ac  LightScribeService - ok
12:25:11.0408 0x09ac  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:25:11.0410 0x09ac  lltdio - ok
12:25:11.0532 0x09ac  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:25:11.0542 0x09ac  lltdsvc - ok
12:25:11.0564 0x09ac  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:25:11.0568 0x09ac  lmhosts - ok
12:25:11.0622 0x09ac  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:25:11.0625 0x09ac  LSI_FC - ok
12:25:11.0657 0x09ac  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:25:11.0660 0x09ac  LSI_SAS - ok
12:25:11.0704 0x09ac  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:25:11.0707 0x09ac  LSI_SAS2 - ok
12:25:11.0766 0x09ac  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:25:11.0769 0x09ac  LSI_SCSI - ok
12:25:11.0795 0x09ac  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:25:11.0798 0x09ac  luafv - ok
12:25:11.0846 0x09ac  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:25:11.0851 0x09ac  Mcx2Svc - ok
12:25:11.0904 0x09ac  [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:25:11.0905 0x09ac  mdmxsdk - ok
12:25:11.0934 0x09ac  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:25:11.0935 0x09ac  megasas - ok
12:25:12.0013 0x09ac  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:25:12.0020 0x09ac  MegaSR - ok
12:25:12.0298 0x09ac  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:25:12.0300 0x09ac  Microsoft Office Groove Audit Service - ok
12:25:12.0356 0x09ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:25:12.0360 0x09ac  MMCSS - ok
12:25:12.0403 0x09ac  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:25:12.0404 0x09ac  Modem - ok
12:25:12.0494 0x09ac  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:25:12.0496 0x09ac  monitor - ok
12:25:12.0566 0x09ac  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:25:12.0568 0x09ac  mouclass - ok
12:25:12.0633 0x09ac  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:25:12.0635 0x09ac  mouhid - ok
12:25:12.0707 0x09ac  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:25:12.0710 0x09ac  mountmgr - ok
12:25:12.0774 0x09ac  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:25:12.0778 0x09ac  mpio - ok
12:25:12.0909 0x09ac  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:25:12.0912 0x09ac  mpsdrv - ok
12:25:13.0135 0x09ac  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:25:13.0159 0x09ac  MpsSvc - ok
12:25:13.0377 0x09ac  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:25:13.0402 0x09ac  MRxDAV - ok
12:25:13.0584 0x09ac  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:25:13.0617 0x09ac  mrxsmb - ok
12:25:13.0711 0x09ac  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:25:13.0718 0x09ac  mrxsmb10 - ok
12:25:13.0758 0x09ac  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:25:13.0761 0x09ac  mrxsmb20 - ok
12:25:13.0793 0x09ac  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:25:13.0794 0x09ac  msahci - ok
12:25:13.0858 0x09ac  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:25:13.0862 0x09ac  msdsm - ok
12:25:13.0913 0x09ac  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:25:13.0919 0x09ac  MSDTC - ok
12:25:14.0014 0x09ac  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
12:25:14.0017 0x09ac  MSDV - ok
12:25:14.0059 0x09ac  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:25:14.0061 0x09ac  Msfs - ok
12:25:14.0116 0x09ac  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:25:14.0117 0x09ac  mshidkmdf - ok
12:25:14.0167 0x09ac  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:25:14.0169 0x09ac  msisadrv - ok
12:25:14.0294 0x09ac  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:25:14.0300 0x09ac  MSiSCSI - ok
12:25:14.0304 0x09ac  msiserver - ok
12:25:14.0350 0x09ac  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:25:14.0351 0x09ac  MSKSSRV - ok
12:25:14.0400 0x09ac  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:25:14.0401 0x09ac  MSPCLOCK - ok
12:25:14.0487 0x09ac  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:25:14.0488 0x09ac  MSPQM - ok
12:25:14.0580 0x09ac  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:25:14.0589 0x09ac  MsRPC - ok
12:25:14.0611 0x09ac  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:25:14.0612 0x09ac  mssmbios - ok
12:25:14.0632 0x09ac  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:25:14.0633 0x09ac  MSTEE - ok
12:25:14.0654 0x09ac  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:25:14.0655 0x09ac  MTConfig - ok
12:25:14.0690 0x09ac  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:25:14.0692 0x09ac  Mup - ok
12:25:14.0823 0x09ac  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:25:14.0838 0x09ac  napagent - ok
12:25:15.0013 0x09ac  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:25:15.0021 0x09ac  NativeWifiP - ok
12:25:15.0267 0x09ac  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:25:15.0291 0x09ac  NDIS - ok
12:25:15.0363 0x09ac  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:25:15.0364 0x09ac  NdisCap - ok
12:25:15.0416 0x09ac  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:25:15.0418 0x09ac  NdisTapi - ok
12:25:15.0514 0x09ac  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:25:15.0516 0x09ac  Ndisuio - ok
12:25:15.0588 0x09ac  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:25:15.0593 0x09ac  NdisWan - ok
12:25:15.0637 0x09ac  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:25:15.0639 0x09ac  NDProxy - ok
12:25:15.0992 0x09ac  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:25:16.0016 0x09ac  Nero BackItUp Scheduler 4.0 - ok
12:25:16.0064 0x09ac  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:25:16.0065 0x09ac  NetBIOS - ok
12:25:16.0125 0x09ac  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:25:16.0131 0x09ac  NetBT - ok
12:25:16.0153 0x09ac  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
12:25:16.0156 0x09ac  Netlogon - ok
12:25:16.0283 0x09ac  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:25:16.0295 0x09ac  Netman - ok
12:25:16.0690 0x09ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:25:16.0694 0x09ac  NetMsmqActivator - ok
12:25:16.0715 0x09ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:25:16.0719 0x09ac  NetPipeActivator - ok
12:25:16.0854 0x09ac  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:25:16.0868 0x09ac  netprofm - ok
12:25:16.0896 0x09ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:25:16.0899 0x09ac  NetTcpActivator - ok
12:25:16.0905 0x09ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:25:16.0909 0x09ac  NetTcpPortSharing - ok
12:25:16.0966 0x09ac  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:25:16.0968 0x09ac  nfrd960 - ok
12:25:17.0075 0x09ac  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:25:17.0087 0x09ac  NlaSvc - ok
12:25:17.0117 0x09ac  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:25:17.0119 0x09ac  Npfs - ok
12:25:17.0167 0x09ac  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:25:17.0171 0x09ac  nsi - ok
12:25:17.0199 0x09ac  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:25:17.0200 0x09ac  nsiproxy - ok
12:25:17.0633 0x09ac  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:25:17.0701 0x09ac  Ntfs - ok
12:25:17.0811 0x09ac  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:25:17.0812 0x09ac  Null - ok
12:25:17.0892 0x09ac  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:25:17.0897 0x09ac  NVHDA - ok
12:25:18.0728 0x09ac  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:25:19.0097 0x09ac  nvlddmkm - ok
12:25:19.0649 0x09ac  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:25:19.0691 0x09ac  NvNetworkService - ok
12:25:19.0773 0x09ac  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:25:19.0777 0x09ac  nvraid - ok
12:25:19.0844 0x09ac  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:25:19.0848 0x09ac  nvstor - ok
12:25:20.0944 0x09ac  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:25:21.0398 0x09ac  NvStreamSvc - ok
12:25:21.0783 0x09ac  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:25:21.0809 0x09ac  nvsvc - ok
12:25:21.0911 0x09ac  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:25:21.0913 0x09ac  nvvad_WaveExtensible - ok
12:25:21.0974 0x09ac  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:25:21.0977 0x09ac  nv_agp - ok
12:25:22.0262 0x09ac  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:25:22.0273 0x09ac  odserv - ok
12:25:22.0314 0x09ac  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:25:22.0316 0x09ac  ohci1394 - ok
12:25:22.0419 0x09ac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:25:22.0423 0x09ac  ose - ok
12:25:22.0496 0x09ac  [ 85EA378116E2C4385993BA5124536FFC, C641A62375F846839ED2CDFDF09D2E3CE393AAEE99490B1E1338C81B6F4D7257 ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
12:25:22.0501 0x09ac  ossrv - ok
12:25:22.0943 0x09ac  [ EDD1DCD36F6115ACC6935C3F88FF54D7, 43A84A7459D926B635F23EE09FC7C67C2B03725A3EEA9D38A18FDB9CD7C7F785 ] P17             C:\Windows\system32\drivers\P17.sys
12:25:23.0032 0x09ac  P17 - ok
12:25:23.0231 0x09ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:25:23.0284 0x09ac  p2pimsvc - ok
12:25:23.0524 0x09ac  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:25:23.0538 0x09ac  p2psvc - ok
12:25:23.0557 0x09ac  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:25:23.0560 0x09ac  Parport - ok
12:25:23.0607 0x09ac  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:25:23.0610 0x09ac  partmgr - ok
12:25:23.0658 0x09ac  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:25:23.0666 0x09ac  PcaSvc - ok
12:25:23.0719 0x09ac  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:25:23.0724 0x09ac  pci - ok
12:25:23.0756 0x09ac  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:25:23.0757 0x09ac  pciide - ok
12:25:23.0810 0x09ac  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:25:23.0816 0x09ac  pcmcia - ok
12:25:23.0833 0x09ac  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:25:23.0835 0x09ac  pcw - ok
12:25:24.0017 0x09ac  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:25:24.0034 0x09ac  PEAUTH - ok
12:25:24.0415 0x09ac  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:25:24.0418 0x09ac  PerfHost - ok
12:25:24.0782 0x09ac  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:25:24.0821 0x09ac  pla - ok
12:25:24.0961 0x09ac  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:25:24.0976 0x09ac  PlugPlay - ok
12:25:24.0992 0x09ac  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:25:24.0997 0x09ac  PNRPAutoReg - ok
12:25:25.0021 0x09ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:25:25.0032 0x09ac  PNRPsvc - ok
12:25:25.0164 0x09ac  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:25:25.0178 0x09ac  PolicyAgent - ok
12:25:25.0232 0x09ac  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:25:25.0241 0x09ac  Power - ok
12:25:25.0295 0x09ac  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:25:25.0299 0x09ac  PptpMiniport - ok
12:25:25.0319 0x09ac  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:25:25.0322 0x09ac  Processor - ok
12:25:25.0392 0x09ac  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:25:25.0401 0x09ac  ProfSvc - ok
12:25:25.0428 0x09ac  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:25:25.0432 0x09ac  ProtectedStorage - ok
12:25:25.0527 0x09ac  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:25:25.0531 0x09ac  Psched - ok
12:25:25.0657 0x09ac  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
12:25:25.0661 0x09ac  pwdrvio - ok
12:25:25.0824 0x09ac  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
12:25:25.0829 0x09ac  pwdspio - ok
12:25:25.0925 0x09ac  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:25:25.0927 0x09ac  PxHlpa64 - ok
12:25:26.0261 0x09ac  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:25:26.0301 0x09ac  ql2300 - ok
12:25:26.0329 0x09ac  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:25:26.0333 0x09ac  ql40xx - ok
12:25:26.0393 0x09ac  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:25:26.0402 0x09ac  QWAVE - ok
12:25:26.0451 0x09ac  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:25:26.0452 0x09ac  QWAVEdrv - ok
12:25:26.0474 0x09ac  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:25:26.0475 0x09ac  RasAcd - ok
12:25:26.0525 0x09ac  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:25:26.0527 0x09ac  RasAgileVpn - ok
12:25:26.0554 0x09ac  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:25:26.0561 0x09ac  RasAuto - ok
12:25:26.0618 0x09ac  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:25:26.0621 0x09ac  Rasl2tp - ok
12:25:26.0727 0x09ac  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:25:26.0740 0x09ac  RasMan - ok
12:25:26.0762 0x09ac  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:25:26.0765 0x09ac  RasPppoe - ok
12:25:26.0816 0x09ac  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:25:26.0818 0x09ac  RasSstp - ok
12:25:26.0914 0x09ac  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:25:26.0922 0x09ac  rdbss - ok
12:25:26.0948 0x09ac  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:25:26.0950 0x09ac  rdpbus - ok
12:25:26.0973 0x09ac  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:25:26.0975 0x09ac  RDPCDD - ok
12:25:27.0049 0x09ac  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:25:27.0051 0x09ac  RDPENCDD - ok
12:25:27.0076 0x09ac  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:25:27.0077 0x09ac  RDPREFMP - ok
12:25:27.0131 0x09ac  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:25:27.0137 0x09ac  RDPWD - ok
12:25:27.0207 0x09ac  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:25:27.0212 0x09ac  rdyboost - ok
12:25:27.0265 0x09ac  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:25:27.0270 0x09ac  RemoteAccess - ok
12:25:27.0333 0x09ac  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:25:27.0341 0x09ac  RemoteRegistry - ok
12:25:27.0389 0x09ac  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:25:27.0391 0x09ac  RimUsb - ok
12:25:27.0437 0x09ac  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:25:27.0439 0x09ac  RimVSerPort - ok
12:25:27.0505 0x09ac  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
12:25:27.0506 0x09ac  ROOTMODEM - ok
12:25:27.0537 0x09ac  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:25:27.0543 0x09ac  RpcEptMapper - ok
12:25:27.0578 0x09ac  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:25:27.0581 0x09ac  RpcLocator - ok
12:25:27.0712 0x09ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:25:27.0728 0x09ac  RpcSs - ok
12:25:27.0901 0x09ac  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys
12:25:27.0903 0x09ac  RRNetCap - ok
12:25:27.0974 0x09ac  [ C76BA99AA5DAAE0FB24CB3D39F231783, 8F73B1DD725BBBA752D78BA61F45F0184680F9A0D8BD8528C96822971CD5A02B ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys
12:25:27.0975 0x09ac  RrNetCapFilterDriver - ok
12:25:28.0030 0x09ac  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys
12:25:28.0032 0x09ac  RRNetCapMP - ok
12:25:28.0085 0x09ac  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:25:28.0088 0x09ac  rspndr - ok
12:25:28.0224 0x09ac  [ C8D0CA461D647165DD5C8DE1FF5EA822, 3DBA1109097D5DA1A68E721AA89CCB0C1D1CA44932314E729F3342DA76CA0AB0 ] rsvcdwdr        C:\Windows\system32\DRIVERS\rsvcdwdr.sys
12:25:28.0226 0x09ac  rsvcdwdr - ok
12:25:28.0248 0x09ac  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
12:25:28.0251 0x09ac  SamSs - ok
12:25:28.0371 0x09ac  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:25:28.0372 0x09ac  SASDIFSV - ok
12:25:28.0467 0x09ac  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:25:28.0468 0x09ac  SASKUTIL - ok
12:25:28.0522 0x09ac  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
12:25:28.0525 0x09ac  sbp2port - ok
12:25:28.0855 0x09ac  [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:25:28.0885 0x09ac  SBSDWSCService - ok
12:25:28.0944 0x09ac  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:25:28.0952 0x09ac  SCardSvr - ok
12:25:28.0989 0x09ac  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:25:28.0990 0x09ac  scfilter - ok
12:25:29.0285 0x09ac  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:25:29.0317 0x09ac  Schedule - ok
12:25:29.0345 0x09ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:25:29.0348 0x09ac  SCPolicySvc - ok
12:25:29.0424 0x09ac  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:25:29.0433 0x09ac  SDRSVC - ok
12:25:29.0492 0x09ac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:25:29.0493 0x09ac  secdrv - ok
12:25:29.0527 0x09ac  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:25:29.0532 0x09ac  seclogon - ok
12:25:29.0557 0x09ac  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:25:29.0569 0x09ac  SENS - ok
12:25:29.0586 0x09ac  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:25:29.0596 0x09ac  SensrSvc - ok
12:25:29.0632 0x09ac  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:25:29.0634 0x09ac  Serenum - ok
12:25:29.0702 0x09ac  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:25:29.0705 0x09ac  Serial - ok
12:25:29.0745 0x09ac  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:25:29.0746 0x09ac  sermouse - ok
12:25:29.0793 0x09ac  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:25:29.0800 0x09ac  SessionEnv - ok
12:25:29.0836 0x09ac  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:25:29.0838 0x09ac  sffdisk - ok
12:25:29.0867 0x09ac  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:25:29.0868 0x09ac  sffp_mmc - ok
12:25:29.0896 0x09ac  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:25:29.0897 0x09ac  sffp_sd - ok
12:25:29.0914 0x09ac  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:25:29.0915 0x09ac  sfloppy - ok
12:25:30.0316 0x09ac  [ D85B7C7810D4FDE6DA341EF96DE13702, 6F5A8E1FD81D53AAE8E121CF8A02EA2678C346217740CAC17144F08A5BBBC147 ] SgtSch2Svc      C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
12:25:30.0346 0x09ac  SgtSch2Svc - ok
12:25:30.0476 0x09ac  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:25:30.0487 0x09ac  SharedAccess - ok
12:25:30.0587 0x09ac  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:25:30.0600 0x09ac  ShellHWDetection - ok
12:25:30.0625 0x09ac  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:25:30.0627 0x09ac  SiSRaid2 - ok
12:25:30.0650 0x09ac  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:25:30.0653 0x09ac  SiSRaid4 - ok
12:25:30.0720 0x09ac  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:25:30.0723 0x09ac  Smb - ok
12:25:30.0800 0x09ac  [ 32CDE417100C530964E79C53B4E994CA, 4BEAC22E7016031725F885A6C69AAE40F871074F01F334450773CE77C1E75BC8 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
12:25:30.0807 0x09ac  snapman - ok
12:25:30.0852 0x09ac  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:25:30.0857 0x09ac  SNMPTRAP - ok
12:25:30.0878 0x09ac  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:25:30.0880 0x09ac  spldr - ok
12:25:31.0073 0x09ac  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:25:31.0092 0x09ac  Spooler - ok
12:25:31.0605 0x09ac  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:25:31.0697 0x09ac  sppsvc - ok
12:25:31.0731 0x09ac  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:25:31.0737 0x09ac  sppuinotify - ok
12:25:31.0865 0x09ac  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:25:31.0877 0x09ac  srv - ok
12:25:32.0019 0x09ac  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:25:32.0029 0x09ac  srv2 - ok
12:25:32.0086 0x09ac  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:25:32.0091 0x09ac  srvnet - ok
12:25:32.0289 0x09ac  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
12:25:32.0294 0x09ac  ssadbus - ok
12:25:32.0341 0x09ac  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:25:32.0350 0x09ac  SSDPSRV - ok
12:25:32.0383 0x09ac  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:25:32.0389 0x09ac  SstpSvc - ok
12:25:32.0619 0x09ac  [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:25:32.0630 0x09ac  Stereo Service - ok
12:25:32.0656 0x09ac  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:25:32.0657 0x09ac  stexstor - ok
12:25:32.0840 0x09ac  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:25:32.0859 0x09ac  stisvc - ok
12:25:32.0899 0x09ac  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:25:32.0900 0x09ac  swenum - ok
12:25:33.0048 0x09ac  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:25:33.0067 0x09ac  swprv - ok
12:25:33.0492 0x09ac  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:25:33.0539 0x09ac  SysMain - ok
12:25:33.0574 0x09ac  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:25:33.0581 0x09ac  TabletInputService - ok
12:25:33.0663 0x09ac  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:25:33.0676 0x09ac  TapiSrv - ok
12:25:33.0743 0x09ac  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
12:25:33.0745 0x09ac  tbhsd - ok
12:25:33.0773 0x09ac  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:25:33.0779 0x09ac  TBS - ok
12:25:34.0238 0x09ac  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:25:34.0286 0x09ac  Tcpip - ok
12:25:34.0361 0x09ac  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:25:34.0402 0x09ac  TCPIP6 - ok
12:25:34.0468 0x09ac  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:25:34.0470 0x09ac  tcpipreg - ok
12:25:34.0503 0x09ac  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:25:34.0504 0x09ac  TDPIPE - ok
12:25:34.0546 0x09ac  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:25:34.0547 0x09ac  TDTCP - ok
12:25:34.0598 0x09ac  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:25:34.0601 0x09ac  tdx - ok
12:25:34.0620 0x09ac  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:25:34.0622 0x09ac  TermDD - ok
12:25:34.0789 0x09ac  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:25:34.0811 0x09ac  TermService - ok
12:25:34.0830 0x09ac  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:25:34.0836 0x09ac  Themes - ok
12:25:34.0891 0x09ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:25:34.0895 0x09ac  THREADORDER - ok
12:25:35.0193 0x09ac  [ 6ADC063FD51F03EF0CAB3E716A725BD2, 887DD28D95C4EC374333ED3E6CA9EA9E79B237751A0AB1739CBA1B9B5E740D74 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
12:25:35.0221 0x09ac  timounter - ok
12:25:35.0242 0x09ac  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:25:35.0250 0x09ac  TrkWks - ok
12:25:35.0391 0x09ac  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:25:35.0397 0x09ac  TrustedInstaller - ok
12:25:35.0445 0x09ac  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:25:35.0447 0x09ac  tssecsrv - ok
12:25:35.0514 0x09ac  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:25:35.0516 0x09ac  TsUsbFlt - ok
12:25:35.0611 0x09ac  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:25:35.0615 0x09ac  tunnel - ok
12:25:35.0635 0x09ac  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:25:35.0638 0x09ac  uagp35 - ok
12:25:35.0757 0x09ac  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:25:35.0765 0x09ac  udfs - ok
12:25:35.0788 0x09ac  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:25:35.0793 0x09ac  UI0Detect - ok
12:25:35.0811 0x09ac  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:25:35.0813 0x09ac  uliagpkx - ok
12:25:35.0850 0x09ac  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:25:35.0852 0x09ac  umbus - ok
12:25:35.0899 0x09ac  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:25:35.0901 0x09ac  UmPass - ok
12:25:36.0011 0x09ac  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:25:36.0025 0x09ac  upnphost - ok
12:25:36.0089 0x09ac  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:25:36.0091 0x09ac  USBAAPL64 - ok
12:25:36.0131 0x09ac  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:25:36.0134 0x09ac  usbccgp - ok
12:25:36.0254 0x09ac  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:25:36.0257 0x09ac  usbcir - ok
12:25:36.0307 0x09ac  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:25:36.0309 0x09ac  usbehci - ok
12:25:36.0418 0x09ac  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:25:36.0427 0x09ac  usbhub - ok
12:25:36.0446 0x09ac  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:25:36.0448 0x09ac  usbohci - ok
12:25:36.0495 0x09ac  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:25:36.0496 0x09ac  usbprint - ok
12:25:36.0544 0x09ac  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
12:25:36.0546 0x09ac  usbscan - ok
12:25:36.0570 0x09ac  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:25:36.0573 0x09ac  USBSTOR - ok
12:25:36.0596 0x09ac  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:25:36.0598 0x09ac  usbuhci - ok
12:25:36.0624 0x09ac  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:25:36.0630 0x09ac  UxSms - ok
12:25:36.0649 0x09ac  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
12:25:36.0652 0x09ac  VaultSvc - ok
12:25:36.0700 0x09ac  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:25:36.0702 0x09ac  vdrvroot - ok
12:25:36.0895 0x09ac  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:25:36.0915 0x09ac  vds - ok
12:25:36.0962 0x09ac  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:25:36.0964 0x09ac  vga - ok
12:25:36.0992 0x09ac  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:25:36.0994 0x09ac  VgaSave - ok
12:25:37.0088 0x09ac  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:25:37.0095 0x09ac  vhdmp - ok
12:25:37.0131 0x09ac  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:25:37.0133 0x09ac  viaide - ok
12:25:37.0190 0x09ac  [ 96A4F56CBBA3DCF5D90CDA1BC218D040, 095F4BC461545028CB3EDBE986A29997B206C812AC6CF8B97097CEC7FE52127D ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
12:25:37.0195 0x09ac  vididr - ok
12:25:37.0322 0x09ac  [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53       C:\Windows\system32\DRIVERS\vsflt53.sys
12:25:37.0326 0x09ac  vidsflt53 - ok
12:25:37.0349 0x09ac  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:25:37.0352 0x09ac  volmgr - ok
12:25:37.0437 0x09ac  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:25:37.0446 0x09ac  volmgrx - ok
12:25:37.0522 0x09ac  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:25:37.0528 0x09ac  volsnap - ok
12:25:37.0577 0x09ac  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:25:37.0581 0x09ac  vsmraid - ok
12:25:37.0973 0x09ac  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:25:38.0024 0x09ac  VSS - ok
12:25:38.0169 0x09ac  [ 93132C69394A99D992095D8CFE464801, A76C0371E9E18B038B0745C3F38AC4E958D43CB87EAB358EB88F431A33EE1F6E ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
12:25:38.0179 0x09ac  VST64HWBS2 - ok
12:25:38.0490 0x09ac  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:25:38.0527 0x09ac  VST64_DPV - ok
12:25:38.0557 0x09ac  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:25:38.0559 0x09ac  vwifibus - ok
12:25:38.0618 0x09ac  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:25:38.0620 0x09ac  vwififlt - ok
12:25:38.0726 0x09ac  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:25:38.0728 0x09ac  vwifimp - ok
12:25:38.0805 0x09ac  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:25:38.0819 0x09ac  W32Time - ok
12:25:38.0839 0x09ac  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:25:38.0840 0x09ac  WacomPen - ok
12:25:38.0912 0x09ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:25:38.0915 0x09ac  WANARP - ok
12:25:38.0941 0x09ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:25:38.0943 0x09ac  Wanarpv6 - ok
12:25:39.0292 0x09ac  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:25:39.0323 0x09ac  WatAdminSvc - ok
12:25:39.0729 0x09ac  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:25:39.0771 0x09ac  wbengine - ok
12:25:39.0829 0x09ac  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:25:39.0838 0x09ac  WbioSrvc - ok
12:25:39.0935 0x09ac  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:25:39.0948 0x09ac  wcncsvc - ok
12:25:39.0975 0x09ac  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:25:39.0980 0x09ac  WcsPlugInService - ok
12:25:39.0998 0x09ac  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:25:39.0999 0x09ac  Wd - ok
12:25:40.0208 0x09ac  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:25:40.0228 0x09ac  Wdf01000 - ok
12:25:40.0269 0x09ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:25:40.0276 0x09ac  WdiServiceHost - ok
12:25:40.0285 0x09ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:25:40.0292 0x09ac  WdiSystemHost - ok
12:25:40.0366 0x09ac  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:25:40.0377 0x09ac  WebClient - ok
12:25:40.0436 0x09ac  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:25:40.0446 0x09ac  Wecsvc - ok
12:25:40.0465 0x09ac  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:25:40.0472 0x09ac  wercplsupport - ok
12:25:40.0517 0x09ac  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:25:40.0524 0x09ac  WerSvc - ok
12:25:40.0570 0x09ac  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:25:40.0571 0x09ac  WfpLwf - ok
12:25:40.0859 0x09ac  [ 1EF54B3220EBF3794439EB072B350F3E, 5DA36BC5BCBDC55AFFF8AFE4AB90D383AE20CD11D822DEE342668FB13B8DBE8D ] WHSConnector    C:\Program Files\Windows Home Server\WHSConnector.exe
12:25:40.0872 0x09ac  WHSConnector - ok
12:25:40.0898 0x09ac  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:25:40.0899 0x09ac  WIMMount - ok
12:25:41.0093 0x09ac  [ A6EA7A3FC4B00F48535B506DB1E86EFD, B2A28C0438BA679D760FB8B68289D625CF6204DFF8000A285B5CA68417314F65 ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
12:25:41.0112 0x09ac  winachsf - ok
12:25:41.0150 0x09ac  WinDefend - ok
12:25:41.0183 0x09ac  WinHttpAutoProxySvc - ok
12:25:41.0423 0x09ac  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:25:41.0444 0x09ac  Winmgmt - ok
12:25:41.0959 0x09ac  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:25:42.0013 0x09ac  WinRM - ok
12:25:42.0147 0x09ac  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:25:42.0149 0x09ac  WinUsb - ok
12:25:42.0389 0x09ac  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:25:42.0416 0x09ac  Wlansvc - ok
12:25:42.0505 0x09ac  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:25:42.0507 0x09ac  wlcrasvc - ok
12:25:43.0182 0x09ac  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:25:43.0239 0x09ac  wlidsvc - ok
12:25:43.0381 0x09ac  [ 14DC5897BC6C4E03C023AD80ABB7F539, E0C528555C0FCE726AF170B26A5DE4D1863BC0731365A595322444FC8E05931E ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
12:25:43.0383 0x09ac  WmBEnum - ok
12:25:43.0523 0x09ac  [ 2DE0A0CEA49972C82C7E9D36BD4C1247, 363632409DF88DEFABD0B67E4A26DC287749F4C39C7C7C5C879480B1ED866B95 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
12:25:43.0525 0x09ac  WmFilter - ok
12:25:43.0543 0x09ac  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:25:43.0544 0x09ac  WmiAcpi - ok
12:25:43.0618 0x09ac  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:25:43.0624 0x09ac  wmiApSrv - ok
12:25:43.0674 0x09ac  WMPNetworkSvc - ok
12:25:43.0728 0x09ac  [ 53C12AE1183F3F7787F1F1835001CCC0, 48CEE3AA45DE3CA140C9BC5E7791F0CA72FB2CF7E42B0B1AF7FC42B78A414F68 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
12:25:43.0729 0x09ac  WmVirHid - ok
12:25:43.0759 0x09ac  [ C807E470CCA24F5E479DA4872A7D2121, 900273726C62D0815BACC15F9CCBF2E9389CB2E572D6D855B6B65B24853D0288 ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
12:25:43.0761 0x09ac  WmXlCore - ok
12:25:43.0782 0x09ac  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:25:43.0787 0x09ac  WPCSvc - ok
12:25:43.0830 0x09ac  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:25:43.0838 0x09ac  WPDBusEnum - ok
12:25:43.0860 0x09ac  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:25:43.0862 0x09ac  ws2ifsl - ok
12:25:43.0895 0x09ac  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:25:43.0902 0x09ac  wscsvc - ok
12:25:43.0907 0x09ac  WSearch - ok
12:25:44.0447 0x09ac  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:25:44.0513 0x09ac  wuauserv - ok
12:25:44.0560 0x09ac  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:25:44.0563 0x09ac  WudfPf - ok
12:25:44.0626 0x09ac  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:25:44.0632 0x09ac  WUDFRd - ok
12:25:44.0651 0x09ac  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:25:44.0659 0x09ac  wudfsvc - ok
12:25:44.0723 0x09ac  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:25:44.0734 0x09ac  WwanSvc - ok
12:25:44.0769 0x09ac  [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio          C:\Windows\system32\DRIVERS\XAudio64.sys
12:25:44.0771 0x09ac  XAudio - ok
12:25:44.0822 0x09ac  ================ Scan global ===============================
12:25:44.0877 0x09ac  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:25:44.0955 0x09ac  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:25:44.0973 0x09ac  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:25:45.0004 0x09ac  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:25:45.0092 0x09ac  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:25:45.0103 0x09ac  [ Global ] - ok
12:25:45.0103 0x09ac  ================ Scan MBR ==================================
12:25:45.0123 0x09ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:25:45.0499 0x09ac  \Device\Harddisk0\DR0 - ok
12:25:45.0503 0x09ac  [ 5F8B5082F3482CC06B72EC5806598AE9 ] \Device\Harddisk1\DR1
12:25:46.0240 0x09ac  \Device\Harddisk1\DR1 - ok
12:25:46.0260 0x09ac  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk7\DR7
12:25:46.0310 0x09ac  \Device\Harddisk7\DR7 - ok
12:25:46.0315 0x09ac  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk8\DR10
12:25:46.0324 0x09ac  \Device\Harddisk8\DR10 - ok
12:25:46.0328 0x09ac  [ 4E109E088EF4F29892FB4B77AB48296C ] \Device\Harddisk9\DR11
12:25:46.0387 0x09ac  \Device\Harddisk9\DR11 - ok
12:25:46.0388 0x09ac  ================ Scan VBR ==================================
12:25:46.0391 0x09ac  [ A3F8905CEC2204FDA7D662EDBA1DF818 ] \Device\Harddisk0\DR0\Partition1
12:25:46.0472 0x09ac  \Device\Harddisk0\DR0\Partition1 - ok
12:25:46.0475 0x09ac  [ 827F0A0FF097DBEB43ED37CB9751A7B5 ] \Device\Harddisk0\DR0\Partition2
12:25:46.0549 0x09ac  \Device\Harddisk0\DR0\Partition2 - ok
12:25:46.0552 0x09ac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
12:25:46.0553 0x09ac  \Device\Harddisk1\DR1\Partition1 - ok
12:25:46.0558 0x09ac  [ 55529B6E757F862B421460FB62D8DF1C ] \Device\Harddisk1\DR1\Partition2
12:25:46.0560 0x09ac  \Device\Harddisk1\DR1\Partition2 - ok
12:25:46.0564 0x09ac  [ 21F43DA7799D3BE141A62DECC25C8EED ] \Device\Harddisk7\DR7\Partition1
12:25:46.0589 0x09ac  \Device\Harddisk7\DR7\Partition1 - ok
12:25:46.0593 0x09ac  [ 944CD588B8CCEB91FC43D3A1DD2583D0 ] \Device\Harddisk8\DR10\Partition1
12:25:46.0703 0x09ac  \Device\Harddisk8\DR10\Partition1 - ok
12:25:46.0714 0x09ac  [ ABD30D9DF667C3E4CBE157742E87DA55 ] \Device\Harddisk9\DR11\Partition1
12:25:46.0717 0x09ac  \Device\Harddisk9\DR11\Partition1 - ok
12:25:46.0718 0x09ac  Waiting for KSN requests completion. In queue: 157
12:25:47.0719 0x09ac  Waiting for KSN requests completion. In queue: 157
12:25:48.0719 0x09ac  Waiting for KSN requests completion. In queue: 157
12:25:50.0579 0x09ac  AV detected via SS2: avast! Antivirus, C:\Program Files\Alwil Software\Avast5\VisthAux.exe ( 9.0.2013.292 ), 0x41000 ( enabled : updated )
12:25:50.0584 0x09ac  Win FW state via NFP2: enabled
12:25:53.0058 0x09ac  ============================================================
12:25:53.0058 0x09ac  Scan finished
12:25:53.0058 0x09ac  ============================================================
12:25:53.0071 0x0b24  Detected object count: 1
12:25:53.0072 0x0b24  Actual detected object count: 1
12:25:59.0749 0x0b24  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
12:25:59.0749 0x0b24  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 26 March 2014 - 03:45 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 26 March 2014 - 08:00 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Mabrey Family at 2014-03-26 08:59:50 Run:1
Running from C:\Users\Mabrey Family\Desktop\Bleeping computer
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164
SearchScopes: HKLM-x32 - DefaultScope {DA48DB29-162D-476B-BB9A-F2DC34FFF1E8} URL = 
SearchScopes: HKCU - DefaultScope {DA48DB29-162D-476B-BB9A-F2DC34FFF1E8} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3316751&CUI=UN17009446392591716&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
CHR HKCU\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Mabrey Family\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [kepfgejmidkmoiimkfdjocdjhbcpmlmg] - C:\Users\Mabrey Family\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Mabrey Family\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [kepfgejmidkmoiimkfdjocdjhbcpmlmg] - C:\Users\Mabrey Family\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx [2013-12-24]
 
C:\Users\Public\AlexaNSISPlugin.5728.dll
*****************
 
C:\ProgramData\TEMP => ":5F64C164" ADS removed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key deleted successfully.
HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DA48DB29-162D-476B-BB9A-F2DC34FFF1E8} => Key deleted successfully.
HKCR\CLSID\{DA48DB29-162D-476B-BB9A-F2DC34FFF1E8} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff => Key deleted successfully.
"C:\Users\Mabrey Family\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\kepfgejmidkmoiimkfdjocdjhbcpmlmg => Key deleted successfully.
C:\Users\Mabrey Family\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff => Key deleted successfully.
"C:\Users\Mabrey Family\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kepfgejmidkmoiimkfdjocdjhbcpmlmg => Key deleted successfully.
"C:\Users\Mabrey Family\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx" => File/Directory not found.
C:\Users\Public\AlexaNSISPlugin.5728.dll => Moved successfully.
 
==== End of Fixlog ====


#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 26 March 2014 - 08:28 AM

Then I need the MBAM log as well. :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 26 March 2014 - 09:25 AM

Yes, it will take about 24 hours to run the MBAM.  It is currently running but normally takes a really long time when I use MAB.



#12 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 27 March 2014 - 03:57 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.26.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Mabrey Family :: COMPUREX2 [administrator]
 
3/26/2014 9:04:04 AM
mbam-log-2014-03-26 (09-04-04).txt
 
Scan type: Full scan (C:\|D:\|F:\|M:\|O:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 2125253
Time elapsed: 16 hour(s), 18 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 3
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\Mabrey Family\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
 
(end)


#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 28 March 2014 - 04:34 AM

Let´s cross check:

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 trnsprt

trnsprt
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Near Washington D.C.
  • Local time:01:53 PM

Posted 28 March 2014 - 07:48 PM

C:\AdwCleaner\Quarantine\C\Users\Mabrey Family\AppData\Local\TBHostSupport\TBHostSupport.dll.vir a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\Program Files\DCE\dce.exe MSIL/Adware.Agent.AC application
C:\Users\Mabrey Family\AppData\Local\Installer\Install_24536\cr.exe a variant of Win32/SpeedBit.A potentially unwanted application
C:\Users\Mabrey Family\AppData\Local\TBHostSupport\TBHostSupport.dll a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\Users\Mabrey Family\Downloads\cbsidlm-cbsi134-Free_PDF_Creator-SEO-75219421.exe a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Mabrey Family\Downloads\cbsidlm-tr1_7-JPG_to_PDF_Converter-SEO2-10921191 (1).exe Win32/DownloadAdmin.D potentially unwanted application
C:\Users\Mabrey Family\Downloads\cbsidlm-tr1_7-JPG_to_PDF_Converter-SEO2-10921191.exe Win32/DownloadAdmin.D potentially unwanted application
C:\Users\Mabrey Family\Downloads\ccsetup314.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup315.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup324 (1).exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup324.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup327 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup327.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup404 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup408.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mabrey Family\Downloads\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mabrey Family\Downloads\PDFCreator-1_7_1_setup.exe Win32/InstallMonetizer.AQ potentially unwanted application
C:\Users\Mabrey Family\Downloads\Produtools_Manuals_2_1.exe Win32/Toolbar.Conduit potentially unwanted application
C:\Users\Mabrey Family\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application


#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 31 March 2014 - 02:48 AM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users