Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Invisible Ads?


  • Please log in to reply
24 replies to this topic

#1 Rcpd0715

Rcpd0715

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 17 June 2014 - 10:39 AM

Hi, I am recently getting invisible ads. there are no windows open, but I hear commercials in the background and do not know how to stop them. I have run malwarebytes, ccleaner, Microsoft essentials and tssds killer? Still not fixing it...Any suggestions please? Thank you

 

here is my DDS log

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.60.2
Run by blevins at 11:30:30 on 2014-06-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8086.4413 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\ProgramData\MediaDev\1397112756\mediadev.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Windows\PhoneMyPC_Helper.exe
C:\Windows\PhoneMyPC.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\ProgramData\UpdateServer\1397222796\webdev.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\blevins\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
C:\Users\blevins\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\ProgramData\UpdateTask\vmhost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
mStart Page = about:blank
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: ArcadeYum Addon: {651CA263-4157-4AC5-B7C2-03A7C1C00457} - C:\Users\blevins\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [LightShot] C:\Users\blevins\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
uRun: [Spotify Web Helper] "C:\Users\blevins\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Spotify] "C:\Users\blevins\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\blevins\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERIZO~1.LNK - C:\Users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001060-0002-0060-ABCDEFFEDCBC} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{0C49705F-9C7C-4167-AC30-4B8CA9BD0A71} : DHCPNameServer = 8.8.8.8 8.8.4.4 209.55.27.13
TCP: Interfaces\{60E1EBFE-359A-4BFF-A0B6-F219054AA1E3} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
TCP: Interfaces\{BBDC5985-C28E-4849-9BC4-C08846DD4D0B} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: TidyNetwork: {4EC218E0-AD35-3CDF-FDEC-DD4F85C23BDA} -
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-12-18 32544]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-3-26 21616]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-8-31 46368]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-12-18 300320]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-22 701512]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2014-6-8 155856]
R2 MediaDevSrv;MediaDevSrv;C:\ProgramData\MediaDev\1397112756\mediadev.exe [2014-4-10 368960]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 133928]
R2 PhoneMyPC_Helper;PhoneMyPC_Helper;C:\Windows\PhoneMyPC_Helper.exe [2011-7-15 31232]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-4-13 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-4-13 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-4-13 171416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-26 2656280]
R2 WinDevSrv;WinDevSrv;C:\ProgramData\UpdateServer\1397222796\webdev.exe [2014-4-11 368960]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-3-26 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-11-4 58128]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-22 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-10-26 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-10-26 176640]
R3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2012-3-30 15360]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2010-7-2 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-12-1 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-22 418376]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-3-12 37344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-3-27 59392]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-27 1255736]
.
=============== Created Last 30 ================
.
2014-06-17 14:47:04 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F141DE2-3C0B-4AC1-B0A2-6031C69E8173}\gapaengine.dll
2014-06-17 14:41:48 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{561F3C04-4B33-41BF-8B5C-980BDA70C4D5}\mpengine.dll
2014-06-17 14:30:49 -------- d-----w- C:\Users\blevins\AppData\Local\Spotify
2014-06-17 14:30:31 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{02476C8D-5BCB-799C-2A07-CFF22E55AE5C}\GapaEngine.dll
2014-06-17 14:29:28 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-17 13:18:25 -------- d-----w- C:\TDSSKiller_Quarantine
2014-06-16 14:41:11 -------- d-----w- C:\Users\blevins\AppData\Local\BrowserSafeguard
2014-06-16 14:40:35 -------- d-----w- C:\Program Files (x86)\Browsersafeguard
2014-06-16 14:40:25 -------- d-----w- C:\Program Files\SearchSnacks
2014-06-16 14:38:51 -------- d-----w- C:\Users\blevins\AppData\Roaming\SupTab
2014-06-16 14:38:50 -------- d-----w- C:\Program Files (x86)\SupTab
2014-06-16 14:37:56 -------- d-----w- C:\Program Files\pcmax
2014-06-16 14:37:27 -------- d-----w- C:\Program Files (x86)\NetTock
2014-06-12 07:34:38 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{194E9C57-E709-4D4C-B726-9DEB05C0EDB9}\gapaengine.dll
2014-06-12 00:29:54 -------- d-----w- C:\Users\blevins\AppData\Roaming\serv
2014-06-10 08:46:59 -------- d-----w- C:\Users\blevins\AppData\Roaming\Oberon Media
2014-06-10 08:46:47 -------- d-----w- C:\Program Files (x86)\Oberon Media SIDR
2014-06-10 08:46:45 -------- d-----w- C:\Program Files (x86)\Common Files\Oberon Media
2014-06-10 08:46:24 -------- d-----w- C:\ProgramData\Oberon Media
2014-06-10 08:45:57 -------- d-----w- C:\Users\blevins\AppData\Local\ArcadeYum
2014-06-09 03:40:23 -------- d-----w- C:\Windows\SysWow64\NV
2014-06-09 03:40:23 -------- d-----w- C:\Windows\System32\NV
2014-06-09 03:31:26 -------- d-----w- C:\Program Files\CCleaner
2014-06-09 02:38:19 -------- d-----w- C:\ProgramData\Oracle
2014-06-09 02:37:36 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2014-06-17 14:40:11 658 ----a-w- C:\Windows\PhoneMyPC_Settings.bin
2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-14 05:33:20 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 05:33:20 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
.
============= FINISH: 11:33:38.66 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:04 PM

Posted 20 June 2014 - 02:22 PM

Hi Rcpd0715

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.


I am recently getting invisible ads. there are no windows open, but I hear commercials in the background and do not know how to stop them.

It sounds as though a particular file may have been patched.
This will tell us.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
Also
  • Please re-run FRST again, but this time type the following in the edit box after Search: rpcss.dll
  • Click the Search File(s) button


    rpcss_zps888886ad.png
  • It will make a log (Search.txt)- please post this report along with the other 2 FRST reports.
In your next reply, please submit:
Both reports from FRST
and also the Search.txt


Thanks.

BBPP6nz.png


#3 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 20 June 2014 - 05:49 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014
Ran by blevins (administrator) on BLEVINS-PC on 20-06-2014 18:39:34
Running from C:\Users\blevins\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
() C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(SoftwareForMe Inc) C:\Windows\PhoneMyPC_Helper.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftwareForMe Inc) C:\Windows\PhoneMyPC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skillbrains) C:\Users\blevins\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SAMSUNG Electornics Co., Ltd.) C:\Users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel® Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-4029183340-2131593037-1719951526-1000\...\Run: [LightShot] => C:\Users\blevins\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] ()
HKU\S-1-5-21-4029183340-2131593037-1719951526-1000\...\MountPoints2: {bb944186-c27d-11e3-84ef-de97c7ca827f} - F:\VZW_Software_upgrade_assistant.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
Startup: C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {30BA8F10-CB37-4A6A-AC66-5C352C06C52D} URL = http://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
SearchScopes: HKCU - {30BA8F10-CB37-4A6A-AC66-5C352C06C52D} URL = http://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
BHO: TidyNetwork - {4EC218E0-AD35-3CDF-FDEC-DD4F85C23BDA} - C:\Program Files (x86)\TidyNetwork\petn64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: ArcadeYum Addon - {651CA263-4157-4AC5-B7C2-03A7C1C00457} - C:\Users\blevins\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{60E1EBFE-359A-4BFF-A0B6-F219054AA1E3}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{BBDC5985-C28E-4849-9BC4-C08846DD4D0B}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\blevins\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\blevins\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-03-27]
FF HKCU\...\Firefox\Extensions: [{8d849c0c-77a8-47ae-a584-4541b355900a}] - C:\Program Files (x86)\Video-Saver\150.xpi
FF HKCU\...\Firefox\Extensions: [{266987b8-a2c4-4495-b705-204d1264ba2e}] - C:\Program Files (x86)\click-n-mark Corp\158.xpi
FF HKCU\...\Firefox\Extensions: [{ee205d25-ff0d-4af6-b21f-d77d49428d77}] - C:\Program Files (x86)\KeyPlayer-soft\155.xpi
FF HKCU\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi

Chrome:
=======
CHR HomePage: hxxp://www.v9.com/?type=hp&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0
CHR StartupUrls: "hxxp://www.v9.com/?type=hp&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: v9
CHR DefaultSearchProvider: v9
CHR DefaultSearchURL: http://search.v9.com/web/?type=ds&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Google Drive) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-10]
CHR Extension: (YouTube) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Google Search) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (SiteAdvisor) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-12-05]
CHR Extension: (Key Player) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbalfpafjllhleilicoimkgdgpggmegf [2014-04-10]
CHR Extension: (No Name) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbmildjdmppofnohldicmnkojfhggmb [2014-06-10]
CHR Extension: (Google Wallet) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Gmail) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]
CHR HKCU\...\Chrome\Extension: [oblkmgkfjnmlkemjgheoidmmfncckcej] - C:\Users\blevins\AppData\Local\CRE\oblkmgkfjnmlkemjgheoidmmfncckcej.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [oblkmgkfjnmlkemjgheoidmmfncckcej] - C:\Users\blevins\AppData\Local\CRE\oblkmgkfjnmlkemjgheoidmmfncckcej.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-03] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini [8824 2013-11-22] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PhoneMyPC_Helper; C:\Windows\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-12] (AVG Technologies)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S1 drkagpsa; \??\C:\Windows\system32\drivers\drkagpsa.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 ljarducl; \??\C:\Windows\system32\drivers\ljarducl.sys [X]
S1 qzgddddk; \??\C:\Windows\system32\drivers\qzgddddk.sys [X]
S1 smhpdrfa; \??\C:\Windows\system32\drivers\smhpdrfa.sys [X]
S1 sqiisrfq; \??\C:\Windows\system32\drivers\sqiisrfq.sys [X]
S1 ugmlkwyy; \??\C:\Windows\system32\drivers\ugmlkwyy.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-20 18:39 - 2014-06-20 18:40 - 00023311 _____ () C:\Users\blevins\Desktop\FRST.txt
2014-06-20 18:38 - 2014-06-20 18:39 - 00000000 ____D () C:\FRST
2014-06-20 18:38 - 2014-06-20 18:38 - 02083328 _____ (Farbar) C:\Users\blevins\Desktop\FRST64.exe
2014-06-20 18:37 - 2014-06-20 18:37 - 02083328 _____ (Farbar) C:\Users\blevins\Downloads\FRST64.exe
2014-06-17 11:33 - 2014-06-17 11:33 - 00023662 _____ () C:\Users\blevins\Desktop\dds.txt
2014-06-17 11:33 - 2014-06-17 11:33 - 00006620 _____ () C:\Users\blevins\Desktop\attach.txt
2014-06-17 11:28 - 2014-06-17 11:28 - 00688992 ____R (Swearware) C:\Users\blevins\Downloads\dds.com
2014-06-17 10:30 - 2014-06-17 10:30 - 00000000 ____D () C:\Users\blevins\AppData\Local\Spotify
2014-06-17 09:18 - 2014-06-17 09:18 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-16 10:43 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\blevins\Documents\PC Speed Maximizer
2014-06-16 10:41 - 2014-06-16 10:41 - 00000000 ____D () C:\Users\blevins\AppData\Local\BrowserSafeguard
2014-06-16 10:40 - 2014-06-16 10:47 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-16 10:40 - 2014-06-16 10:47 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-16 10:38 - 2014-06-16 10:48 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-16 10:38 - 2014-06-16 10:40 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\SupTab
2014-06-16 10:37 - 2014-06-16 10:48 - 00000000 ____D () C:\Program Files (x86)\NetTock
2014-06-16 10:37 - 2014-06-16 10:47 - 00000000 ____D () C:\Program Files\pcmax
2014-06-11 20:29 - 2014-06-11 20:29 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\serv
2014-06-11 20:19 - 2014-06-11 20:19 - 00000390 _____ () C:\Windows\PFRO.log
2014-06-11 06:50 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 06:50 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 06:50 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 06:50 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 06:50 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 06:50 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 06:50 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 06:50 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 06:50 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 06:50 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 06:50 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 06:50 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 06:50 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 06:50 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 06:50 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 06:50 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 06:50 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 06:50 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 06:50 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 06:50 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 06:50 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 06:50 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 06:50 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 06:50 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 06:50 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 06:50 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 06:50 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 06:50 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 06:50 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 06:50 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 06:50 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 06:50 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 06:50 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 06:50 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 06:50 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 06:50 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 06:50 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 06:50 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 06:50 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 06:50 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 06:50 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 06:50 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 06:50 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 06:50 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 06:50 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 06:50 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 06:50 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 06:50 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 06:50 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 06:50 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 06:50 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 06:50 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 06:50 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 06:50 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 06:50 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 06:50 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 06:50 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 06:50 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 06:50 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 06:50 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 06:50 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 06:50 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 06:50 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 06:50 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 06:50 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 06:50 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-10 04:46 - 2014-06-20 16:56 - 00000466 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-06-10 04:46 - 2014-06-17 10:28 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeYum
2014-06-10 04:46 - 2014-06-10 04:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-10 04:46 - 2014-06-10 04:46 - 00003484 _____ () C:\Windows\System32\Tasks\ArcadeYum
2014-06-10 04:46 - 2014-06-10 04:46 - 00002361 _____ () C:\Users\blevins\Desktop\Backspin Billiards.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00001212 _____ () C:\Users\blevins\Desktop\Games of the Month.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\ProgramData\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Program Files (x86)\Oberon Media SIDR
2014-06-10 04:45 - 2014-06-17 10:28 - 00000000 ____D () C:\Users\blevins\AppData\Local\ArcadeYum
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\system32\NV
2014-06-08 23:39 - 2014-06-18 08:43 - 00000336 _____ () C:\Windows\setupact.log
2014-06-08 23:39 - 2014-06-08 23:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 23:31 - 2014-06-08 23:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-08 23:31 - 2014-06-08 23:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 22:38 - 2014-06-08 22:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 22:37 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-08 22:37 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-08 22:37 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-08 22:37 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-08 22:36 - 2014-06-08 22:37 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-29 15:33 - 2014-05-29 15:49 - 00000000 ____D () C:\Users\blevins\Desktop\voice recordings
2014-05-29 15:21 - 2014-05-29 15:52 - 00000000 ____D () C:\Users\blevins\Desktop\Pics 05-29-14
2014-05-28 11:12 - 2014-06-03 11:26 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot

==================== One Month Modified Files and Folders =======

2014-06-20 18:40 - 2014-06-20 18:39 - 00023311 _____ () C:\Users\blevins\Desktop\FRST.txt
2014-06-20 18:40 - 2014-04-10 02:41 - 00000364 _____ () C:\Windows\Tasks\CIMT_S-1-5-21-4029183340-2131593037-1719951526-1000.job
2014-06-20 18:39 - 2014-06-20 18:38 - 00000000 ____D () C:\FRST
2014-06-20 18:39 - 2014-04-10 02:39 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {61A3AF86-EA98-4C0B-A3FD-A56ADE2AEE2D}.job
2014-06-20 18:38 - 2014-06-20 18:38 - 02083328 _____ (Farbar) C:\Users\blevins\Desktop\FRST64.exe
2014-06-20 18:37 - 2014-06-20 18:37 - 02083328 _____ (Farbar) C:\Users\blevins\Downloads\FRST64.exe
2014-06-20 18:33 - 2012-04-03 22:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 18:21 - 2012-03-26 09:33 - 01459334 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 18:05 - 2012-04-11 23:10 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 17:15 - 2013-11-25 00:35 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-20 16:56 - 2014-06-10 04:46 - 00000466 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-06-20 15:55 - 2012-07-02 08:26 - 00000658 _____ () C:\Windows\PhoneMyPC_Settings.bin
2014-06-20 15:33 - 2013-11-25 00:35 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000.job
2014-06-19 02:41 - 2014-04-10 02:40 - 00000394 _____ () C:\Windows\Tasks\Key Player_wd.job
2014-06-19 02:30 - 2014-04-10 02:40 - 00000396 _____ () C:\Windows\Tasks\Key Player Update.job
2014-06-19 01:05 - 2012-04-11 23:10 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-18 08:51 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-18 08:51 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-18 08:46 - 2012-04-11 23:10 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-18 08:44 - 2013-09-24 14:16 - 00000000 ____D () C:\Users\blevins\AppData\Local\TSVNCache
2014-06-18 08:43 - 2014-06-08 23:39 - 00000336 _____ () C:\Windows\setupact.log
2014-06-18 08:43 - 2014-04-10 02:39 - 00000420 _____ () C:\Windows\Tasks\istcleaner Task.job
2014-06-18 08:43 - 2012-10-14 08:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-18 08:43 - 2012-07-02 08:24 - 00069372 _____ () C:\Windows\PhoneMyPC.log
2014-06-18 08:43 - 2012-07-02 08:24 - 00041380 _____ () C:\Windows\PhoneMyPC_Helper.log
2014-06-18 08:43 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 11:33 - 2014-06-17 11:33 - 00023662 _____ () C:\Users\blevins\Desktop\dds.txt
2014-06-17 11:33 - 2014-06-17 11:33 - 00006620 _____ () C:\Users\blevins\Desktop\attach.txt
2014-06-17 11:28 - 2014-06-17 11:28 - 00688992 ____R (Swearware) C:\Users\blevins\Downloads\dds.com
2014-06-17 10:39 - 2014-04-10 02:47 - 00000000 ____D () C:\ProgramData\UpdateTask
2014-06-17 10:32 - 2012-11-05 20:00 - 00000000 ____D () C:\Users\UpdatusUser.blevins-PC
2014-06-17 10:30 - 2014-06-17 10:30 - 00000000 ____D () C:\Users\blevins\AppData\Local\Spotify
2014-06-17 10:30 - 2014-03-11 23:05 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Spotify
2014-06-17 10:29 - 2012-03-26 09:33 - 00000000 ____D () C:\Users\blevins
2014-06-17 10:28 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeYum
2014-06-17 10:28 - 2014-06-10 04:45 - 00000000 ____D () C:\Users\blevins\AppData\Local\ArcadeYum
2014-06-17 10:28 - 2012-04-11 23:10 - 00000000 ____D () C:\Users\blevins\AppData\Local\Google
2014-06-17 10:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-17 10:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-06-17 10:27 - 2013-09-24 13:29 - 00000000 ____D () C:\ProgramData\MySQL
2014-06-17 09:18 - 2014-06-17 09:18 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-16 10:48 - 2014-06-16 10:38 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-16 10:48 - 2014-06-16 10:37 - 00000000 ____D () C:\Program Files (x86)\NetTock
2014-06-16 10:47 - 2014-06-16 10:40 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-16 10:47 - 2014-06-16 10:40 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-16 10:47 - 2014-06-16 10:37 - 00000000 ____D () C:\Program Files\pcmax
2014-06-16 10:47 - 2012-03-26 13:45 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-16 10:43 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\blevins\Documents\PC Speed Maximizer
2014-06-16 10:41 - 2014-06-16 10:41 - 00000000 ____D () C:\Users\blevins\AppData\Local\BrowserSafeguard
2014-06-16 10:40 - 2014-06-16 10:38 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\SupTab
2014-06-16 10:40 - 2012-03-26 09:34 - 00000000 ____D () C:\Users\blevins\AppData\Local\VirtualStore
2014-06-12 04:11 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 03:29 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-12 03:04 - 2013-08-07 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:02 - 2012-03-26 23:36 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 03:00 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 20:29 - 2014-06-11 20:29 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\serv
2014-06-11 20:19 - 2014-06-11 20:19 - 00000390 _____ () C:\Windows\PFRO.log
2014-06-11 18:07 - 2013-12-05 23:40 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 04:54 - 2014-06-10 04:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-10 04:46 - 2014-06-10 04:46 - 00003484 _____ () C:\Windows\System32\Tasks\ArcadeYum
2014-06-10 04:46 - 2014-06-10 04:46 - 00002361 _____ () C:\Users\blevins\Desktop\Backspin Billiards.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00001212 _____ () C:\Users\blevins\Desktop\Games of the Month.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\ProgramData\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Program Files (x86)\Oberon Media SIDR
2014-06-09 11:38 - 2014-04-13 11:38 - 00000462 _____ () C:\Windows\Tasks\04-13-2014_113857.job
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\system32\NV
2014-06-08 23:39 - 2014-06-08 23:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 23:33 - 2012-05-05 07:12 - 00000000 ____D () C:\Windows\Minidump
2014-06-08 23:33 - 2012-03-26 14:27 - 00000000 ____D () C:\Windows\Panther
2014-06-08 23:33 - 2012-03-26 13:22 - 00000000 ___DC () C:\Users\blevins\AppData\Local\MigWiz
2014-06-08 23:31 - 2014-06-08 23:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-08 23:31 - 2014-06-08 23:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 23:04 - 2012-10-14 08:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-08 23:03 - 2013-11-19 23:22 - 00000000 ____D () C:\temp
2014-06-08 23:02 - 2012-03-26 13:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-08 22:54 - 2012-03-26 11:03 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-06-08 22:54 - 2012-03-26 09:57 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-08 22:38 - 2014-06-08 22:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 22:37 - 2014-06-08 22:36 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 22:37 - 2012-04-07 02:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-08 05:13 - 2014-06-11 06:50 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-11 06:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 11:26 - 2014-05-28 11:12 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-06-03 11:26 - 2013-11-25 00:35 - 00003270 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000
2014-06-03 11:26 - 2013-11-25 00:35 - 00000440 _____ () C:\Users\blevins\AppData\Local\UserProducts.xml
2014-06-02 04:04 - 2013-11-25 00:35 - 00003288 _____ () C:\Windows\System32\Tasks\update-sys
2014-05-30 06:21 - 2014-06-11 06:50 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-11 06:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-11 06:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-11 06:50 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-11 06:50 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-11 06:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-11 06:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-11 06:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-11 06:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-11 06:50 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-11 06:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-11 06:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-11 06:50 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-11 06:50 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-11 06:50 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-11 06:50 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-11 06:50 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-11 06:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-11 06:50 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-11 06:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-11 06:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-11 06:50 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-11 06:50 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-11 06:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-11 06:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-11 06:50 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-11 06:50 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-11 06:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-11 06:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-11 06:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-11 06:50 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-11 06:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-11 06:50 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-11 06:50 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-11 06:50 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-11 06:50 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-11 06:50 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-11 06:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-11 06:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-11 06:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-11 06:50 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-11 06:50 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-11 06:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-11 06:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-11 06:50 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-11 06:50 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-11 06:50 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-11 06:50 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-11 06:50 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-11 06:50 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-11 06:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-11 06:50 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 15:52 - 2014-05-29 15:21 - 00000000 ____D () C:\Users\blevins\Desktop\Pics 05-29-14
2014-05-29 15:49 - 2014-05-29 15:33 - 00000000 ____D () C:\Users\blevins\Desktop\voice recordings
2014-05-29 15:20 - 2014-02-25 09:07 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\VERIZON

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-4029183340-2131593037-1719951526-1000\$73a4b132ea34a55ce6f1b5479947ee5c

Some content of TEMP:
====================
C:\Users\blevins\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-18 03:33

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014
Ran by blevins (administrator) on BLEVINS-PC on 20-06-2014 18:39:34
Running from C:\Users\blevins\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
() C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(SoftwareForMe Inc) C:\Windows\PhoneMyPC_Helper.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftwareForMe Inc) C:\Windows\PhoneMyPC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skillbrains) C:\Users\blevins\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SAMSUNG Electornics Co., Ltd.) C:\Users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel® Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-10-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-4029183340-2131593037-1719951526-1000\...\Run: [LightShot] => C:\Users\blevins\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] ()
HKU\S-1-5-21-4029183340-2131593037-1719951526-1000\...\MountPoints2: {bb944186-c27d-11e3-84ef-de97c7ca827f} - F:\VZW_Software_upgrade_assistant.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
Startup: C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {30BA8F10-CB37-4A6A-AC66-5C352C06C52D} URL = http://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
SearchScopes: HKCU - {30BA8F10-CB37-4A6A-AC66-5C352C06C52D} URL = http://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
BHO: TidyNetwork - {4EC218E0-AD35-3CDF-FDEC-DD4F85C23BDA} - C:\Program Files (x86)\TidyNetwork\petn64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: ArcadeYum Addon - {651CA263-4157-4AC5-B7C2-03A7C1C00457} - C:\Users\blevins\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{60E1EBFE-359A-4BFF-A0B6-F219054AA1E3}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{BBDC5985-C28E-4849-9BC4-C08846DD4D0B}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\blevins\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\blevins\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-03-27]
FF HKCU\...\Firefox\Extensions: [{8d849c0c-77a8-47ae-a584-4541b355900a}] - C:\Program Files (x86)\Video-Saver\150.xpi
FF HKCU\...\Firefox\Extensions: [{266987b8-a2c4-4495-b705-204d1264ba2e}] - C:\Program Files (x86)\click-n-mark Corp\158.xpi
FF HKCU\...\Firefox\Extensions: [{ee205d25-ff0d-4af6-b21f-d77d49428d77}] - C:\Program Files (x86)\KeyPlayer-soft\155.xpi
FF HKCU\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi

Chrome:
=======
CHR HomePage: hxxp://www.v9.com/?type=hp&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0
CHR StartupUrls: "hxxp://www.v9.com/?type=hp&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: v9
CHR DefaultSearchProvider: v9
CHR DefaultSearchURL: http://search.v9.com/web/?type=ds&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Google Drive) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-10]
CHR Extension: (YouTube) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Google Search) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (SiteAdvisor) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-12-05]
CHR Extension: (Key Player) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbalfpafjllhleilicoimkgdgpggmegf [2014-04-10]
CHR Extension: (No Name) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbmildjdmppofnohldicmnkojfhggmb [2014-06-10]
CHR Extension: (Google Wallet) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Gmail) - C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]
CHR HKCU\...\Chrome\Extension: [oblkmgkfjnmlkemjgheoidmmfncckcej] - C:\Users\blevins\AppData\Local\CRE\oblkmgkfjnmlkemjgheoidmmfncckcej.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [oblkmgkfjnmlkemjgheoidmmfncckcej] - C:\Users\blevins\AppData\Local\CRE\oblkmgkfjnmlkemjgheoidmmfncckcej.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-03] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini [8824 2013-11-22] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PhoneMyPC_Helper; C:\Windows\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-12] (AVG Technologies)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S1 drkagpsa; \??\C:\Windows\system32\drivers\drkagpsa.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 ljarducl; \??\C:\Windows\system32\drivers\ljarducl.sys [X]
S1 qzgddddk; \??\C:\Windows\system32\drivers\qzgddddk.sys [X]
S1 smhpdrfa; \??\C:\Windows\system32\drivers\smhpdrfa.sys [X]
S1 sqiisrfq; \??\C:\Windows\system32\drivers\sqiisrfq.sys [X]
S1 ugmlkwyy; \??\C:\Windows\system32\drivers\ugmlkwyy.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-20 18:39 - 2014-06-20 18:40 - 00023311 _____ () C:\Users\blevins\Desktop\FRST.txt
2014-06-20 18:38 - 2014-06-20 18:39 - 00000000 ____D () C:\FRST
2014-06-20 18:38 - 2014-06-20 18:38 - 02083328 _____ (Farbar) C:\Users\blevins\Desktop\FRST64.exe
2014-06-20 18:37 - 2014-06-20 18:37 - 02083328 _____ (Farbar) C:\Users\blevins\Downloads\FRST64.exe
2014-06-17 11:33 - 2014-06-17 11:33 - 00023662 _____ () C:\Users\blevins\Desktop\dds.txt
2014-06-17 11:33 - 2014-06-17 11:33 - 00006620 _____ () C:\Users\blevins\Desktop\attach.txt
2014-06-17 11:28 - 2014-06-17 11:28 - 00688992 ____R (Swearware) C:\Users\blevins\Downloads\dds.com
2014-06-17 10:30 - 2014-06-17 10:30 - 00000000 ____D () C:\Users\blevins\AppData\Local\Spotify
2014-06-17 09:18 - 2014-06-17 09:18 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-16 10:43 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\blevins\Documents\PC Speed Maximizer
2014-06-16 10:41 - 2014-06-16 10:41 - 00000000 ____D () C:\Users\blevins\AppData\Local\BrowserSafeguard
2014-06-16 10:40 - 2014-06-16 10:47 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-16 10:40 - 2014-06-16 10:47 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-16 10:38 - 2014-06-16 10:48 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-16 10:38 - 2014-06-16 10:40 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\SupTab
2014-06-16 10:37 - 2014-06-16 10:48 - 00000000 ____D () C:\Program Files (x86)\NetTock
2014-06-16 10:37 - 2014-06-16 10:47 - 00000000 ____D () C:\Program Files\pcmax
2014-06-11 20:29 - 2014-06-11 20:29 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\serv
2014-06-11 20:19 - 2014-06-11 20:19 - 00000390 _____ () C:\Windows\PFRO.log
2014-06-11 06:50 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 06:50 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 06:50 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 06:50 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 06:50 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 06:50 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 06:50 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 06:50 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 06:50 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 06:50 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 06:50 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 06:50 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 06:50 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 06:50 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 06:50 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 06:50 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 06:50 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 06:50 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 06:50 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 06:50 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 06:50 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 06:50 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 06:50 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 06:50 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 06:50 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 06:50 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 06:50 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 06:50 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 06:50 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 06:50 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 06:50 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 06:50 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 06:50 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 06:50 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 06:50 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 06:50 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 06:50 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 06:50 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 06:50 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 06:50 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 06:50 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 06:50 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 06:50 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 06:50 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 06:50 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 06:50 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 06:50 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 06:50 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 06:50 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 06:50 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 06:50 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 06:50 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 06:50 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 06:50 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 06:50 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 06:50 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 06:50 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 06:50 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 06:50 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 06:50 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 06:50 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 06:50 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 06:50 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 06:50 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 06:50 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 06:50 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-10 04:46 - 2014-06-20 16:56 - 00000466 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-06-10 04:46 - 2014-06-17 10:28 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeYum
2014-06-10 04:46 - 2014-06-10 04:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-10 04:46 - 2014-06-10 04:46 - 00003484 _____ () C:\Windows\System32\Tasks\ArcadeYum
2014-06-10 04:46 - 2014-06-10 04:46 - 00002361 _____ () C:\Users\blevins\Desktop\Backspin Billiards.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00001212 _____ () C:\Users\blevins\Desktop\Games of the Month.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\ProgramData\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Program Files (x86)\Oberon Media SIDR
2014-06-10 04:45 - 2014-06-17 10:28 - 00000000 ____D () C:\Users\blevins\AppData\Local\ArcadeYum
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\system32\NV
2014-06-08 23:39 - 2014-06-18 08:43 - 00000336 _____ () C:\Windows\setupact.log
2014-06-08 23:39 - 2014-06-08 23:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 23:31 - 2014-06-08 23:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-08 23:31 - 2014-06-08 23:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 22:38 - 2014-06-08 22:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 22:37 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-08 22:37 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-08 22:37 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-08 22:37 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-08 22:36 - 2014-06-08 22:37 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-29 15:33 - 2014-05-29 15:49 - 00000000 ____D () C:\Users\blevins\Desktop\voice recordings
2014-05-29 15:21 - 2014-05-29 15:52 - 00000000 ____D () C:\Users\blevins\Desktop\Pics 05-29-14
2014-05-28 11:12 - 2014-06-03 11:26 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot

==================== One Month Modified Files and Folders =======

2014-06-20 18:40 - 2014-06-20 18:39 - 00023311 _____ () C:\Users\blevins\Desktop\FRST.txt
2014-06-20 18:40 - 2014-04-10 02:41 - 00000364 _____ () C:\Windows\Tasks\CIMT_S-1-5-21-4029183340-2131593037-1719951526-1000.job
2014-06-20 18:39 - 2014-06-20 18:38 - 00000000 ____D () C:\FRST
2014-06-20 18:39 - 2014-04-10 02:39 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {61A3AF86-EA98-4C0B-A3FD-A56ADE2AEE2D}.job
2014-06-20 18:38 - 2014-06-20 18:38 - 02083328 _____ (Farbar) C:\Users\blevins\Desktop\FRST64.exe
2014-06-20 18:37 - 2014-06-20 18:37 - 02083328 _____ (Farbar) C:\Users\blevins\Downloads\FRST64.exe
2014-06-20 18:33 - 2012-04-03 22:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 18:21 - 2012-03-26 09:33 - 01459334 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 18:05 - 2012-04-11 23:10 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 17:15 - 2013-11-25 00:35 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-20 16:56 - 2014-06-10 04:46 - 00000466 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-06-20 15:55 - 2012-07-02 08:26 - 00000658 _____ () C:\Windows\PhoneMyPC_Settings.bin
2014-06-20 15:33 - 2013-11-25 00:35 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000.job
2014-06-19 02:41 - 2014-04-10 02:40 - 00000394 _____ () C:\Windows\Tasks\Key Player_wd.job
2014-06-19 02:30 - 2014-04-10 02:40 - 00000396 _____ () C:\Windows\Tasks\Key Player Update.job
2014-06-19 01:05 - 2012-04-11 23:10 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-18 08:51 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-18 08:51 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-18 08:46 - 2012-04-11 23:10 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-18 08:44 - 2013-09-24 14:16 - 00000000 ____D () C:\Users\blevins\AppData\Local\TSVNCache
2014-06-18 08:43 - 2014-06-08 23:39 - 00000336 _____ () C:\Windows\setupact.log
2014-06-18 08:43 - 2014-04-10 02:39 - 00000420 _____ () C:\Windows\Tasks\istcleaner Task.job
2014-06-18 08:43 - 2012-10-14 08:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-18 08:43 - 2012-07-02 08:24 - 00069372 _____ () C:\Windows\PhoneMyPC.log
2014-06-18 08:43 - 2012-07-02 08:24 - 00041380 _____ () C:\Windows\PhoneMyPC_Helper.log
2014-06-18 08:43 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 11:33 - 2014-06-17 11:33 - 00023662 _____ () C:\Users\blevins\Desktop\dds.txt
2014-06-17 11:33 - 2014-06-17 11:33 - 00006620 _____ () C:\Users\blevins\Desktop\attach.txt
2014-06-17 11:28 - 2014-06-17 11:28 - 00688992 ____R (Swearware) C:\Users\blevins\Downloads\dds.com
2014-06-17 10:39 - 2014-04-10 02:47 - 00000000 ____D () C:\ProgramData\UpdateTask
2014-06-17 10:32 - 2012-11-05 20:00 - 00000000 ____D () C:\Users\UpdatusUser.blevins-PC
2014-06-17 10:30 - 2014-06-17 10:30 - 00000000 ____D () C:\Users\blevins\AppData\Local\Spotify
2014-06-17 10:30 - 2014-03-11 23:05 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Spotify
2014-06-17 10:29 - 2012-03-26 09:33 - 00000000 ____D () C:\Users\blevins
2014-06-17 10:28 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeYum
2014-06-17 10:28 - 2014-06-10 04:45 - 00000000 ____D () C:\Users\blevins\AppData\Local\ArcadeYum
2014-06-17 10:28 - 2012-04-11 23:10 - 00000000 ____D () C:\Users\blevins\AppData\Local\Google
2014-06-17 10:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-17 10:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-06-17 10:27 - 2013-09-24 13:29 - 00000000 ____D () C:\ProgramData\MySQL
2014-06-17 09:18 - 2014-06-17 09:18 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-06-16 10:48 - 2014-06-16 10:38 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-16 10:48 - 2014-06-16 10:37 - 00000000 ____D () C:\Program Files (x86)\NetTock
2014-06-16 10:47 - 2014-06-16 10:40 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-16 10:47 - 2014-06-16 10:40 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-16 10:47 - 2014-06-16 10:37 - 00000000 ____D () C:\Program Files\pcmax
2014-06-16 10:47 - 2012-03-26 13:45 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-16 10:43 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\blevins\Documents\PC Speed Maximizer
2014-06-16 10:41 - 2014-06-16 10:41 - 00000000 ____D () C:\Users\blevins\AppData\Local\BrowserSafeguard
2014-06-16 10:40 - 2014-06-16 10:38 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\SupTab
2014-06-16 10:40 - 2012-03-26 09:34 - 00000000 ____D () C:\Users\blevins\AppData\Local\VirtualStore
2014-06-12 04:11 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 03:29 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-12 03:04 - 2013-08-07 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:02 - 2012-03-26 23:36 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 03:00 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 20:29 - 2014-06-11 20:29 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\serv
2014-06-11 20:19 - 2014-06-11 20:19 - 00000390 _____ () C:\Windows\PFRO.log
2014-06-11 18:07 - 2013-12-05 23:40 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 04:54 - 2014-06-10 04:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-10 04:46 - 2014-06-10 04:46 - 00003484 _____ () C:\Windows\System32\Tasks\ArcadeYum
2014-06-10 04:46 - 2014-06-10 04:46 - 00002361 _____ () C:\Users\blevins\Desktop\Backspin Billiards.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00001212 _____ () C:\Users\blevins\Desktop\Games of the Month.lnk
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\ProgramData\Oberon Media
2014-06-10 04:46 - 2014-06-10 04:46 - 00000000 ____D () C:\Program Files (x86)\Oberon Media SIDR
2014-06-09 11:38 - 2014-04-13 11:38 - 00000462 _____ () C:\Windows\Tasks\04-13-2014_113857.job
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-08 23:40 - 2014-06-08 23:40 - 00000000 ____D () C:\Windows\system32\NV
2014-06-08 23:39 - 2014-06-08 23:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 23:33 - 2012-05-05 07:12 - 00000000 ____D () C:\Windows\Minidump
2014-06-08 23:33 - 2012-03-26 14:27 - 00000000 ____D () C:\Windows\Panther
2014-06-08 23:33 - 2012-03-26 13:22 - 00000000 ___DC () C:\Users\blevins\AppData\Local\MigWiz
2014-06-08 23:31 - 2014-06-08 23:31 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-08 23:31 - 2014-06-08 23:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-08 23:31 - 2014-06-08 23:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 23:04 - 2012-10-14 08:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-08 23:03 - 2013-11-19 23:22 - 00000000 ____D () C:\temp
2014-06-08 23:02 - 2012-03-26 13:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-08 22:54 - 2012-03-26 11:03 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-06-08 22:54 - 2012-03-26 09:57 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-08 22:38 - 2014-06-08 22:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 22:37 - 2014-06-08 22:36 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 22:37 - 2012-04-07 02:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-08 05:13 - 2014-06-11 06:50 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-11 06:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 11:26 - 2014-05-28 11:12 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-06-03 11:26 - 2013-11-25 00:35 - 00003270 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000
2014-06-03 11:26 - 2013-11-25 00:35 - 00000440 _____ () C:\Users\blevins\AppData\Local\UserProducts.xml
2014-06-02 04:04 - 2013-11-25 00:35 - 00003288 _____ () C:\Windows\System32\Tasks\update-sys
2014-05-30 06:21 - 2014-06-11 06:50 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-11 06:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-11 06:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-11 06:50 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-11 06:50 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-11 06:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-11 06:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-11 06:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-11 06:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-11 06:50 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-11 06:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-11 06:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-11 06:50 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-11 06:50 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-11 06:50 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-11 06:50 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-11 06:50 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-11 06:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-11 06:50 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-11 06:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-11 06:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-11 06:50 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-11 06:50 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-11 06:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-11 06:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-11 06:50 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-11 06:50 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-11 06:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-11 06:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-11 06:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-11 06:50 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-11 06:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-11 06:50 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-11 06:50 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-11 06:50 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-11 06:50 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-11 06:50 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-11 06:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-11 06:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-11 06:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-11 06:50 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-11 06:50 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-11 06:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-11 06:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-11 06:50 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-11 06:50 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-11 06:50 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-11 06:50 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-11 06:50 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-11 06:50 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-11 06:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-11 06:50 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 15:52 - 2014-05-29 15:21 - 00000000 ____D () C:\Users\blevins\Desktop\Pics 05-29-14
2014-05-29 15:49 - 2014-05-29 15:33 - 00000000 ____D () C:\Users\blevins\Desktop\voice recordings
2014-05-29 15:20 - 2014-02-25 09:07 - 00000000 ____D () C:\Users\blevins\AppData\Roaming\VERIZON

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-4029183340-2131593037-1719951526-1000\$73a4b132ea34a55ce6f1b5479947ee5c

Some content of TEMP:
====================
C:\Users\blevins\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-18 03:33

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014
Ran by blevins at 2014-06-20 18:40:53
Running from C:\Users\blevins\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
ArcadeYum (HKCU\...\ArcadeYum) (Version:  - ArcadeYum LLC)
Backspin Billiards (HKLM-x32\...\111543617) (Version:  - Oberon Media)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 4.1.2.11 - Dell)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.0 - Dropbox, Inc.)
EverQuest (HKCU\...\soe-EverQuest) (Version: 1.0.3.183 - Sony Online Entertainment)
Free Realms (HKCU\...\SOE-Free Realms) (Version:  - Sony Online Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java™ 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Kies Air Discovery Service (HKCU\...\Kies Air Discovery Service) (Version:  - Samsung)
Lightshot-5.1.2.5 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.5 - Skillbrains)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.190 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 4.1.12 (HKLM\...\{7492BCA7-9F62-4265-A727-DC26A9E3DF10}) (Version: 4.1.12 - Oracle Corporation)
PhoneMyPC (HKLM\...\{4B6CAE5A-1863-49CF-9F0E-CF8CFDFDADEE}) (Version: 2.0.3 - SoftwareForMe Inc.)
PremiumSoft Navicat 11.0 for MySQL (HKLM\...\PremiumSoft Navicat for MySQL_is1) (Version: 11.0.12 - PremiumSoft CyberTech Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
TopArcadeHits (HKCU\...\{C1C3E833-420E-4D78-9BA7-86AEBB272384}) (Version:  - TopArcadeHits)
TortoiseSVN 1.8.2.24708 (64 bit) (HKLM\...\{D0DC3918-460D-4229-811E-41F22D0CD7E9}) (Version: 1.8.24708 - TortoiseSVN)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{3AC82D10-23DD-48F7-9E4A-FBD3792F2655}) (Version: 2.14.0307 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{B7C5C35E-E750-4D09-BD2E-381D10124CBB}) (Version: 2.14.0305 - Samsung Electronics Co., Ltd.)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

12-06-2014 07:00:12 Windows Update
15-06-2014 22:08:25 Windows Update
15-06-2014 22:42:23 Windows Backup
16-06-2014 14:42:47 Restore Operation
17-06-2014 14:40:05 Windows Backup
17-06-2014 14:40:40 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06BE9793-54D7-41FF-941A-6F483942DCCB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {109F0339-59DF-46EF-B691-70537E231CDF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {211FF8FF-4F37-48C0-9652-C393D9B14A3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {28D76D93-90B2-47FB-AC82-8881503180AE} - System32\Tasks\{834A9BC6-3609-4ED5-8694-3B33C05FAB22} => C:\Users\blevins\Desktop\Win7_64_15265.exe
Task: {3547EAF7-28BA-4A5A-B610-1D0A7A576890} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-11] (Google Inc.)
Task: {3BEFE4BC-7CCB-4A9B-9D51-51CE08CC23ED} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {52C64618-47C9-49FB-ABFE-1823363EE353} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {53787A8A-01F8-4842-B754-03B350B3C0B9} - System32\Tasks\FF Watcher {61A3AF86-EA98-4C0B-A3FD-A56ADE2AEE2D} => C:\Program Files\V-bates\PrefHelper.exe
Task: {5E21837B-B62E-4CFA-AAEA-A24F505F97B6} - System32\Tasks\TidyNetwork Update => C:\Users\blevins\AppData\Local\TidyNetwork\petnupdate.exe
Task: {5E90523F-D69F-4AE4-A4FB-5DB721F671C2} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {5EC718C9-676F-4974-99F5-F44B4B9AFB67} - System32\Tasks\Key Player_wd => C:\Program Files (x86)\KeyPlayer-soft\KeyPlayer_wd.exe
Task: {671844FC-BD01-45C2-B6CD-AC85C4BF4001} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-11] (Google Inc.)
Task: {689FA523-15C3-453C-A90A-CFFED2CF119F} - System32\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {6DB70343-0B77-4DF2-A412-5A873C777527} - System32\Tasks\istcleaner Task => C:\Users\blevins\AppData\Roaming\UpdateServ\ISTCleaner.exe
Task: {6F9CB67E-CBDF-4E69-9545-04A7279DDD38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {7596B826-EFE4-441F-83B8-E521A79BA184} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {79E8F19B-13D6-4446-B058-A753EAA67C0C} - \RegClean Pro No Task File <==== ATTENTION
Task: {87F658BD-C349-4AF1-A773-E759DBDEC604} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8E470E11-1F51-4D05-973B-82AB4587DC9C} - System32\Tasks\04-13-2014_113857 => C:\Program Files (x86)\Spyware Cease\SpywareCease.exe
Task: {96F98DA1-977A-44F1-A01C-922713680C78} - System32\Tasks\CIMT_S-1-5-21-4029183340-2131593037-1719951526-1000 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: {A13D6074-1FF7-4DAF-A82C-8B213BD1A11E} - System32\Tasks\ArcadeYum => C:\Users\blevins\AppData\Local\ArcadeYum\ArcadeYumVersionControl.exe [2014-06-10] (ArcadeYum)
Task: {B3AB5ACF-D892-46F6-8C2D-B3E36D641728} - System32\Tasks\Key Player Update => C:\Program Files (x86)\KeyPlayer-soft\KeyPl.exe
Task: {CA9B4506-A7E3-48E9-AC72-A1031A00D623} - System32\Tasks\{2E8FC1EC-0EC6-47D8-BB08-3F7AD35615D2} => C:\Users\blevins\Desktop\Win7_64_15265.exe
Task: {E9432892-63AB-4560-88EA-5D30330511F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\04-13-2014_113857.job => C:\Program Files (x86)\Spyware Cease\SpywareCease.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ArcadeYum.job => C:\Users\blevins\AppData\Local\ArcadeYum\ArcadeYumVersionControl.exe
Task: C:\Windows\Tasks\CIMT_S-1-5-21-4029183340-2131593037-1719951526-1000.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: C:\Windows\Tasks\FF Watcher {61A3AF86-EA98-4C0B-A3FD-A56ADE2AEE2D}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\istcleaner Task.job => C:\Users\blevins\AppData\Roaming\UpdateServ\ISTCleaner.exe
Task: C:\Windows\Tasks\Key Player Update.job => C:\Program Files (x86)\KeyPlayer-soft\KeyPl.exe
Task: C:\Windows\Tasks\Key Player_wd.job => C:\Program Files (x86)\KeyPlayer-soft\KeyPlayer_wd.exe
Task: C:\Windows\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2012-11-05 19:59 - 2013-10-23 04:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-08-27 23:00 - 2013-08-27 23:00 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-08-27 22:59 - 2013-08-27 22:59 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2012-04-10 09:45 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-06-18 11:24 - 2012-06-18 11:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-01-08 23:14 - 2013-01-08 23:14 - 06107136 _____ () C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe
2012-03-26 12:36 - 2010-12-17 10:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2012-02-17 09:21 - 2012-02-17 09:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-13 11:48 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-04-13 11:48 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-04-13 11:48 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-13 11:48 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-13 11:48 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-10 04:46 - 2014-06-10 04:46 - 00204672 _____ () C:\Users\blevins\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:DAF232F8

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Users^blevins^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^blevins^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^blevins^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\blevins\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\blevins\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2014 02:00:32 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

Error: (06/16/2014 11:20:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (06/16/2014 11:20:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (06/16/2014 11:20:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/16/2014 11:20:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2511

Error: (06/16/2014 11:20:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2511

Error: (06/16/2014 11:20:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2014 06:48:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).

Error: (06/11/2014 07:41:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17041, time stamp: 0x531807e4
Faulting module name: Flash32_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359c422
Exception code: 0xc0000005
Fault offset: 0x0020ca1d
Faulting process id: 0x1ea04
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (06/08/2014 11:42:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (06/18/2014 09:25:00 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:25:00 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:23:59 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:23:59 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:23:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:23:36 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:23:36 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:22:45 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:22:45 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (06/18/2014 09:22:45 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Microsoft Office Sessions:
=========================
Error: (06/17/2014 02:00:32 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005)

Error: (06/16/2014 11:20:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (06/16/2014 11:20:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (06/16/2014 11:20:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/16/2014 11:20:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2511

Error: (06/16/2014 11:20:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2511

Error: (06/16/2014 11:20:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2014 06:48:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: There is not enough free space on the backup storage location to back up the data. (0x80780048)

Error: (06/11/2014 07:41:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17041531807e4Flash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d1ea0401cf85c90feb2570C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\Macromed\Flash\Flash32_13_0_0_214.ocxf3ef30a6-f1c1-11e3-8401-b43a0d5cc4f0

Error: (06/08/2014 11:42:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

CodeIntegrity Errors:
===================================
  Date: 2013-03-12 00:34:31.686
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:31.633
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:29.326
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:29.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:26.723
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:26.670
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:23.921
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:23.859
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:21.294
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-12 00:34:21.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 8086.17 MB
Available physical RAM: 5337.53 MB
Total Pagefile: 16170.52 MB
Available Pagefile: 12320.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.13 GB) (Free:120.28 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:151.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C7E05E77)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Farbar Recovery Scan Tool (x64) Version: 21-06-2014
Ran by blevins at 2014-06-20 18:44:28
Running from C:\Users\blevins\Desktop
Boot Mode: Normal

================== Search Files: "rpcss.dll" =============

C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2012-03-27 01:44][2010-11-20 09:27] 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[2009-07-13 20:00][2009-07-13 21:41] 0509440 ____A (Microsoft Corporation) 7266972E86890E2B30C0C322E906B027 [File is signed]

C:\Windows\System32\rpcss.dll
[2012-03-27 01:44][2010-11-20 09:27] 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123 [File is signed]

====== End Of Search ======



#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:04 PM

Posted 20 June 2014 - 07:58 PM

Hi Rcpd0715

Seems the rpcss.dll is not patched after all.
But there are issues we need to address.

Step 1
Please re-enable these items in MsConfig:
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

Once they are enabled, i recommend that you uninstall Spybot - Search & Destroy
It's a program we haven't recommended for a long time now... due to poor test results.

Step 2
TortoiseSVN 1.8.2.24708 (64 bit) (HKLM\...\{D0DC3918-460D-4229-811E-41F22D0CD7E9}) (Version: 1.8.24708 - TortoiseSVN)
are you a software developer?
If not... this program isn't needed.


Step 3
Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

frstfix_zps7db0c905.png

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.



Step 4
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
In your next reply, please submit:
Fixlog.txt
JRT.txt
AdwCleaner report


Thanks.

Attached Files


BBPP6nz.png


#5 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 20 June 2014 - 11:22 PM

thank you for all this help...btw, I am not a software developer, but I did use that program while working on a game server in the past...


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014
Ran by blevins at 2014-06-20 23:53:11 Run:1
Running from C:\Users\blevins\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\.DEFAULT\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: TidyNetwork - {4EC218E0-AD35-3CDF-FDEC-DD4F85C23BDA} - C:\Program Files (x86)\TidyNetwork\petn64.dll No File
S1 drkagpsa; \??\C:\Windows\system32\drivers\drkagpsa.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 ljarducl; \??\C:\Windows\system32\drivers\ljarducl.sys [X]
S1 qzgddddk; \??\C:\Windows\system32\drivers\qzgddddk.sys [X]
S1 smhpdrfa; \??\C:\Windows\system32\drivers\smhpdrfa.sys [X]
S1 sqiisrfq; \??\C:\Windows\system32\drivers\sqiisrfq.sys [X]
S1 ugmlkwyy; \??\C:\Windows\system32\drivers\ugmlkwyy.sys [X]
C:\$Recycle.Bin\S-1-5-21-4029183340-2131593037-1719951526-1000\$73a4b132ea34a55ce6f1b5479947ee5c
C:\Users\blevins\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
Task: {5E21837B-B62E-4CFA-AAEA-A24F505F97B6} - System32\Tasks\TidyNetwork Update => C:\Users\blevins\AppData\Local\TidyNetwork\petnupdate.exe
Task: {5E90523F-D69F-4AE4-A4FB-5DB721F671C2} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {79E8F19B-13D6-4446-B058-A753EAA67C0C} - \RegClean Pro No Task File <==== ATTENTION
Task: {8E470E11-1F51-4D05-973B-82AB4587DC9C} - System32\Tasks\04-13-2014_113857 => C:\Program Files (x86)\Spyware Cease\SpywareCease.exe
Task: C:\Windows\Tasks\04-13-2014_113857.job => C:\Program Files (x86)\Spyware Cease\SpywareCease.exe
C:\Program Files (x86)\Spyware Cease
AlternateDataStreams: C:\ProgramData\TEMP:DAF232F8
Hosts:
Reboot:

*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect => value deleted successfully.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4EC218E0-AD35-3CDF-FDEC-DD4F85C23BDA}' => Key deleted successfully.
'HKCR\CLSID\{4EC218E0-AD35-3CDF-FDEC-DD4F85C23BDA}' => Key deleted successfully.
drkagpsa => Service deleted successfully.
esgiguard => Service deleted successfully.
ljarducl => Service deleted successfully.
qzgddddk => Service deleted successfully.
smhpdrfa => Service deleted successfully.
sqiisrfq => Service deleted successfully.
ugmlkwyy => Service deleted successfully.
C:\$Recycle.Bin\S-1-5-21-4029183340-2131593037-1719951526-1000\$73a4b132ea34a55ce6f1b5479947ee5c => Moved successfully.
C:\Users\blevins\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E21837B-B62E-4CFA-AAEA-A24F505F97B6}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E21837B-B62E-4CFA-AAEA-A24F505F97B6}' => Key deleted successfully.
C:\Windows\System32\Tasks\TidyNetwork Update => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TidyNetwork Update' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5E90523F-D69F-4AE4-A4FB-5DB721F671C2}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E90523F-D69F-4AE4-A4FB-5DB721F671C2}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79E8F19B-13D6-4446-B058-A753EAA67C0C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79E8F19B-13D6-4446-B058-A753EAA67C0C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E470E11-1F51-4D05-973B-82AB4587DC9C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E470E11-1F51-4D05-973B-82AB4587DC9C}' => Key deleted successfully.
C:\Windows\System32\Tasks\04-13-2014_113857 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\04-13-2014_113857' => Key deleted successfully.
C:\Windows\Tasks\04-13-2014_113857.job => Moved successfully.
"C:\Program Files (x86)\Spyware Cease" => File/Directory not found.
C:\ProgramData\TEMP => ":DAF232F8" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by blevins on Sat 06/21/2014 at 0:00:53.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/21/2014 at 0:07:08.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




# AdwCleaner v3.212 - Report created 21/06/2014 at 00:12:43
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : blevins - BLEVINS-PC
# Running from : C:\Users\blevins\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Skillbrains
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\blevins\AppData\Local\BrowserSafeguard
Folder Deleted : C:\Users\blevins\AppData\Local\Skillbrains
Folder Deleted : C:\Users\blevins\AppData\Roaming\SupTab
Folder Deleted : C:\Users\blevins\Documents\PC Speed Maximizer
File Deleted : C:\Windows\Tasks\update-sys.job
File Deleted : C:\Windows\System32\Tasks\update-sys
File Deleted : C:\Windows\Tasks\FF Watcher {61A3AF86-EA98-4C0B-A3FD-A56ADE2AEE2D}.job
File Deleted : C:\Windows\System32\Tasks\FF Watcher {61A3AF86-EA98-4C0B-A3FD-A56ADE2AEE2D}

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\SkillBrains
Key Deleted : HKLM\Software\SkillBrains
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v

[ File : C:\Users\blevins\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\blevins\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.v9.com/web/?type=ds&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.v9.com/?type=hp&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0
Deleted [Homepage] : hxxp://www.v9.com/?type=hp&ts=1402929502&from=vtt&uid=WDCXWD5000BPKT-75PK4T0_WD-WXF1E81NVLE5NVLE5&i=psd&t=344360db0
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [21215 octets] - [22/11/2013 09:46:00]
AdwCleaner[R1].txt - [6064 octets] - [05/05/2014 00:25:54]
AdwCleaner[R2].txt - [2620 octets] - [21/06/2014 00:10:38]
AdwCleaner[S0].txt - [20637 octets] - [22/11/2013 09:47:32]
AdwCleaner[S1].txt - [5887 octets] - [05/05/2014 00:29:57]
AdwCleaner[S2].txt - [2534 octets] - [21/06/2014 00:12:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2594 octets] ##########

#6 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:04 PM

Posted 21 June 2014 - 04:13 AM

Hi Rcpd0715

That's a bit more cleaned up. :)

Step 1
I see you have recently run TDSSKiller, was it this program that removed the Zero Access infection?
Do you still have a copy of the report it created?

A copy of the report should be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file in your next reply.



Step 2
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 8 Update 5 and save it to your desktop.
  • Scroll down to where it says "Java SE 8 Update 5".
  • Click the "Download JRE " button.
  • Accept the license agreement.
  • select 'Windows x64.exe' from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
    .
    Java 6 Update 22
    .
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on downloaded icon to install the newest version.
Step 3
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2

CF_download_FF.gif


CF_download_rename.gif

This is an example, you may rename ComboFix to anything you want.Then:

Vista/Windows 7 users right-click and select Run As Administrator. on Combo-Fix.exe
  • Please follow any prompts
  • Note:
    Do not mouseclick combofix's window while it's running. That may cause it to stall


    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.



    In your next reply, please submit:
    TDSSKiller report (if you still have it)
    Combofix.txt

    are you still still experiencing problems with the 'Invisible Ads' ?


    Thanks.

BBPP6nz.png


#7 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 09:54 AM

erased because was a accidental post

Attached Files


Edited by Rcpd0715, 21 June 2014 - 10:04 AM.


#8 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 09:54 AM

there were 3 text files for tdss:

 

10:20:47.0879 0x5e14  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
10:20:50.0484 0x5e14  ============================================================
10:20:50.0484 0x5e14  Current date / time: 2014/06/17 10:20:50.0484
10:20:50.0484 0x5e14  SystemInfo:
10:20:50.0484 0x5e14 
10:20:50.0484 0x5e14  OS Version: 6.1.7601 ServicePack: 1.0
10:20:50.0484 0x5e14  Product type: Workstation
10:20:50.0484 0x5e14  ComputerName: BLEVINS-PC
10:20:50.0484 0x5e14  UserName: blevins
10:20:50.0484 0x5e14  Windows directory: C:\Windows
10:20:50.0484 0x5e14  System windows directory: C:\Windows
10:20:50.0484 0x5e14  Running under WOW64
10:20:50.0484 0x5e14  Processor architecture: Intel x64
10:20:50.0484 0x5e14  Number of processors: 8
10:20:50.0484 0x5e14  Page size: 0x1000
10:20:50.0484 0x5e14  Boot type: Normal boot
10:20:50.0484 0x5e14  ============================================================
10:20:52.0730 0x5e14  KLMD registered as C:\Windows\system32\drivers\16326275.sys
10:20:53.0120 0x5e14  System UUID: {895386A8-297E-197D-A400-09F641E99585}
10:20:53.0557 0x5e14  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:20:56.0272 0x5e14  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:20:56.0318 0x5e14  ============================================================
10:20:56.0318 0x5e14  \Device\Harddisk0\DR0:
10:20:56.0318 0x5e14  MBR partitions:
10:20:56.0318 0x5e14  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
10:20:56.0318 0x5e14  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830
10:20:56.0318 0x5e14  \Device\Harddisk1\DR1:
10:20:56.0318 0x5e14  MBR partitions:
10:20:56.0318 0x5e14  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
10:20:56.0318 0x5e14  ============================================================
10:20:56.0350 0x5e14  C: <-> \Device\Harddisk0\DR0\Partition2
10:20:56.0350 0x5e14  D: <-> \Device\Harddisk1\DR1\Partition1
10:20:56.0350 0x5e14  ============================================================
10:20:56.0350 0x5e14  Initialize success
10:20:56.0350 0x5e14  ============================================================
10:21:01.0061 0x1674  ============================================================
10:21:01.0061 0x1674  Scan started
10:21:01.0061 0x1674  Mode: Manual;
10:21:01.0061 0x1674  ============================================================
10:21:01.0061 0x1674  KSN ping started
10:21:03.0838 0x1674  KSN ping finished: true
10:21:05.0678 0x1674  ================ Scan system memory ========================
10:21:05.0678 0x1674  System memory - ok
10:21:05.0678 0x1674  ================ Scan services =============================
10:21:05.0834 0x1674  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:21:05.0850 0x1674  1394ohci - ok
10:21:05.0897 0x1674  [ E0065CBF1A25C015C218457D2CD522B9, 610E90D70FAF624664C5111030C85CF27703DED031CB7293334EB4D67D0274C9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
10:21:05.0897 0x1674  Acceler - ok
10:21:05.0912 0x1674  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:21:05.0928 0x1674  ACPI - ok
10:21:05.0928 0x1674  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:21:05.0928 0x1674  AcpiPmi - ok
10:21:06.0037 0x1674  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:21:06.0037 0x1674  AdobeARMservice - ok
10:21:06.0146 0x1674  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:21:06.0162 0x1674  AdobeFlashPlayerUpdateSvc - ok
10:21:06.0224 0x1674  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:21:06.0256 0x1674  adp94xx - ok
10:21:06.0271 0x1674  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:21:06.0287 0x1674  adpahci - ok
10:21:06.0302 0x1674  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:21:06.0302 0x1674  adpu320 - ok
10:21:06.0334 0x1674  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:21:06.0334 0x1674  AeLookupSvc - ok
10:21:06.0427 0x1674  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
10:21:06.0427 0x1674  AFD - ok
10:21:06.0458 0x1674  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:21:06.0458 0x1674  agp440 - ok
10:21:06.0474 0x1674  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:21:06.0474 0x1674  ALG - ok
10:21:06.0490 0x1674  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:21:06.0490 0x1674  aliide - ok
10:21:06.0505 0x1674  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:21:06.0505 0x1674  amdide - ok
10:21:06.0536 0x1674  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:21:06.0536 0x1674  AmdK8 - ok
10:21:06.0552 0x1674  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:21:06.0552 0x1674  AmdPPM - ok
10:21:06.0568 0x1674  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:21:06.0583 0x1674  amdsata - ok
10:21:06.0599 0x1674  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:21:06.0599 0x1674  amdsbs - ok
10:21:06.0630 0x1674  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:21:06.0630 0x1674  amdxata - ok
10:21:06.0677 0x1674  [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
10:21:06.0677 0x1674  AMPPAL - ok
10:21:06.0708 0x1674  [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
10:21:06.0724 0x1674  AMPPALP - ok
10:21:06.0848 0x1674  [ 864C632B999BE1237A3DC46736E71F27, 3F84570BCE814C4AA456712D945122613B0FBF5D912B076BEA0446B957645CFC ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:21:06.0864 0x1674  AMPPALR3 - ok
10:21:06.0895 0x1674  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:21:06.0895 0x1674  AppID - ok
10:21:06.0911 0x1674  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:21:06.0911 0x1674  AppIDSvc - ok
10:21:06.0942 0x1674  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:21:06.0942 0x1674  Appinfo - ok
10:21:06.0989 0x1674  [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:21:07.0004 0x1674  Apple Mobile Device - ok
10:21:07.0020 0x1674  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:21:07.0036 0x1674  arc - ok
10:21:07.0051 0x1674  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:21:07.0051 0x1674  arcsas - ok
10:21:07.0176 0x1674  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:21:07.0192 0x1674  aspnet_state - ok
10:21:07.0223 0x1674  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:21:07.0223 0x1674  AsyncMac - ok
10:21:07.0254 0x1674  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:21:07.0254 0x1674  atapi - ok
10:21:07.0348 0x1674  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:21:07.0363 0x1674  AudioEndpointBuilder - ok
10:21:07.0379 0x1674  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:21:07.0394 0x1674  AudioSrv - ok
10:21:07.0426 0x1674  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
10:21:07.0426 0x1674  avgtp - ok
10:21:07.0504 0x1674  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:21:07.0504 0x1674  AxInstSV - ok
10:21:07.0566 0x1674  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:21:07.0566 0x1674  b06bdrv - ok
10:21:07.0597 0x1674  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:21:07.0597 0x1674  b57nd60a - ok
10:21:07.0613 0x1674  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:21:07.0613 0x1674  BDESVC - ok
10:21:07.0628 0x1674  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:21:07.0628 0x1674  Beep - ok
10:21:07.0738 0x1674  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:21:07.0769 0x1674  BFE - ok
10:21:07.0862 0x1674  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:21:07.0878 0x1674  BITS - ok
10:21:07.0894 0x1674  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:21:07.0894 0x1674  blbdrive - ok
10:21:08.0018 0x1674  [ 093B1B419EF25B15D3A1CA6953F41AFB, 52B7AD47CE65BEA723ED361E67781E237EE85D71D8233BF965F69B1C6353ADE4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:21:08.0034 0x1674  Bluetooth Device Monitor - ok
10:21:08.0128 0x1674  [ 03A7341E94ACD92E0831336D4F3ACE92, B7BF8B549F2E1508E13568A735C20E799751143DE7D58728100E0EB527D39AC6 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
10:21:08.0159 0x1674  Bluetooth Media Service - ok
10:21:08.0252 0x1674  [ A2EBF384ED105FED7D05C5465500EF2E, 07D38237B295D87FB3E2A3744B6AA9F8D0529FC0DE64B39A6B7ACC63803BB401 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:21:08.0284 0x1674  Bluetooth OBEX Service - ok
10:21:08.0330 0x1674  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:21:08.0330 0x1674  Bonjour Service - ok
10:21:08.0346 0x1674  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:21:08.0362 0x1674  bowser - ok
10:21:08.0362 0x1674  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:21:08.0362 0x1674  BrFiltLo - ok
10:21:08.0362 0x1674  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:21:08.0362 0x1674  BrFiltUp - ok
10:21:08.0393 0x1674  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:21:08.0393 0x1674  Browser - ok
10:21:08.0408 0x1674  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:21:08.0408 0x1674  Brserid - ok
10:21:08.0424 0x1674  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:21:08.0424 0x1674  BrSerWdm - ok
10:21:08.0440 0x1674  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:21:08.0440 0x1674  BrUsbMdm - ok
10:21:08.0455 0x1674  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:21:08.0455 0x1674  BrUsbSer - ok
10:21:08.0486 0x1674  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
10:21:08.0486 0x1674  BthEnum - ok
10:21:08.0486 0x1674  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:21:08.0486 0x1674  BTHMODEM - ok
10:21:08.0518 0x1674  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:21:08.0518 0x1674  BthPan - ok
10:21:08.0564 0x1674  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:21:08.0580 0x1674  BTHPORT - ok
10:21:08.0611 0x1674  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:21:08.0611 0x1674  bthserv - ok
10:21:08.0642 0x1674  [ 9E2AF97302B9F4BF97E952A865EB31AE, 2DE38CF8A24CC1E31604EF870704DE342D800762A2ECCF3E4AF0B183C1408456 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:21:08.0658 0x1674  BTHSSecurityMgr - ok
10:21:08.0674 0x1674  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:21:08.0674 0x1674  BTHUSB - ok
10:21:08.0689 0x1674  [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A, 0A965D032CF7CCB7297A919D1554433CB57BF3D555B7A002E7A1059BE8AE74A0 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
10:21:08.0689 0x1674  btmaux - ok
10:21:08.0720 0x1674  [ 40C6FEC49D1CC4D112368A2BCD2BCBB7, E9ECEAA4F740A667C071EDEA1359491B221E5AA43A990744859CA7CC40E67F6C ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
10:21:08.0736 0x1674  btmhsf - ok
10:21:08.0752 0x1674  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:21:08.0752 0x1674  cdfs - ok
10:21:08.0783 0x1674  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:21:08.0783 0x1674  cdrom - ok
10:21:08.0845 0x1674  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:21:08.0845 0x1674  CertPropSvc - ok
10:21:08.0861 0x1674  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:21:08.0876 0x1674  circlass - ok
10:21:08.0908 0x1674  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:21:08.0939 0x1674  CLFS - ok
10:21:08.0986 0x1674  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:21:09.0001 0x1674  clr_optimization_v2.0.50727_32 - ok
10:21:09.0032 0x1674  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:21:09.0048 0x1674  clr_optimization_v2.0.50727_64 - ok
10:21:09.0142 0x1674  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:21:09.0142 0x1674  clr_optimization_v4.0.30319_32 - ok
10:21:09.0204 0x1674  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:21:09.0204 0x1674  clr_optimization_v4.0.30319_64 - ok
10:21:09.0220 0x1674  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:21:09.0220 0x1674  CmBatt - ok
10:21:09.0251 0x1674  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:21:09.0251 0x1674  cmdide - ok
10:21:09.0344 0x1674  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:21:09.0360 0x1674  CNG - ok
10:21:09.0376 0x1674  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:21:09.0376 0x1674  Compbatt - ok
10:21:09.0391 0x1674  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:21:09.0391 0x1674  CompositeBus - ok
10:21:09.0407 0x1674  COMSysApp - ok
10:21:09.0500 0x1674  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:21:09.0516 0x1674  cphs - ok
10:21:09.0532 0x1674  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:21:09.0532 0x1674  crcdisk - ok
10:21:09.0563 0x1674  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:21:09.0578 0x1674  CryptSvc - ok
10:21:09.0625 0x1674  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
10:21:09.0625 0x1674  dc3d - ok
10:21:09.0703 0x1674  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:21:09.0719 0x1674  DcomLaunch - ok
10:21:09.0750 0x1674  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:21:09.0766 0x1674  defragsvc - ok
10:21:09.0781 0x1674  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:21:09.0797 0x1674  DfsC - ok
10:21:09.0859 0x1674  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
10:21:09.0859 0x1674  dg_ssudbus - ok
10:21:09.0937 0x1674  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:21:09.0953 0x1674  Dhcp - ok
10:21:09.0968 0x1674  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:21:09.0968 0x1674  discache - ok
10:21:10.0000 0x1674  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:21:10.0015 0x1674  Disk - ok
10:21:10.0031 0x1674  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:21:10.0046 0x1674  Dnscache - ok
10:21:10.0109 0x1674  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:21:10.0140 0x1674  dot3svc - ok
10:21:10.0202 0x1674  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:21:10.0218 0x1674  DPS - ok
10:21:10.0249 0x1674  drkagpsa - ok
10:21:10.0296 0x1674  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:21:10.0296 0x1674  drmkaud - ok
10:21:10.0452 0x1674  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:21:10.0468 0x1674  DXGKrnl - ok
10:21:10.0499 0x1674  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:21:10.0499 0x1674  EapHost - ok
10:21:10.0592 0x1674  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:21:10.0655 0x1674  ebdrv - ok
10:21:10.0702 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:21:10.0702 0x1674  EFS - ok
10:21:10.0795 0x1674  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:21:10.0811 0x1674  ehRecvr - ok
10:21:10.0826 0x1674  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:21:10.0842 0x1674  ehSched - ok
10:21:10.0873 0x1674  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:21:10.0889 0x1674  elxstor - ok
10:21:10.0904 0x1674  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:21:10.0904 0x1674  ErrDev - ok
10:21:11.0014 0x1674  esgiguard - ok
10:21:11.0060 0x1674  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:21:11.0076 0x1674  EventSystem - ok
10:21:11.0170 0x1674  [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:21:11.0201 0x1674  EvtEng - ok
10:21:11.0232 0x1674  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:21:11.0232 0x1674  exfat - ok
10:21:11.0263 0x1674  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:21:11.0263 0x1674  fastfat - ok
10:21:11.0357 0x1674  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:21:11.0372 0x1674  Fax - ok
10:21:11.0388 0x1674  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:21:11.0388 0x1674  fdc - ok
10:21:11.0404 0x1674  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:21:11.0404 0x1674  fdPHost - ok
10:21:11.0404 0x1674  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:21:11.0404 0x1674  FDResPub - ok
10:21:11.0419 0x1674  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:21:11.0419 0x1674  FileInfo - ok
10:21:11.0435 0x1674  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:21:11.0435 0x1674  Filetrace - ok
10:21:11.0435 0x1674  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:21:11.0450 0x1674  flpydisk - ok
10:21:11.0513 0x1674  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:21:11.0528 0x1674  FltMgr - ok
10:21:11.0606 0x1674  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:21:11.0622 0x1674  FontCache - ok
10:21:11.0684 0x1674  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:21:11.0684 0x1674  FontCache3.0.0.0 - ok
10:21:11.0716 0x1674  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:21:11.0716 0x1674  FsDepends - ok
10:21:11.0762 0x1674  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
10:21:11.0778 0x1674  FsUsbExDisk - ok
10:21:11.0794 0x1674  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:21:11.0794 0x1674  Fs_Rec - ok
10:21:11.0825 0x1674  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:21:11.0840 0x1674  fvevol - ok
10:21:11.0872 0x1674  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:21:11.0872 0x1674  gagp30kx - ok
10:21:11.0887 0x1674  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:21:11.0887 0x1674  GEARAspiWDM - ok
10:21:11.0965 0x1674  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:21:11.0965 0x1674  gpsvc - ok
10:21:12.0043 0x1674  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:21:12.0059 0x1674  gupdate - ok
10:21:12.0090 0x1674  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:21:12.0106 0x1674  gupdatem - ok
10:21:12.0137 0x1674  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:21:12.0152 0x1674  gusvc - ok
10:21:12.0184 0x1674  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:21:12.0184 0x1674  hcw85cir - ok
10:21:12.0230 0x1674  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:21:12.0246 0x1674  HdAudAddService - ok
10:21:12.0277 0x1674  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:21:12.0277 0x1674  HDAudBus - ok
10:21:12.0293 0x1674  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:21:12.0293 0x1674  HidBatt - ok
10:21:12.0308 0x1674  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:21:12.0324 0x1674  HidBth - ok
10:21:12.0324 0x1674  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:21:12.0324 0x1674  HidIr - ok
10:21:12.0355 0x1674  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:21:12.0355 0x1674  hidserv - ok
10:21:12.0386 0x1674  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:21:12.0386 0x1674  HidUsb - ok
10:21:12.0418 0x1674  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:21:12.0418 0x1674  hkmsvc - ok
10:21:12.0480 0x1674  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:21:12.0496 0x1674  HomeGroupListener - ok
10:21:12.0558 0x1674  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:21:12.0574 0x1674  HomeGroupProvider - ok
10:21:12.0589 0x1674  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:21:12.0589 0x1674  HpSAMD - ok
10:21:12.0683 0x1674  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:21:12.0698 0x1674  HTTP - ok
10:21:12.0745 0x1674  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:21:12.0745 0x1674  hwpolicy - ok
10:21:12.0792 0x1674  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:21:12.0792 0x1674  i8042prt - ok
10:21:12.0854 0x1674  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:21:12.0870 0x1674  iaStorV - ok
10:21:12.0886 0x1674  [ FC47F5CF561BF0FD897EFD1A9604DCCF, C304737F78A772051993A68BB06F860733A8650013A46946A854E47C892C252E ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:21:12.0901 0x1674  iBtFltCoex - ok
10:21:12.0964 0x1674  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:21:12.0995 0x1674  idsvc - ok
10:21:13.0010 0x1674  IEEtwCollectorService - ok
10:21:13.0182 0x1674  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:21:13.0276 0x1674  igfx - ok
10:21:13.0307 0x1674  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:21:13.0307 0x1674  iirsp - ok
10:21:13.0400 0x1674  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:21:13.0432 0x1674  IKEEXT - ok
10:21:13.0463 0x1674  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:21:13.0463 0x1674  IntcDAud - ok
10:21:13.0478 0x1674  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:21:13.0478 0x1674  intelide - ok
10:21:13.0494 0x1674  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:21:13.0494 0x1674  intelppm - ok
10:21:13.0525 0x1674  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:21:13.0525 0x1674  IPBusEnum - ok
10:21:13.0588 0x1674  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:21:13.0588 0x1674  IpFilterDriver - ok
10:21:13.0650 0x1674  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:21:13.0666 0x1674  iphlpsvc - ok
10:21:13.0681 0x1674  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:21:13.0697 0x1674  IPMIDRV - ok
10:21:13.0712 0x1674  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:21:13.0728 0x1674  IPNAT - ok
10:21:13.0806 0x1674  [ 50D6CCC6FF5561F9F56946B3E6164FB8, 27529E751D3CB13B651B54474F04A17DF5737AD0170CD41F601E779F90603D11 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:21:13.0822 0x1674  iPod Service - ok
10:21:13.0853 0x1674  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:21:13.0853 0x1674  IRENUM - ok
10:21:13.0868 0x1674  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:21:13.0868 0x1674  isapnp - ok
10:21:13.0931 0x1674  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:21:13.0946 0x1674  iScsiPrt - ok
10:21:13.0962 0x1674  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:21:13.0962 0x1674  kbdclass - ok
10:21:13.0962 0x1674  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:21:13.0962 0x1674  kbdhid - ok
10:21:13.0978 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:21:13.0978 0x1674  KeyIso - ok
10:21:14.0040 0x1674  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:21:14.0056 0x1674  KSecDD - ok
10:21:14.0118 0x1674  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:21:14.0118 0x1674  KSecPkg - ok
10:21:14.0149 0x1674  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:21:14.0149 0x1674  ksthunk - ok
10:21:14.0196 0x1674  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:21:14.0212 0x1674  KtmRm - ok
10:21:14.0274 0x1674  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:21:14.0290 0x1674  LanmanServer - ok
10:21:14.0368 0x1674  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:21:14.0383 0x1674  LanmanWorkstation - ok
10:21:14.0399 0x1674  ljarducl - ok
10:21:14.0414 0x1674  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:21:14.0430 0x1674  lltdio - ok
10:21:14.0446 0x1674  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:21:14.0461 0x1674  lltdsvc - ok
10:21:14.0492 0x1674  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:21:14.0508 0x1674  lmhosts - ok
10:21:14.0570 0x1674  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:21:14.0586 0x1674  LMS - ok
10:21:14.0633 0x1674  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:21:14.0633 0x1674  LSI_FC - ok
10:21:14.0648 0x1674  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:21:14.0648 0x1674  LSI_SAS - ok
10:21:14.0680 0x1674  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:21:14.0680 0x1674  LSI_SAS2 - ok
10:21:14.0711 0x1674  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:21:14.0711 0x1674  LSI_SCSI - ok
10:21:14.0742 0x1674  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:21:14.0742 0x1674  luafv - ok
10:21:14.0773 0x1674  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:21:14.0773 0x1674  MBAMProtector - ok
10:21:14.0836 0x1674  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:21:14.0851 0x1674  MBAMScheduler - ok
10:21:14.0882 0x1674  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:21:14.0898 0x1674  MBAMService - ok
10:21:14.0976 0x1674  [ AF9BE2CEAB2308EE3AB45A128F3B19BA, 1CCDE53BD477FBEDCF509DC179267A44E2F5C540552CD21F7241BE939D23B877 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
10:21:14.0976 0x1674  McAfee SiteAdvisor Service - ok
10:21:15.0038 0x1674  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:21:15.0054 0x1674  Mcx2Svc - ok
10:21:15.0163 0x1674  [ B863233B4618A6503A1AEAC0F8124108, 97654F495AA3750B3EA86FF4CC5787676412E7DAFDFE8AB35207A477E6788224 ] MediaDevSrv     C:\ProgramData\MediaDev\1397112756\mediadev.exe
10:21:15.0179 0x1674  MediaDevSrv - ok
10:21:15.0194 0x1674  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:21:15.0194 0x1674  megasas - ok
10:21:15.0210 0x1674  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:21:15.0226 0x1674  MegaSR - ok
10:21:15.0241 0x1674  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:21:15.0241 0x1674  MEIx64 - ok
10:21:15.0257 0x1674  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:21:15.0272 0x1674  MMCSS - ok
10:21:15.0288 0x1674  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:21:15.0288 0x1674  Modem - ok
10:21:15.0319 0x1674  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:21:15.0319 0x1674  monitor - ok
10:21:15.0335 0x1674  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:21:15.0335 0x1674  mouclass - ok
10:21:15.0350 0x1674  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:21:15.0350 0x1674  mouhid - ok
10:21:15.0413 0x1674  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:21:15.0413 0x1674  mountmgr - ok
10:21:15.0460 0x1674  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:21:15.0475 0x1674  MpFilter - ok
10:21:15.0506 0x1674  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:21:15.0522 0x1674  mpio - ok
10:21:15.0538 0x1674  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:21:15.0538 0x1674  mpsdrv - ok
10:21:15.0647 0x1674  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:21:15.0662 0x1674  MpsSvc - ok
10:21:15.0709 0x1674  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:21:15.0725 0x1674  MRxDAV - ok
10:21:15.0756 0x1674  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:21:15.0772 0x1674  mrxsmb - ok
10:21:15.0803 0x1674  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:21:15.0803 0x1674  mrxsmb10 - ok
10:21:15.0818 0x1674  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:21:15.0818 0x1674  mrxsmb20 - ok
10:21:15.0850 0x1674  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:21:15.0850 0x1674  msahci - ok
10:21:15.0865 0x1674  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:21:15.0865 0x1674  msdsm - ok
10:21:15.0896 0x1674  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:21:15.0896 0x1674  MSDTC - ok
10:21:15.0928 0x1674  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:21:15.0928 0x1674  Msfs - ok
10:21:15.0928 0x1674  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:21:15.0928 0x1674  mshidkmdf - ok
10:21:15.0943 0x1674  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:21:15.0943 0x1674  msisadrv - ok
10:21:15.0974 0x1674  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:21:15.0974 0x1674  MSiSCSI - ok
10:21:15.0990 0x1674  msiserver - ok
10:21:16.0006 0x1674  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:21:16.0006 0x1674  MSKSSRV - ok
10:21:16.0037 0x1674  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:21:16.0037 0x1674  MsMpSvc - ok
10:21:16.0052 0x1674  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:21:16.0052 0x1674  MSPCLOCK - ok
10:21:16.0068 0x1674  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:21:16.0068 0x1674  MSPQM - ok
10:21:16.0162 0x1674  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:21:16.0177 0x1674  MsRPC - ok
10:21:16.0193 0x1674  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:21:16.0193 0x1674  mssmbios - ok
10:21:16.0208 0x1674  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:21:16.0208 0x1674  MSTEE - ok
10:21:16.0208 0x1674  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:21:16.0208 0x1674  MTConfig - ok
10:21:16.0224 0x1674  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:21:16.0224 0x1674  Mup - ok
10:21:16.0286 0x1674  MySQL - ok
10:21:16.0333 0x1674  [ 8F57DB74BF5407A4CDA6C8B005DC8DD0, 07D8F8605DD8FCBB3404E3A35274C87E9EC78E402C11C3E809CB44C0EB516434 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:21:16.0349 0x1674  MyWiFiDHCPDNS - ok
10:21:16.0442 0x1674  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:21:16.0474 0x1674  napagent - ok
10:21:16.0520 0x1674  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:21:16.0536 0x1674  NativeWifiP - ok
10:21:16.0598 0x1674  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:21:16.0630 0x1674  NDIS - ok
10:21:16.0645 0x1674  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:21:16.0645 0x1674  NdisCap - ok
10:21:16.0676 0x1674  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:21:16.0676 0x1674  NdisTapi - ok
10:21:16.0723 0x1674  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:21:16.0723 0x1674  Ndisuio - ok
10:21:16.0786 0x1674  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:21:16.0801 0x1674  NdisWan - ok
10:21:16.0864 0x1674  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:21:16.0864 0x1674  NDProxy - ok
10:21:16.0879 0x1674  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:21:16.0895 0x1674  NetBIOS - ok
10:21:16.0942 0x1674  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:21:16.0957 0x1674  NetBT - ok
10:21:16.0973 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:21:16.0973 0x1674  Netlogon - ok
10:21:17.0004 0x1674  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:21:17.0020 0x1674  Netman - ok
10:21:17.0098 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:17.0113 0x1674  NetMsmqActivator - ok
10:21:17.0160 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:17.0176 0x1674  NetPipeActivator - ok
10:21:17.0222 0x1674  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:21:17.0238 0x1674  netprofm - ok
10:21:17.0254 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:17.0254 0x1674  NetTcpActivator - ok
10:21:17.0269 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:17.0269 0x1674  NetTcpPortSharing - ok
10:21:17.0503 0x1674  [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
10:21:17.0644 0x1674  NETwNs64 - ok
10:21:17.0675 0x1674  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:21:17.0690 0x1674  nfrd960 - ok
10:21:17.0706 0x1674  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:21:17.0706 0x1674  NisDrv - ok
10:21:17.0737 0x1674  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:21:17.0737 0x1674  NisSrv - ok
10:21:17.0753 0x1674  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:21:17.0768 0x1674  NlaSvc - ok
10:21:17.0768 0x1674  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:21:17.0768 0x1674  Npfs - ok
10:21:17.0784 0x1674  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:21:17.0784 0x1674  nsi - ok
10:21:17.0800 0x1674  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:21:17.0800 0x1674  nsiproxy - ok
10:21:17.0909 0x1674  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:21:17.0940 0x1674  Ntfs - ok
10:21:17.0940 0x1674  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:21:17.0940 0x1674  Null - ok
10:21:17.0971 0x1674  [ F5BC2345E8C89D4E90FAFD23A2239935, A6646BFB2A112C4C2556CEC6A3163B7943E08F42CB41C8A700C72CD797F7F1F1 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
10:21:17.0971 0x1674  nusb3hub - ok
10:21:17.0987 0x1674  [ 5D42578241BC2A9B4A64837077436D5F, D3D9F81DFE98834634331D9C95596AF27323371737860CAB45ABFAE4BA78E966 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:21:17.0987 0x1674  nusb3xhc - ok
10:21:18.0018 0x1674  [ 88F31550395CD97ED68168239A947941, 2C2C9364BDB80C98FB2D06C81EFE153CF9100862C1DD35CE643AADA24CEB72F7 ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
10:21:18.0018 0x1674  nvkflt - ok
10:21:18.0392 0x1674  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:21:18.0595 0x1674  nvlddmkm - ok
10:21:18.0658 0x1674  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
10:21:18.0658 0x1674  nvpciflt - ok
10:21:18.0704 0x1674  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:21:18.0704 0x1674  nvraid - ok
10:21:18.0736 0x1674  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:21:18.0751 0x1674  nvstor - ok
10:21:18.0798 0x1674  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:21:18.0814 0x1674  nvsvc - ok
10:21:18.0923 0x1674  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:21:18.0954 0x1674  nvUpdatusService - ok
10:21:18.0985 0x1674  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:21:19.0001 0x1674  nv_agp - ok
10:21:19.0017 0x1674  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:21:19.0032 0x1674  ohci1394 - ok
10:21:19.0063 0x1674  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:21:19.0079 0x1674  p2pimsvc - ok
10:21:19.0095 0x1674  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:21:19.0110 0x1674  p2psvc - ok
10:21:19.0126 0x1674  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:21:19.0126 0x1674  Parport - ok
10:21:19.0141 0x1674  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:21:19.0157 0x1674  partmgr - ok
10:21:19.0173 0x1674  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:21:19.0173 0x1674  PcaSvc - ok
10:21:19.0188 0x1674  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:21:19.0188 0x1674  pci - ok
10:21:19.0204 0x1674  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:21:19.0204 0x1674  pciide - ok
10:21:19.0235 0x1674  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:21:19.0235 0x1674  pcmcia - ok
10:21:19.0251 0x1674  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:21:19.0266 0x1674  pcw - ok
10:21:19.0297 0x1674  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:21:19.0313 0x1674  PEAUTH - ok
10:21:19.0375 0x1674  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:21:19.0375 0x1674  PerfHost - ok
10:21:19.0422 0x1674  [ 25367AFF274D7DF637B7D5336246773E, AE7116CE62F7A394F8466E5E46BC7D9FB5633CE948F7E7A3F0D85F9F509394B3 ] PhoneMyPC_Helper C:\Windows\PhoneMyPC_Helper.exe
10:21:19.0422 0x1674  PhoneMyPC_Helper - ok
10:21:19.0547 0x1674  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:21:19.0563 0x1674  pla - ok
10:21:19.0609 0x1674  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:21:19.0609 0x1674  PlugPlay - ok
10:21:19.0641 0x1674  [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
10:21:19.0641 0x1674  pneteth - ok
10:21:19.0641 0x1674  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:21:19.0641 0x1674  PNRPAutoReg - ok
10:21:19.0656 0x1674  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:21:19.0672 0x1674  PNRPsvc - ok
10:21:19.0687 0x1674  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
10:21:19.0703 0x1674  Point64 - ok
10:21:19.0719 0x1674  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:21:19.0719 0x1674  PolicyAgent - ok
10:21:19.0750 0x1674  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:21:19.0750 0x1674  Power - ok
10:21:19.0812 0x1674  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:21:19.0828 0x1674  PptpMiniport - ok
10:21:19.0843 0x1674  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:21:19.0859 0x1674  Processor - ok
10:21:19.0890 0x1674  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:21:19.0906 0x1674  ProfSvc - ok
10:21:19.0921 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:21:19.0921 0x1674  ProtectedStorage - ok
10:21:19.0953 0x1674  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:21:19.0953 0x1674  Psched - ok
10:21:19.0968 0x1674  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
10:21:19.0968 0x1674  qicflt - ok
10:21:20.0093 0x1674  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:21:20.0124 0x1674  ql2300 - ok
10:21:20.0155 0x1674  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:21:20.0171 0x1674  ql40xx - ok
10:21:20.0218 0x1674  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:21:20.0233 0x1674  QWAVE - ok
10:21:20.0249 0x1674  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:21:20.0249 0x1674  QWAVEdrv - ok
10:21:20.0249 0x1674  qzgddddk - ok
10:21:20.0280 0x1674  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:21:20.0280 0x1674  RasAcd - ok
10:21:20.0311 0x1674  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:21:20.0311 0x1674  RasAgileVpn - ok
10:21:20.0358 0x1674  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:21:20.0358 0x1674  RasAuto - ok
10:21:20.0421 0x1674  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:21:20.0436 0x1674  Rasl2tp - ok
10:21:20.0514 0x1674  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:21:20.0530 0x1674  RasMan - ok
10:21:20.0545 0x1674  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:21:20.0545 0x1674  RasPppoe - ok
10:21:20.0545 0x1674  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:21:20.0545 0x1674  RasSstp - ok
10:21:20.0608 0x1674  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:21:20.0623 0x1674  rdbss - ok
10:21:20.0639 0x1674  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:21:20.0639 0x1674  rdpbus - ok
10:21:20.0655 0x1674  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:21:20.0655 0x1674  RDPCDD - ok
10:21:20.0670 0x1674  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:21:20.0670 0x1674  RDPENCDD - ok
10:21:20.0686 0x1674  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:21:20.0686 0x1674  RDPREFMP - ok
10:21:20.0717 0x1674  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:21:20.0717 0x1674  RDPWD - ok
10:21:20.0779 0x1674  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:21:20.0795 0x1674  rdyboost - ok
10:21:20.0920 0x1674  [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:21:20.0935 0x1674  RegSrvc - ok
10:21:20.0951 0x1674  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:21:20.0967 0x1674  RemoteAccess - ok
10:21:20.0982 0x1674  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:21:20.0982 0x1674  RemoteRegistry - ok
10:21:20.0998 0x1674  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:21:20.0998 0x1674  RFCOMM - ok
10:21:21.0013 0x1674  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:21:21.0013 0x1674  RpcEptMapper - ok
10:21:21.0029 0x1674  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:21:21.0029 0x1674  RpcLocator - ok
10:21:21.0107 0x1674  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:21:21.0123 0x1674  RpcSs - ok
10:21:21.0138 0x1674  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:21:21.0138 0x1674  rspndr - ok
10:21:21.0185 0x1674  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:21:21.0185 0x1674  RTL8167 - ok
10:21:21.0201 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:21:21.0201 0x1674  SamSs - ok
10:21:21.0216 0x1674  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:21:21.0216 0x1674  sbp2port - ok
10:21:21.0232 0x1674  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:21:21.0247 0x1674  SCardSvr - ok
10:21:21.0263 0x1674  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:21:21.0263 0x1674  scfilter - ok
10:21:21.0357 0x1674  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:21:21.0372 0x1674  Schedule - ok
10:21:21.0419 0x1674  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:21:21.0435 0x1674  SCPolicySvc - ok
10:21:21.0466 0x1674  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:21:21.0466 0x1674  sdbus - ok
10:21:21.0544 0x1674  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:21:21.0559 0x1674  SDRSVC - ok
10:21:21.0793 0x1674  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
10:21:21.0856 0x1674  SDScannerService - ok
10:21:21.0903 0x1674  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
10:21:21.0918 0x1674  SDUpdateService - ok
10:21:21.0934 0x1674  [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
10:21:21.0934 0x1674  SDWSCService - ok
10:21:21.0949 0x1674  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:21:21.0949 0x1674  secdrv - ok
10:21:21.0996 0x1674  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:21:22.0012 0x1674  seclogon - ok
10:21:22.0027 0x1674  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:21:22.0027 0x1674  SENS - ok
10:21:22.0059 0x1674  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:21:22.0059 0x1674  SensrSvc - ok
10:21:22.0074 0x1674  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:21:22.0074 0x1674  Serenum - ok
10:21:22.0090 0x1674  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:21:22.0105 0x1674  Serial - ok
10:21:22.0137 0x1674  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:21:22.0137 0x1674  sermouse - ok
10:21:22.0199 0x1674  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:21:22.0215 0x1674  SessionEnv - ok
10:21:22.0246 0x1674  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
10:21:22.0246 0x1674  sffdisk - ok
10:21:22.0261 0x1674  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:21:22.0261 0x1674  sffp_mmc - ok
10:21:22.0261 0x1674  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
10:21:22.0261 0x1674  sffp_sd - ok
10:21:22.0277 0x1674  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:21:22.0277 0x1674  sfloppy - ok
10:21:22.0324 0x1674  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:21:22.0339 0x1674  SharedAccess - ok
10:21:22.0417 0x1674  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:21:22.0433 0x1674  ShellHWDetection - ok
10:21:22.0464 0x1674  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:21:22.0464 0x1674  SiSRaid2 - ok
10:21:22.0480 0x1674  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:21:22.0480 0x1674  SiSRaid4 - ok
10:21:22.0542 0x1674  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:21:22.0558 0x1674  SkypeUpdate - ok
10:21:22.0620 0x1674  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:21:22.0636 0x1674  Smb - ok
10:21:22.0636 0x1674  smhpdrfa - ok
10:21:22.0683 0x1674  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:21:22.0683 0x1674  SNMPTRAP - ok
10:21:22.0683 0x1674  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:21:22.0683 0x1674  spldr - ok
10:21:22.0729 0x1674  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:21:22.0745 0x1674  Spooler - ok
10:21:22.0901 0x1674  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:21:22.0948 0x1674  sppsvc - ok
10:21:22.0963 0x1674  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:21:22.0963 0x1674  sppuinotify - ok
10:21:22.0963 0x1674  sqiisrfq - ok
10:21:23.0041 0x1674  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:21:23.0057 0x1674  SQLWriter - ok
10:21:23.0104 0x1674  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:21:23.0119 0x1674  srv - ok
10:21:23.0135 0x1674  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:21:23.0135 0x1674  srv2 - ok
10:21:23.0151 0x1674  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:21:23.0166 0x1674  srvnet - ok
10:21:23.0182 0x1674  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:21:23.0182 0x1674  SSDPSRV - ok
10:21:23.0197 0x1674  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:21:23.0197 0x1674  SstpSvc - ok
10:21:23.0275 0x1674  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
10:21:23.0291 0x1674  ssudmdm - ok
10:21:23.0322 0x1674  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
10:21:23.0322 0x1674  stdcfltn - ok
10:21:23.0369 0x1674  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:21:23.0385 0x1674  Stereo Service - ok
10:21:23.0385 0x1674  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:21:23.0385 0x1674  stexstor - ok
10:21:23.0447 0x1674  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:21:23.0463 0x1674  stisvc - ok
10:21:23.0509 0x1674  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:21:23.0509 0x1674  swenum - ok
10:21:23.0541 0x1674  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:21:23.0556 0x1674  swprv - ok
10:21:23.0681 0x1674  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:21:23.0712 0x1674  SysMain - ok
10:21:23.0775 0x1674  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:21:23.0775 0x1674  TabletInputService - ok
10:21:23.0853 0x1674  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:21:23.0868 0x1674  TapiSrv - ok
10:21:23.0884 0x1674  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:21:23.0884 0x1674  TBS - ok
10:21:23.0946 0x1674  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:21:23.0977 0x1674  Tcpip - ok
10:21:24.0040 0x1674  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:21:24.0071 0x1674  TCPIP6 - ok
10:21:24.0102 0x1674  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:21:24.0102 0x1674  tcpipreg - ok
10:21:24.0118 0x1674  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:21:24.0118 0x1674  TDPIPE - ok
10:21:24.0133 0x1674  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:21:24.0133 0x1674  TDTCP - ok
10:21:24.0149 0x1674  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:21:24.0149 0x1674  tdx - ok
10:21:24.0165 0x1674  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:21:24.0165 0x1674  TermDD - ok
10:21:24.0196 0x1674  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:21:24.0196 0x1674  TermService - ok
10:21:24.0211 0x1674  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:21:24.0211 0x1674  Themes - ok
10:21:24.0243 0x1674  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:21:24.0243 0x1674  THREADORDER - ok
10:21:24.0243 0x1674  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:21:24.0258 0x1674  TrkWks - ok
10:21:24.0336 0x1674  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:21:24.0336 0x1674  TrustedInstaller - ok
10:21:24.0383 0x1674  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:21:24.0383 0x1674  tssecsrv - ok
10:21:24.0430 0x1674  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:21:24.0445 0x1674  TsUsbFlt - ok
10:21:24.0477 0x1674  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:21:24.0492 0x1674  tunnel - ok
10:21:24.0508 0x1674  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
10:21:24.0523 0x1674  TurboB - ok
10:21:24.0570 0x1674  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:21:24.0570 0x1674  TurboBoost - ok
10:21:24.0586 0x1674  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:21:24.0586 0x1674  uagp35 - ok
10:21:24.0617 0x1674  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:21:24.0617 0x1674  udfs - ok
10:21:24.0633 0x1674  ugmlkwyy - ok
10:21:24.0648 0x1674  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:21:24.0648 0x1674  UI0Detect - ok
10:21:24.0664 0x1674  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:21:24.0664 0x1674  uliagpkx - ok
10:21:24.0695 0x1674  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:21:24.0695 0x1674  umbus - ok
10:21:24.0711 0x1674  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:21:24.0711 0x1674  UmPass - ok
10:21:24.0851 0x1674  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:21:24.0898 0x1674  UNS - ok
10:21:24.0913 0x1674  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:21:24.0929 0x1674  upnphost - ok
10:21:24.0945 0x1674  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:21:24.0945 0x1674  USBAAPL64 - ok
10:21:25.0007 0x1674  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:25.0007 0x1674  usbccgp - ok
10:21:25.0038 0x1674  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:21:25.0038 0x1674  usbcir - ok
10:21:25.0054 0x1674  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:21:25.0054 0x1674  usbehci - ok
10:21:25.0132 0x1674  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:21:25.0147 0x1674  usbhub - ok
10:21:25.0194 0x1674  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:21:25.0210 0x1674  usbohci - ok
10:21:25.0241 0x1674  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:21:25.0241 0x1674  usbprint - ok
10:21:25.0288 0x1674  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
10:21:25.0288 0x1674  usbscan - ok
10:21:25.0303 0x1674  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:25.0319 0x1674  USBSTOR - ok
10:21:25.0381 0x1674  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:21:25.0381 0x1674  usbuhci - ok
10:21:25.0413 0x1674  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:21:25.0428 0x1674  usbvideo - ok
10:21:25.0459 0x1674  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:21:25.0459 0x1674  UxSms - ok
10:21:25.0459 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:21:25.0475 0x1674  VaultSvc - ok
10:21:25.0506 0x1674  [ 03837B80AD5D8A00996148AD57C09791, 7550ED98EF70B614ACC15B5D9741F971BE5962228AFD96DC309529E529D51991 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
10:21:25.0506 0x1674  VBoxDrv - ok
10:21:25.0553 0x1674  [ 51CEE8E2B356FDC351DB20C87F25F5A8, F50EA017A9DC437469AE819CA3BDDFB5446B1E7E808F11D0D6CDF0EECC5AFFC0 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
10:21:25.0553 0x1674  VBoxNetAdp - ok
10:21:25.0584 0x1674  [ CE7E80C7367B2ADAA023D9004C9F4691, 52A2E7776AA28979F4D55230A710F31675EAB3FE5DAD03F43FD98A9D6FEE7670 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
10:21:25.0584 0x1674  VBoxNetFlt - ok
10:21:25.0631 0x1674  [ 27C9A9F2FA94140DDCF7B9131E13E1B4, 7C52704EA5DA323A4C27A69A045B410E541364D83074B221943DE2637A0CA953 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
10:21:25.0631 0x1674  VBoxUSBMon - ok
10:21:25.0662 0x1674  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:21:25.0662 0x1674  vdrvroot - ok
10:21:25.0693 0x1674  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:21:25.0709 0x1674  vds - ok
10:21:25.0709 0x1674  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:25.0709 0x1674  vga - ok
10:21:25.0740 0x1674  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:21:25.0740 0x1674  VgaSave - ok
10:21:25.0756 0x1674  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:21:25.0756 0x1674  vhdmp - ok
10:21:25.0771 0x1674  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:21:25.0771 0x1674  viaide - ok
10:21:25.0787 0x1674  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:21:25.0787 0x1674  volmgr - ok
10:21:25.0849 0x1674  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:21:25.0865 0x1674  volmgrx - ok
10:21:25.0881 0x1674  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:21:25.0881 0x1674  volsnap - ok
10:21:25.0912 0x1674  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:21:25.0912 0x1674  vsmraid - ok
10:21:26.0005 0x1674  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:21:26.0037 0x1674  VSS - ok
10:21:26.0052 0x1674  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:21:26.0052 0x1674  vwifibus - ok
10:21:26.0052 0x1674  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:21:26.0052 0x1674  vwififlt - ok
10:21:26.0068 0x1674  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:21:26.0068 0x1674  vwifimp - ok
10:21:26.0115 0x1674  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:21:26.0130 0x1674  W32Time - ok
10:21:26.0146 0x1674  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:21:26.0161 0x1674  WacomPen - ok
10:21:26.0208 0x1674  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:21:26.0208 0x1674  WANARP - ok
10:21:26.0224 0x1674  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:21:26.0224 0x1674  Wanarpv6 - ok
10:21:26.0302 0x1674  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:21:26.0317 0x1674  WatAdminSvc - ok
10:21:26.0442 0x1674  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:21:26.0473 0x1674  wbengine - ok
10:21:26.0505 0x1674  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:21:26.0505 0x1674  WbioSrvc - ok
10:21:26.0567 0x1674  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:21:26.0583 0x1674  wcncsvc - ok
10:21:26.0598 0x1674  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:21:26.0598 0x1674  WcsPlugInService - ok
10:21:26.0614 0x1674  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:21:26.0614 0x1674  Wd - ok
10:21:26.0692 0x1674  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:21:26.0707 0x1674  Wdf01000 - ok
10:21:26.0707 0x1674  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:21:26.0723 0x1674  WdiServiceHost - ok
10:21:26.0723 0x1674  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:21:26.0723 0x1674  WdiSystemHost - ok
10:21:26.0739 0x1674  [ 94DC2BF6CBAAA95E369C3756D3115A76, 3DF44939ADBB4E30896993A85470BE5E16B1A3EDADFDD8F113D9615A6E431C12 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
10:21:26.0754 0x1674  wdkmd - ok
10:21:26.0817 0x1674  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:21:26.0832 0x1674  WebClient - ok
10:21:26.0848 0x1674  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:21:26.0863 0x1674  Wecsvc - ok
10:21:26.0879 0x1674  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:21:26.0879 0x1674  wercplsupport - ok
10:21:26.0910 0x1674  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:21:26.0910 0x1674  WerSvc - ok
10:21:26.0926 0x1674  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:21:26.0926 0x1674  WfpLwf - ok
10:21:26.0926 0x1674  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:21:26.0941 0x1674  WIMMount - ok
10:21:26.0957 0x1674  WinDefend - ok
10:21:27.0066 0x1674  [ 87FB98044F9B7669B20947AB5E6F0511, 58AD17F8A64730BAAD782BB3B458C78FC617AB0C22E274D414DD208257C17489 ] WinDevSrv       C:\ProgramData\UpdateServer\1397222796\webdev.exe
10:21:27.0097 0x1674  WinDevSrv - ok
10:21:27.0113 0x1674  WinHttpAutoProxySvc - ok
10:21:27.0160 0x1674  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:21:27.0175 0x1674  Winmgmt - ok
10:21:27.0300 0x1674  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:21:27.0347 0x1674  WinRM - ok
10:21:27.0378 0x1674  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
10:21:27.0378 0x1674  WinUSB - ok
10:21:27.0409 0x1674  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:21:27.0425 0x1674  Wlansvc - ok
10:21:27.0456 0x1674  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:21:27.0456 0x1674  WmiAcpi - ok
10:21:27.0472 0x1674  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:21:27.0472 0x1674  wmiApSrv - ok
10:21:27.0487 0x1674  WMPNetworkSvc - ok
10:21:27.0487 0x1674  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:21:27.0487 0x1674  WPCSvc - ok
10:21:27.0534 0x1674  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:21:27.0550 0x1674  WPDBusEnum - ok
10:21:27.0565 0x1674  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:21:27.0565 0x1674  ws2ifsl - ok
10:21:27.0581 0x1674  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:21:27.0581 0x1674  wscsvc - ok
10:21:27.0581 0x1674  WSearch - ok
10:21:27.0706 0x1674  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:21:27.0737 0x1674  wuauserv - ok
10:21:27.0753 0x1674  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:21:27.0768 0x1674  WudfPf - ok
10:21:27.0784 0x1674  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:27.0784 0x1674  WUDFRd - ok
10:21:27.0799 0x1674  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:21:27.0815 0x1674  wudfsvc - ok
10:21:27.0862 0x1674  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:21:27.0877 0x1674  WwanSvc - ok
10:21:27.0924 0x1674  ================ Scan global ===============================
10:21:27.0940 0x1674  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:21:27.0987 0x1674  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:21:28.0018 0x1674  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:21:28.0033 0x1674  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:21:28.0080 0x1674  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:21:28.0096 0x1674  [ Global ] - ok
10:21:28.0096 0x1674  ================ Scan MBR ==================================
10:21:28.0111 0x1674  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:21:28.0377 0x1674  \Device\Harddisk0\DR0 - ok
10:21:28.0377 0x1674  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:21:28.0392 0x1674  \Device\Harddisk1\DR1 - ok
10:21:28.0392 0x1674  ================ Scan VBR ==================================
10:21:28.0392 0x1674  [ 5C6D8E43BBB2B7CCB7F74EFBDFB6B1E2 ] \Device\Harddisk0\DR0\Partition1
10:21:28.0392 0x1674  \Device\Harddisk0\DR0\Partition1 - ok
10:21:28.0408 0x1674  [ 1BCB4226D4118C901F86DC3760225618 ] \Device\Harddisk0\DR0\Partition2
10:21:28.0408 0x1674  \Device\Harddisk0\DR0\Partition2 - ok
10:21:28.0408 0x1674  [ 30DDB8163AFEBF4BF51DA6157D58EF1E ] \Device\Harddisk1\DR1\Partition1
10:21:28.0408 0x1674  \Device\Harddisk1\DR1\Partition1 - ok
10:21:28.0408 0x1674  ================ Scan generic autorun ======================
10:21:28.0533 0x1674  [ 1D0F1F7A17293ED2AC88FC356EA4FDB4, FA722A8F7ACE0DACEE5360370CA2F9CA3FC19C0ED172B7A743AAACC050E2460B ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
10:21:28.0564 0x1674  IntelPAN - ok
10:21:28.0579 0x1674  IntelTBRunOnce - ok
10:21:28.0642 0x1674  [ AF993F50B17C0AFB26235EFCF06DAD06, B6C097CD91CE932ABB4F1D05831114686AD2E4B8C290BCD242DCB24019E30A78 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
10:21:28.0657 0x1674  FreeFallProtection - ok
10:21:28.0751 0x1674  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
10:21:28.0782 0x1674  IntelliPoint - ok
10:21:28.0860 0x1674  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe
10:21:28.0876 0x1674  MSC - ok
10:21:28.0907 0x1674  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
10:21:28.0907 0x1674  IgfxTray - ok
10:21:28.0938 0x1674  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
10:21:28.0938 0x1674  HotKeysCmds - ok
10:21:28.0954 0x1674  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
10:21:28.0969 0x1674  Persistence - ok
10:21:29.0001 0x1674  [ 08B438A5A06CD877F19B92F6868C031D, 2011F2AE42A0F28D449167BD1003F7EFD6FDB4B22D52BFF9A8B556039148D556 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
10:21:29.0001 0x1674  NUSB3MON - ok
10:21:29.0079 0x1674  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:21:29.0094 0x1674  Adobe ARM - ok
10:21:29.0313 0x1674  [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
10:21:29.0391 0x1674  SDTray - ok
10:21:29.0484 0x1674  [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:21:29.0500 0x1674  SunJavaUpdateSched - ok
10:21:29.0640 0x1674  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:21:29.0656 0x1674  Sidebar - ok
10:21:29.0703 0x1674  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:21:29.0703 0x1674  mctadmin - ok
10:21:29.0796 0x1674  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:21:29.0812 0x1674  Sidebar - ok
10:21:29.0812 0x1674  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:21:29.0812 0x1674  mctadmin - ok
10:21:29.0937 0x1674  [ 771293BC7EACB6FB7A78F8B7A954F019, DF06F0D0C8E38F17AD155CAB009A5A2969E7638B88AFBC2A75450EB1239ECAB4 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
10:21:29.0999 0x1674  Spybot-S&D Cleaning - ok
10:21:30.0030 0x1674  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:21:30.0046 0x1674  Sidebar - ok
10:21:30.0046 0x1674  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:21:30.0046 0x1674  mctadmin - ok
10:21:30.0046 0x1674  Waiting for KSN requests completion. In queue: 73
10:21:31.0060 0x1674  Waiting for KSN requests completion. In queue: 73
10:21:32.0074 0x1674  Waiting for KSN requests completion. In queue: 73
10:21:33.0119 0x1674  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
10:21:33.0119 0x1674  Win FW state via NFP2: enabled
10:21:36.0021 0x1674  ============================================================
10:21:36.0021 0x1674  Scan finished
10:21:36.0021 0x1674  ============================================================
10:21:36.0036 0x1184  Detected object count: 0
10:21:36.0036 0x1184  Actual detected object count: 0
10:21:40.0217 0x047c  Deinitialize success

 

 

 

I tried to do the java update as instructed but it says installation failed...I attached a pic of the window because I cant figure out how to put the image into this post lol

 

I haven't done the combofix yet due to this problem

 

no invis ads so far but I still get a lot of pop up ads randomly still

 

p.s.-have to add the other text file to other posts...(said was too big)

 

 

 

 

 

 

 



#9 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 09:58 AM

oops I accidently posted twice



#10 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 10:02 AM

08:48:47.0923 0x1964  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
08:49:05.0071 0x1964  ============================================================
08:49:05.0071 0x1964  Current date / time: 2014/06/17 08:49:05.0071
08:49:05.0071 0x1964  SystemInfo:
08:49:05.0071 0x1964 
08:49:05.0071 0x1964  OS Version: 6.1.7601 ServicePack: 1.0
08:49:05.0071 0x1964  Product type: Workstation
08:49:05.0071 0x1964  ComputerName: BLEVINS-PC
08:49:05.0071 0x1964  UserName: blevins
08:49:05.0071 0x1964  Windows directory: C:\Windows
08:49:05.0071 0x1964  System windows directory: C:\Windows
08:49:05.0071 0x1964  Running under WOW64
08:49:05.0071 0x1964  Processor architecture: Intel x64
08:49:05.0071 0x1964  Number of processors: 8
08:49:05.0071 0x1964  Page size: 0x1000
08:49:05.0071 0x1964  Boot type: Normal boot
08:49:05.0071 0x1964  ============================================================
08:49:16.0131 0x1964  KLMD registered as C:\Windows\system32\drivers\15755615.sys
08:49:23.0245 0x1964  System UUID: {895386A8-297E-197D-A400-09F641E99585}
08:49:25.0526 0x1964  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:49:25.0566 0x1964  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:49:25.0586 0x1964  ============================================================
08:49:25.0586 0x1964  \Device\Harddisk0\DR0:
08:49:25.0676 0x1964  MBR partitions:
08:49:25.0676 0x1964  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
08:49:25.0676 0x1964  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830
08:49:25.0676 0x1964  \Device\Harddisk1\DR1:
08:49:25.0676 0x1964  MBR partitions:
08:49:25.0676 0x1964  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
08:49:25.0676 0x1964  ============================================================
08:49:26.0096 0x1964  C: <-> \Device\Harddisk0\DR0\Partition2
08:49:26.0456 0x1964  D: <-> \Device\Harddisk1\DR1\Partition1
08:49:26.0456 0x1964  ============================================================
08:49:26.0456 0x1964  Initialize success
08:49:26.0456 0x1964  ============================================================
08:49:38.0218 0x1674  ============================================================
08:49:38.0218 0x1674  Scan started
08:49:38.0218 0x1674  Mode: Manual;
08:49:38.0218 0x1674  ============================================================
08:49:38.0218 0x1674  KSN ping started
08:49:41.0099 0x1674  KSN ping finished: true
08:49:54.0104 0x1674  ================ Scan system memory ========================
08:49:54.0104 0x1674  System memory - ok
08:49:54.0104 0x1674  ================ Scan services =============================
08:49:54.0984 0x1674  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:49:54.0994 0x1674  1394ohci - ok
08:49:55.0154 0x1674  [ E0065CBF1A25C015C218457D2CD522B9, 610E90D70FAF624664C5111030C85CF27703DED031CB7293334EB4D67D0274C9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
08:49:55.0154 0x1674  Acceler - ok
08:49:55.0284 0x1674  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:49:55.0294 0x1674  ACPI - ok
08:49:55.0474 0x1674  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:49:55.0474 0x1674  AcpiPmi - ok
08:49:56.0194 0x1674  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:49:56.0194 0x1674  AdobeARMservice - ok
08:49:56.0905 0x1674  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:49:56.0905 0x1674  AdobeFlashPlayerUpdateSvc - ok
08:49:57.0235 0x1674  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:49:57.0255 0x1674  adp94xx - ok
08:49:57.0455 0x1674  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:49:57.0465 0x1674  adpahci - ok
08:49:57.0545 0x1674  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:49:57.0555 0x1674  adpu320 - ok
08:49:57.0715 0x1674  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:49:57.0715 0x1674  AeLookupSvc - ok
08:49:57.0995 0x1674  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
08:49:58.0005 0x1674  AFD - ok
08:49:58.0105 0x1674  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
08:49:58.0115 0x1674  agp440 - ok
08:49:58.0225 0x1674  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
08:49:58.0235 0x1674  ALG - ok
08:49:58.0305 0x1674  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:49:58.0315 0x1674  aliide - ok
08:49:58.0365 0x1674  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
08:49:58.0365 0x1674  amdide - ok
08:49:58.0515 0x1674  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:49:58.0515 0x1674  AmdK8 - ok
08:49:58.0545 0x1674  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:49:58.0545 0x1674  AmdPPM - ok
08:49:58.0785 0x1674  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:49:58.0795 0x1674  amdsata - ok
08:49:58.0915 0x1674  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:49:58.0925 0x1674  amdsbs - ok
08:49:58.0955 0x1674  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:49:58.0955 0x1674  amdxata - ok
08:49:59.0395 0x1674  [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
08:49:59.0405 0x1674  AMPPAL - ok
08:49:59.0415 0x1674  [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
08:49:59.0415 0x1674  AMPPALP - ok
08:50:00.0155 0x1674  [ 864C632B999BE1237A3DC46736E71F27, 3F84570BCE814C4AA456712D945122613B0FBF5D912B076BEA0446B957645CFC ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
08:50:00.0175 0x1674  AMPPALR3 - ok
08:50:00.0365 0x1674  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
08:50:00.0365 0x1674  AppID - ok
08:50:00.0505 0x1674  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:50:00.0505 0x1674  AppIDSvc - ok
08:50:00.0605 0x1674  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
08:50:00.0605 0x1674  Appinfo - ok
08:50:00.0825 0x1674  [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:50:00.0825 0x1674  Apple Mobile Device - ok
08:50:00.0915 0x1674  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:50:00.0915 0x1674  arc - ok
08:50:00.0935 0x1674  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:50:00.0935 0x1674  arcsas - ok
08:50:02.0045 0x1674  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:50:02.0045 0x1674  aspnet_state - ok
08:50:02.0105 0x1674  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:50:02.0105 0x1674  AsyncMac - ok
08:50:02.0145 0x1674  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:50:02.0145 0x1674  atapi - ok
08:50:02.0685 0x1674  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:50:02.0755 0x1674  AudioEndpointBuilder - ok
08:50:02.0775 0x1674  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:50:02.0785 0x1674  AudioSrv - ok
08:50:02.0945 0x1674  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
08:50:02.0945 0x1674  avgtp - ok
08:50:03.0315 0x1674  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:50:03.0315 0x1674  AxInstSV - ok
08:50:03.0495 0x1674  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:50:03.0505 0x1674  b06bdrv - ok
08:50:03.0795 0x1674  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:50:03.0815 0x1674  b57nd60a - ok
08:50:03.0905 0x1674  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:50:03.0905 0x1674  BDESVC - ok
08:50:04.0015 0x1674  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:50:04.0015 0x1674  Beep - ok
08:50:04.0516 0x1674  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
08:50:04.0526 0x1674  BFE - ok
08:50:04.0926 0x1674  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
08:50:04.0966 0x1674  BITS - ok
08:50:05.0416 0x1674  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:50:05.0526 0x1674  blbdrive - ok
08:50:06.0196 0x1674  [ 093B1B419EF25B15D3A1CA6953F41AFB, 52B7AD47CE65BEA723ED361E67781E237EE85D71D8233BF965F69B1C6353ADE4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
08:50:06.0216 0x1674  Bluetooth Device Monitor - ok
08:50:06.0627 0x1674  [ 03A7341E94ACD92E0831336D4F3ACE92, B7BF8B549F2E1508E13568A735C20E799751143DE7D58728100E0EB527D39AC6 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
08:50:06.0647 0x1674  Bluetooth Media Service - ok
08:50:06.0787 0x1674  [ A2EBF384ED105FED7D05C5465500EF2E, 07D38237B295D87FB3E2A3744B6AA9F8D0529FC0DE64B39A6B7ACC63803BB401 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
08:50:06.0807 0x1674  Bluetooth OBEX Service - ok
08:50:07.0037 0x1674  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:50:07.0047 0x1674  Bonjour Service - ok
08:50:07.0097 0x1674  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:50:07.0097 0x1674  bowser - ok
08:50:07.0177 0x1674  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:50:07.0177 0x1674  BrFiltLo - ok
08:50:07.0227 0x1674  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:50:07.0227 0x1674  BrFiltUp - ok
08:50:07.0337 0x1674  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
08:50:07.0337 0x1674  Browser - ok
08:50:07.0417 0x1674  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:50:07.0427 0x1674  Brserid - ok
08:50:07.0447 0x1674  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:50:07.0447 0x1674  BrSerWdm - ok
08:50:07.0497 0x1674  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:50:07.0507 0x1674  BrUsbMdm - ok
08:50:07.0537 0x1674  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:50:07.0537 0x1674  BrUsbSer - ok
08:50:07.0657 0x1674  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:50:07.0657 0x1674  BthEnum - ok
08:50:07.0687 0x1674  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:50:07.0687 0x1674  BTHMODEM - ok
08:50:07.0857 0x1674  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:50:07.0857 0x1674  BthPan - ok
08:50:08.0147 0x1674  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:50:08.0157 0x1674  BTHPORT - ok
08:50:08.0237 0x1674  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
08:50:08.0237 0x1674  bthserv - ok
08:50:08.0447 0x1674  [ 9E2AF97302B9F4BF97E952A865EB31AE, 2DE38CF8A24CC1E31604EF870704DE342D800762A2ECCF3E4AF0B183C1408456 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
08:50:08.0447 0x1674  BTHSSecurityMgr - ok
08:50:08.0537 0x1674  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:50:08.0547 0x1674  BTHUSB - ok
08:50:08.0687 0x1674  [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A, 0A965D032CF7CCB7297A919D1554433CB57BF3D555B7A002E7A1059BE8AE74A0 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
08:50:08.0687 0x1674  btmaux - ok
08:50:08.0857 0x1674  [ 40C6FEC49D1CC4D112368A2BCD2BCBB7, E9ECEAA4F740A667C071EDEA1359491B221E5AA43A990744859CA7CC40E67F6C ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
08:50:08.0867 0x1674  btmhsf - ok
08:50:08.0977 0x1674  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:50:08.0977 0x1674  cdfs - ok
08:50:09.0137 0x1674  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:50:09.0137 0x1674  cdrom - ok
08:50:09.0357 0x1674  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:50:09.0357 0x1674  CertPropSvc - ok
08:50:09.0508 0x1674  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:50:09.0508 0x1674  circlass - ok
08:50:09.0708 0x1674  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
08:50:09.0708 0x1674  CLFS - ok
08:50:09.0958 0x1674  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:09.0958 0x1674  clr_optimization_v2.0.50727_32 - ok
08:50:10.0228 0x1674  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:50:10.0228 0x1674  clr_optimization_v2.0.50727_64 - ok
08:50:11.0508 0x1674  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:50:11.0518 0x1674  clr_optimization_v4.0.30319_32 - ok
08:50:11.0618 0x1674  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:50:11.0618 0x1674  clr_optimization_v4.0.30319_64 - ok
08:50:11.0808 0x1674  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:50:11.0808 0x1674  CmBatt - ok
08:50:11.0848 0x1674  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:50:11.0848 0x1674  cmdide - ok
08:50:12.0068 0x1674  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
08:50:12.0078 0x1674  CNG - ok
08:50:12.0098 0x1674  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:50:12.0108 0x1674  Compbatt - ok
08:50:12.0168 0x1674  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:50:12.0168 0x1674  CompositeBus - ok
08:50:12.0208 0x1674  COMSysApp - ok
08:50:12.0699 0x1674  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:50:12.0709 0x1674  cphs - ok
08:50:12.0739 0x1674  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:50:12.0739 0x1674  crcdisk - ok
08:50:12.0799 0x1674  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:50:12.0809 0x1674  CryptSvc - ok
08:50:12.0939 0x1674  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
08:50:12.0939 0x1674  dc3d - ok
08:50:13.0129 0x1674  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:50:13.0149 0x1674  DcomLaunch - ok
08:50:13.0369 0x1674  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
08:50:13.0379 0x1674  defragsvc - ok
08:50:13.0429 0x1674  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:50:13.0429 0x1674  DfsC - ok
08:50:13.0639 0x1674  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
08:50:13.0669 0x1674  dg_ssudbus - ok
08:50:14.0009 0x1674  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:50:14.0019 0x1674  Dhcp - ok
08:50:14.0159 0x1674  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
08:50:14.0159 0x1674  discache - ok
08:50:14.0219 0x1674  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:50:14.0219 0x1674  Disk - ok
08:50:14.0349 0x1674  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:50:14.0359 0x1674  Dnscache - ok
08:50:14.0539 0x1674  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:50:14.0539 0x1674  dot3svc - ok
08:50:14.0759 0x1674  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
08:50:14.0769 0x1674  DPS - ok
08:50:14.0869 0x1674  drkagpsa - ok
08:50:15.0049 0x1674  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:50:15.0049 0x1674  drmkaud - ok
08:50:15.0529 0x1674  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:50:15.0549 0x1674  DXGKrnl - ok
08:50:15.0749 0x1674  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
08:50:15.0759 0x1674  EapHost - ok
08:50:16.0529 0x1674  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:50:16.0659 0x1674  ebdrv - ok
08:50:16.0959 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
08:50:16.0959 0x1674  EFS - ok
08:50:17.0830 0x1674  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:50:17.0850 0x1674  ehRecvr - ok
08:50:17.0960 0x1674  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
08:50:17.0960 0x1674  ehSched - ok
08:50:18.0220 0x1674  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:50:18.0240 0x1674  elxstor - ok
08:50:18.0310 0x1674  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:50:18.0320 0x1674  ErrDev - ok
08:50:19.0020 0x1674  esgiguard - ok
08:50:19.0310 0x1674  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
08:50:19.0330 0x1674  EventSystem - ok
08:50:20.0290 0x1674  [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:50:20.0320 0x1674  EvtEng - ok
08:50:20.0410 0x1674  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:50:20.0420 0x1674  exfat - ok
08:50:20.0770 0x1674  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:50:20.0780 0x1674  fastfat - ok
08:50:21.0621 0x1674  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
08:50:21.0641 0x1674  Fax - ok
08:50:21.0681 0x1674  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:50:21.0681 0x1674  fdc - ok
08:50:21.0741 0x1674  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
08:50:21.0741 0x1674  fdPHost - ok
08:50:21.0791 0x1674  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:50:21.0791 0x1674  FDResPub - ok
08:50:22.0312 0x1674  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:50:22.0312 0x1674  FileInfo - ok
08:50:22.0342 0x1674  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:50:22.0342 0x1674  Filetrace - ok
08:50:22.0382 0x1674  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:50:22.0382 0x1674  flpydisk - ok
08:50:22.0912 0x1674  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:50:22.0932 0x1674  FltMgr - ok
08:50:23.0282 0x1674  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
08:50:23.0312 0x1674  FontCache - ok
08:50:23.0902 0x1674  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:50:23.0902 0x1674  FontCache3.0.0.0 - ok
08:50:24.0092 0x1674  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:50:24.0102 0x1674  FsDepends - ok
08:50:24.0342 0x1674  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
08:50:24.0342 0x1674  FsUsbExDisk - ok
08:50:24.0422 0x1674  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:50:24.0422 0x1674  Fs_Rec - ok
08:50:24.0542 0x1674  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:50:24.0552 0x1674  fvevol - ok
08:50:24.0712 0x1674  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:50:24.0722 0x1674  gagp30kx - ok
08:50:24.0802 0x1674  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:50:24.0802 0x1674  GEARAspiWDM - ok
08:50:25.0112 0x1674  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:50:25.0132 0x1674  gpsvc - ok
08:50:25.0482 0x1674  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:25.0492 0x1674  gupdate - ok
08:50:25.0512 0x1674  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:25.0522 0x1674  gupdatem - ok
08:50:25.0802 0x1674  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:50:25.0812 0x1674  gusvc - ok
08:50:25.0872 0x1674  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:50:25.0872 0x1674  hcw85cir - ok
08:50:26.0072 0x1674  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:50:26.0082 0x1674  HdAudAddService - ok
08:50:26.0172 0x1674  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
08:50:26.0182 0x1674  HDAudBus - ok
08:50:26.0292 0x1674  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:50:26.0292 0x1674  HidBatt - ok
08:50:26.0332 0x1674  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:50:26.0332 0x1674  HidBth - ok
08:50:26.0412 0x1674  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:50:26.0412 0x1674  HidIr - ok
08:50:26.0543 0x1674  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
08:50:26.0543 0x1674  hidserv - ok
08:50:26.0653 0x1674  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
08:50:26.0663 0x1674  HidUsb - ok
08:50:26.0823 0x1674  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:50:26.0833 0x1674  hkmsvc - ok
08:50:26.0903 0x1674  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:50:26.0913 0x1674  HomeGroupListener - ok
08:50:27.0183 0x1674  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:50:27.0183 0x1674  HomeGroupProvider - ok
08:50:27.0253 0x1674  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:50:27.0263 0x1674  HpSAMD - ok
08:50:27.0723 0x1674  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:50:27.0733 0x1674  HTTP - ok
08:50:28.0273 0x1674  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:50:28.0273 0x1674  hwpolicy - ok
08:50:28.0943 0x1674  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:50:29.0043 0x1674  i8042prt - ok
08:50:29.0533 0x1674  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:50:29.0543 0x1674  iaStorV - ok
08:50:29.0623 0x1674  [ FC47F5CF561BF0FD897EFD1A9604DCCF, C304737F78A772051993A68BB06F860733A8650013A46946A854E47C892C252E ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
08:50:29.0623 0x1674  iBtFltCoex - ok
08:50:30.0073 0x1674  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:50:30.0093 0x1674  idsvc - ok
08:50:30.0303 0x1674  IEEtwCollectorService - ok
08:50:31.0333 0x1674  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
08:50:31.0443 0x1674  igfx - ok
08:50:31.0643 0x1674  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:50:31.0643 0x1674  iirsp - ok
08:50:32.0513 0x1674  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
08:50:32.0563 0x1674  IKEEXT - ok
08:50:32.0773 0x1674  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
08:50:32.0783 0x1674  IntcDAud - ok
08:50:32.0863 0x1674  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:50:32.0863 0x1674  intelide - ok
08:50:33.0303 0x1674  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:50:33.0303 0x1674  intelppm - ok
08:50:33.0423 0x1674  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:50:33.0423 0x1674  IPBusEnum - ok
08:50:33.0523 0x1674  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:50:33.0533 0x1674  IpFilterDriver - ok
08:50:33.0733 0x1674  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:50:33.0753 0x1674  iphlpsvc - ok
08:50:33.0843 0x1674  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:50:33.0843 0x1674  IPMIDRV - ok
08:50:34.0003 0x1674  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:50:34.0013 0x1674  IPNAT - ok
08:50:34.0463 0x1674  [ 50D6CCC6FF5561F9F56946B3E6164FB8, 27529E751D3CB13B651B54474F04A17DF5737AD0170CD41F601E779F90603D11 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:50:34.0473 0x1674  iPod Service - ok
08:50:34.0684 0x1674  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:50:34.0684 0x1674  IRENUM - ok
08:50:34.0794 0x1674  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:50:34.0794 0x1674  isapnp - ok
08:50:35.0134 0x1674  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:50:35.0144 0x1674  iScsiPrt - ok
08:50:35.0184 0x1674  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:50:35.0184 0x1674  kbdclass - ok
08:50:35.0274 0x1674  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:50:35.0274 0x1674  kbdhid - ok
08:50:35.0554 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
08:50:35.0554 0x1674  KeyIso - ok
08:50:35.0784 0x1674  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:50:35.0784 0x1674  KSecDD - ok
08:50:35.0944 0x1674  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:50:35.0954 0x1674  KSecPkg - ok
08:50:36.0004 0x1674  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:50:36.0004 0x1674  ksthunk - ok
08:50:36.0094 0x1674  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:50:36.0094 0x1674  KtmRm - ok
08:50:36.0284 0x1674  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:50:36.0294 0x1674  LanmanServer - ok
08:50:36.0494 0x1674  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:50:36.0504 0x1674  LanmanWorkstation - ok
08:50:36.0534 0x1674  ljarducl - ok
08:50:36.0654 0x1674  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:50:36.0664 0x1674  lltdio - ok
08:50:36.0844 0x1674  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:50:36.0844 0x1674  lltdsvc - ok
08:50:36.0964 0x1674  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:50:36.0964 0x1674  lmhosts - ok
08:50:37.0264 0x1674  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:50:37.0274 0x1674  LMS - ok
08:50:37.0364 0x1674  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:50:37.0374 0x1674  LSI_FC - ok
08:50:37.0454 0x1674  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:50:37.0454 0x1674  LSI_SAS - ok
08:50:37.0525 0x1674  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:50:37.0525 0x1674  LSI_SAS2 - ok
08:50:37.0565 0x1674  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:50:37.0565 0x1674  LSI_SCSI - ok
08:50:37.0635 0x1674  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:50:37.0635 0x1674  luafv - ok
08:50:37.0875 0x1674  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
08:50:37.0885 0x1674  MBAMProtector - ok
08:50:38.0275 0x1674  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:50:38.0285 0x1674  MBAMScheduler - ok
08:50:38.0875 0x1674  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:50:38.0885 0x1674  MBAMService - ok
08:50:39.0105 0x1674  [ AF9BE2CEAB2308EE3AB45A128F3B19BA, 1CCDE53BD477FBEDCF509DC179267A44E2F5C540552CD21F7241BE939D23B877 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
08:50:39.0105 0x1674  McAfee SiteAdvisor Service - ok
08:50:39.0285 0x1674  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:50:39.0295 0x1674  Mcx2Svc - ok
08:50:39.0995 0x1674  [ B863233B4618A6503A1AEAC0F8124108, 97654F495AA3750B3EA86FF4CC5787676412E7DAFDFE8AB35207A477E6788224 ] MediaDevSrv     C:\ProgramData\MediaDev\1397112756\mediadev.exe
08:50:39.0995 0x1674  MediaDevSrv - ok
08:50:40.0025 0x1674  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:50:40.0025 0x1674  megasas - ok
08:50:40.0215 0x1674  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:50:40.0235 0x1674  MegaSR - ok
08:50:40.0305 0x1674  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
08:50:40.0305 0x1674  MEIx64 - ok
08:50:40.0375 0x1674  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
08:50:40.0375 0x1674  MMCSS - ok
08:50:40.0405 0x1674  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
08:50:40.0405 0x1674  Modem - ok
08:50:40.0495 0x1674  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:50:40.0495 0x1674  monitor - ok
08:50:40.0635 0x1674  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:50:40.0635 0x1674  mouclass - ok
08:50:40.0775 0x1674  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:50:40.0775 0x1674  mouhid - ok
08:50:41.0005 0x1674  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:50:41.0005 0x1674  mountmgr - ok
08:50:41.0475 0x1674  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
08:50:41.0475 0x1674  MpFilter - ok
08:50:41.0585 0x1674  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:50:41.0595 0x1674  mpio - ok
08:50:41.0845 0x1674  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:50:41.0845 0x1674  mpsdrv - ok
08:50:42.0265 0x1674  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:50:42.0285 0x1674  MpsSvc - ok
08:50:42.0625 0x1674  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:50:42.0665 0x1674  MRxDAV - ok
08:50:43.0415 0x1674  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:50:43.0425 0x1674  mrxsmb - ok
08:50:43.0525 0x1674  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:50:43.0525 0x1674  mrxsmb10 - ok
08:50:43.0605 0x1674  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:50:43.0615 0x1674  mrxsmb20 - ok
08:50:43.0725 0x1674  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:50:43.0725 0x1674  msahci - ok
08:50:43.0865 0x1674  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:50:43.0865 0x1674  msdsm - ok
08:50:44.0035 0x1674  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
08:50:44.0045 0x1674  MSDTC - ok
08:50:44.0125 0x1674  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:50:44.0125 0x1674  Msfs - ok
08:50:44.0165 0x1674  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:50:44.0165 0x1674  mshidkmdf - ok
08:50:44.0215 0x1674  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:50:44.0215 0x1674  msisadrv - ok
08:50:44.0455 0x1674  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:50:44.0455 0x1674  MSiSCSI - ok
08:50:44.0455 0x1674  msiserver - ok
08:50:44.0555 0x1674  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:50:44.0555 0x1674  MSKSSRV - ok
08:50:44.0755 0x1674  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:50:44.0765 0x1674  MsMpSvc - ok
08:50:44.0895 0x1674  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:50:44.0895 0x1674  MSPCLOCK - ok
08:50:45.0035 0x1674  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:50:45.0035 0x1674  MSPQM - ok
08:50:45.0275 0x1674  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:50:45.0275 0x1674  MsRPC - ok
08:50:45.0355 0x1674  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:50:45.0355 0x1674  mssmbios - ok
08:50:45.0485 0x1674  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:50:45.0485 0x1674  MSTEE - ok
08:50:45.0525 0x1674  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:50:45.0525 0x1674  MTConfig - ok
08:50:45.0616 0x1674  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
08:50:45.0616 0x1674  Mup - ok
08:50:46.0026 0x1674  MySQL - ok
08:50:46.0206 0x1674  [ 8F57DB74BF5407A4CDA6C8B005DC8DD0, 07D8F8605DD8FCBB3404E3A35274C87E9EC78E402C11C3E809CB44C0EB516434 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
08:50:46.0216 0x1674  MyWiFiDHCPDNS - ok
08:50:46.0476 0x1674  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
08:50:46.0486 0x1674  napagent - ok
08:50:47.0066 0x1674  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:50:47.0106 0x1674  NativeWifiP - ok
08:50:47.0446 0x1674  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:50:47.0516 0x1674  NDIS - ok
08:50:47.0576 0x1674  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:50:47.0576 0x1674  NdisCap - ok
08:50:47.0636 0x1674  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:50:47.0636 0x1674  NdisTapi - ok
08:50:47.0766 0x1674  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:50:47.0766 0x1674  Ndisuio - ok
08:50:47.0906 0x1674  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:50:47.0916 0x1674  NdisWan - ok
08:50:47.0996 0x1674  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:50:47.0996 0x1674  NDProxy - ok
08:50:48.0086 0x1674  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:50:48.0086 0x1674  NetBIOS - ok
08:50:48.0236 0x1674  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:50:48.0246 0x1674  NetBT - ok
08:50:48.0296 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
08:50:48.0296 0x1674  Netlogon - ok
08:50:48.0576 0x1674  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
08:50:48.0586 0x1674  Netman - ok
08:50:49.0286 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:49.0296 0x1674  NetMsmqActivator - ok
08:50:49.0446 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:49.0456 0x1674  NetPipeActivator - ok
08:50:49.0726 0x1674  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
08:50:49.0736 0x1674  netprofm - ok
08:50:49.0896 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:49.0896 0x1674  NetTcpActivator - ok
08:50:49.0896 0x1674  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:50:49.0906 0x1674  NetTcpPortSharing - ok
08:50:50.0296 0x1674  [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
08:50:50.0566 0x1674  NETwNs64 - ok
08:50:50.0706 0x1674  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:50:50.0706 0x1674  nfrd960 - ok
08:50:50.0866 0x1674  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:50:50.0866 0x1674  NisDrv - ok
08:50:51.0026 0x1674  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
08:50:51.0046 0x1674  NisSrv - ok
08:50:51.0156 0x1674  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:50:51.0156 0x1674  NlaSvc - ok
08:50:51.0206 0x1674  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:50:51.0216 0x1674  Npfs - ok
08:50:51.0296 0x1674  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
08:50:51.0296 0x1674  nsi - ok
08:50:51.0636 0x1674  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:50:51.0646 0x1674  nsiproxy - ok
08:50:52.0436 0x1674  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:50:52.0476 0x1674  Ntfs - ok
08:50:52.0526 0x1674  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
08:50:52.0526 0x1674  Null - ok
08:50:52.0607 0x1674  [ F5BC2345E8C89D4E90FAFD23A2239935, A6646BFB2A112C4C2556CEC6A3163B7943E08F42CB41C8A700C72CD797F7F1F1 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
08:50:52.0607 0x1674  nusb3hub - ok
08:50:52.0707 0x1674  [ 5D42578241BC2A9B4A64837077436D5F, D3D9F81DFE98834634331D9C95596AF27323371737860CAB45ABFAE4BA78E966 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:50:52.0707 0x1674  nusb3xhc - ok
08:50:52.0857 0x1674  [ 88F31550395CD97ED68168239A947941, 2C2C9364BDB80C98FB2D06C81EFE153CF9100862C1DD35CE643AADA24CEB72F7 ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
08:50:52.0867 0x1674  nvkflt - ok
08:50:54.0807 0x1674  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:50:55.0057 0x1674  nvlddmkm - ok
08:50:55.0217 0x1674  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
08:50:55.0217 0x1674  nvpciflt - ok
08:50:55.0287 0x1674  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:50:55.0307 0x1674  nvraid - ok
08:50:55.0477 0x1674  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:50:55.0477 0x1674  nvstor - ok
08:50:55.0727 0x1674  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\Windows\system32\nvvsvc.exe
08:50:55.0747 0x1674  nvsvc - ok
08:50:56.0147 0x1674  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
08:50:56.0177 0x1674  nvUpdatusService - ok
08:50:56.0327 0x1674  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:50:56.0327 0x1674  nv_agp - ok
08:50:56.0397 0x1674  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:50:56.0407 0x1674  ohci1394 - ok
08:50:56.0487 0x1674  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:50:56.0497 0x1674  p2pimsvc - ok
08:50:56.0637 0x1674  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
08:50:56.0647 0x1674  p2psvc - ok
08:50:56.0687 0x1674  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:50:56.0687 0x1674  Parport - ok
08:50:56.0747 0x1674  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:50:56.0757 0x1674  partmgr - ok
08:50:56.0827 0x1674  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:50:56.0827 0x1674  PcaSvc - ok
08:50:56.0897 0x1674  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
08:50:56.0897 0x1674  pci - ok
08:50:56.0967 0x1674  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:50:56.0967 0x1674  pciide - ok
08:50:57.0017 0x1674  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:50:57.0017 0x1674  pcmcia - ok
08:50:57.0067 0x1674  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:50:57.0067 0x1674  pcw - ok
08:50:57.0257 0x1674  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:50:57.0277 0x1674  PEAUTH - ok
08:50:57.0667 0x1674  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:50:57.0667 0x1674  PerfHost - ok
08:50:57.0797 0x1674  [ 25367AFF274D7DF637B7D5336246773E, AE7116CE62F7A394F8466E5E46BC7D9FB5633CE948F7E7A3F0D85F9F509394B3 ] PhoneMyPC_Helper C:\Windows\PhoneMyPC_Helper.exe
08:50:57.0797 0x1674  PhoneMyPC_Helper - ok
08:50:58.0377 0x1674  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
08:50:58.0407 0x1674  pla - ok
08:50:58.0507 0x1674  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:50:58.0507 0x1674  PlugPlay - ok
08:50:58.0607 0x1674  [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
08:50:58.0617 0x1674  pneteth - ok
08:50:58.0707 0x1674  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:50:58.0707 0x1674  PNRPAutoReg - ok
08:50:58.0757 0x1674  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:50:58.0767 0x1674  PNRPsvc - ok
08:50:58.0887 0x1674  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
08:50:58.0897 0x1674  Point64 - ok
08:50:59.0207 0x1674  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:50:59.0217 0x1674  PolicyAgent - ok
08:50:59.0337 0x1674  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
08:50:59.0337 0x1674  Power - ok
08:50:59.0437 0x1674  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:50:59.0447 0x1674  PptpMiniport - ok
08:50:59.0597 0x1674  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:50:59.0927 0x1674  Processor - ok
08:51:00.0377 0x1674  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:51:00.0387 0x1674  ProfSvc - ok
08:51:00.0487 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:51:00.0487 0x1674  ProtectedStorage - ok
08:51:00.0618 0x1674  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:51:00.0618 0x1674  Psched - ok
08:51:00.0708 0x1674  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
08:51:00.0708 0x1674  qicflt - ok
08:51:01.0148 0x1674  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:51:01.0188 0x1674  ql2300 - ok
08:51:01.0308 0x1674  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:51:01.0318 0x1674  ql40xx - ok
08:51:01.0358 0x1674  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
08:51:01.0358 0x1674  QWAVE - ok
08:51:01.0378 0x1674  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:51:01.0388 0x1674  QWAVEdrv - ok
08:51:01.0388 0x1674  qzgddddk - ok
08:51:01.0438 0x1674  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:51:01.0438 0x1674  RasAcd - ok
08:51:01.0498 0x1674  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:51:01.0498 0x1674  RasAgileVpn - ok
08:51:01.0588 0x1674  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
08:51:01.0588 0x1674  RasAuto - ok
08:51:01.0818 0x1674  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:51:01.0818 0x1674  Rasl2tp - ok
08:51:02.0038 0x1674  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
08:51:02.0058 0x1674  RasMan - ok
08:51:02.0138 0x1674  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:51:02.0148 0x1674  RasPppoe - ok
08:51:02.0248 0x1674  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:51:02.0258 0x1674  RasSstp - ok
08:51:02.0388 0x1674  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:51:02.0398 0x1674  rdbss - ok
08:51:02.0418 0x1674  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:51:02.0418 0x1674  rdpbus - ok
08:51:02.0508 0x1674  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:51:02.0508 0x1674  RDPCDD - ok
08:51:02.0588 0x1674  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:51:02.0588 0x1674  RDPENCDD - ok
08:51:02.0618 0x1674  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:51:02.0618 0x1674  RDPREFMP - ok
08:51:02.0758 0x1674  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:51:02.0778 0x1674  RDPWD - ok
08:51:02.0978 0x1674  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:51:02.0988 0x1674  rdyboost - ok
08:51:03.0378 0x1674  [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:51:03.0398 0x1674  RegSrvc - ok
08:51:03.0508 0x1674  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:51:03.0518 0x1674  RemoteAccess - ok
08:51:03.0628 0x1674  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:51:03.0638 0x1674  RemoteRegistry - ok
08:51:03.0858 0x1674  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
08:51:03.0858 0x1674  RFCOMM - ok
08:51:03.0888 0x1674  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:51:03.0888 0x1674  RpcEptMapper - ok
08:51:03.0928 0x1674  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
08:51:03.0928 0x1674  RpcLocator - ok
08:51:04.0118 0x1674  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
08:51:04.0128 0x1674  RpcSs - ok
08:51:04.0208 0x1674  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:51:04.0208 0x1674  rspndr - ok
08:51:04.0468 0x1674  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:51:04.0478 0x1674  RTL8167 - ok
08:51:04.0548 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
08:51:04.0548 0x1674  SamSs - ok
08:51:04.0668 0x1674  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:51:04.0668 0x1674  sbp2port - ok
08:51:04.0738 0x1674  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:51:04.0748 0x1674  SCardSvr - ok
08:51:04.0788 0x1674  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:51:04.0788 0x1674  scfilter - ok
08:51:05.0518 0x1674  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
08:51:05.0558 0x1674  Schedule - ok
08:51:05.0748 0x1674  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:51:05.0748 0x1674  SCPolicySvc - ok
08:51:05.0958 0x1674  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
08:51:05.0968 0x1674  sdbus - ok
08:51:06.0048 0x1674  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:51:06.0048 0x1674  SDRSVC - ok
08:51:07.0419 0x1674  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
08:51:07.0479 0x1674  SDScannerService - ok
08:51:08.0019 0x1674  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
08:51:08.0039 0x1674  SDUpdateService - ok
08:51:08.0329 0x1674  [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
08:51:08.0339 0x1674  SDWSCService - ok
08:51:08.0409 0x1674  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:51:08.0449 0x1674  secdrv - ok
08:51:08.0569 0x1674  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
08:51:08.0569 0x1674  seclogon - ok
08:51:08.0689 0x1674  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
08:51:08.0699 0x1674  SENS - ok
08:51:08.0849 0x1674  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:51:08.0849 0x1674  SensrSvc - ok
08:51:08.0879 0x1674  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:51:08.0879 0x1674  Serenum - ok
08:51:08.0919 0x1674  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:51:08.0919 0x1674  Serial - ok
08:51:08.0989 0x1674  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:51:08.0999 0x1674  sermouse - ok
08:51:09.0169 0x1674  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
08:51:09.0179 0x1674  SessionEnv - ok
08:51:09.0249 0x1674  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
08:51:09.0249 0x1674  sffdisk - ok
08:51:09.0359 0x1674  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:51:09.0359 0x1674  sffp_mmc - ok
08:51:09.0389 0x1674  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
08:51:09.0409 0x1674  sffp_sd - ok
08:51:09.0469 0x1674  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:51:09.0469 0x1674  sfloppy - ok
08:51:09.0619 0x1674  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:51:09.0629 0x1674  SharedAccess - ok
08:51:09.0769 0x1674  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:51:09.0779 0x1674  ShellHWDetection - ok
08:51:09.0819 0x1674  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:51:09.0819 0x1674  SiSRaid2 - ok
08:51:09.0849 0x1674  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:51:09.0849 0x1674  SiSRaid4 - ok
08:51:10.0199 0x1674  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
08:51:10.0209 0x1674  SkypeUpdate - ok
08:51:10.0269 0x1674  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:51:10.0289 0x1674  Smb - ok
08:51:10.0299 0x1674  smhpdrfa - ok
08:51:10.0359 0x1674  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:51:10.0359 0x1674  SNMPTRAP - ok
08:51:10.0419 0x1674  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:51:10.0419 0x1674  spldr - ok
08:51:10.0659 0x1674  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
08:51:10.0669 0x1674  Spooler - ok
08:51:11.0929 0x1674  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
08:51:11.0989 0x1674  sppsvc - ok
08:51:12.0069 0x1674  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:51:12.0069 0x1674  sppuinotify - ok
08:51:12.0069 0x1674  sqiisrfq - ok
08:51:12.0329 0x1674  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:51:12.0329 0x1674  SQLWriter - ok
08:51:12.0489 0x1674  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:51:12.0499 0x1674  srv - ok
08:51:12.0719 0x1674  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:51:12.0729 0x1674  srv2 - ok
08:51:12.0789 0x1674  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:51:12.0789 0x1674  srvnet - ok
08:51:12.0859 0x1674  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:51:12.0859 0x1674  SSDPSRV - ok
08:51:12.0879 0x1674  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:51:12.0889 0x1674  SstpSvc - ok
08:51:13.0049 0x1674  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
08:51:13.0289 0x1674  ssudmdm - ok
08:51:13.0409 0x1674  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
08:51:13.0409 0x1674  stdcfltn - ok
08:51:13.0679 0x1674  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:51:13.0699 0x1674  Stereo Service - ok
08:51:13.0899 0x1674  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:51:13.0899 0x1674  stexstor - ok
08:51:14.0409 0x1674  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
08:51:14.0419 0x1674  stisvc - ok
08:51:14.0529 0x1674  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:51:14.0529 0x1674  swenum - ok
08:51:14.0740 0x1674  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
08:51:14.0760 0x1674  swprv - ok
08:51:15.0400 0x1674  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
08:51:15.0520 0x1674  SysMain - ok
08:51:15.0700 0x1674  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:51:15.0700 0x1674  TabletInputService - ok
08:51:15.0900 0x1674  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:51:15.0900 0x1674  TapiSrv - ok
08:51:15.0960 0x1674  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
08:51:15.0970 0x1674  TBS - ok
08:51:16.0910 0x1674  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:51:17.0140 0x1674  Tcpip - ok
08:51:17.0570 0x1674  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:51:17.0600 0x1674  TCPIP6 - ok
08:51:17.0760 0x1674  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:51:17.0760 0x1674  tcpipreg - ok
08:51:17.0830 0x1674  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:51:17.0830 0x1674  TDPIPE - ok
08:51:17.0880 0x1674  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:51:17.0880 0x1674  TDTCP - ok
08:51:18.0090 0x1674  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:51:18.0100 0x1674  tdx - ok
08:51:18.0290 0x1674  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:51:18.0290 0x1674  TermDD - ok
08:51:18.0740 0x1674  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
08:51:18.0760 0x1674  TermService - ok
08:51:18.0910 0x1674  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
08:51:18.0910 0x1674  Themes - ok
08:51:18.0940 0x1674  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
08:51:18.0940 0x1674  THREADORDER - ok
08:51:19.0010 0x1674  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
08:51:19.0020 0x1674  TrkWks - ok
08:51:19.0180 0x1674  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:51:19.0190 0x1674  TrustedInstaller - ok
08:51:19.0290 0x1674  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:51:19.0290 0x1674  tssecsrv - ok
08:51:19.0380 0x1674  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:51:19.0380 0x1674  TsUsbFlt - ok
08:51:19.0520 0x1674  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:51:19.0530 0x1674  tunnel - ok
08:51:19.0690 0x1674  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
08:51:19.0700 0x1674  TurboB - ok
08:51:19.0900 0x1674  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
08:51:19.0900 0x1674  TurboBoost - ok
08:51:20.0050 0x1674  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:51:20.0050 0x1674  uagp35 - ok
08:51:20.0220 0x1674  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:51:20.0230 0x1674  udfs - ok
08:51:20.0230 0x1674  ugmlkwyy - ok
08:51:20.0290 0x1674  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:51:20.0300 0x1674  UI0Detect - ok
08:51:20.0560 0x1674  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:51:20.0570 0x1674  uliagpkx - ok
08:51:20.0620 0x1674  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
08:51:20.0620 0x1674  umbus - ok
08:51:20.0700 0x1674  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:51:20.0700 0x1674  UmPass - ok
08:51:21.0600 0x1674  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:51:21.0641 0x1674  UNS - ok
08:51:22.0081 0x1674  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
08:51:22.0091 0x1674  upnphost - ok
08:51:22.0261 0x1674  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
08:51:22.0261 0x1674  USBAAPL64 - ok
08:51:22.0361 0x1674  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:51:22.0361 0x1674  usbccgp - ok
08:51:22.0411 0x1674  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:51:22.0421 0x1674  usbcir - ok
08:51:22.0531 0x1674  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
08:51:22.0531 0x1674  usbehci - ok
08:51:23.0041 0x1674  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:51:23.0161 0x1674  usbhub - ok
08:51:23.0351 0x1674  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:51:23.0361 0x1674  usbohci - ok
08:51:23.0461 0x1674  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:51:23.0471 0x1674  usbprint - ok
08:51:23.0751 0x1674  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
08:51:23.0751 0x1674  usbscan - ok
08:51:23.0841 0x1674  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:51:23.0851 0x1674  USBSTOR - ok
08:51:23.0961 0x1674  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:51:23.0971 0x1674  usbuhci - ok
08:51:24.0021 0x1674  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
08:51:24.0021 0x1674  usbvideo - ok
08:51:24.0111 0x1674  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
08:51:24.0111 0x1674  UxSms - ok
08:51:24.0231 0x1674  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
08:51:24.0231 0x1674  VaultSvc - ok
08:51:24.0301 0x1674  [ 03837B80AD5D8A00996148AD57C09791, 7550ED98EF70B614ACC15B5D9741F971BE5962228AFD96DC309529E529D51991 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
08:51:24.0301 0x1674  VBoxDrv - ok
08:51:24.0561 0x1674  [ 51CEE8E2B356FDC351DB20C87F25F5A8, F50EA017A9DC437469AE819CA3BDDFB5446B1E7E808F11D0D6CDF0EECC5AFFC0 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
08:51:24.0571 0x1674  VBoxNetAdp - ok
08:51:24.0701 0x1674  [ CE7E80C7367B2ADAA023D9004C9F4691, 52A2E7776AA28979F4D55230A710F31675EAB3FE5DAD03F43FD98A9D6FEE7670 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
08:51:24.0701 0x1674  VBoxNetFlt - ok
08:51:25.0071 0x1674  [ 27C9A9F2FA94140DDCF7B9131E13E1B4, 7C52704EA5DA323A4C27A69A045B410E541364D83074B221943DE2637A0CA953 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
08:51:25.0081 0x1674  VBoxUSBMon - ok
08:51:25.0251 0x1674  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:51:25.0251 0x1674  vdrvroot - ok
08:51:25.0381 0x1674  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
08:51:25.0391 0x1674  vds - ok
08:51:25.0461 0x1674  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:51:25.0461 0x1674  vga - ok
08:51:25.0481 0x1674  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:51:25.0491 0x1674  VgaSave - ok
08:51:25.0591 0x1674  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:51:25.0601 0x1674  vhdmp - ok
08:51:25.0661 0x1674  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:51:25.0661 0x1674  viaide - ok
08:51:25.0851 0x1674  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:51:25.0851 0x1674  volmgr - ok
08:51:26.0001 0x1674  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:51:26.0011 0x1674  volmgrx - ok
08:51:26.0071 0x1674  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:51:26.0071 0x1674  volsnap - ok
08:51:26.0311 0x1674  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:51:26.0321 0x1674  vsmraid - ok
08:51:26.0541 0x1674  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
08:51:26.0561 0x1674  VSS - ok
08:51:26.0601 0x1674  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:51:26.0611 0x1674  vwifibus - ok
08:51:26.0661 0x1674  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:51:26.0661 0x1674  vwififlt - ok
08:51:26.0711 0x1674  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
08:51:26.0711 0x1674  vwifimp - ok
08:51:26.0781 0x1674  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
08:51:26.0791 0x1674  W32Time - ok
08:51:26.0811 0x1674  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:51:26.0811 0x1674  WacomPen - ok
08:51:26.0951 0x1674  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:51:26.0951 0x1674  WANARP - ok
08:51:26.0951 0x1674  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:51:26.0951 0x1674  Wanarpv6 - ok
08:51:27.0371 0x1674  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:51:27.0391 0x1674  WatAdminSvc - ok
08:51:27.0652 0x1674  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
08:51:27.0672 0x1674  wbengine - ok
08:51:27.0762 0x1674  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:51:27.0762 0x1674  WbioSrvc - ok
08:51:27.0912 0x1674  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:51:27.0922 0x1674  wcncsvc - ok
08:51:27.0952 0x1674  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:51:27.0952 0x1674  WcsPlugInService - ok
08:51:28.0022 0x1674  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:51:28.0022 0x1674  Wd - ok
08:51:28.0672 0x1674  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:51:28.0692 0x1674  Wdf01000 - ok
08:51:28.0762 0x1674  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:51:28.0772 0x1674  WdiServiceHost - ok
08:51:28.0772 0x1674  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:51:28.0772 0x1674  WdiSystemHost - ok
08:51:28.0802 0x1674  [ 94DC2BF6CBAAA95E369C3756D3115A76, 3DF44939ADBB4E30896993A85470BE5E16B1A3EDADFDD8F113D9615A6E431C12 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
08:51:28.0802 0x1674  wdkmd - ok
08:51:28.0962 0x1674  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
08:51:28.0962 0x1674  WebClient - ok
08:51:29.0032 0x1674  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:51:29.0032 0x1674  Wecsvc - ok
08:51:29.0112 0x1674  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:51:29.0112 0x1674  wercplsupport - ok
08:51:29.0172 0x1674  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:51:29.0172 0x1674  WerSvc - ok
08:51:29.0252 0x1674  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:51:29.0252 0x1674  WfpLwf - ok
08:51:29.0292 0x1674  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:51:29.0302 0x1674  WIMMount - ok
08:51:29.0332 0x1674  WinDefend - ok
08:51:29.0592 0x1674  [ 87FB98044F9B7669B20947AB5E6F0511, 58AD17F8A64730BAAD782BB3B458C78FC617AB0C22E274D414DD208257C17489 ] WinDevSrv       C:\ProgramData\UpdateServer\1397222796\webdev.exe
08:51:29.0602 0x1674  WinDevSrv - ok
08:51:29.0663 0x1674  WinHttpAutoProxySvc - ok
08:51:29.0753 0x1674  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:51:29.0753 0x1674  Winmgmt - ok
08:51:29.0943 0x1674  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
08:51:29.0993 0x1674  WinRM - ok
08:51:30.0083 0x1674  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
08:51:30.0083 0x1674  WinUSB - ok
08:51:30.0193 0x1674  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:51:30.0213 0x1674  Wlansvc - ok
08:51:30.0273 0x1674  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:51:30.0273 0x1674  WmiAcpi - ok
08:51:30.0323 0x1674  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:51:30.0323 0x1674  wmiApSrv - ok
08:51:30.0363 0x1674  WMPNetworkSvc - ok
08:51:30.0413 0x1674  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:51:30.0423 0x1674  WPCSvc - ok
08:51:30.0563 0x1674  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:51:30.0573 0x1674  WPDBusEnum - ok
08:51:30.0603 0x1674  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:51:30.0603 0x1674  ws2ifsl - ok
08:51:30.0623 0x1674  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
08:51:30.0623 0x1674  wscsvc - ok
08:51:30.0623 0x1674  WSearch - ok
08:51:30.0863 0x1674  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:51:30.0973 0x1674  wuauserv - ok
08:51:31.0033 0x1674  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:51:31.0033 0x1674  WudfPf - ok
08:51:31.0153 0x1674  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:51:31.0153 0x1674  WUDFRd - ok
08:51:31.0333 0x1674  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:51:31.0333 0x1674  wudfsvc - ok
08:51:31.0393 0x1674  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:51:31.0403 0x1674  WwanSvc - ok
08:51:31.0433 0x1674  ================ Scan global ===============================
08:51:31.0533 0x1674  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:51:31.0673 0x1674  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:51:31.0683 0x1674  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:51:31.0733 0x1674  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:51:31.0793 0x1674  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:51:31.0803 0x1674  [ Global ] - ok
08:51:31.0803 0x1674  ================ Scan MBR ==================================
08:51:31.0843 0x1674  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:51:32.0623 0x1674  \Device\Harddisk0\DR0 - ok
08:51:32.0623 0x1674  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:51:32.0623 0x1674  \Device\Harddisk1\DR1 - ok
08:51:32.0623 0x1674  ================ Scan VBR ==================================
08:51:32.0693 0x1674  [ 5C6D8E43BBB2B7CCB7F74EFBDFB6B1E2 ] \Device\Harddisk0\DR0\Partition1
08:51:32.0693 0x1674  \Device\Harddisk0\DR0\Partition1 - ok
08:51:32.0733 0x1674  [ 1BCB4226D4118C901F86DC3760225618 ] \Device\Harddisk0\DR0\Partition2
08:51:32.0733 0x1674  \Device\Harddisk0\DR0\Partition2 - ok
08:51:32.0733 0x1674  [ 30DDB8163AFEBF4BF51DA6157D58EF1E ] \Device\Harddisk1\DR1\Partition1
08:51:32.0733 0x1674  \Device\Harddisk1\DR1\Partition1 - ok
08:51:32.0743 0x1674  ================ Scan generic autorun ======================
08:51:32.0963 0x1674  [ 1D0F1F7A17293ED2AC88FC356EA4FDB4, FA722A8F7ACE0DACEE5360370CA2F9CA3FC19C0ED172B7A743AAACC050E2460B ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
08:51:32.0993 0x1674  IntelPAN - ok
08:51:33.0003 0x1674  IntelTBRunOnce - ok
08:51:33.0193 0x1674  [ AF993F50B17C0AFB26235EFCF06DAD06, B6C097CD91CE932ABB4F1D05831114686AD2E4B8C290BCD242DCB24019E30A78 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
08:51:33.0203 0x1674  FreeFallProtection - ok
08:51:33.0453 0x1674  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
08:51:33.0503 0x1674  IntelliPoint - ok
08:51:33.0814 0x1674  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe
08:51:33.0844 0x1674  MSC - ok
08:51:33.0924 0x1674  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
08:51:33.0924 0x1674  IgfxTray - ok
08:51:34.0014 0x1674  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
08:51:34.0024 0x1674  HotKeysCmds - ok
08:51:34.0184 0x1674  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
08:51:34.0194 0x1674  Persistence - ok
08:51:34.0314 0x1674  [ 08B438A5A06CD877F19B92F6868C031D, 2011F2AE42A0F28D449167BD1003F7EFD6FDB4B22D52BFF9A8B556039148D556 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
08:51:34.0314 0x1674  NUSB3MON - ok
08:51:34.0614 0x1674  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:51:34.0634 0x1674  Adobe ARM - ok
08:51:35.0094 0x1674  [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
08:51:35.0184 0x1674  SDTray - ok
08:51:35.0794 0x1674  [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
08:51:35.0804 0x1674  SunJavaUpdateSched - ok
08:51:36.0854 0x1674  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:51:36.0874 0x1674  Sidebar - ok
08:51:36.0934 0x1674  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:51:36.0934 0x1674  mctadmin - ok
08:51:37.0954 0x1674  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:51:37.0974 0x1674  Sidebar - ok
08:51:38.0024 0x1674  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:51:38.0024 0x1674  mctadmin - ok
08:51:38.0144 0x1674  [ E45AF0991C5A8570E442E4E5E4A794F7, B877838A637166A90084A482D5352C34E4B5961AD746613F0C0636C0D43215CB ] C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
08:51:38.0194 0x1674  FlashPlayerUpdate - ok
08:51:38.0794 0x1674  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:51:38.0814 0x1674  Sidebar - ok
08:51:38.0874 0x1674  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:51:38.0874 0x1674  mctadmin - ok
08:51:38.0874 0x1674  Waiting for KSN requests completion. In queue: 128
08:51:39.0874 0x1674  Waiting for KSN requests completion. In queue: 128
08:51:40.0874 0x1674  Waiting for KSN requests completion. In queue: 128
08:51:41.0884 0x1674  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
08:51:41.0884 0x1674  Win FW state via NFP2: enabled
08:51:44.0705 0x1674  ============================================================
08:51:44.0705 0x1674  Scan finished
08:51:44.0705 0x1674  ============================================================
08:51:44.0705 0x1948  Detected object count: 0
08:51:44.0705 0x1948  Actual detected object count: 0
08:52:04.0148 0x0d2c  Deinitialize success
 



#11 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 10:06 AM

wow, I think I messed this all up trying to post these...hope it makes sense to you lol



#12 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:04 PM

Posted 21 June 2014 - 10:38 AM

I think I messed this all up trying to post these...hope it makes sense to you

Don't worry about messing up the posts.... we've all done that at some point. :)

Well it wasn't TDSSKiller that removed the Zero Access infection.

If you have problems with the Java update, just leave that for now.
We can try it again later.

Run Combofix and post the report and let's see if that still finds any left overs from the infection.

Thanks

BBPP6nz.png


#13 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 10:48 AM

maybe this was it...

 

a person sent me a message prior to your response with the following:

 

Hey there... I literally signed up to respond to your post. I’m an IT Consultant and I had a client that contacted me today explaining the symptoms you described verbatim. In her case the issue would happen a few minutes after logging into her account following a reboot. I reviewed the list of running services and found the same two services running on your machine that were causing her issue. Those services were located in the following directories:

  • C:\ProgramData\UpdateServer\1397222796\webdev.exe
  • C:\ProgramData\MediaDev\1397112756\mediadev.exe

 

If you browse to the files, right-click them and go to details I’d be willing to bet there is some garble Chinese text in the details. I resolved my clients issue by completing these steps in order:

 

1. Launched msconfig, browsed to the services tab and disabled the MediaDevSvc and WinDevSrv services

 

2. Deleted both disabled services (MediaDevSvc and WinDevSrv) from the following registrylocation:

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\Msconfig\services (Note: These services will not appear in this location to delete until they are disabled.)

3. Launched an elevated command line and unregistered the services by running following commands:

  • sc delete MediaDevSvc
  • sc delete WinDevSrv

After you do this, just reboot the machine and the invisible ads issue should be resolved. However, if you have not done thorough scans with other applications I strongly advise you to do so as this may be one of several infections on the problematic machine. What surprised me is that I have a cocktail of about 4-5 scanning tools I typically use along with several manual steps that always work for cleaning up an infection and none of my scanning utilities found this thing. Knowing how effective my process has been for me in the past - this was quite alarming. I didn’t even believe the user when she reported it was still happening – I had to drive to the office to see if for myself. My initial thought was that it was simply a minimized browser running an audio ad and the user didn’t realize it. Turns out it was these two files being run as a service. It would literally pop-up a couple IE browsers a few minutes after logging in and play random ads mostly for All State and Office 365. Hope this helps you get your problem resolved.

 

I did what he suggested, so maybe that was it??

 

sorry I forgot to mention this...

 

about to do the combo fix thing if that's still ok?



#14 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:04 PM

Posted 21 June 2014 - 11:22 AM

Hi Rcpd0715

a person sent me a message prior to your response with the following:

That would explain why those are showing in your original DDS report, but aren't showing in the FRST report.
We'll see if Combofix picks up on any leftovers.

Thanks.

BBPP6nz.png


#15 Rcpd0715

Rcpd0715
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 21 June 2014 - 11:56 AM

ComboFix 14-06-21.02 - blevins 06/21/2014  12:46:41.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8086.5755 [GMT -4:00]
Running from: c:\users\blevins\Desktop\Combo-Fix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
c:\programdata\Microsoft\Windows\DRM\1285.tmp
c:\programdata\Microsoft\Windows\DRM\12B7.tmp
c:\programdata\Roaming
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}\icon64.ico
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2014-05-21 to 2014-06-21  )))))))))))))))))))))))))))))))
.
.
2014-06-21 14:15 . 2014-06-21 14:15 -------- d-----w- c:\program files (x86)\Skillbrains
2014-06-21 14:15 . 2014-06-21 14:15 -------- d-----w- c:\users\blevins\AppData\Local\Skillbrains
2014-06-21 14:05 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{31970810-DB89-44C9-A4A2-5B97A5725BAC}\mpengine.dll
2014-06-21 13:58 . 2014-06-21 14:23 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-06-21 13:58 . 2014-06-21 13:58 191400 ----a-w- c:\windows\system32\javaw.exe
2014-06-21 13:58 . 2014-06-21 13:58 190888 ----a-w- c:\windows\system32\java.exe
2014-06-20 22:38 . 2014-06-21 03:53 -------- d-----w- C:\FRST
2014-06-20 13:30 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-17 14:47 . 2014-05-02 09:51 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F141DE2-3C0B-4AC1-B0A2-6031C69E8173}\gapaengine.dll
2014-06-17 14:30 . 2014-06-17 14:30 -------- d-----w- c:\users\blevins\AppData\Local\Spotify
2014-06-17 13:18 . 2014-06-17 13:18 -------- d-----w- C:\TDSSKiller_Quarantine
2014-06-16 14:40 . 2014-06-16 14:47 -------- d-----w- c:\program files\SearchSnacks
2014-06-16 14:37 . 2014-06-16 14:47 -------- d-----w- c:\program files\pcmax
2014-06-16 14:37 . 2014-06-16 14:48 -------- d-----w- c:\program files (x86)\NetTock
2014-06-12 00:29 . 2014-06-12 00:29 -------- d-----w- c:\users\blevins\AppData\Roaming\serv
2014-06-10 08:46 . 2014-06-10 08:46 -------- d-----w- c:\users\blevins\AppData\Roaming\Oberon Media
2014-06-10 08:46 . 2014-06-10 08:46 -------- d-----w- c:\program files (x86)\Oberon Media SIDR
2014-06-10 08:46 . 2014-06-10 08:46 -------- d-----w- c:\program files (x86)\Common Files\Oberon Media
2014-06-10 08:46 . 2014-06-10 08:46 -------- d-----w- c:\programdata\Oberon Media
2014-06-10 08:45 . 2014-06-17 14:28 -------- d-----w- c:\users\blevins\AppData\Local\ArcadeYum
2014-06-09 03:40 . 2014-06-09 03:40 -------- d-----w- c:\windows\SysWow64\NV
2014-06-09 03:40 . 2014-06-09 03:40 -------- d-----w- c:\windows\system32\NV
2014-06-09 03:31 . 2014-06-09 03:31 -------- d-----w- c:\program files\CCleaner
2014-06-09 02:38 . 2014-06-21 14:25 -------- d-----w- c:\programdata\Oracle
2014-06-09 02:37 . 2014-05-07 19:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 07:02 . 2012-03-27 03:36 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 05:33 . 2012-04-04 02:44 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 05:33 . 2012-04-04 02:44 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-02 09:51 . 2012-06-13 23:16 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-12 20:01 . 2014-04-12 20:01 57344 ----a-r- c:\users\blevins\AppData\Roaming\Microsoft\Installer\{3AC82D10-23DD-48F7-9E4A-FBD3792F2655}\NewShortcut2_004CA6CE20F84A5EAA175F820D52B1AC.exe
2014-04-12 20:01 . 2014-04-12 20:01 53248 ----a-r- c:\users\blevins\AppData\Roaming\Microsoft\Installer\{3AC82D10-23DD-48F7-9E4A-FBD3792F2655}\ARPPRODUCTICON.exe
2014-04-12 20:00 . 2014-04-12 20:00 57344 ----a-r- c:\users\blevins\AppData\Roaming\Microsoft\Installer\{B7C5C35E-E750-4D09-BD2E-381D10124CBB}\NewShortcut11_98798AFA4B0B41FAA9B8FF8835A64952.exe
2014-04-12 20:00 . 2014-04-12 20:00 57344 ----a-r- c:\users\blevins\AppData\Roaming\Microsoft\Installer\{B7C5C35E-E750-4D09-BD2E-381D10124CBB}\NewShortcut1_3F3768693B314C7692F69858832BE52C.exe
2014-04-12 20:00 . 2014-04-12 20:00 53248 ----a-r- c:\users\blevins\AppData\Roaming\Microsoft\Installer\{B7C5C35E-E750-4D09-BD2E-381D10124CBB}\ARPPRODUCTICON.exe
2014-04-12 02:22 . 2014-05-14 09:13 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 09:13 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 09:13 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 09:13 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 09:13 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 09:14 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 09:13 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 09:13 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 09:13 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-25 02:43 . 2014-05-14 09:14 14175744 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{651CA263-4157-4AC5-B7C2-03A7C1C00457}]
2014-06-10 08:46 204672 ----a-w- c:\users\blevins\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="c:\users\blevins\AppData\Local\Skillbrains\lightshot\Lightshot.exe" [2014-03-12 226592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallCleanUp"="REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect" [X]
.
c:\users\blevins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Verizon Wireless Software Utility Application for Android – Samsung.lnk - c:\users\blevins\AppData\Roaming\VERIZON\UA_ar\UA.exe [2014-3-21 1139520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\windows\PhoneMyPC_Helper.exe;c:\windows\PhoneMyPC_Helper.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-11 22:06 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 05:33]
.
2014-06-21 c:\windows\Tasks\ArcadeYum.job
- c:\users\blevins\AppData\Local\ArcadeYum\ArcadeYumVersionControl.exe [2014-06-10 08:46]
.
2014-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 03:10]
.
2014-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 03:10]
.
2014-06-21 c:\windows\Tasks\update-S-1-5-21-4029183340-2131593037-1719951526-1000.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2014-06-21 22:44]
.
2014-06-21 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2014-06-21 22:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: dell.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{60E1EBFE-359A-4BFF-A0B6-F219054AA1E3}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
TCP: Interfaces\{BBDC5985-C28E-4849-9BC4-C08846DD4D0B}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Kies Air Discovery Service - c:\windows\system32\javaws.exe
AddRemove-{C1C3E833-420E-4D78-9BA7-86AEBB272384} - c:\users\blevins\AppData\Local\TopArcadeHits\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files (x86)\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files (x86)\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-06-21  12:54:26
ComboFix-quarantined-files.txt  2014-06-21 16:54
.
Pre-Run: 126,959,452,160 bytes free
Post-Run: 126,802,800,640 bytes free
.
- - End Of File - - 42E73371310392B8431857C423595240
A36C5E4F47E84449FF07ED3517B43A31
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users