Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to activate Windows Defender


  • This topic is locked This topic is locked
25 replies to this topic

#1 oreofudge

oreofudge

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 16 June 2014 - 11:33 PM

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:33 AM, on 6/17/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\windows\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - !{8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2AM2337N05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [cdloader] "C:\Users\Yelena 2\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {DEECEC99-6732-42C9-B8C9-49C883CAEC32} (ELSCourseMngr.clsVTELSDnld) - http://pearsonellis.com/v5/2/9/ELLISFLASHENGINE/ELSCourseMngr.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (file missing)
 
--
End of file - 15147 bytes
 


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 PM

Posted 17 June 2014 - 02:33 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 17 June 2014 - 08:28 AM

Thank you Marius for your quick response and kind help.

 

Please be aware that your instructions will applied to my sister's computer which I am accessing using "LOGMEIN", hope this is ok.

 

As per your request, below you will find the resulting log files in order.

 

---

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Yelena 2 (administrator) on YELENA-PC on 17-06-2014 09:14:49
Running from C:\Users\Yelena 2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1483776 2010-02-25] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2010-09-17] (LogMeIn, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-07-16] (MyHeritage)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-03-31] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2
HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-10-15] (Google Inc.)
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Run: [cdloader] => C:\Users\Yelena 2\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2013-05-06] (magicJack L.P.)
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21442176 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3137217817-3696929459-3960846700-1007\...\MountPoints2: D - D:\Future_5.exe
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll File Not Found
AppInit_DLLs:  C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll File Not Found
IFEO\ehshell.exe: [Debugger] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
HKLM\...\AppCertDlls: [dpapntui] -> C:\Users\Yelena\AppData\Local\Temp\charetup.dll
HKLM\...\AppCertDlls: [mobsdmin] -> C:\Users\Yelena\AppData\Local\Temp\charetup64.dll
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyUsers\S-1-5-21-3137217817-3696929459-3960846700-1008\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=287&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
&tb_mrud=09-03-2013
 
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=287&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
SearchScopes: HKCU - {03898675-C448-4B7B-B84D-78A6474E993C} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKCU - {CF0F9E3D-68DE-4FF9-8A57-FB39C741651B} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKLM-x32 - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM-x32 - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {DEECEC99-6732-42C9-B8C9-49C883CAEC32} http://pearsonellis.com/v5/2/9/ELLISFLASHENGINE/ELSCourseMngr.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.2
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.8.22 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.8.22 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-30]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{0FAA5C82-A094-4541-8811-D3361F972A81}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Yelena 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (RealPlayer Downloader) - C:\Users\Yelena 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-08]
CHR Extension: (Skype Click to Call) - C:\Users\Yelena 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-08]
CHR Extension: (Google Wallet) - C:\Users\Yelena 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-08]
CHR HKLM-x32\...\Chrome\Extension: [baabjofogajbckmagjcmlpfnagkkhccj] - C:\Users\Yelena\AppData\LocalLow\Playbryte\Chrome.crx [2014-04-08]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2014-04-08]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-06-06] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-06-06] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-03-15] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-03-31] (RealNetworks, Inc.)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [252928 2010-02-25] (TOSHIBA Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] () [File not signed]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2012-08-13] (Highresolution Enterprises [www.highrez.co.uk])
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-09] (Kaspersky Lab ZAO)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-01] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
S3 TrufosAlt; C:\Windows\System32\DRIVERS\TrufosAlt.sys [390776 2014-06-16] (BitDefender S.R.L.)
S1 ckjfaxsu; \??\C:\windows\system32\drivers\ckjfaxsu.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 rsmdabyu; \??\C:\windows\system32\drivers\rsmdabyu.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-17 09:14 - 2014-06-17 09:17 - 00031258 _____ () C:\Users\Yelena 2\Desktop\FRST.txt
2014-06-17 09:14 - 2014-06-17 09:15 - 00000000 ____D () C:\FRST
2014-06-17 09:09 - 2014-06-17 09:09 - 00000000 ____D () C:\Users\Yelena 2\Desktop\tdsskiller
2014-06-17 08:58 - 2014-06-17 08:58 - 00295936 _____ () C:\Users\Yelena 2\AppData\Local\census.cache
2014-06-17 08:58 - 2014-06-17 08:58 - 00000384 _____ () C:\Users\Yelena 2\Documents\Microsoft Office Click-to-Run 2010 (Protected) (Q) - Shortcut.lnk
2014-06-17 08:57 - 2014-06-17 08:57 - 00135820 _____ () C:\Users\Yelena 2\AppData\Local\ars.cache
2014-06-17 08:54 - 2014-06-17 08:54 - 02081280 _____ (Farbar) C:\Users\Yelena 2\Desktop\FRST64.exe
2014-06-17 00:08 - 2014-06-17 00:08 - 00000036 _____ () C:\Users\Yelena 2\AppData\Local\housecall.guid.cache
2014-06-16 23:23 - 2014-06-16 23:23 - 00007928 _____ () C:\windows\SysWOW64\BroomData.bit
2014-06-16 23:23 - 2013-04-08 16:30 - 00022752 _____ () C:\windows\system32\PCloudBroom64.exe
2014-06-16 23:16 - 2014-06-16 23:16 - 00003366 _____ () C:\windows\System32\Tasks\BDRemovalTool
2014-06-16 22:57 - 2014-06-16 22:57 - 00390776 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\TrufosAlt.sys
2014-06-16 22:44 - 2014-06-16 22:44 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-06-16 22:44 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSKMAD.sys
2014-06-16 22:08 - 2014-06-16 22:08 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\windows\system32\config\NisDrv
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\windows\system32\config\mpfilter
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\windows\system32\config\amd64
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-16 22:08 - 2014-03-11 15:48 - 00186688 _____ (Microsoft Corporation) C:\windows\system32\config\EppManifest.dll
2014-06-16 22:08 - 2014-03-11 12:34 - 00008864 _____ (Microsoft Corporation) C:\windows\system32\config\setupres.dll
2014-06-16 17:42 - 2014-06-16 17:42 - 13829304 _____ (Microsoft Corporation) C:\Users\Yelena 2\Desktop\mseinstall.exe
2014-06-16 17:29 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-16 17:29 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-16 16:46 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-16 16:46 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-16 16:46 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-16 16:46 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-16 16:46 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-16 16:46 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-16 16:46 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-16 16:46 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-16 16:46 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-16 16:46 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-16 16:46 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-16 16:46 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-16 16:46 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-16 16:46 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-16 16:46 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-16 16:46 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-16 15:44 - 2014-06-16 15:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-15 05:24 - 2014-06-15 05:24 - 00001859 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-06-14 14:41 - 2014-06-17 09:07 - 00000975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-06-14 14:41 - 2014-06-17 09:07 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-06-14 14:31 - 2014-06-14 14:31 - 00003176 _____ () C:\windows\System32\Tasks\{38C0EE75-9170-4DF8-B6D6-DD9D2E96DE88}
2014-06-14 14:12 - 2014-06-14 14:12 - 00000868 _____ () C:\Users\Yelena 2\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-06-14 14:10 - 2014-06-14 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 14:08 - 2014-06-14 14:10 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 14:08 - 2014-06-14 14:10 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 14:08 - 2014-06-14 14:10 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 14:08 - 2014-06-14 14:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 13:49 - 2014-06-14 13:49 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-06-14 13:49 - 2014-06-14 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-06-14 13:49 - 2014-06-14 13:49 - 00000000 ____D () C:\Program Files (x86)\CleanUp!
2014-06-14 13:31 - 2014-06-14 13:33 - 00004341 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-14 13:25 - 2014-06-14 13:25 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\Oracle
2014-06-14 13:07 - 2014-06-14 13:07 - 00000000 ___HD () C:\windows\AxInstSV
2014-06-11 06:52 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 06:52 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 06:52 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 06:52 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 06:52 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 06:52 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 06:52 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 06:52 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 06:52 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 06:52 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 06:52 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 06:52 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 06:52 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 06:52 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 06:48 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 06:48 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 06:48 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 06:48 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 06:48 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 06:48 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 06:48 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 06:48 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 06:48 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 06:48 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 06:48 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 06:48 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 06:48 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 06:48 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 06:48 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 06:48 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 06:48 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 06:48 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 06:48 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 06:48 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 06:48 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 06:48 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 06:48 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 06:48 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 06:48 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 06:48 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 06:48 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 06:48 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 06:48 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 06:48 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 06:48 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 06:48 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 06:48 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 06:48 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 06:48 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 06:48 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 06:48 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 06:48 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 06:48 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 06:48 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 06:48 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 06:48 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 06:48 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 06:48 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 06:48 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 06:48 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 06:48 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 06:48 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 06:48 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 06:48 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 06:48 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 06:48 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-10 17:46 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-10 17:46 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-08 13:48 - 2014-06-17 09:13 - 00003370 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3137217817-3696929459-3960846700-1007
2014-05-26 22:47 - 2014-05-26 22:47 - 00000000 ____D () C:\Users\Manuel\Desktop\Dra Patricia Gomez
2014-05-26 22:10 - 2014-05-26 22:10 - 00000000 ____D () C:\Users\Manuel\AppData\Local\HP
2014-05-23 13:45 - 2014-05-26 22:39 - 01314654 _____ () C:\Users\Manuel\Documents\quincosa.pptx
2014-05-20 21:37 - 2014-05-20 21:37 - 00003558 _____ () C:\windows\System32\Tasks\HP AR Program Upload - 121b6ed7ae9c4f9f8432c3c85faf70d4a3d76918756247cd9286227fca0fdd86
2014-05-18 19:52 - 2014-05-18 19:52 - 00023377 _____ () C:\Users\Manuel\Desktop\hs_err_pid12260.log
 
==================== One Month Modified Files and Folders =======
 
2014-06-17 09:17 - 2014-06-17 09:14 - 00031258 _____ () C:\Users\Yelena 2\Desktop\FRST.txt
2014-06-17 09:17 - 2013-04-19 13:39 - 00000000 ____D () C:\Users\Yelena 2\AppData\Local\Temp
2014-06-17 09:16 - 2013-04-22 22:06 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\Skype
2014-06-17 09:15 - 2014-06-17 09:14 - 00000000 ____D () C:\FRST
2014-06-17 09:13 - 2014-06-08 13:48 - 00003370 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3137217817-3696929459-3960846700-1007
2014-06-17 09:13 - 2014-04-25 14:00 - 00003242 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3137217817-3696929459-3960846700-1007
2014-06-17 09:13 - 2010-12-04 12:34 - 01100536 _____ () C:\windows\WindowsUpdate.log
2014-06-17 09:11 - 2012-09-02 19:18 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 09:09 - 2014-06-17 09:09 - 00000000 ____D () C:\Users\Yelena 2\Desktop\tdsskiller
2014-06-17 09:09 - 2010-10-15 00:04 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 09:07 - 2014-06-14 14:41 - 00000975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-06-17 09:07 - 2014-06-14 14:41 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-06-17 09:06 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-17 09:06 - 2009-07-14 00:51 - 00177559 _____ () C:\windows\setupact.log
2014-06-17 08:59 - 2014-05-03 19:31 - 00000000 ____D () C:\Users\Manuel\AppData\Local\BrowserSafeguard
2014-06-17 08:58 - 2014-06-17 08:58 - 00295936 _____ () C:\Users\Yelena 2\AppData\Local\census.cache
2014-06-17 08:58 - 2014-06-17 08:58 - 00000384 _____ () C:\Users\Yelena 2\Documents\Microsoft Office Click-to-Run 2010 (Protected) (Q) - Shortcut.lnk
2014-06-17 08:57 - 2014-06-17 08:57 - 00135820 _____ () C:\Users\Yelena 2\AppData\Local\ars.cache
2014-06-17 08:54 - 2014-06-17 08:54 - 02081280 _____ (Farbar) C:\Users\Yelena 2\Desktop\FRST64.exe
2014-06-17 08:26 - 2014-03-02 22:26 - 00000296 _____ () C:\windows\Tasks\SaveSense.job
2014-06-17 08:21 - 2010-10-15 00:04 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 00:35 - 2011-03-13 01:53 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-06-17 00:12 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-17 00:12 - 2009-07-14 00:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-17 00:08 - 2014-06-17 00:08 - 00000036 _____ () C:\Users\Yelena 2\AppData\Local\housecall.guid.cache
2014-06-16 23:25 - 2010-10-15 00:32 - 00700608 _____ () C:\windows\PFRO.log
2014-06-16 23:23 - 2014-06-16 23:23 - 00007928 _____ () C:\windows\SysWOW64\BroomData.bit
2014-06-16 23:16 - 2014-06-16 23:16 - 00003366 _____ () C:\windows\System32\Tasks\BDRemovalTool
2014-06-16 23:16 - 2014-05-03 19:31 - 00000000 ____D () C:\Users\Manuel\AppData\Local\WebSearchy
2014-06-16 22:57 - 2014-06-16 22:57 - 00390776 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\TrufosAlt.sys
2014-06-16 22:44 - 2014-06-16 22:44 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-06-16 22:08 - 2014-06-16 22:08 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\windows\system32\config\NisDrv
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\windows\system32\config\mpfilter
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\windows\system32\config\amd64
2014-06-16 22:08 - 2014-06-16 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-16 22:08 - 2011-08-22 23:38 - 00001945 _____ () C:\windows\epplauncher.mif
2014-06-16 22:08 - 2011-08-22 23:37 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-16 17:42 - 2014-06-16 17:42 - 13829304 _____ (Microsoft Corporation) C:\Users\Yelena 2\Desktop\mseinstall.exe
2014-06-16 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\CatRoot2_2014616234938
2014-06-16 17:18 - 2013-08-21 23:21 - 00003942 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{90630DDA-CBDD-4209-9E8E-4EA92EEAD99F}
2014-06-16 16:23 - 2009-07-13 23:20 - 00000000 __RSD () C:\windows\Media
2014-06-16 15:44 - 2014-06-16 15:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-16 12:35 - 2013-04-25 22:32 - 00000000 ____D () C:\Users\Yelena 2\AppData\Local\CrashDumps
2014-06-15 11:30 - 2009-07-14 01:08 - 00032614 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-06-15 05:40 - 2013-06-03 20:43 - 00026889 ____H () C:\windows\SysWOW64\BTImages.dat
2014-06-15 05:25 - 2014-04-11 12:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-15 05:24 - 2014-06-15 05:24 - 00001859 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-06-15 05:24 - 2014-04-11 12:09 - 00003554 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2014-06-15 05:24 - 2014-04-11 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-06-15 05:24 - 2014-04-11 12:09 - 00000000 ____D () C:\ProgramData\Garmin
2014-06-15 05:24 - 2014-04-11 12:09 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-06-14 21:22 - 2012-11-05 13:09 - 00000000 ____D () C:\Users\Yelena 2\Documents\USA
2014-06-14 14:41 - 2011-03-13 01:53 - 00001024 _____ () C:\.rnd
2014-06-14 14:41 - 2011-03-13 01:53 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-06-14 14:39 - 2013-04-25 15:51 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\SoftGrid Client
2014-06-14 14:31 - 2014-06-14 14:31 - 00003176 _____ () C:\windows\System32\Tasks\{38C0EE75-9170-4DF8-B6D6-DD9D2E96DE88}
2014-06-14 14:22 - 2012-09-11 13:16 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-14 14:21 - 2011-04-23 10:38 - 00000000 ____D () C:\Program Files (x86)\BearShare Applications
2014-06-14 14:18 - 2013-11-13 13:16 - 00000000 ____D () C:\Program Files (x86)\Ellis
2014-06-14 14:14 - 2013-06-01 13:47 - 00000000 ____D () C:\Users\Yelena 2\AppData\Local\Research In Motion
2014-06-14 14:12 - 2014-06-14 14:12 - 00000868 _____ () C:\Users\Yelena 2\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-06-14 14:10 - 2014-06-14 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 14:10 - 2014-06-14 14:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 14:10 - 2014-06-14 14:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 14:10 - 2014-06-14 14:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 14:08 - 2014-06-14 14:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 14:06 - 2013-11-17 19:33 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-06-14 14:06 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-14 14:00 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-14 13:56 - 2013-04-25 22:31 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\HpUpdate
2014-06-14 13:49 - 2014-06-14 13:49 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-06-14 13:49 - 2014-06-14 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-06-14 13:49 - 2014-06-14 13:49 - 00000000 ____D () C:\Program Files (x86)\CleanUp!
2014-06-14 13:34 - 2013-11-03 18:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-14 13:33 - 2014-06-14 13:31 - 00004341 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-14 13:25 - 2014-06-14 13:25 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\Oracle
2014-06-14 13:07 - 2014-06-14 13:07 - 00000000 ___HD () C:\windows\AxInstSV
2014-06-11 19:24 - 2014-03-31 09:11 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 06:57 - 2011-03-17 15:24 - 00000000 ____D () C:\Users\Yelena 2\Documents\Manuel Torres
2014-06-11 06:54 - 2013-07-15 15:12 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 06:43 - 2011-08-06 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 06:43 - 2011-03-11 01:02 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-11 06:39 - 2014-05-06 17:50 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-08 05:13 - 2014-06-10 17:46 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-10 17:46 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-06 14:01 - 2011-03-13 01:53 - 00107368 _____ (LogMeIn, Inc.) C:\windows\system32\LMIRfsClientNP.dll
2014-06-06 14:01 - 2011-03-13 01:53 - 00092488 _____ (LogMeIn, Inc.) C:\windows\system32\LMIinit.dll
2014-06-06 14:01 - 2011-03-13 01:53 - 00035656 _____ (LogMeIn, Inc.) C:\windows\system32\LMIport.dll
2014-06-02 22:50 - 2009-07-14 01:13 - 00787488 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-01 09:55 - 2011-03-13 02:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-01 09:55 - 2011-03-13 02:46 - 00000000 ____D () C:\ProgramData\Skype
2014-06-01 09:26 - 2013-06-01 19:26 - 00000000 ____D () C:\Users\Yelena 2\AppData\Roaming\Check Point Software Technologies LTD
2014-05-30 06:21 - 2014-06-11 06:48 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-11 06:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-11 06:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-11 06:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-11 06:48 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-11 06:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-11 06:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-11 06:48 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-11 06:48 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-11 06:48 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-11 06:48 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-11 06:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-11 06:48 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-11 06:48 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-11 06:48 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-11 06:48 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-11 06:48 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-11 06:48 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-11 06:48 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-11 06:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-11 06:48 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-11 06:48 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-11 06:48 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-11 06:48 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-11 06:48 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-11 06:48 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-11 06:48 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-11 06:48 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-11 06:48 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-11 06:48 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-11 06:48 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-11 06:48 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-11 06:48 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-11 06:48 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-11 06:48 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-11 06:48 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-11 06:48 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-11 06:48 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-11 06:48 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-11 06:48 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-11 06:48 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-11 06:48 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-11 06:48 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-11 06:48 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-11 06:48 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-11 06:48 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-11 06:48 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-11 06:48 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-11 06:48 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-11 06:48 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-11 06:48 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-11 06:48 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-26 23:02 - 2013-04-27 17:51 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Temp
2014-05-26 22:47 - 2014-05-26 22:47 - 00000000 ____D () C:\Users\Manuel\Desktop\Dra Patricia Gomez
2014-05-26 22:39 - 2014-05-23 13:45 - 01314654 _____ () C:\Users\Manuel\Documents\quincosa.pptx
2014-05-26 22:10 - 2014-05-26 22:10 - 00000000 ____D () C:\Users\Manuel\AppData\Local\HP
2014-05-23 12:41 - 2013-06-29 13:14 - 00000000 ____D () C:\Users\Manuel\AppData\Local\Adobe
2014-05-23 12:41 - 2013-04-27 17:53 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\Adobe
2014-05-23 09:43 - 2011-03-13 03:12 - 00000376 _____ () C:\windows\ODBC.INI
2014-05-23 09:05 - 2013-04-27 17:52 - 00110376 _____ () C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-22 20:10 - 2009-07-14 00:45 - 02053824 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-21 22:05 - 2013-04-23 13:44 - 00000000 ____D () C:\Users\Yelena 2\AppData\Local\CUSTPDF Writer
2014-05-21 21:50 - 2013-04-19 13:40 - 00110376 _____ () C:\Users\Yelena 2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:29 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2014-05-20 21:37 - 2014-05-20 21:37 - 00003558 _____ () C:\windows\System32\Tasks\HP AR Program Upload - 121b6ed7ae9c4f9f8432c3c85faf70d4a3d76918756247cd9286227fca0fdd86
2014-05-18 19:52 - 2014-05-18 19:52 - 00023377 _____ () C:\Users\Manuel\Desktop\hs_err_pid12260.log
2014-05-18 19:40 - 2013-06-09 20:30 - 00000000 ____D () C:\Users\Manuel\AppData\Roaming\.minecraft
2014-05-18 19:28 - 2013-04-27 17:52 - 00000000 ___RD () C:\Users\Manuel\Podcasts
2014-05-18 19:28 - 2013-04-27 17:52 - 00000000 ___RD () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 19:28 - 2013-04-27 17:51 - 00001234 __RSH () C:\Users\Manuel\ntuser.pol
2014-05-18 19:28 - 2013-04-27 17:51 - 00000000 ___RD () C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 19:28 - 2013-04-27 17:51 - 00000000 ____D () C:\Users\Manuel
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3137217817-3696929459-3960846700-1000\$d0d044e97abb0899018b0676cf8a906a
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$d0d044e97abb0899018b0676cf8a906a
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3137217817-3696929459-3960846700-1007\$d0d044e97abb0899018b0676cf8a906a
 
Some content of TEMP:
====================
C:\Users\Manuel\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Manuel\AppData\Local\Temp\System.Data.SQLite21260.dll
C:\Users\Manuel\AppData\Local\Temp\System.Data.SQLite24283.dll
C:\Users\Manuel\AppData\Local\Temp\System.Data.SQLite64379.dll
C:\Users\Manuel\AppData\Local\Temp\System.Data.SQLite77678.dll
C:\Users\Yelena 2\AppData\Local\Temp\3ov0y1bw.dll
C:\Users\Yelena 2\AppData\Local\Temp\APNSetup.exe
C:\Users\Yelena 2\AppData\Local\Temp\APNStub.exe
C:\Users\Yelena 2\AppData\Local\Temp\banner.exe
C:\Users\Yelena 2\AppData\Local\Temp\contentDATs.exe
C:\Users\Yelena 2\AppData\Local\Temp\ES-Package.exe
C:\Users\Yelena 2\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Yelena 2\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Yelena 2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Yelena 2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Yelena 2\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Yelena 2\AppData\Local\Temp\lowproc.exe
C:\Users\Yelena 2\AppData\Local\Temp\mssinstaller.exe
C:\Users\Yelena 2\AppData\Local\Temp\MyHeritage_Version_7_0_0_7118_Size_36943976.exe
C:\Users\Yelena 2\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\Yelena 2\AppData\Local\Temp\readSTILog.dll
C:\Users\Yelena 2\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Yelena 2\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Yelena 2\AppData\Local\Temp\Softonic_ES_1-5-0.exe
C:\Users\Yelena 2\AppData\Local\Temp\stubhelper.dll
C:\Users\Yelena 2\AppData\Local\Temp\The_Weather_Channel_Application.exe
C:\Users\Yelena 2\AppData\Local\Temp\Uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
 
 
LastRegBack: 2014-06-16 22:00
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Yelena 2 at 2014-06-17 09:19:17
Running from C:\Users\Yelena 2\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}) (Version: 7.0.826.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
BlackBerry Device Software Updater (HKLM-x32\...\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}) (Version: 6.0.1.37 - Research In Motion Ltd)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Elements 11 Organizer (x32 Version: 11.0 - Nombre de su organización) Hidden
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin City Navigator North America NT 2014.40 Update (HKLM-x32\...\{82B42DF2-2ECF-4C4B-B939-A275664028E2}) (Version: 17.40.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Officejet 4620 series Product Improvement Study (HKLM\...\{83F51BBA-48BE-4BB6-B96A-F4AAE4C462F9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.1.1001 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn (HKLM-x32\...\{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}) (Version: 4.1.1578 - LogMeIn, Inc.)
magicJack (HKCU\...\magicJack) (Version: 3.1.6970.4873 - magicJack L.P.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service ES-ES Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client ES-ES Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7118 - MyHeritage.com)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.8 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.8 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
SamsungSimpleUpgradeTool for SCH-R720 MetroPCS (HKLM-x32\...\InstallShield_{99A27D4B-7F24-476C-AC58-F654524C1B0D}) (Version: 1.0.012 - Samsung Electronics)
SamsungSimpleUpgradeTool for SCH-R720 MetroPCS (x32 Version: 1.0.012 - Samsung Electronics) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{39187A4B-7538-4BE7-8BAD-9E83303793AA}) (Version: 2.0.5271 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.7.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.7.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.7.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.03.02.00 - )
TOSHIBA Hardware Setup (Version: 4.03.02.00 - TOSHIBA) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.05.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.05.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.03.02.00 - )
TOSHIBA Supervisor Password (Version: 4.03.02.00 - TOSHIBA) Hidden
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{A57A9AE3-09A9-44A0-AA78-458C71DA6FDE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{837C1EAC-6A89-44A0-8C45-E655AAFD8CE1}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Updater Service (HKLM-x32\...\Updater Service) (Version: 15,9,28,27 - ) <==== ATTENTION
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)
 
==================== Restore Points  =========================
 
10-06-2014 21:44:04 Windows Update
11-06-2014 10:37:11 Windows Update
11-06-2014 12:05:45 Windows Update
14-06-2014 17:27:55 Installed Java 7 Update 60
14-06-2014 18:15:40 Removed BlackBerry Device Software Updater.
14-06-2014 18:19:28 Removed Label@Once 1.0.
14-06-2014 18:25:07 Removed PlayReady PC Runtime amd64
14-06-2014 18:25:43 Removed PlayReady PC Runtime x86
14-06-2014 18:26:44 Removed PlayReady PC Runtime x86
15-06-2014 09:22:20 Garmin Express
15-06-2014 09:24:52 Garmin Express
15-06-2014 09:38:43 Windows Update
16-06-2014 20:44:49 Windows Update
16-06-2014 21:29:31 Windows Update
16-06-2014 21:34:14 Removed Java™ 6 Update 17
16-06-2014 21:47:56 Removed Java 7 Update 60
17-06-2014 03:47:55 Installed Microsoft Fix it 50528
17-06-2014 04:14:26 Installed HiJackThis
17-06-2014 13:02:49 Removed HiJackThis
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0630AF67-58BE-48F2-BC6F-596C755D2B56} - System32\Tasks\SaveSense => C:\Users\Manuel\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {1468D7D3-FF72-45E8-AC1E-B0457803FC62} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {426BC414-26E6-4B60-92FB-6863CB08C7BC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3137217817-3696929459-3960846700-1007 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-03-15] (RealNetworks, Inc.)
Task: {4523BEC8-7B44-4888-838A-05E9A37DBBDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15] (Google Inc.)
Task: {4E520EA1-0608-45A2-873E-8F19FE80AD61} - System32\Tasks\BDRemovalTool => C:\Users\Yelena [2013-04-19] ()
Task: {5BC2289B-CF8E-46A5-8EEE-77F09C15C379} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3137217817-3696929459-3960846700-1007 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-03-15] (RealNetworks, Inc.)
Task: {5D0E7619-8180-4F3B-AFA6-A9EBEE7872FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15] (Google Inc.)
Task: {688BCF00-7BE3-4F76-8A04-82ACC68B7667} - System32\Tasks\Microsoft\Internet Explorer\Eliminar versiones anteriores de Internet Explorer => C:\windows\SYSTEM32\ie4uinit.EXE [2014-05-30] (Microsoft Corporation)
Task: {753C7EA8-8FBD-4F52-B8DE-DBB1BDD96C94} - System32\Tasks\{0BFAF9B3-D1DF-428F-8003-4005DFAB41FA} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {7E3BE952-CC8B-4A08-8CAE-311D6D504B1C} - System32\Tasks\{9735B7C3-7D62-4650-A2B0-AC641845032F} => Iexplore.exe http://ui.skype.com/ui/0/6.3.73.107.456/en/abandoninstall?page=tsProgressBar
Task: {89F04305-3C99-459C-83B4-7C80A882B3CD} - System32\Tasks\HP AR Program Upload - 121b6ed7ae9c4f9f8432c3c85faf70d4a3d76918756247cd9286227fca0fdd86 => C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {8B4690CF-101D-4CF2-A17A-D7D5670EDE1F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {90F766C7-78D1-4113-AC00-F094A8E3E48F} - System32\Tasks\{C5B896BC-245F-4EF2-A373-3A1F80B6ABD6} => C:\Program Files (x86)\HP\HP Officejet 4620 series\bin\HPScan.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {A92B1C04-C530-4CC7-8B71-F4D924E320AE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C09FCD47-62BD-4A1D-831D-375663C61FCE} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C4909A20-C080-4298-AFF7-0C6004981A12} - System32\Tasks\HP AR Program Upload - afbe4b225f4e4b3a85c91e6d431276ee7bbef8baa4174f1fb9a4f414db817a15 => C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F505EE40-2C67-448A-9359-71155E065F8F} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3137217817-3696929459-3960846700-1007 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-03-15] (RealNetworks, Inc.)
Task: {F59E16BE-3CE6-4C45-B489-44577B0BD3F7} - System32\Tasks\HP AR Program Upload - bbc6814daef24c5d964d549d1ff00db041b045b8346e42f091f8bef967691631 => C:\Program Files\HP\HP Officejet 4620 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {FD45B43A-1225-4CC1-B2DD-84AFFCBD857E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SaveSense.job => C:\Users\Manuel\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-15 03:18 - 2014-03-15 03:18 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-04-07 20:07 - 2010-04-07 20:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 17:26 - 2009-11-03 17:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 18:15 - 2010-03-03 18:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 18:15 - 2010-03-03 18:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-10-14 23:53 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 23:08 - 2009-03-12 23:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2013-04-18 23:08 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-31 09:19 - 2014-03-31 09:19 - 00869976 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2013-04-18 23:08 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2013-04-18 23:08 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2013-04-18 23:08 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2013-04-18 23:08 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2013-04-18 23:08 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2013-04-18 23:08 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/17/2014 09:09:54 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/17/2014 00:01:04 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/16/2014 11:48:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service Panda Security CloudCLeaner Service since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/16/2014 11:43:21 PM) (Source: MsiInstaller) (EventID: 10005) (User: Yelena-PC)
Description: Producto: Microsoft Fix it 50198 -- Esta solución Microsoft Fix it no es aplicable a su versión de sistema operativo o aplicación.
 
Error: (06/16/2014 11:31:39 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (06/16/2014 11:29:52 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/16/2014 10:07:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/16/2014 06:03:32 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Yelena-PC)
Description: Application or service 'Windows Explorer' could not be shut down.
 
Error: (06/16/2014 06:02:51 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Yelena-PC)
Description: Application or service 'ZoneAlarm Privacy Service' could not be shut down.
 
Error: (06/16/2014 06:02:51 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Yelena-PC)
Description: Application or service 'ZoneAlarm Privacy Service' could not be shut down.
 
 
System errors:
=============
Error: (06/17/2014 09:13:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management & Security Application User Notification Service service hung on starting.
 
Error: (06/17/2014 09:07:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error: 
%%2
 
Error: (06/17/2014 09:06:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (06/16/2014 11:53:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error: 
%%2
 
Error: (06/16/2014 11:52:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (06/16/2014 11:34:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management & Security Application User Notification Service service hung on starting.
 
Error: (06/16/2014 11:29:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\System32\DRIVERS\PSKMAD.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (06/16/2014 11:28:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\System32\DRIVERS\PSKMAD.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (06/16/2014 11:26:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error: 
%%2
 
Error: (06/16/2014 11:26:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
 
Microsoft Office Sessions:
=========================
Error: (06/17/2014 09:09:54 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/17/2014 00:01:04 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/16/2014 11:48:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Panda Security CloudCLeaner Service since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (06/16/2014 11:43:21 PM) (Source: MsiInstaller) (EventID: 10005) (User: Yelena-PC)
Description: Producto: Microsoft Fix it 50198 -- Esta solución Microsoft Fix it no es aplicable a su versión de sistema operativo o aplicación.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/16/2014 11:31:39 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service
 
Error: (06/16/2014 11:29:52 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/16/2014 10:07:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)
 
Error: (06/16/2014 06:03:32 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Yelena-PC)
Description: 1C:\Windows\explorer.exeWindows Explorer0411746880
 
Error: (06/16/2014 06:02:51 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Yelena-PC)
Description: 1ZAPrivacyService.exeZoneAlarm Privacy Service03026216129800
 
Error: (06/16/2014 06:02:51 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Yelena-PC)
Description: 0ZAPrivacyService.exeZoneAlarm Privacy Service0302621612980143003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0043006800650063006B0050006F0069006E0074005C005A006F006E00650041006C00610072006D005C005A004100500072006900760061006300790053006500720076006900630065002E006500780065000000
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-11 07:02:35.910
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-11 07:02:35.907
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-11 07:02:35.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-11 07:02:35.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-11 07:00:47.777
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-11 07:00:39.675
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-18 18:31:09.966
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-18 18:31:09.964
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-18 18:31:09.837
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-18 18:31:09.835
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 42%
Total physical RAM: 3893.86 MB
Available physical RAM: 2237.62 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5812.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (TI106033W0C) (Fixed) (Total:452.58 GB) (Free:216.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 38A39E6A)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=17)
 
==================== End Of Log ============================
 


#4 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 17 June 2014 - 08:34 AM

09:31:23.0224 0x1284  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
09:31:32.0383 0x1284  ============================================================
09:31:32.0383 0x1284  Current date / time: 2014/06/17 09:31:32.0383
09:31:32.0383 0x1284  SystemInfo:
09:31:32.0383 0x1284  
09:31:32.0383 0x1284  OS Version: 6.1.7601 ServicePack: 1.0
09:31:32.0383 0x1284  Product type: Workstation
09:31:32.0384 0x1284  ComputerName: YELENA-PC
09:31:32.0384 0x1284  UserName: Yelena 2
09:31:32.0384 0x1284  Windows directory: C:\windows
09:31:32.0384 0x1284  System windows directory: C:\windows
09:31:32.0384 0x1284  Running under WOW64
09:31:32.0384 0x1284  Processor architecture: Intel x64
09:31:32.0384 0x1284  Number of processors: 2
09:31:32.0384 0x1284  Page size: 0x1000
09:31:32.0384 0x1284  Boot type: Normal boot
09:31:32.0384 0x1284  ============================================================
09:31:32.0685 0x1284  KLMD registered as C:\windows\system32\drivers\46266833.sys
09:31:34.0339 0x1284  System UUID: {83D85E8D-A512-880E-2BE9-04E3213057FF}
09:31:35.0949 0x1284  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:31:35.0966 0x1284  ============================================================
09:31:35.0966 0x1284  \Device\Harddisk0\DR0:
09:31:35.0966 0x1284  MBR partitions:
09:31:35.0966 0x1284  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38926800
09:31:35.0966 0x1284  ============================================================
09:31:36.0017 0x1284  C: <-> \Device\Harddisk0\DR0\Partition1
09:31:36.0018 0x1284  ============================================================
09:31:36.0018 0x1284  Initialize success
09:31:36.0018 0x1284  ============================================================
09:31:43.0545 0x141c  ============================================================
09:31:43.0546 0x141c  Scan started
09:31:43.0546 0x141c  Mode: Manual; 
09:31:43.0546 0x141c  ============================================================
09:31:43.0546 0x141c  KSN ping started
09:31:57.0697 0x141c  KSN ping finished: true
09:31:59.0140 0x141c  ================ Scan system memory ========================
09:31:59.0140 0x141c  System memory - ok
09:31:59.0141 0x141c  ================ Scan services =============================
09:32:00.0185 0x141c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
09:32:00.0198 0x141c  1394ohci - ok
09:32:00.0344 0x141c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
09:32:00.0366 0x141c  ACPI - ok
09:32:00.0402 0x141c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
09:32:00.0404 0x141c  AcpiPmi - ok
09:32:01.0097 0x141c  [ 835CE0647E4E9F01BEB26201DA6705B4, C90CBED7E066ECE2F380CE84B95EAD0E120C02720DB31483BDF0E7EDF7FB4EE1 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
09:32:01.0115 0x141c  AdobeActiveFileMonitor11.0 - ok
09:32:01.0495 0x141c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:32:01.0502 0x141c  AdobeARMservice - ok
09:32:01.0803 0x141c  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:32:01.0812 0x141c  AdobeFlashPlayerUpdateSvc - ok
09:32:01.0896 0x141c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
09:32:01.0911 0x141c  adp94xx - ok
09:32:01.0963 0x141c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
09:32:01.0973 0x141c  adpahci - ok
09:32:02.0008 0x141c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
09:32:02.0013 0x141c  adpu320 - ok
09:32:02.0051 0x141c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
09:32:02.0053 0x141c  AeLookupSvc - ok
09:32:02.0134 0x141c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
09:32:02.0149 0x141c  AFD - ok
09:32:02.0308 0x141c  [ 91637684AFBC847A563654C9B39A642C, 959F26F1118ED61BDDC9F4A0F2BF1BA9AEEFFCD5E591BFF04D3A21285F386AF0 ] AffinegyService C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
09:32:02.0322 0x141c  AffinegyService - ok
09:32:02.0376 0x141c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
09:32:02.0378 0x141c  agp440 - ok
09:32:02.0414 0x141c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
09:32:02.0417 0x141c  ALG - ok
09:32:02.0469 0x141c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
09:32:02.0471 0x141c  aliide - ok
09:32:02.0484 0x141c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
09:32:02.0485 0x141c  amdide - ok
09:32:02.0523 0x141c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
09:32:02.0526 0x141c  AmdK8 - ok
09:32:02.0549 0x141c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
09:32:02.0552 0x141c  AmdPPM - ok
09:32:02.0596 0x141c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
09:32:02.0600 0x141c  amdsata - ok
09:32:02.0630 0x141c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
09:32:02.0635 0x141c  amdsbs - ok
09:32:02.0662 0x141c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
09:32:02.0663 0x141c  amdxata - ok
09:32:02.0697 0x141c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
09:32:02.0699 0x141c  AppID - ok
09:32:02.0726 0x141c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
09:32:02.0728 0x141c  AppIDSvc - ok
09:32:02.0770 0x141c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
09:32:02.0773 0x141c  Appinfo - ok
09:32:02.0893 0x141c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:32:02.0896 0x141c  Apple Mobile Device - ok
09:32:02.0972 0x141c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
09:32:02.0978 0x141c  arc - ok
09:32:03.0011 0x141c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
09:32:03.0015 0x141c  arcsas - ok
09:32:03.0811 0x141c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:32:03.0913 0x141c  aspnet_state - ok
09:32:03.0947 0x141c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
09:32:03.0949 0x141c  AsyncMac - ok
09:32:04.0012 0x141c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
09:32:04.0014 0x141c  atapi - ok
09:32:04.0076 0x141c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:32:04.0093 0x141c  AudioEndpointBuilder - ok
09:32:04.0116 0x141c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
09:32:04.0131 0x141c  AudioSrv - ok
09:32:04.0188 0x141c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
09:32:04.0214 0x141c  AxInstSV - ok
09:32:04.0282 0x141c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
09:32:04.0298 0x141c  b06bdrv - ok
09:32:04.0352 0x141c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
09:32:04.0360 0x141c  b57nd60a - ok
09:32:04.0560 0x141c  [ 28A4012E68BC9597BCB9B26B51AAC4B6, E198961620630C37C0FDD079B921AF2A0DD61DB4617EAD9C7ED58BE25F480E51 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:32:04.0570 0x141c  BBSvc - ok
09:32:04.0721 0x141c  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:32:04.0735 0x141c  BBUpdate - ok
09:32:04.0864 0x141c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
09:32:04.0868 0x141c  BDESVC - ok
09:32:04.0917 0x141c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
09:32:04.0919 0x141c  Beep - ok
09:32:05.0031 0x141c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
09:32:05.0053 0x141c  BFE - ok
09:32:05.0150 0x141c  [ 9BF7ED72685E81BF8763B1585D40C57F, 69C463A4284A4AC8968F3D1690E4F1560486AB7D17A704F705D6A8896915A3B4 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
09:32:05.0160 0x141c  BingDesktopUpdate - ok
09:32:05.0234 0x141c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
09:32:05.0261 0x141c  BITS - ok
09:32:05.0299 0x141c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
09:32:05.0301 0x141c  blbdrive - ok
09:32:05.0541 0x141c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:32:05.0559 0x141c  Bonjour Service - ok
09:32:05.0597 0x141c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
09:32:05.0600 0x141c  bowser - ok
09:32:05.0638 0x141c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
09:32:05.0640 0x141c  BrFiltLo - ok
09:32:05.0667 0x141c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
09:32:05.0668 0x141c  BrFiltUp - ok
09:32:05.0738 0x141c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
09:32:05.0747 0x141c  Browser - ok
09:32:05.0797 0x141c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
09:32:05.0806 0x141c  Brserid - ok
09:32:05.0844 0x141c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
09:32:05.0846 0x141c  BrSerWdm - ok
09:32:05.0884 0x141c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
09:32:05.0886 0x141c  BrUsbMdm - ok
09:32:05.0926 0x141c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
09:32:05.0927 0x141c  BrUsbSer - ok
09:32:05.0955 0x141c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
09:32:05.0958 0x141c  BTHMODEM - ok
09:32:05.0998 0x141c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
09:32:06.0001 0x141c  bthserv - ok
09:32:06.0039 0x141c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
09:32:06.0043 0x141c  cdfs - ok
09:32:06.0087 0x141c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
09:32:06.0093 0x141c  cdrom - ok
09:32:06.0151 0x141c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
09:32:06.0154 0x141c  CertPropSvc - ok
09:32:06.0187 0x141c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
09:32:06.0189 0x141c  circlass - ok
09:32:06.0202 0x141c  ckjfaxsu - ok
09:32:06.0260 0x141c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
09:32:06.0270 0x141c  CLFS - ok
09:32:06.0522 0x141c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:32:06.0537 0x141c  clr_optimization_v2.0.50727_32 - ok
09:32:06.0609 0x141c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:32:06.0613 0x141c  clr_optimization_v2.0.50727_64 - ok
09:32:06.0836 0x141c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:32:07.0126 0x141c  clr_optimization_v4.0.30319_32 - ok
09:32:07.0164 0x141c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:32:07.0322 0x141c  clr_optimization_v4.0.30319_64 - ok
09:32:07.0368 0x141c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
09:32:07.0370 0x141c  CmBatt - ok
09:32:07.0451 0x141c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
09:32:07.0454 0x141c  cmdide - ok
09:32:07.0541 0x141c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
09:32:07.0564 0x141c  CNG - ok
09:32:07.0650 0x141c  [ 25C58EE97BE0416A373E3E4F855206B5, 3AE7CA1E1ED56C2CE4BD11F2F89060DEF480009E4AA2128897C70E9E679E44BB ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
09:32:07.0669 0x141c  CnxtHdAudService - ok
09:32:07.0714 0x141c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
09:32:07.0717 0x141c  Compbatt - ok
09:32:07.0761 0x141c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
09:32:07.0764 0x141c  CompositeBus - ok
09:32:07.0776 0x141c  COMSysApp - ok
09:32:07.0813 0x141c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
09:32:07.0815 0x141c  crcdisk - ok
09:32:07.0861 0x141c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
09:32:07.0868 0x141c  CryptSvc - ok
09:32:08.0296 0x141c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:32:08.0373 0x141c  cvhsvc - ok
09:32:08.0431 0x141c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
09:32:08.0444 0x141c  DcomLaunch - ok
09:32:08.0512 0x141c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
09:32:08.0520 0x141c  defragsvc - ok
09:32:08.0605 0x141c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
09:32:08.0611 0x141c  DfsC - ok
09:32:08.0681 0x141c  [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
09:32:08.0686 0x141c  dg_ssudbus - ok
09:32:08.0798 0x141c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
09:32:08.0810 0x141c  Dhcp - ok
09:32:08.0883 0x141c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
09:32:08.0885 0x141c  discache - ok
09:32:08.0918 0x141c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
09:32:08.0922 0x141c  Disk - ok
09:32:08.0960 0x141c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
09:32:08.0965 0x141c  Dnscache - ok
09:32:09.0029 0x141c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
09:32:09.0038 0x141c  dot3svc - ok
09:32:09.0168 0x141c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
09:32:09.0174 0x141c  Dot4 - ok
09:32:09.0279 0x141c  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
09:32:09.0281 0x141c  Dot4Print - ok
09:32:09.0375 0x141c  [ 488669CD1CD3BDCFDD9A5FDA72209069, CCB6BCB23A30CFD016E4086ED010A0E9DA647D3FAD9724200A29938D2B79A3C0 ] Dot4Scan        C:\windows\system32\DRIVERS\Dot4Scan.sys
09:32:09.0377 0x141c  Dot4Scan - ok
09:32:09.0431 0x141c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
09:32:09.0434 0x141c  dot4usb - ok
09:32:09.0512 0x141c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
09:32:09.0517 0x141c  DPS - ok
09:32:09.0563 0x141c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
09:32:09.0564 0x141c  drmkaud - ok
09:32:09.0699 0x141c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
09:32:09.0761 0x141c  DXGKrnl - ok
09:32:09.0844 0x141c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
09:32:09.0851 0x141c  EapHost - ok
09:32:10.0492 0x141c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
09:32:10.0649 0x141c  ebdrv - ok
09:32:10.0716 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
09:32:10.0720 0x141c  EFS - ok
09:32:10.0925 0x141c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
09:32:10.0979 0x141c  ehRecvr - ok
09:32:11.0035 0x141c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
09:32:11.0039 0x141c  ehSched - ok
09:32:11.0226 0x141c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
09:32:11.0284 0x141c  elxstor - ok
09:32:11.0498 0x141c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
09:32:11.0500 0x141c  ErrDev - ok
09:32:11.0661 0x141c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
09:32:11.0676 0x141c  EventSystem - ok
09:32:11.0772 0x141c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
09:32:11.0783 0x141c  exfat - ok
09:32:11.0834 0x141c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
09:32:11.0840 0x141c  fastfat - ok
09:32:11.0950 0x141c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
09:32:11.0969 0x141c  Fax - ok
09:32:12.0001 0x141c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
09:32:12.0003 0x141c  fdc - ok
09:32:12.0071 0x141c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
09:32:12.0073 0x141c  fdPHost - ok
09:32:12.0092 0x141c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
09:32:12.0096 0x141c  FDResPub - ok
09:32:12.0174 0x141c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
09:32:12.0176 0x141c  FileInfo - ok
09:32:12.0207 0x141c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
09:32:12.0208 0x141c  Filetrace - ok
09:32:12.0220 0x141c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
09:32:12.0223 0x141c  flpydisk - ok
09:32:12.0266 0x141c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
09:32:12.0282 0x141c  FltMgr - ok
09:32:12.0486 0x141c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
09:32:12.0650 0x141c  FontCache - ok
09:32:12.0710 0x141c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:32:12.0712 0x141c  FontCache3.0.0.0 - ok
09:32:12.0834 0x141c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
09:32:12.0838 0x141c  FsDepends - ok
09:32:12.0882 0x141c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
09:32:12.0885 0x141c  Fs_Rec - ok
09:32:13.0281 0x141c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
09:32:13.0287 0x141c  fvevol - ok
09:32:13.0370 0x141c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
09:32:13.0373 0x141c  gagp30kx - ok
09:32:13.0740 0x141c  [ 0215DAF58C80D7EBE6084E5065717C3D, 5AED70D789FEB9EB3DBB4BC3284D8ECFD5BF96A57AF66FD527A5A0D3777D6216 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
09:32:13.0754 0x141c  Garmin Core Update Service - ok
09:32:13.0922 0x141c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
09:32:13.0924 0x141c  GEARAspiWDM - ok
09:32:14.0301 0x141c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
09:32:14.0325 0x141c  gpsvc - ok
09:32:14.0490 0x141c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:32:14.0498 0x141c  gupdate - ok
09:32:14.0560 0x141c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:32:14.0568 0x141c  gupdatem - ok
09:32:14.0645 0x141c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:32:14.0652 0x141c  gusvc - ok
09:32:14.0710 0x141c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
09:32:14.0714 0x141c  hcw85cir - ok
09:32:14.0768 0x141c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:32:14.0780 0x141c  HdAudAddService - ok
09:32:14.0805 0x141c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
09:32:14.0809 0x141c  HDAudBus - ok
09:32:14.0849 0x141c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
09:32:14.0852 0x141c  HECIx64 - ok
09:32:14.0892 0x141c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
09:32:14.0894 0x141c  HidBatt - ok
09:32:14.0919 0x141c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
09:32:14.0923 0x141c  HidBth - ok
09:32:14.0942 0x141c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
09:32:14.0944 0x141c  HidIr - ok
09:32:15.0000 0x141c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
09:32:15.0006 0x141c  hidserv - ok
09:32:15.0096 0x141c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
09:32:15.0099 0x141c  HidUsb - ok
09:32:15.0134 0x141c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
09:32:15.0138 0x141c  hkmsvc - ok
09:32:15.0179 0x141c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:32:15.0201 0x141c  HomeGroupListener - ok
09:32:15.0234 0x141c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:32:15.0242 0x141c  HomeGroupProvider - ok
09:32:15.0334 0x141c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
09:32:15.0337 0x141c  HpSAMD - ok
09:32:15.0427 0x141c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
09:32:15.0452 0x141c  HTTP - ok
09:32:15.0490 0x141c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
09:32:15.0491 0x141c  hwpolicy - ok
09:32:15.0574 0x141c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
09:32:15.0581 0x141c  i8042prt - ok
09:32:15.0775 0x141c  [ 5E60DD5F090AB4A563C7204C289C4650, 7728E3877C879EF90B2DE39B312F40AFF2DCA882BE50298C923CA0A250A93636 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
09:32:15.0790 0x141c  iaStor - ok
09:32:15.0936 0x141c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
09:32:15.0958 0x141c  iaStorV - ok
09:32:16.0032 0x141c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:32:16.0035 0x141c  IDriverT - ok
09:32:16.0156 0x141c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:32:16.0241 0x141c  idsvc - ok
09:32:16.0290 0x141c  IEEtwCollectorService - ok
09:32:18.0389 0x141c  [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
09:32:19.0622 0x141c  igfx - ok
09:32:19.0749 0x141c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
09:32:19.0752 0x141c  iirsp - ok
09:32:19.0889 0x141c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
09:32:19.0919 0x141c  IKEEXT - ok
09:32:19.0981 0x141c  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
09:32:19.0986 0x141c  Impcd - ok
09:32:20.0200 0x141c  [ 9321A61A25C7961D9F36852ECAA86F55, F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B ] inpoutx64       C:\windows\system32\Drivers\inpoutx64.sys
09:32:20.0203 0x141c  inpoutx64 - ok
09:32:20.0260 0x141c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
09:32:20.0263 0x141c  intelide - ok
09:32:20.0346 0x141c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
09:32:20.0350 0x141c  intelppm - ok
09:32:20.0471 0x141c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
09:32:20.0478 0x141c  IPBusEnum - ok
09:32:20.0556 0x141c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
09:32:20.0562 0x141c  IpFilterDriver - ok
09:32:20.0649 0x141c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] IpHlpSvc        C:\windows\System32\iphlpsvc.dll
09:32:20.0668 0x141c  IpHlpSvc - ok
09:32:20.0713 0x141c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
09:32:20.0716 0x141c  IPMIDRV - ok
09:32:20.0807 0x141c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
09:32:20.0814 0x141c  IPNAT - ok
09:32:21.0078 0x141c  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:32:21.0130 0x141c  iPod Service - ok
09:32:21.0157 0x141c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
09:32:21.0158 0x141c  IRENUM - ok
09:32:21.0207 0x141c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
09:32:21.0208 0x141c  isapnp - ok
09:32:21.0336 0x141c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
09:32:21.0352 0x141c  iScsiPrt - ok
09:32:21.0415 0x141c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
09:32:21.0419 0x141c  kbdclass - ok
09:32:21.0471 0x141c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
09:32:21.0473 0x141c  kbdhid - ok
09:32:21.0538 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
09:32:21.0542 0x141c  KeyIso - ok
09:32:21.0628 0x141c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
09:32:21.0634 0x141c  KSecDD - ok
09:32:21.0661 0x141c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
09:32:21.0668 0x141c  KSecPkg - ok
09:32:21.0727 0x141c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
09:32:21.0729 0x141c  ksthunk - ok
09:32:21.0782 0x141c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
09:32:21.0792 0x141c  KtmRm - ok
09:32:21.0850 0x141c  [ 655A5D8E80869781CCE23760ADA7E695, 86DA2FC5DBA28762A89BC70D9DA0F370FC4A9F4F28E6802AD5972C387F4EEFD3 ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
09:32:21.0855 0x141c  L1C - ok
09:32:21.0910 0x141c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
09:32:21.0920 0x141c  LanmanServer - ok
09:32:21.0960 0x141c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:32:21.0966 0x141c  LanmanWorkstation - ok
09:32:22.0023 0x141c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
09:32:22.0025 0x141c  lltdio - ok
09:32:22.0067 0x141c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
09:32:22.0078 0x141c  lltdsvc - ok
09:32:22.0093 0x141c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
09:32:22.0096 0x141c  lmhosts - ok
09:32:22.0217 0x141c  [ E7B1D52CD77BF1C4608991F70C872F9F, 36D64AF4E5B06C45E56C131ACA64F2409F1C7D99516D2319919827E25A406FCC ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
09:32:22.0234 0x141c  LMIGuardianSvc - ok
09:32:22.0303 0x141c  [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
09:32:22.0305 0x141c  LMIInfo - ok
09:32:22.0369 0x141c  [ 1A7F86CB54E5FC6668366A497D6227F3, 96E1C95BDCE1E7498C6CDFCB8F6F0FD7326BD14219AF29BB4EB9C2CECB90A110 ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
09:32:22.0381 0x141c  LMIMaint - ok
09:32:22.0600 0x141c  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\windows\system32\DRIVERS\lmimirr.sys
09:32:22.0602 0x141c  lmimirr - ok
09:32:22.0687 0x141c  LMIRfsClientNP - ok
09:32:22.0743 0x141c  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\windows\system32\drivers\LMIRfsDriver.sys
09:32:22.0746 0x141c  LMIRfsDriver - ok
09:32:22.0848 0x141c  [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:32:22.0862 0x141c  LMS - ok
09:32:22.0933 0x141c  [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
09:32:22.0946 0x141c  LogMeIn - ok
09:32:22.0999 0x141c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
09:32:23.0003 0x141c  LSI_FC - ok
09:32:23.0031 0x141c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
09:32:23.0035 0x141c  LSI_SAS - ok
09:32:23.0075 0x141c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
09:32:23.0078 0x141c  LSI_SAS2 - ok
09:32:23.0096 0x141c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
09:32:23.0100 0x141c  LSI_SCSI - ok
09:32:23.0131 0x141c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
09:32:23.0135 0x141c  luafv - ok
09:32:23.0176 0x141c  MBAMSwissArmy - ok
09:32:23.0214 0x141c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
09:32:23.0219 0x141c  Mcx2Svc - ok
09:32:23.0374 0x141c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:32:23.0388 0x141c  MDM - ok
09:32:23.0431 0x141c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
09:32:23.0432 0x141c  megasas - ok
09:32:23.0467 0x141c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
09:32:23.0475 0x141c  MegaSR - ok
09:32:23.0585 0x141c  Microsoft SharePoint Workspace Audit Service - ok
09:32:23.0633 0x141c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
09:32:23.0639 0x141c  MMCSS - ok
09:32:23.0768 0x141c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
09:32:23.0772 0x141c  Modem - ok
09:32:23.0857 0x141c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
09:32:23.0860 0x141c  monitor - ok
09:32:23.0901 0x141c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
09:32:23.0905 0x141c  mouclass - ok
09:32:23.0950 0x141c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
09:32:23.0952 0x141c  mouhid - ok
09:32:23.0988 0x141c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
09:32:23.0992 0x141c  mountmgr - ok
09:32:24.0074 0x141c  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
09:32:24.0083 0x141c  MpFilter - ok
09:32:24.0106 0x141c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
09:32:24.0111 0x141c  mpio - ok
09:32:24.0154 0x141c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
09:32:24.0177 0x141c  mpsdrv - ok
09:32:24.0237 0x141c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
09:32:24.0260 0x141c  MpsSvc - ok
09:32:24.0308 0x141c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
09:32:24.0317 0x141c  MRxDAV - ok
09:32:24.0358 0x141c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
09:32:24.0363 0x141c  mrxsmb - ok
09:32:24.0405 0x141c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
09:32:24.0413 0x141c  mrxsmb10 - ok
09:32:24.0443 0x141c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
09:32:24.0448 0x141c  mrxsmb20 - ok
09:32:24.0503 0x141c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
09:32:24.0504 0x141c  msahci - ok
09:32:24.0696 0x141c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
09:32:24.0700 0x141c  msdsm - ok
09:32:24.0733 0x141c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
09:32:24.0738 0x141c  MSDTC - ok
09:32:24.0798 0x141c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
09:32:24.0800 0x141c  Msfs - ok
09:32:24.0816 0x141c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
09:32:24.0817 0x141c  mshidkmdf - ok
09:32:24.0849 0x141c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
09:32:24.0850 0x141c  msisadrv - ok
09:32:24.0886 0x141c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
09:32:24.0891 0x141c  MSiSCSI - ok
09:32:24.0896 0x141c  msiserver - ok
09:32:24.0951 0x141c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
09:32:24.0952 0x141c  MSKSSRV - ok
09:32:25.0109 0x141c  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:32:25.0111 0x141c  MsMpSvc - ok
09:32:25.0162 0x141c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
09:32:25.0164 0x141c  MSPCLOCK - ok
09:32:25.0196 0x141c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
09:32:25.0198 0x141c  MSPQM - ok
09:32:25.0242 0x141c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
09:32:25.0255 0x141c  MsRPC - ok
09:32:25.0288 0x141c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
09:32:25.0289 0x141c  mssmbios - ok
09:32:25.0316 0x141c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
09:32:25.0318 0x141c  MSTEE - ok
09:32:25.0346 0x141c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
09:32:25.0347 0x141c  MTConfig - ok
09:32:25.0380 0x141c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
09:32:25.0383 0x141c  Mup - ok
09:32:25.0439 0x141c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
09:32:25.0454 0x141c  napagent - ok
09:32:25.0500 0x141c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
09:32:25.0509 0x141c  NativeWifiP - ok
09:32:25.0593 0x141c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
09:32:25.0618 0x141c  NDIS - ok
09:32:25.0650 0x141c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
09:32:25.0652 0x141c  NdisCap - ok
09:32:25.0673 0x141c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
09:32:25.0675 0x141c  NdisTapi - ok
09:32:25.0730 0x141c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
09:32:25.0732 0x141c  Ndisuio - ok
09:32:25.0800 0x141c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
09:32:25.0807 0x141c  NdisWan - ok
09:32:25.0833 0x141c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
09:32:25.0835 0x141c  NDProxy - ok
09:32:25.0931 0x141c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:32:25.0937 0x141c  Net Driver HPZ12 - ok
09:32:25.0974 0x141c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
09:32:25.0976 0x141c  NetBIOS - ok
09:32:26.0009 0x141c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
09:32:26.0017 0x141c  NetBT - ok
09:32:26.0049 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
09:32:26.0052 0x141c  Netlogon - ok
09:32:26.0132 0x141c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
09:32:26.0144 0x141c  Netman - ok
09:32:26.0224 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:26.0269 0x141c  NetMsmqActivator - ok
09:32:26.0291 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:26.0300 0x141c  NetPipeActivator - ok
09:32:26.0354 0x141c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
09:32:26.0370 0x141c  netprofm - ok
09:32:26.0398 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:26.0402 0x141c  NetTcpActivator - ok
09:32:26.0411 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:26.0415 0x141c  NetTcpPortSharing - ok
09:32:26.0473 0x141c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
09:32:26.0477 0x141c  nfrd960 - ok
09:32:26.0522 0x141c  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
09:32:26.0529 0x141c  NisDrv - ok
09:32:26.0586 0x141c  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:32:26.0597 0x141c  NisSrv - ok
09:32:26.0634 0x141c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
09:32:26.0657 0x141c  NlaSvc - ok
09:32:26.0681 0x141c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
09:32:26.0684 0x141c  Npfs - ok
09:32:26.0716 0x141c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
09:32:26.0718 0x141c  nsi - ok
09:32:26.0737 0x141c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
09:32:26.0739 0x141c  nsiproxy - ok
09:32:27.0220 0x141c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
09:32:27.0302 0x141c  Ntfs - ok
09:32:27.0326 0x141c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
09:32:27.0327 0x141c  Null - ok
09:32:27.0358 0x141c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
09:32:27.0362 0x141c  nvraid - ok
09:32:27.0409 0x141c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
09:32:27.0414 0x141c  nvstor - ok
09:32:27.0445 0x141c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
09:32:27.0449 0x141c  nv_agp - ok
09:32:27.0476 0x141c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
09:32:27.0479 0x141c  ohci1394 - ok
09:32:27.0534 0x141c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:32:27.0539 0x141c  ose - ok
09:32:28.0117 0x141c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:32:28.0359 0x141c  osppsvc - ok
09:32:28.0432 0x141c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
09:32:28.0442 0x141c  p2pimsvc - ok
09:32:28.0525 0x141c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
09:32:28.0538 0x141c  p2psvc - ok
09:32:28.0572 0x141c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
09:32:28.0576 0x141c  Parport - ok
09:32:28.0640 0x141c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
09:32:28.0645 0x141c  partmgr - ok
09:32:28.0680 0x141c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
09:32:28.0693 0x141c  PcaSvc - ok
09:32:28.0786 0x141c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
09:32:28.0797 0x141c  pci - ok
09:32:28.0835 0x141c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
09:32:28.0836 0x141c  pciide - ok
09:32:28.0876 0x141c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
09:32:28.0883 0x141c  pcmcia - ok
09:32:28.0902 0x141c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
09:32:28.0905 0x141c  pcw - ok
09:32:28.0954 0x141c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
09:32:28.0972 0x141c  PEAUTH - ok
09:32:29.0370 0x141c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
09:32:29.0373 0x141c  PerfHost - ok
09:32:29.0422 0x141c  [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
09:32:29.0423 0x141c  PGEffect - ok
09:32:29.0612 0x141c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
09:32:29.0676 0x141c  pla - ok
09:32:29.0753 0x141c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
09:32:29.0765 0x141c  PlugPlay - ok
09:32:29.0865 0x141c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:32:29.0868 0x141c  Pml Driver HPZ12 - ok
09:32:29.0916 0x141c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
09:32:29.0918 0x141c  PNRPAutoReg - ok
09:32:29.0953 0x141c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
09:32:29.0963 0x141c  PNRPsvc - ok
09:32:30.0040 0x141c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
09:32:30.0054 0x141c  PolicyAgent - ok
09:32:30.0096 0x141c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
09:32:30.0102 0x141c  Power - ok
09:32:30.0142 0x141c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
09:32:30.0145 0x141c  PptpMiniport - ok
09:32:30.0176 0x141c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
09:32:30.0179 0x141c  Processor - ok
09:32:30.0222 0x141c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
09:32:30.0229 0x141c  ProfSvc - ok
09:32:30.0260 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
09:32:30.0282 0x141c  ProtectedStorage - ok
09:32:30.0333 0x141c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
09:32:30.0337 0x141c  Psched - ok
09:32:30.0439 0x141c  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\windows\system32\DRIVERS\PSKMAD.sys
09:32:30.0441 0x141c  PSKMAD - ok
09:32:30.0495 0x141c  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
09:32:30.0498 0x141c  PxHlpa64 - ok
09:32:30.0526 0x141c  [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57979AA0A6CEE350 ] QIOMem          C:\windows\system32\DRIVERS\QIOMem.sys
09:32:30.0528 0x141c  QIOMem - ok
09:32:30.0663 0x141c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
09:32:30.0734 0x141c  ql2300 - ok
09:32:30.0771 0x141c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
09:32:30.0775 0x141c  ql40xx - ok
09:32:30.0818 0x141c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
09:32:30.0826 0x141c  QWAVE - ok
09:32:30.0859 0x141c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
09:32:30.0862 0x141c  QWAVEdrv - ok
09:32:30.0874 0x141c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
09:32:30.0876 0x141c  RasAcd - ok
09:32:30.0915 0x141c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
09:32:30.0917 0x141c  RasAgileVpn - ok
09:32:30.0947 0x141c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
09:32:30.0951 0x141c  RasAuto - ok
09:32:30.0990 0x141c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
09:32:30.0994 0x141c  Rasl2tp - ok
09:32:31.0033 0x141c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
09:32:31.0044 0x141c  RasMan - ok
09:32:31.0084 0x141c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
09:32:31.0087 0x141c  RasPppoe - ok
09:32:31.0190 0x141c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
09:32:31.0193 0x141c  RasSstp - ok
09:32:31.0228 0x141c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
09:32:31.0237 0x141c  rdbss - ok
09:32:31.0268 0x141c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
09:32:31.0278 0x141c  rdpbus - ok
09:32:31.0306 0x141c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
09:32:31.0307 0x141c  RDPCDD - ok
09:32:31.0334 0x141c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
09:32:31.0335 0x141c  RDPENCDD - ok
09:32:31.0370 0x141c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
09:32:31.0371 0x141c  RDPREFMP - ok
09:32:31.0442 0x141c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
09:32:31.0443 0x141c  RdpVideoMiniport - ok
09:32:31.0763 0x141c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
09:32:31.0769 0x141c  RDPWD - ok
09:32:31.0813 0x141c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
09:32:31.0819 0x141c  rdyboost - ok
09:32:32.0184 0x141c  [ 26BA6AB9DC5B0AAFFAACD8677A1DC95D, 4E49FC8783DFC768CDE3971CBA8EB26463A99DF20E94496FD502263E2452A7D1 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
09:32:32.0185 0x141c  RealNetworks Downloader Resolver Service - ok
09:32:32.0516 0x141c  [ 2CDB350B30063D18F4B5F7FBE8622107, 64D6E073925D6A09084A69D97EA72614924291076C718CB1C3851CC01AB07CE0 ] RealPlayer Cloud Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
09:32:32.0546 0x141c  RealPlayer Cloud Service - ok
09:32:32.0592 0x141c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
09:32:32.0597 0x141c  RemoteAccess - ok
09:32:32.0624 0x141c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
09:32:32.0630 0x141c  RemoteRegistry - ok
09:32:32.0662 0x141c  [ 13D2E03E86B34C21D108770E0B5115BB, 8A1695188DD69C377C3B3BEC0B07F5D0F4D19651D7D984BD91F0D78E6B630CC6 ] RimUsb          C:\windows\system32\Drivers\RimUsb_AMD64.sys
09:32:32.0665 0x141c  RimUsb - ok
09:32:32.0720 0x141c  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
09:32:32.0722 0x141c  RimVSerPort - ok
09:32:32.0762 0x141c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\windows\system32\Drivers\RootMdm.sys
09:32:32.0764 0x141c  ROOTMODEM - ok
09:32:32.0799 0x141c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
09:32:32.0803 0x141c  RpcEptMapper - ok
09:32:32.0869 0x141c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
09:32:32.0870 0x141c  RpcLocator - ok
09:32:32.0921 0x141c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
09:32:32.0934 0x141c  RpcSs - ok
09:32:32.0985 0x141c  rsmdabyu - ok
09:32:33.0020 0x141c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
09:32:33.0023 0x141c  rspndr - ok
09:32:33.0099 0x141c  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
09:32:33.0105 0x141c  RSUSBSTOR - ok
09:32:33.0170 0x141c  [ FFC748D848740D1BC8F330A8879C2674, 1D6DF95585D742329FF32E45E9A53EF80DE8E17F46BF12408638CCFC1576EB90 ] rtl8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
09:32:33.0195 0x141c  rtl8192Ce - ok
09:32:33.0363 0x141c  [ F84917461BDB7C51B2ED7FF062B3A64A, 0DC81BA49BDDB4F425F526A21357E1CF70C94D67E99B3020E9FF14B680851EEC ] RTWlanE         C:\windows\system32\DRIVERS\rtwlane.sys
09:32:33.0419 0x141c  RTWlanE - ok
09:32:33.0471 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
09:32:33.0473 0x141c  SamSs - ok
09:32:33.0511 0x141c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
09:32:33.0515 0x141c  sbp2port - ok
09:32:33.0548 0x141c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
09:32:33.0555 0x141c  SCardSvr - ok
09:32:33.0585 0x141c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
09:32:33.0587 0x141c  scfilter - ok
09:32:33.0687 0x141c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
09:32:33.0724 0x141c  Schedule - ok
09:32:33.0773 0x141c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
09:32:33.0776 0x141c  SCPolicySvc - ok
09:32:33.0814 0x141c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
09:32:33.0821 0x141c  SDRSVC - ok
09:32:33.0864 0x141c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
09:32:33.0865 0x141c  secdrv - ok
09:32:33.0900 0x141c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
09:32:33.0902 0x141c  seclogon - ok
09:32:33.0940 0x141c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
09:32:33.0944 0x141c  SENS - ok
09:32:33.0960 0x141c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
09:32:33.0962 0x141c  SensrSvc - ok
09:32:33.0975 0x141c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
09:32:33.0977 0x141c  Serenum - ok
09:32:34.0014 0x141c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
09:32:34.0017 0x141c  Serial - ok
09:32:34.0054 0x141c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
09:32:34.0055 0x141c  sermouse - ok
09:32:34.0128 0x141c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
09:32:34.0133 0x141c  SessionEnv - ok
09:32:34.0172 0x141c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
09:32:34.0173 0x141c  sffdisk - ok
09:32:34.0191 0x141c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
09:32:34.0193 0x141c  sffp_mmc - ok
09:32:34.0212 0x141c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
09:32:34.0213 0x141c  sffp_sd - ok
09:32:34.0245 0x141c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
09:32:34.0247 0x141c  sfloppy - ok
09:32:34.0311 0x141c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
09:32:34.0332 0x141c  Sftfs - ok
09:32:34.0470 0x141c  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:32:34.0506 0x141c  sftlist - ok
09:32:34.0580 0x141c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
09:32:34.0588 0x141c  Sftplay - ok
09:32:34.0607 0x141c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
09:32:34.0609 0x141c  Sftredir - ok
09:32:34.0625 0x141c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
09:32:34.0627 0x141c  Sftvol - ok
09:32:34.0645 0x141c  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:32:34.0651 0x141c  sftvsa - ok
09:32:34.0761 0x141c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
09:32:34.0783 0x141c  SharedAccess - ok
09:32:34.0828 0x141c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:32:34.0839 0x141c  ShellHWDetection - ok
09:32:34.0864 0x141c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
09:32:34.0866 0x141c  SiSRaid2 - ok
09:32:34.0892 0x141c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
09:32:34.0895 0x141c  SiSRaid4 - ok
09:32:34.0970 0x141c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:32:34.0976 0x141c  SkypeUpdate - ok
09:32:35.0000 0x141c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
09:32:35.0003 0x141c  Smb - ok
09:32:35.0047 0x141c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
09:32:35.0050 0x141c  SNMPTRAP - ok
09:32:35.0066 0x141c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
09:32:35.0068 0x141c  spldr - ok
09:32:35.0133 0x141c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
09:32:35.0152 0x141c  Spooler - ok
09:32:35.0450 0x141c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
09:32:35.0640 0x141c  sppsvc - ok
09:32:35.0708 0x141c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
09:32:35.0716 0x141c  sppuinotify - ok
09:32:35.0759 0x141c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
09:32:35.0772 0x141c  srv - ok
09:32:35.0809 0x141c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
09:32:35.0820 0x141c  srv2 - ok
09:32:35.0854 0x141c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\windows\system32\DRIVERS\VSTAZL6.SYS
09:32:35.0863 0x141c  SrvHsfHDA - ok
09:32:35.0935 0x141c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\windows\system32\DRIVERS\VSTDPV6.SYS
09:32:35.0999 0x141c  SrvHsfV92 - ok
09:32:36.0047 0x141c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\windows\system32\DRIVERS\VSTCNXT6.SYS
09:32:36.0067 0x141c  SrvHsfWinac - ok
09:32:36.0106 0x141c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
09:32:36.0111 0x141c  srvnet - ok
09:32:36.0170 0x141c  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\windows\system32\DRIVERS\ssadbus.sys
09:32:36.0175 0x141c  ssadbus - ok
09:32:36.0233 0x141c  [ F7936AC6E8437E10E1AE488CE21F3086, 40F181733E85473497990951C4ED4CB672C76AC99E25FC4EAAB851BF60B5C44F ] ssadmdfl        C:\windows\system32\DRIVERS\ssadmdfl.sys
09:32:36.0234 0x141c  ssadmdfl - ok
09:32:36.0333 0x141c  [ 1FE033372A58C67B3ECCA903FC637B36, 3977E4288D151AC871681916AFCE38FCC8FA5A6D53A72E02AF37E9E18BAEF951 ] ssadmdm         C:\windows\system32\DRIVERS\ssadmdm.sys
09:32:36.0342 0x141c  ssadmdm - ok
09:32:36.0434 0x141c  [ 5EB7DA2F72B90C8398DF9D7A82E43FCB, 7F89AB72A15CE909BC04A2DCDF687F507E6D800D93F460BF592466E5620FA34E ] ssadserd        C:\windows\system32\DRIVERS\ssadserd.sys
09:32:36.0443 0x141c  ssadserd - ok
09:32:36.0489 0x141c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
09:32:36.0497 0x141c  SSDPSRV - ok
09:32:36.0521 0x141c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
09:32:36.0525 0x141c  SstpSvc - ok
09:32:36.0570 0x141c  [ EA8F41484CCC5BA6A1455C2AD3D1BE3C, B206AA8F4BA7C1E15561B4F2011FA483C5401B0300914F747804A116CCE972BF ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
09:32:36.0577 0x141c  ssudmdm - ok
09:32:36.0608 0x141c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
09:32:36.0610 0x141c  stexstor - ok
09:32:36.0677 0x141c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\drivers\serscan.sys
09:32:36.0679 0x141c  StillCam - ok
09:32:36.0738 0x141c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
09:32:36.0774 0x141c  stisvc - ok
09:32:36.0827 0x141c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
09:32:36.0829 0x141c  swenum - ok
09:32:36.0874 0x141c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
09:32:36.0889 0x141c  swprv - ok
09:32:36.0941 0x141c  [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
09:32:36.0950 0x141c  SynTP - ok
09:32:37.0067 0x141c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
09:32:37.0141 0x141c  SysMain - ok
09:32:37.0180 0x141c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
09:32:37.0184 0x141c  TabletInputService - ok
09:32:37.0213 0x141c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
09:32:37.0224 0x141c  TapiSrv - ok
09:32:37.0262 0x141c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
09:32:37.0265 0x141c  TBS - ok
09:32:37.0468 0x141c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
09:32:37.0544 0x141c  Tcpip - ok
09:32:37.0610 0x141c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
09:32:37.0687 0x141c  TCPIP6 - ok
09:32:37.0746 0x141c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
09:32:37.0750 0x141c  tcpipreg - ok
09:32:37.0797 0x141c  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
09:32:37.0799 0x141c  tdcmdpst - ok
09:32:37.0830 0x141c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
09:32:37.0831 0x141c  TDPIPE - ok
09:32:37.0853 0x141c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
09:32:37.0855 0x141c  TDTCP - ok
09:32:37.0911 0x141c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
09:32:37.0916 0x141c  tdx - ok
09:32:37.0946 0x141c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
09:32:37.0949 0x141c  TermDD - ok
09:32:37.0995 0x141c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
09:32:38.0017 0x141c  TermService - ok
09:32:38.0044 0x141c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
09:32:38.0047 0x141c  Themes - ok
09:32:38.0076 0x141c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
09:32:38.0080 0x141c  THREADORDER - ok
09:32:38.0165 0x141c  [ F120967184A27E927052E8DDBB727851, B54A1D2B4D52C0DF19AC81617A26CA164C5779C568DB86A6FD97D0A14D5FEEB4 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
09:32:38.0169 0x141c  TMachInfo - ok
09:32:38.0205 0x141c  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
09:32:38.0211 0x141c  TODDSrv - ok
09:32:38.0646 0x141c  [ DB9719688C08F42705FEB3F6A0C98B91, D8E837F2F5C3838312001CCDD37448ABAE3DD6452CE6DC26241678E0F3A584CE ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
09:32:38.0667 0x141c  TosCoSrv - ok
09:32:38.0793 0x141c  [ BAE96AD126F4EED4D361B092BA2E61FE, DA52698953D1B97F79F55D939707F334DB914DF1038869009B8CB4FCADF62CF9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
09:32:38.0800 0x141c  TOSHIBA eco Utility Service - ok
09:32:38.0892 0x141c  [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
09:32:38.0900 0x141c  TOSHIBA HDD SSD Alert Service - ok
09:32:39.0041 0x141c  [ 97687D094AA597DA366E1194B218CC6C, 8A617E1901235518FDB7504FCDCE641D9F7C5D256A11D5FEFD35E7696972E2B8 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
09:32:39.0063 0x141c  TPCHSrv - ok
09:32:39.0100 0x141c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
09:32:39.0105 0x141c  TrkWks - ok
09:32:39.0179 0x141c  [ B11D3D21AE60EF344832A97FBA400AB7, EA0DD3CDDFCCAD604435D2553D7DD8D64003FE3D0C1641CF6F7ECEB908494495 ] TrufosAlt       C:\windows\system32\DRIVERS\TrufosAlt.sys
09:32:39.0191 0x141c  TrufosAlt - ok
09:32:39.0252 0x141c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:32:39.0257 0x141c  TrustedInstaller - ok
09:32:39.0293 0x141c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
09:32:39.0295 0x141c  tssecsrv - ok
09:32:39.0331 0x141c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
09:32:39.0333 0x141c  TsUsbFlt - ok
09:32:39.0373 0x141c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
09:32:39.0377 0x141c  tunnel - ok
09:32:39.0408 0x141c  [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
09:32:39.0410 0x141c  TVALZ - ok
09:32:39.0440 0x141c  [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
09:32:39.0441 0x141c  TVALZFL - ok
09:32:39.0475 0x141c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
09:32:39.0478 0x141c  uagp35 - ok
09:32:39.0533 0x141c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
09:32:39.0544 0x141c  udfs - ok
09:32:39.0587 0x141c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
09:32:39.0590 0x141c  UI0Detect - ok
09:32:39.0610 0x141c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
09:32:39.0613 0x141c  uliagpkx - ok
09:32:39.0652 0x141c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
09:32:39.0654 0x141c  umbus - ok
09:32:39.0671 0x141c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
09:32:39.0673 0x141c  UmPass - ok
09:32:39.0854 0x141c  [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:32:39.0971 0x141c  UNS - ok
09:32:40.0027 0x141c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
09:32:40.0037 0x141c  upnphost - ok
09:32:40.0070 0x141c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
09:32:40.0073 0x141c  USBAAPL64 - ok
09:32:40.0191 0x141c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
09:32:40.0198 0x141c  usbaudio - ok
09:32:40.0252 0x141c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
09:32:40.0255 0x141c  usbccgp - ok
09:32:40.0305 0x141c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
09:32:40.0312 0x141c  usbcir - ok
09:32:40.0366 0x141c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
09:32:40.0370 0x141c  usbehci - ok
09:32:40.0463 0x141c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
09:32:40.0476 0x141c  usbhub - ok
09:32:40.0518 0x141c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
09:32:40.0519 0x141c  usbohci - ok
09:32:40.0583 0x141c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
09:32:40.0586 0x141c  usbprint - ok
09:32:40.0637 0x141c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
09:32:40.0640 0x141c  usbscan - ok
09:32:40.0689 0x141c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
09:32:40.0694 0x141c  USBSTOR - ok
09:32:40.0730 0x141c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
09:32:40.0733 0x141c  usbuhci - ok
09:32:40.0792 0x141c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
09:32:40.0801 0x141c  usbvideo - ok
09:32:40.0836 0x141c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
09:32:40.0841 0x141c  UxSms - ok
09:32:40.0871 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
09:32:40.0894 0x141c  VaultSvc - ok
09:32:40.0949 0x141c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
09:32:40.0952 0x141c  vdrvroot - ok
09:32:41.0011 0x141c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
09:32:41.0030 0x141c  vds - ok
09:32:41.0069 0x141c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
09:32:41.0071 0x141c  vga - ok
09:32:41.0108 0x141c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
09:32:41.0110 0x141c  VgaSave - ok
09:32:41.0159 0x141c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
09:32:41.0166 0x141c  vhdmp - ok
09:32:41.0210 0x141c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
09:32:41.0211 0x141c  viaide - ok
09:32:41.0263 0x141c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
09:32:41.0266 0x141c  volmgr - ok
09:32:41.0310 0x141c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
09:32:41.0322 0x141c  volmgrx - ok
09:32:41.0354 0x141c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
09:32:41.0364 0x141c  volsnap - ok
09:32:41.0394 0x141c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
09:32:41.0399 0x141c  vsmraid - ok
09:32:41.0536 0x141c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
09:32:41.0609 0x141c  VSS - ok
09:32:41.0627 0x141c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
09:32:41.0629 0x141c  vwifibus - ok
09:32:41.0680 0x141c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
09:32:41.0683 0x141c  vwififlt - ok
09:32:41.0700 0x141c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
09:32:41.0702 0x141c  vwifimp - ok
09:32:41.0742 0x141c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
09:32:41.0755 0x141c  W32Time - ok
09:32:41.0781 0x141c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
09:32:41.0783 0x141c  WacomPen - ok
09:32:41.0827 0x141c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
09:32:41.0830 0x141c  WANARP - ok
09:32:41.0838 0x141c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
09:32:41.0840 0x141c  Wanarpv6 - ok
09:32:41.0945 0x141c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
09:32:41.0990 0x141c  WatAdminSvc - ok
09:32:42.0198 0x141c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
09:32:42.0349 0x141c  wbengine - ok
09:32:42.0400 0x141c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
09:32:42.0407 0x141c  WbioSrvc - ok
09:32:42.0452 0x141c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
09:32:42.0464 0x141c  wcncsvc - ok
09:32:42.0491 0x141c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:32:42.0494 0x141c  WcsPlugInService - ok
09:32:42.0521 0x141c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
09:32:42.0523 0x141c  Wd - ok
09:32:42.0619 0x141c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
09:32:42.0643 0x141c  Wdf01000 - ok
09:32:42.0688 0x141c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
09:32:42.0692 0x141c  WdiServiceHost - ok
09:32:42.0700 0x141c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
09:32:42.0704 0x141c  WdiSystemHost - ok
09:32:42.0766 0x141c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
09:32:42.0783 0x141c  WebClient - ok
09:32:42.0821 0x141c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
09:32:42.0830 0x141c  Wecsvc - ok
09:32:42.0871 0x141c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
09:32:42.0879 0x141c  wercplsupport - ok
09:32:42.0911 0x141c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
09:32:42.0915 0x141c  WerSvc - ok
09:32:43.0079 0x141c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
09:32:43.0081 0x141c  WfpLwf - ok
09:32:43.0107 0x141c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
09:32:43.0110 0x141c  WIMMount - ok
09:32:43.0128 0x141c  WinDefend - ok
09:32:43.0155 0x141c  WinHttpAutoProxySvc - ok
09:32:43.0226 0x141c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
09:32:43.0240 0x141c  Winmgmt - ok
09:32:43.0414 0x141c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
09:32:43.0488 0x141c  WinRM - ok
09:32:43.0552 0x141c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
09:32:43.0555 0x141c  WinUsb - ok
09:32:43.0750 0x141c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
09:32:43.0777 0x141c  Wlansvc - ok
09:32:43.0842 0x141c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:32:43.0846 0x141c  wlcrasvc - ok
09:32:44.0248 0x141c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:32:44.0322 0x141c  wlidsvc - ok
09:32:44.0362 0x141c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
09:32:44.0363 0x141c  WmiAcpi - ok
09:32:44.0411 0x141c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
09:32:44.0417 0x141c  wmiApSrv - ok
09:32:44.0455 0x141c  WMPNetworkSvc - ok
09:32:44.0515 0x141c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
09:32:44.0520 0x141c  WPCSvc - ok
09:32:44.0558 0x141c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
09:32:44.0564 0x141c  WPDBusEnum - ok
09:32:44.0593 0x141c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
09:32:44.0594 0x141c  ws2ifsl - ok
09:32:44.0621 0x141c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
09:32:44.0625 0x141c  wscsvc - ok
09:32:44.0630 0x141c  WSearch - ok
09:32:44.0803 0x141c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
09:32:44.0889 0x141c  wuauserv - ok
09:32:44.0958 0x141c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
09:32:44.0963 0x141c  WudfPf - ok
09:32:45.0004 0x141c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
09:32:45.0011 0x141c  WUDFRd - ok
09:32:45.0048 0x141c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
09:32:45.0053 0x141c  wudfsvc - ok
09:32:45.0094 0x141c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
09:32:45.0102 0x141c  WwanSvc - ok
09:32:45.0145 0x141c  ZAPrivacyService - ok
09:32:45.0155 0x141c  ZTEusbmdm6k - ok
09:32:45.0193 0x141c  ZTEusbnmea - ok
09:32:45.0199 0x141c  ZTEusbser6k - ok
09:32:45.0220 0x141c  ================ Scan global ===============================
09:32:45.0250 0x141c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
09:32:45.0501 0x141c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
09:32:45.0531 0x141c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
09:32:45.0571 0x141c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
09:32:45.0612 0x141c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
09:32:45.0623 0x141c  [ Global ] - ok
09:32:45.0624 0x141c  ================ Scan MBR ==================================
09:32:45.0639 0x141c  [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
09:32:45.0950 0x141c  \Device\Harddisk0\DR0 - ok
09:32:45.0951 0x141c  ================ Scan VBR ==================================
09:32:45.0966 0x141c  [ 0C80E75223AD68866696B5837DF22CAC ] \Device\Harddisk0\DR0\Partition1
09:32:45.0968 0x141c  \Device\Harddisk0\DR0\Partition1 - ok
09:32:45.0969 0x141c  ================ Scan generic autorun ======================
09:32:46.0016 0x141c  [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
09:32:46.0031 0x141c  ToshibaAppPlace - ok
09:32:46.0102 0x141c  [ 552B331DC253F28C6B3B0B2A2B9BA398, 7FB0DBF7551DB7DFB67BD5FFD601CE0FE6D12FDDA3B3A3DD9AA92ADD891D8854 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
09:32:46.0141 0x141c  ToshibaServiceStation - ok
09:32:46.0275 0x141c  [ F7E0783DA9043BC131BB37C77EDB04DF, CD24E9B89789BE57230C52B24E63F29C6E650876E5FB0CB1304390B7E698FF93 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
09:32:46.0342 0x141c  TWebCamera - ok
09:32:46.0408 0x141c  [ C637FC4638A96165256B28D38DE7B953, CD658543610F151C7860DBDCF36596C9B5417D87E598FA50A435392D4AED1C14 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
09:32:46.0411 0x141c  HP Software Update - ok
09:32:46.0614 0x141c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:32:46.0655 0x141c  Adobe ARM - ok
09:32:46.0703 0x141c  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:32:46.0705 0x141c  APSDaemon - ok
09:32:46.0926 0x141c  [ 213F6A7168235F2AF8E602835DDEB29A, ED3F6B9215B71346815BFCD79C1FAA2F8F180D0955201C1632A6EB6DCF3C229F ] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
09:32:47.0005 0x141c  InstaLAN - ok
09:32:47.0236 0x141c  [ 30EE672AD2C53BFB7DD4BE6993B07C71, 5FB6B5B71AFF14E22460C4C6CA75830736222B74D200E413E05F0CACDE2C44CF ] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
09:32:47.0370 0x141c  BingDesktop - ok
09:32:47.0475 0x141c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:32:47.0659 0x141c  Sidebar - ok
09:32:47.0696 0x141c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:32:47.0700 0x141c  mctadmin - ok
09:32:47.0762 0x141c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:32:47.0786 0x141c  Sidebar - ok
09:32:47.0807 0x141c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:32:47.0810 0x141c  mctadmin - ok
09:32:48.0518 0x141c  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
09:32:49.0003 0x141c  HP Officejet 4620 series (NET) - ok
09:32:49.0049 0x141c  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
09:32:49.0051 0x141c  swg - ok
09:32:49.0689 0x141c  [ 323074FD3CC1BA1214A52B7FBFA2F9D7, 27C198BB9CD855DE8E838BE1D8E5DEC38C00AD770BED629EE328B588AE478767 ] C:\Users\Yelena 2\AppData\Roaming\mjusbsp\cdloader2.exe
09:32:49.0693 0x141c  cdloader - ok
09:32:49.0722 0x141c  Skype - ok
09:32:49.0847 0x141c  [ F63374722A35813CAF665C01388716B8, 258CC1202AAB2F6E824BE33F403E3C4F221D1BBB9E1C9EBD5E33C0280CB277D3 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
09:32:49.0851 0x141c  GarminExpressTrayApp - ok
09:32:49.0872 0x141c  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
09:32:49.0873 0x141c  swg - ok
09:32:49.0874 0x141c  Waiting for KSN requests completion. In queue: 113
09:32:50.0874 0x141c  Waiting for KSN requests completion. In queue: 113
09:32:51.0874 0x141c  Waiting for KSN requests completion. In queue: 113
09:32:52.0896 0x141c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
09:32:52.0953 0x141c  Win FW state via NFP2: enabled
09:32:55.0537 0x141c  ============================================================
09:32:55.0537 0x141c  Scan finished
09:32:55.0537 0x141c  ============================================================
09:32:55.0561 0x18e8  Detected object count: 0
09:32:55.0561 0x18e8  Actual detected object count: 0
 


#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 PM

Posted 18 June 2014 - 03:49 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 18 June 2014 - 10:27 AM

After running FRST a restart was required, so Malaware was run after that and it did not find anything nor it required a restart. Pease find logs below. Thanks.

 

---

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014
Ran by Yelena 2 at 2014-06-18 10:27:12 Run:1
Running from C:\Users\Yelena 2\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Task: {0630AF67-58BE-48F2-BC6F-596C755D2B56} - System32\Tasks\SaveSense => C:\Users\Manuel\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\SaveSense.job => C:\Users\Manuel\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2014-04-08]
CHR HKLM-x32\...\Chrome\Extension: [baabjofogajbckmagjcmlpfnagkkhccj] - C:\Users\Yelena\AppData\LocalLow\Playbryte\Chrome.crx [2014-04-08]
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKLM-x32 - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM-x32 - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKCU - {CF0F9E3D-68DE-4FF9-8A57-FB39C741651B} URL = 
SearchScopes: HKCU - {03898675-C448-4B7B-B84D-78A6474E993C} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
&tb_mrud=09-03-2013
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=287&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=287&systemid=406&sr=0&q={searchTerms}
HKLM\...\AppCertDlls: [dpapntui] -> C:\Users\Yelena\AppData\Local\Temp\charetup.dll
HKLM\...\AppCertDlls: [mobsdmin] -> C:\Users\Yelena\AppData\Local\Temp\charetup64.dll
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll File Not Found
AppInit_DLLs:  C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll File Not Found
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox]  ATTENTION! ====> ZeroAccess?
 
S1 rsmdabyu; \??\C:\windows\system32\drivers\rsmdabyu.sys [X]
S1 ckjfaxsu; \??\C:\windows\system32\drivers\ckjfaxsu.sys [X]
 
C:\Users\Yelena\AppData\Local\Temp\charetup64.dll
C:\Users\Yelena\AppData\Local\Temp\charetup.dll
C:\$Recycle.Bin\S-1-5-21-3137217817-3696929459-3960846700-1000
C:\$Recycle.Bin\S-1-5-18\$d0d044e97abb0899018b0676cf8a906a
C:\$Recycle.Bin\S-1-5-21-3137217817-3696929459-3960846700-1007
2014-06-17 08:59 - 2014-05-03 19:31 - 00000000 ____D () C:\Users\Manuel\AppData\Local\BrowserSafeguard
 
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
*****************
 
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0630AF67-58BE-48F2-BC6F-596C755D2B56}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0630AF67-58BE-48F2-BC6F-596C755D2B56}' => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSense => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSense' => Key deleted successfully.
C:\windows\Tasks\SaveSense.job => Moved successfully.
'HKCU\SOFTWARE\Policies\Google' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb' => Key deleted successfully.
"C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\baabjofogajbckmagjcmlpfnagkkhccj' => Key deleted successfully.
"C:\Users\Yelena\AppData\LocalLow\Playbryte\Chrome.crx" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
'HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => value deleted successfully.
'HKCR\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{b278d9f8-0fa9-465e-9938-0c392605d8e3} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\{b278d9f8-0fa9-465e-9938-0c392605d8e3}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\!{2318C2B1-4965-11d4-9B18-009027A5CD4F}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
'HKCR\Wow6432Node\CLSID\!{8dcb7100-df86-4384-8842-8fa844297b3f}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
'HKCR\CLSID\!{2318C2B1-4965-11d4-9B18-009027A5CD4F}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
'HKCR\CLSID\!{8dcb7100-df86-4384-8842-8fa844297b3f}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.
'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF0F9E3D-68DE-4FF9-8A57-FB39C741651B}' => Key deleted successfully.
'HKCR\CLSID\{CF0F9E3D-68DE-4FF9-8A57-FB39C741651B}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}' => Key deleted successfully.
'HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\D0A1DC920F434AF08DDDCBC77CBAFE88' => Key deleted successfully.
'HKCR\CLSID\D0A1DC920F434AF08DDDCBC77CBAFE88'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03898675-C448-4B7B-B84D-78A6474E993C}' => Key deleted successfully.
'HKCR\CLSID\{03898675-C448-4B7B-B84D-78A6474E993C}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}' => Key deleted successfully.
'HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}' => Key deleted successfully.
'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}'=> Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\dpapntui => value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\mobsdmin => value deleted successfully.
"C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll" => Value Data removed successfully.
" C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll" => Value Data removed successfully.
HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
rsmdabyu => Service deleted successfully.
ckjfaxsu => Service deleted successfully.
"C:\Users\Yelena\AppData\Local\Temp\charetup64.dll" => File/Directory not found.
"C:\Users\Yelena\AppData\Local\Temp\charetup.dll" => File/Directory not found.
C:\$Recycle.Bin\S-1-5-21-3137217817-3696929459-3960846700-1000 => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$d0d044e97abb0899018b0676cf8a906a => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-3137217817-3696929459-3960846700-1007 => Moved successfully.
C:\Users\Manuel\AppData\Local\BrowserSafeguard => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\en-US" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client\Antimalware" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\Backup" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\Drivers" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\en-us" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\es-es" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.
 
 
The system needed a reboot. 
 

==== End of Fixlog ====

 

---

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/18/2014
Scan Time: 10:40:34 AM
Logfile: 140618-05-mbam-log-2014-06-18 (10-40-33).txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.18.06
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Yelena 2
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362674
Time Elapsed: 37 min, 24 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 

(end) 



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 PM

Posted 19 June 2014 - 09:36 AM

Looks good! :)

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 19 June 2014 - 12:18 PM

As per your request...
 
C:\Users\Yelena 2\AppData\Local\Temp\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Users\Yelena 2\AppData\Local\Temp\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Windows\Installer\MSIEE87.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 PM

Posted 23 June 2014 - 02:43 AM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 23 June 2014 - 09:21 AM

As per your request...

 

---

 

# AdwCleaner v3.213 - Report created 23/06/2014 at 10:12:22
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Yelena 2 - YELENA-PC
# Running from : C:\Users\Yelena 2\Desktop\adwcleaner_3.213.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Program Files (x86)\BearShare Applications
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\YELENA~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\YELENA~1\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\Manuel\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Manuel\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Yelena 2\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Yelena 2\AppData\Roaming\SeeSimilar
Folder Deleted : C:\Users\Yelena 2\AppData\Roaming\Systweak
File Deleted : C:\END
File Deleted : C:\Users\YELENA~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\Yelena 2\AppData\Roaming\Mozilla\Firefox\Profiles\22e381rf.default\user.js
File Deleted : C:\Users\Yelena 2\AppData\Roaming\Mozilla\Firefox\Profiles\5dk1gejo.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AxSHDocVw.AxWebBrowser
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_firefox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_firefox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6823F25B-4D75-38A1-A163-7C696B45701F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\firstsearch
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\kxkdir0q.default\prefs.js ]
 
 
[ File : C:\Users\Yelena 2\AppData\Roaming\Mozilla\Firefox\Profiles\22e381rf.default\prefs.js ]
 
 
[ File : C:\Users\Yelena 2\AppData\Roaming\Mozilla\Firefox\Profiles\5dk1gejo.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Startup_urls] : hxxp://www.websearchy.com?&hspart=adk&hsimp=yhs-adk_sychp&param1=20140503&param2=cdbe447d-e3e3-4b28-a735-c76ddf8e0cf1&param3=websearchy-noadmin-ptn-oo_combo_accepted&param4=&type=new
Deleted [Homepage] : hxxp://www.websearchy.com?&hspart=adk&hsimp=yhs-adk_sychp&param1=20140503&param2=cdbe447d-e3e3-4b28-a735-c76ddf8e0cf1&param3=websearchy-noadmin-ptn-oo_combo_accepted&param4=&type=new
 
[ File : C:\Users\Yelena 2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [16369 octets] - [23/06/2014 10:10:51]
AdwCleaner[S0].txt - [16563 octets] - [23/06/2014 10:12:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16624 octets] ##########


#11 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 23 June 2014 - 09:38 AM

As per your request...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Yelena 2 on lun 06/23/2014 at 10:26:19.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DealFinder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DealFinder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_02042013_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_02042013_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DealFinder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DealFinder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_02042013_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_02042013_RASMANCS
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\windows\syswow64\sho1069.tmp
Successfully deleted: [File] C:\windows\syswow64\sho481E.tmp
Successfully deleted: [File] C:\windows\syswow64\sho540B.tmp
Successfully deleted: [File] C:\windows\syswow64\shoB6AA.tmp
Successfully deleted: [File] C:\windows\syswow64\shoCD09.tmp
Successfully deleted: [File] C:\windows\syswow64\shoD367.tmp
Successfully deleted: [File] C:\windows\syswow64\shoF237.tmp
Successfully deleted: [File] C:\windows\syswow64\shoF27E.tmp
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{0E62ED7B-1F37-4F3E-AB83-6CF11518D879}
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{17446FB7-C412-40DE-AD48-53C853E2FB8C}
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{6E626BCC-EB79-4AAF-9F77-4283C5F16E9C}
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{6E7E7556-ACD6-4153-9D2D-889F8E6D6098}
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{98EF2AA9-BBCF-4AEB-A6B5-EDD38633AE38}
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{A538AC02-BF94-413E-897E-4C5612D8B7BD}
Successfully deleted: [Empty Folder] C:\Users\Yelena 2\appdata\local\{D278B729-1B8F-4BF5-9705-153D345B478B}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on lun 06/23/2014 at 10:35:19.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#12 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 23 June 2014 - 10:38 AM

As per your request...

 

---

 

 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
  Adobe Flash Player 13.0.0.214 Flash Player out of Date!  
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
---


#13 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 23 June 2014 - 11:06 AM

Attached you will find a screenshot of the files under "C:" for you to review and let me know if ok. Thanks.



#14 oreofudge

oreofudge
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 23 June 2014 - 11:10 AM

Here it is...



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:12 PM

Posted 24 June 2014 - 06:59 AM

It seems that someone unzipped a setup program to the C drive. Nothing harmful here...

 

 

Your system is clean now! :)

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users