Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple dllhost.exe instances using up all of my CPU power.


  • This topic is locked This topic is locked
17 replies to this topic

#1 jblatnick

jblatnick

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 07 January 2015 - 11:15 PM

To start out, I am running Windows 7 Home Edition.  Recently my computer will become extremely sluggish, I check the Task Manager and there are anywhere from 10-50 instances of dllhost.exe running.  The only way I can currently resolve it is to restart the computer.  I ran Malwarebytes after installing the updates and found nothing.  I ran Spybot Search & Destroy and only found a few cookies that I quarantine.  I also just ran Ccleaner and used the registry fix tool in there.  This problem is sporadic, it ranges from once to multiple times per week.  Here is my DDS Log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.60.2
Run by Jason at 20:48:06 on 2015-01-07
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.12279.8166 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvwmi64.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvwmi64.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CloudBerryLab\CloudBerry Online Backup\CloudBerry.Backup.Scheduler.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vrayrtspawner.exe
C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vray.exe
C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\startvrlservice.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\vrlservice.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jason\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uProxyOverride = <local>;*.local
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Akamai NetSession Interface] "C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETWOR~1.LNK - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{F8597F5B-F6EB-448E-8297-8F4E8D1C6226} : NameServer = 204.194.232.200,204.194.234.200
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - 
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-21 28008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-31 55856]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0502020.003\symds64.sys [2012-7-16 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0502020.003\symefa64.sys [2012-7-16 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-12-10 1587416]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2012-5-17 93272]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20150107.001\IDSviA64.sys [2015-1-7 637656]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0502020.003\ironx64.sys [2012-7-16 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0502020.003\symnets.sys [2012-7-16 386168]
R2 AdAppMgrSvc;Autodesk Application Manager Service;C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-9-24 597896]
R2 CloudBerry Backup Service;CloudBerry Backup Service;C:\Program Files (x86)\CloudBerryLab\CloudBerry Online Backup\CloudBerry.Backup.Scheduler.exe [2014-1-28 58880]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2013-2-6 136576]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-10-28 108032]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 mi-raysat_3dsmax9_64;mental ray 3.5 Satellite (64-bit);C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe [2006-9-29 65536]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe [2012-7-16 130008]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 125584]
R2 NVWMI;NVIDIA WMI Provider;C:\Windows\System32\nvwmi64.exe [2014-3-26 2683736]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2013-11-27 1248256]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-2-22 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-2-22 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-2-22 171416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-9-10 411936]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-22 4799760]
R2 VRayRTSpawner;VRayRTSpawner;C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vrayrtspawner.exe [2011-11-1 136704]
R2 VRLService;VRLService;C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\startvrlservice.exe [2014-3-10 266240]
R2 WkSvw32.exe;WibuKey Server;C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe [2011-11-1 587264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-17 142640]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2014-6-9 13480]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-9-4 39592]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-9-4 160424]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
R3 Wibukey2_64;Wibukey2_64;C:\Windows\System32\drivers\Wibukey2_64.sys [2011-11-1 16896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 BackupReader;BackupReader;C:\Windows\System32\drivers\BackupReader.sys [2011-3-2 63872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-31 1357104]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-5-14 37344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-26 19456]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-26 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-1 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S3 zghsdiag;ZTE General Handset Diagnostic Port;C:\Windows\System32\drivers\zghsdiag.sys [2011-1-13 122624]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary;C:\Windows\System32\drivers\zghsmdm.sys [2011-1-13 122624]
S3 zghsnmea;ZTE General Handset NMEA Port;C:\Windows\System32\drivers\zghsnmea.sys [2011-1-13 122624]
.
=============== Created Last 30 ================
.
2015-01-08 02:27:03 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC84979C-C0BA-4B18-A749-3E3EADB94E0B}\mpengine.dll
2015-01-07 13:49:03 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA08565E-CCEE-462F-836E-D1A7DE16025D}\gapaengine.dll
2015-01-07 13:48:50 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-18 06:25:21 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 06:25:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-11 13:54:35 -------- d-----w- C:\Windows\System32\appraiser
2014-12-11 05:52:51 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-11 05:52:51 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-11 05:52:51 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-11 05:52:51 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-11 05:52:51 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-11 05:52:51 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-11 05:52:51 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-11 05:52:51 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-11 05:52:51 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-11 05:52:50 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 03:38:44 -------- d-----w- C:\Program Files\iPod
2014-12-10 03:38:43 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-10 03:38:43 -------- d-----w- C:\Program Files\iTunes
2014-12-10 03:38:43 -------- d-----w- C:\Program Files (x86)\iTunes
2014-12-10 03:37:28 -------- d-----w- C:\Program Files\Bonjour
2014-12-10 03:37:28 -------- d-----w- C:\Program Files (x86)\Bonjour
2014-12-10 00:21:07 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-10 00:21:07 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-10 00:21:07 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-10 00:21:07 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-10 00:21:07 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-10 00:21:07 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-12-10 00:21:07 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-10 00:21:06 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-09 19:44:02 3981488 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
==================== Find3M  ====================
.
2015-01-08 02:33:08 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-06 08:29:31 60 ----a-w- C:\Windows\wpd99.drv
2014-12-31 11:14:31 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-09 20:44:16 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-09 20:44:16 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 13:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 13:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 13:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-18 21:56:48 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
.
============= FINISH: 20:48:18.16 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 08 January 2015 - 06:51 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 08 January 2015 - 10:35 AM

TB-Psychotic, I tried downloading the FRST scanner from the links you provided but my Norton keeps saying Threat Found and deletes it.  I googled it and downloaded an older version from MajorGeeks.com.  I hope that it will work the same.

 

Here is the FRST Report:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013 ([color=red]ATTENTION: ====> FRST version is 410 days old and could be outdated[/color])
Ran by Jason (administrator) on AVATAR on 08-01-2015 08:27:13
Running from C:\Users\Jason\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
() C:\Program Files\Core Temp\Core Temp.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CloudBerry Lab Inc.) C:\Program Files (x86)\CloudBerryLab\CloudBerry Online Backup\CloudBerry.Backup.Scheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Akamai Technologies, Inc.) C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
() C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vrayrtspawner.exe
(Chaos Group) C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vray.exe
() C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\startvrlservice.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
() C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\vrlservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Autodesk Inc.) C:\Users\Jason\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Jason\Desktop\FRST64 (1).exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2728736 2014-08-19] ()
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\uninstaller.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\uninstaller.exe <====== ATTENTION
HKCU\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3761464 2013-09-30] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [ADSKAppManager] - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-03] (Autodesk Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-10-24] (Razer Inc.)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371896 2012-05-23] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll [257208 2012-05-23] (Citrix Systems, Inc.)
BootExecute: autocheck autochk * ?/???

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE7A808144B98CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} -  No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -  No File
Handler-x32: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{F8597F5B-F6EB-448E-8297-8F4E8D1C6226}: [NameServer]204.194.232.200,204.194.234.200

FireFox:
========
FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\4qtou5yc.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @autodesk.com/Autodesk Player Plugin,version=1.1.0.1 - C:\Program Files (x86)\Autodesk\Autodesk Player Plugin\npAdPlayerPlugin_FF.dll (Autodesk)
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: fx-searchtest - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\4qtou5yc.default\Extensions\fx-searchtest@mozilla.org.xpi
FF Extension: Adblock Plus - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\4qtou5yc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\4qtou5yc.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2

Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus development build) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.9_0
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Plex) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm\2.3.8_0
CHR Extension: (Google Wallet) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-03] (Autodesk Inc.)
R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2014-03-10] (Autodesk)
R2 CloudBerry Backup Service; C:\Program Files (x86)\CloudBerryLab\CloudBerry Online Backup\CloudBerry.Backup.Scheduler.exe [58880 2014-01-28] (CloudBerry Lab Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-09] (Freemake)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 mi-raysat_3dsmax9_64; C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe [65536 2006-09-29] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2683736 2014-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 VRayRTSpawner; C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vrayrtspawner.exe [136704 2014-03-10] ()
R2 VRLService; C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\startvrlservice.exe [266240 2014-03-10] ()
R2 WkSvw32.exe; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [587264 2009-12-03] (WIBU-SYSTEMS AG)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20150107.001\IDSvia64.sys [637656 2014-11-28] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20150107.035\ENG64.SYS [129752 2014-10-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20150107.035\EX64.SYS [2137304 2014-10-25] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2010-01-05] (Research in Motion Ltd)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-06-09] ()
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-04] (Razer Inc)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [30088 2008-08-22] ()
R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-11-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
U3 TrueSight; C:\Windows\SysWow64\drivers\TrueSight.sys [29160 2014-08-04] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
R3 Wibukey2_64; C:\Windows\System32\drivers\wibukey2_64.sys [16896 2009-08-07] (WIBU-SYSTEMS AG)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [122624 2011-01-13] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [122624 2011-01-13] (ZTE Incorporated)
S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
R3 ALSysIO; \??\C:\Users\Jason\AppData\Local\Temp\ALSysIO64.sys [x]
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [x]
U3 ufldrpow; \??\C:\Users\Jason\AppData\Local\Temp\ufldrpow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2015-01-08 08:23 - 2015-01-08 08:27 - 00040115 _____ C:\Users\Jason\Desktop\FRST.txt
2015-01-08 08:23 - 2015-01-08 08:23 - 01958440 ____C (Farbar) C:\Users\Jason\Downloads\FRST64 (1).exe
2015-01-08 08:23 - 2015-01-08 08:23 - 01958440 _____ (Farbar) C:\Users\Jason\Desktop\FRST64 (1).exe
2015-01-08 08:21 - 2015-01-08 08:21 - 01958440 ____C (Farbar) C:\Users\Jason\Downloads\FRST64.exe
2015-01-08 08:15 - 2015-01-08 08:15 - 00380416 ____C C:\Users\Jason\Downloads\9itdpd6k.exe
2015-01-08 08:05 - 2015-01-08 08:05 - 00000224 _____ C:\Windows\setupact.log
2015-01-08 08:05 - 2015-01-08 08:05 - 00000000 _____ C:\Windows\setuperr.log
2015-01-07 20:48 - 2015-01-07 20:48 - 00028888 _____ C:\Users\Jason\Desktop\dds.txt
2015-01-07 20:48 - 2015-01-07 20:48 - 00012645 _____ C:\Users\Jason\Desktop\attach.txt
2015-01-07 20:47 - 2015-01-07 20:47 - 00688992 ___RC (Swearware) C:\Users\Jason\Downloads\dds.com
2015-01-06 23:04 - 2015-01-06 23:04 - 00158688 ____C C:\Users\Jason\Downloads\424 West Rosehill Avenue (1).dwg
2015-01-06 21:42 - 2015-01-06 21:42 - 01148569 ____C C:\Users\Jason\Downloads\sm00868solidrockbaptistchurchnewrenderingplease.zip
2015-01-06 18:34 - 2015-01-06 18:34 - 00158688 ____C C:\Users\Jason\Downloads\424 West Rosehill Avenue.dwg
2015-01-06 01:08 - 2015-01-06 01:07 - 00108760 _____ C:\Users\Jason\Desktop\Checking since 0810.csv
2015-01-06 01:07 - 2015-01-06 01:07 - 00108760 ____C C:\Users\Jason\Downloads\export (13).csv
2015-01-06 01:07 - 2015-01-06 01:07 - 00011755 ____C C:\Users\Jason\Downloads\export (12).csv
2015-01-06 01:07 - 2015-01-06 01:07 - 00011755 _____ C:\Users\Jason\Desktop\LOC since 0810.csv
2015-01-06 01:06 - 2015-01-06 01:06 - 00008467 ____C C:\Users\Jason\Downloads\export (11).csv
2015-01-06 01:06 - 2015-01-06 01:06 - 00008467 _____ C:\Users\Jason\Desktop\MM since 0810.csv
2015-01-06 01:06 - 2015-01-06 01:05 - 00009005 _____ C:\Users\Jason\Desktop\Savings since 0810.csv
2015-01-06 01:05 - 2015-01-06 01:05 - 00009005 ____C C:\Users\Jason\Downloads\export (10).csv
2015-01-05 23:53 - 2015-01-05 23:53 - 00029204 ____C C:\Users\Jason\Downloads\export (9).csv
2015-01-05 23:53 - 2015-01-05 23:53 - 00029204 _____ C:\Users\Jason\Desktop\export (9).csv
2015-01-05 23:50 - 2015-01-05 23:50 - 00004552 ____C C:\Users\Jason\Downloads\export (8).csv
2015-01-05 23:50 - 2015-01-05 23:50 - 00004552 _____ C:\Users\Jason\Desktop\export (8).csv
2015-01-05 23:48 - 2015-01-05 23:48 - 00000397 ____C C:\Users\Jason\Downloads\export (7).csv
2015-01-05 23:48 - 2015-01-05 23:48 - 00000397 _____ C:\Users\Jason\Desktop\export (7).csv
2015-01-05 23:46 - 2015-01-05 23:46 - 00004130 _____ C:\Users\Jason\Desktop\export (6).csv
2015-01-05 23:45 - 2015-01-05 23:46 - 00004130 ____C C:\Users\Jason\Downloads\export (6).csv
2015-01-05 23:31 - 2015-01-05 23:31 - 00000397 ____C C:\Users\Jason\Downloads\export (5).csv
2015-01-05 22:49 - 2015-01-05 22:49 - 00000397 ____C C:\Users\Jason\Downloads\export (4).csv
2015-01-05 22:48 - 2015-01-05 22:48 - 00004094 ____C C:\Users\Jason\Downloads\export (3).csv
2015-01-05 22:47 - 2015-01-05 22:47 - 00003212 ____C C:\Users\Jason\Downloads\export (2).csv
2015-01-05 22:43 - 2015-01-05 22:43 - 00022965 ____C C:\Users\Jason\Downloads\export (1).csv
2015-01-05 21:25 - 2015-01-05 21:25 - 00253678 ____C C:\Users\Jason\Downloads\sm00777harvestpointecommunitychurchnewrenderingpl.zip
2015-01-05 20:44 - 2015-01-05 20:44 - 09154298 ____C C:\Users\Jason\Downloads\sm00858holytemplecogicnewrenderingplease.zip
2014-12-23 18:57 - 2014-12-23 18:57 - 02869178 _____ C:\Users\Jason\Desktop\Maalouf.zip
2014-12-23 18:56 - 2014-12-23 18:57 - 17122509 _____ C:\Users\Jason\Desktop\Maalouf.skp
2014-12-23 18:53 - 2014-12-23 18:54 - 03927056 _____ C:\Users\Jason\Desktop\Maalouf.3ds
2014-12-17 23:25 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 23:25 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 21:17 - 2014-12-16 21:17 - 00259730 ____C C:\Users\Jason\Downloads\ReverseCable10Dec14II.pptx
2014-12-16 19:01 - 2014-12-16 19:03 - 07877159 ____C C:\Users\Jason\Downloads\rerenderingforsanjuanipasm00870.zip
2014-12-15 22:01 - 2014-12-15 22:01 - 00108457 ____C C:\Users\Jason\Downloads\fwchuckmbagwu.zip
2014-12-15 20:12 - 2014-12-15 20:12 - 02014389 ____C C:\Users\Jason\Downloads\sm00811universityofcentralfloridanewfloorplanand.zip
2014-12-11 21:34 - 2014-12-11 21:34 - 02139603 ____C C:\Users\Jason\Downloads\sm00863barabbasministriesnewrenderingplease.zip
2014-12-11 20:29 - 2014-12-11 20:29 - 02755874 ____C C:\Users\Jason\Downloads\sm00840lordoflifelutheranchurchnewrenderingpleas.zip
2014-12-11 19:44 - 2014-12-11 19:44 - 00065284 ____C C:\Users\Jason\Downloads\MAGNETOB.TTF
2014-12-11 06:54 - 2014-12-11 06:54 - 00000000 ____D C:\Windows\system32\appraiser
2014-12-10 22:52 - 2014-10-17 19:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 22:52 - 2014-10-17 18:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 22:52 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 22:52 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 22:52 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 22:52 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 22:52 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 22:52 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 22:52 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 22:52 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 22:40 - 2014-12-10 22:40 - 00011982 _____ C:\Users\Jason\Desktop\New Budget2.xlsx
2014-12-10 22:31 - 2014-12-10 22:31 - 00010377 ____C C:\Users\Jason\Downloads\contacts.vcf
2014-12-09 20:39 - 2014-12-09 20:39 - 00001817 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-12-09 20:38 - 2014-12-09 20:39 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-09 20:38 - 2014-12-09 20:39 - 00000000 ____D C:\Program Files\iTunes
2014-12-09 20:38 - 2014-12-09 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-12-09 20:38 - 2014-12-09 20:38 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2014-12-09 20:38 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files\iPod
2014-12-09 20:38 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-12-09 20:37 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-12-09 20:37 - 2014-12-09 20:37 - 00000000 ____D C:\Program Files\Bonjour
2014-12-09 20:37 - 2014-12-09 20:37 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-12-09 20:35 - 2014-12-09 20:36 - 122418480 ____C (Apple Inc.) C:\Users\Jason\Downloads\iTunes64Setup.exe
2014-12-09 17:21 - 2014-12-03 19:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 17:21 - 2014-12-03 19:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 17:21 - 2014-12-03 19:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 17:21 - 2014-12-03 19:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 17:21 - 2014-12-03 19:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 17:21 - 2014-12-03 19:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 17:21 - 2014-12-03 19:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 17:21 - 2014-12-01 16:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 17:20 - 2014-11-26 18:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 17:20 - 2014-11-26 18:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 17:20 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 17:20 - 2014-11-21 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 17:20 - 2014-11-21 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 17:20 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 17:20 - 2014-11-21 19:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 17:20 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 17:20 - 2014-11-21 19:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 17:20 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 17:20 - 2014-11-21 19:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 17:20 - 2014-11-21 19:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 17:20 - 2014-11-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 17:20 - 2014-11-21 19:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 17:20 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 17:20 - 2014-11-21 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 17:20 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 17:20 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 17:20 - 2014-11-21 19:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 17:20 - 2014-11-21 19:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 17:20 - 2014-11-21 19:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 17:20 - 2014-11-21 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 17:20 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 17:20 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 17:20 - 2014-11-21 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 17:20 - 2014-11-21 19:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 17:20 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 17:20 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 17:20 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 17:20 - 2014-11-21 18:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 17:20 - 2014-11-21 18:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 17:20 - 2014-11-21 18:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 17:20 - 2014-11-21 18:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 17:20 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 17:20 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 17:20 - 2014-11-21 18:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 17:20 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 17:20 - 2014-11-21 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 17:20 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 17:20 - 2014-11-21 18:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 17:20 - 2014-11-21 18:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 17:20 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 17:20 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 17:20 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 17:20 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 17:20 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 17:20 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 17:20 - 2014-11-21 18:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 17:20 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 17:20 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 17:20 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 17:20 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 17:20 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 17:20 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 17:20 - 2014-11-10 20:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 17:20 - 2014-11-10 19:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 17:20 - 2014-11-10 18:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 17:20 - 2014-11-07 20:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 17:20 - 2014-11-07 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 17:20 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 17:20 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 17:20 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 17:20 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 17:20 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 17:20 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 17:20 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 17:20 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 17:20 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 17:20 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 17:20 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 17:20 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 12:44 - 2014-12-09 13:44 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

2015-01-08 08:27 - 2015-01-08 08:23 - 00040115 _____ C:\Users\Jason\Desktop\FRST.txt
2015-01-08 08:23 - 2015-01-08 08:23 - 01958440 ____C (Farbar) C:\Users\Jason\Downloads\FRST64 (1).exe
2015-01-08 08:23 - 2015-01-08 08:23 - 01958440 _____ (Farbar) C:\Users\Jason\Desktop\FRST64 (1).exe
2015-01-08 08:21 - 2015-01-08 08:21 - 01958440 ____C (Farbar) C:\Users\Jason\Downloads\FRST64.exe
2015-01-08 08:15 - 2015-01-08 08:15 - 00380416 ____C C:\Users\Jason\Downloads\9itdpd6k.exe
2015-01-08 08:10 - 2011-11-03 11:09 - 00000059 _____ C:\Windows\wpd99.drv
2015-01-08 08:10 - 2011-11-03 11:09 - 00000000 ____D C:\ProgramData\pdf995
2015-01-08 08:05 - 2015-01-08 08:05 - 00000224 _____ C:\Windows\setupact.log
2015-01-08 08:05 - 2015-01-08 08:05 - 00000000 _____ C:\Windows\setuperr.log
2015-01-08 08:05 - 2011-10-31 20:55 - 01884031 _____ C:\Windows\WindowsUpdate.log
2015-01-08 07:44 - 2012-07-16 13:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 07:39 - 2013-08-16 09:26 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce9a9d4eb9a0f9.job
2015-01-07 23:39 - 2013-08-16 09:26 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce9a9d4e3098d7.job
2015-01-07 20:48 - 2015-01-07 20:48 - 00028888 _____ C:\Users\Jason\Desktop\dds.txt
2015-01-07 20:48 - 2015-01-07 20:48 - 00012645 _____ C:\Users\Jason\Desktop\attach.txt
2015-01-07 20:47 - 2015-01-07 20:47 - 00688992 ___RC (Swearware) C:\Users\Jason\Downloads\dds.com
2015-01-07 20:34 - 2011-11-17 10:02 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TeamViewer
2015-01-07 20:34 - 2011-10-31 23:41 - 00000000 ____D C:\Users\Jason\AppData\Local\CrashDumps
2015-01-07 19:33 - 2014-06-27 17:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 19:32 - 2014-06-27 17:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-07 19:31 - 2009-07-13 21:45 - 00023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 19:31 - 2009-07-13 21:45 - 00023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 19:29 - 2009-07-13 22:13 - 00784326 _____ C:\Windows\system32\PerfStringBackup.INI
2015-01-07 19:20 - 2011-10-31 21:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-01-07 19:20 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-01-06 23:04 - 2015-01-06 23:04 - 00158688 ____C C:\Users\Jason\Downloads\424 West Rosehill Avenue (1).dwg
2015-01-06 22:52 - 2011-11-01 07:09 - 00000000 ____D C:\Users\Jason\Desktop\3ds Files
2015-01-06 21:42 - 2015-01-06 21:42 - 01148569 ____C C:\Users\Jason\Downloads\sm00868solidrockbaptistchurchnewrenderingplease.zip
2015-01-06 18:34 - 2015-01-06 18:34 - 00158688 ____C C:\Users\Jason\Downloads\424 West Rosehill Avenue.dwg
2015-01-06 01:07 - 2015-01-06 01:08 - 00108760 _____ C:\Users\Jason\Desktop\Checking since 0810.csv
2015-01-06 01:07 - 2015-01-06 01:07 - 00108760 ____C C:\Users\Jason\Downloads\export (13).csv
2015-01-06 01:07 - 2015-01-06 01:07 - 00011755 ____C C:\Users\Jason\Downloads\export (12).csv
2015-01-06 01:07 - 2015-01-06 01:07 - 00011755 _____ C:\Users\Jason\Desktop\LOC since 0810.csv
2015-01-06 01:06 - 2015-01-06 01:06 - 00008467 ____C C:\Users\Jason\Downloads\export (11).csv
2015-01-06 01:06 - 2015-01-06 01:06 - 00008467 _____ C:\Users\Jason\Desktop\MM since 0810.csv
2015-01-06 01:05 - 2015-01-06 01:06 - 00009005 _____ C:\Users\Jason\Desktop\Savings since 0810.csv
2015-01-06 01:05 - 2015-01-06 01:05 - 00009005 ____C C:\Users\Jason\Downloads\export (10).csv
2015-01-05 23:53 - 2015-01-05 23:53 - 00029204 ____C C:\Users\Jason\Downloads\export (9).csv
2015-01-05 23:53 - 2015-01-05 23:53 - 00029204 _____ C:\Users\Jason\Desktop\export (9).csv
2015-01-05 23:50 - 2015-01-05 23:50 - 00004552 ____C C:\Users\Jason\Downloads\export (8).csv
2015-01-05 23:50 - 2015-01-05 23:50 - 00004552 _____ C:\Users\Jason\Desktop\export (8).csv
2015-01-05 23:48 - 2015-01-05 23:48 - 00000397 ____C C:\Users\Jason\Downloads\export (7).csv
2015-01-05 23:48 - 2015-01-05 23:48 - 00000397 _____ C:\Users\Jason\Desktop\export (7).csv
2015-01-05 23:46 - 2015-01-05 23:46 - 00004130 _____ C:\Users\Jason\Desktop\export (6).csv
2015-01-05 23:46 - 2015-01-05 23:45 - 00004130 ____C C:\Users\Jason\Downloads\export (6).csv
2015-01-05 23:31 - 2015-01-05 23:31 - 00000397 ____C C:\Users\Jason\Downloads\export (5).csv
2015-01-05 22:49 - 2015-01-05 22:49 - 00000397 ____C C:\Users\Jason\Downloads\export (4).csv
2015-01-05 22:48 - 2015-01-05 22:48 - 00004094 ____C C:\Users\Jason\Downloads\export (3).csv
2015-01-05 22:47 - 2015-01-05 22:47 - 00003212 ____C C:\Users\Jason\Downloads\export (2).csv
2015-01-05 22:43 - 2015-01-05 22:43 - 00022965 ____C C:\Users\Jason\Downloads\export (1).csv
2015-01-05 21:25 - 2015-01-05 21:25 - 00253678 ____C C:\Users\Jason\Downloads\sm00777harvestpointecommunitychurchnewrenderingpl.zip
2015-01-05 20:44 - 2015-01-05 20:44 - 09154298 ____C C:\Users\Jason\Downloads\sm00858holytemplecogicnewrenderingplease.zip
2014-12-31 04:14 - 2011-10-31 21:04 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-23 18:57 - 2014-12-23 18:57 - 02869178 _____ C:\Users\Jason\Desktop\Maalouf.zip
2014-12-23 18:57 - 2014-12-23 18:56 - 17122509 _____ C:\Users\Jason\Desktop\Maalouf.skp
2014-12-23 18:54 - 2014-12-23 18:53 - 03927056 _____ C:\Users\Jason\Desktop\Maalouf.3ds
2014-12-20 13:10 - 2011-10-31 23:35 - 00000000 ____D C:\ProgramData\Norton
2014-12-17 07:25 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2014-12-17 06:35 - 2009-07-13 21:45 - 11440736 _____ C:\Windows\system32\FNTCACHE.DAT
2014-12-17 06:28 - 2012-11-06 14:32 - 00003018 _____ C:\Windows\System32\Tasks\MSIAfterburner
2014-12-16 21:17 - 2014-12-16 21:17 - 00259730 ____C C:\Users\Jason\Downloads\ReverseCable10Dec14II.pptx
2014-12-16 19:03 - 2014-12-16 19:01 - 07877159 ____C C:\Users\Jason\Downloads\rerenderingforsanjuanipasm00870.zip
2014-12-16 07:03 - 2011-10-31 22:52 - 00000000 ____D C:\1_JB Graphics
2014-12-15 22:01 - 2014-12-15 22:01 - 00108457 ____C C:\Users\Jason\Downloads\fwchuckmbagwu.zip
2014-12-15 20:12 - 2014-12-15 20:12 - 02014389 ____C C:\Users\Jason\Downloads\sm00811universityofcentralfloridanewfloorplanand.zip
2014-12-12 22:09 - 2014-12-17 23:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 20:33 - 2014-12-17 23:25 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 21:34 - 2014-12-11 21:34 - 02139603 ____C C:\Users\Jason\Downloads\sm00863barabbasministriesnewrenderingplease.zip
2014-12-11 20:29 - 2014-12-11 20:29 - 02755874 ____C C:\Users\Jason\Downloads\sm00840lordoflifelutheranchurchnewrenderingpleas.zip
2014-12-11 19:58 - 2011-10-31 22:44 - 00204552 _____ C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-11 19:44 - 2014-12-11 19:44 - 00065284 ____C C:\Users\Jason\Downloads\MAGNETOB.TTF
2014-12-11 06:54 - 2014-12-11 06:54 - 00000000 ____D C:\Windows\system32\appraiser
2014-12-11 06:54 - 2014-05-31 09:28 - 00000000 ___SD C:\Windows\system32\CompatTel
2014-12-11 06:54 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-12-11 06:54 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2014-12-10 22:57 - 2011-10-31 21:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-12-10 22:56 - 2013-08-23 20:56 - 00000000 ____D C:\Windows\system32\MRT
2014-12-10 22:53 - 2011-12-16 17:14 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:40 - 2014-12-10 22:40 - 00011982 _____ C:\Users\Jason\Desktop\New Budget2.xlsx
2014-12-10 22:38 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2014-12-10 22:31 - 2014-12-10 22:31 - 00010377 ____C C:\Users\Jason\Downloads\contacts.vcf
2014-12-09 20:45 - 2012-03-18 13:10 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Apple Computer
2014-12-09 20:39 - 2014-12-09 20:39 - 00001817 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-12-09 20:39 - 2014-12-09 20:38 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-09 20:39 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files\iTunes
2014-12-09 20:39 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-12-09 20:38 - 2014-12-09 20:38 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2014-12-09 20:38 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files\iPod
2014-12-09 20:38 - 2014-12-09 20:38 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-12-09 20:38 - 2014-12-09 20:37 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-12-09 20:38 - 2012-12-04 13:21 - 00000000 ____D C:\ProgramData\Apple Computer
2014-12-09 20:37 - 2014-12-09 20:37 - 00000000 ____D C:\Program Files\Bonjour
2014-12-09 20:37 - 2014-12-09 20:37 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-12-09 20:37 - 2012-02-20 07:06 - 00000000 ____D C:\ProgramData\Apple
2014-12-09 20:36 - 2014-12-09 20:35 - 122418480 ____C (Apple Inc.) C:\Users\Jason\Downloads\iTunes64Setup.exe
2014-12-09 13:44 - 2014-12-09 12:44 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-09 13:44 - 2012-07-16 13:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 13:44 - 2012-04-21 01:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 13:44 - 2011-12-16 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-10-16 02:15] - [2014-07-16 19:07] - 0455168 ____A (Microsoft Corporation) 8CEBD9D0A0A879CDE9F36F4383B7CAEA

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2015-01-04 00:45

==================== End Of Log ============================

Addition Scan:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by Jason at 2015-01-08 08:27:39
Running from C:\Users\Jason\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
3dsmax ancillary install (x32 Version: 1)
Adobe AIR (x32 Version: 4.0.0.1390)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Creative Suite 5 Production Premium (x32 Version: 5.0)
Adobe Flash Player 15 ActiveX (x32 Version: 15.0.0.246)
Adobe Flash Player 15 Plugin (x32 Version: 15.0.0.246)
Adobe Media Player (x32 Version: 1.8)
Adobe Reader X (10.1.12) (x32 Version: 10.1.12)
Akamai NetSession Interface (HKCU)
Apple Application Support (x32 Version: 3.1)
Apple Mobile Device Support (Version: 8.0.5.6)
Apple Software Update (x32 Version: 2.1.3.127)
AutoCAD LT 2011 - English (Version: 18.1.208.0)
AutoCAD LT 2011 - English (Version: 18.1.49.0)
AutoCAD LT 2011 - English Version 3 (Version: 1)
AutoCAD LT 2011 Language Pack - English (Version: 18.1.49.0)
Autodesk 3ds Max 9 64-bit (Version: 9.2.0.114)
Autodesk Application Manager (x32 Version: 3.0.159.0)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82)
Autodesk DWF Viewer 7 (x32 Version: 7.0.0)
Autodesk DWG TrueView 2014 (Version: 19.1.18.0)
Autodesk FBX Converter x64 2012.2 (x32)
Autodesk Material Library 2011 (x32 Version: 2.0.0.49)
Autodesk Material Library Base Resolution Image Library 2015 (x32 Version: 5.2.8.100)
Autodesk Material Library Low Resolution Image Library 2015 (x32 Version: 5.2.8.100)
Autodesk Material Library Medium Resolution Image Library 2015 (x32 Version: 5.2.8.100)
Autodesk Player Plugin (x32 Version: 1.1.0.1)
Backburner (x32 Version: 2007.0)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.18)
CGschool Video Player (x32 Version: 1.5.5.0)
Citrix Authentication Manager (x32 Version: 2.0.0.41479)
Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.1.201.3)
Citrix Receiver (x32 Version: 13.1.201.3)
Citrix Receiver Inside (x32 Version: 3.2.0.5844)
Citrix Receiver(Aero) (x32 Version: 13.1.201.3)
Citrix Receiver(DV) (x32 Version: 13.1.201.3)
Citrix Receiver(USB) (x32 Version: 13.1.201.3)
CloudBerry Explorer for Amazon S3 3.8.2 (Version: 3.8.2)
CloudBerry Online Backup 3.7.1 (Version: 3.7.1)
Core Temp version 0.99.7 (Version: 0.99.7)
Duplicate Image Finder (x32 Version: 1.0.20)
EPSON Scan (x32)
EPSON WorkForce 845 Series Printer Uninstall
FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630)
FBX Plugin 2006.08 for Max 9.0 64 (x32)
Freemake YouTube To MP3 Boom (x32 Version: 1.0.0)
Google Chrome (x32 Version: 39.0.2171.95)
Google Drive (x32 Version: 1.18.7821.2489)
Google Drive (x32 Version: 1.8.4357.4863)
Google Earth (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.25.11)
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001)
iTunes (Version: 12.0.1.26)
Java 7 Update 51 (64-bit) (Version: 7.0.510)
Java 7 Update 60 (x32 Version: 7.0.600)
Java Auto Updater (x32 Version: 2.1.60.19)
Java SE Development Kit 7 Update 51 (64-bit) (Version: 1.7.0.510)
JMicron JMB36X Driver (x32 Version: 1.17.56.2)
LG USB Modem Driver (x32 Version: 4.9.7)
MakeMKV v1.9.0 (x32 Version: v1.9.0)
Malwarebytes Anti-Malware version 2.0.4.1028 (x32 Version: 2.0.4.1028)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.6.0305.0)
Microsoft Security Essentials (Version: 4.6.305.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (x32 Version: 11.0.61030.0)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (x32 Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030)
Microsoft Visual C++ 8.0 Support DLLs (x32 Version: 1.0.0)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MSI Afterburner 3.0.1 (x32 Version: 3.0.1)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Norton Security Suite (x32 Version: 5.2.2.3)
NVIDIA 3D Vision Driver 340.52 (Version: 340.52)
NVIDIA Control Panel 340.52 (Version: 340.52)
NVIDIA Graphics Driver 340.52 (Version: 340.52)
NVIDIA HD Audio Driver 1.3.30.1 (Version: 1.3.30.1)
NVIDIA Install Application (Version: 2.1002.154.1150)
NVIDIA nView 141.24 (Version: 141.24)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514)
NVIDIA WMI 2.18.0 (Version: 2.18.0)
Online Plug-in (x32 Version: 13.1.201.3)
PDF Settings CS5 (x32 Version: 10.0)
Pdf995 (x32)
PxMergeModule (x32 Version: 1.00.0000)
QuickBooks (x32 Version: 21.0.4014.904)
QuickBooks Pro 2011 (x32 Version: 21.0.4014.904)
Razer Synapse 2.0 (x32 Version: 1.18.17.22879)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6037)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0)
Revit 2015 (Version: 15.0.207.0)
Revit 2015 Online Trial (x32 Version: 1.2.50.1 (adsk))
Rhinoceros 4.0 SR8 (x32 Version: 4.0.50401)
Rhinoceros 4.0 SR9 (x32 Version: 4.0.60309)
RivaTuner Statistics Server 6.1.2 (x32 Version: 6.1.2)
Self-service Plug-in (x32 Version: 3.2.0.24226)
SketchUp 2014 (x32 Version: 14.1.1282)
Spybot - Search & Destroy (x32 Version: 2.2.25)
TeamViewer 9 (x32 Version: 9.0.32494)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177)
V-Ray for 3dsmax R9 for x64 (Version: 2.00.02)
WibuKey Setup (WibuKey Remove) (Version: Version 6.00a of 2009-Dec-03 (Build 129) (Setup))
WinRAR 5.01 (64-bit) (Version: 5.01.0)

==================== Restore Points  =========================

08-01-2015 02:26:26 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2014-07-30 08:26 - 00449906 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0D7C2A33-6C2E-4E19-8573-8EB65101D3F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {207DF18C-38A3-4CD0-87F7-3F0C869D6AAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4E50883B-1F99-4F86-AF43-A307253261BA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {4ED44898-54DE-4750-BEB6-293CAF031789} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\invagent.dll [2014-12-03] (Microsoft Corporation)
Task: {5718D582-B2F9-49BF-B618-23EF9A8CEDF4} - System32\Tasks\AdobeAAMUpdater-1.0-Avatar-Jason => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {6BFEDF0D-7F5F-4941-A1C7-C0DBBFB38BA8} - System32\Tasks\Symantec\Norton Error Analyzer 5.2.2.3 => C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\symerr.exe [2012-06-07] (Symantec Corporation)
Task: {6D19E6BA-8FB2-4057-BEAD-84BCD708E02A} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {945C65C0-929F-430A-A9C9-212D0927954C} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\System32\appraiser.dll [2014-12-03] (Microsoft Corporation)
Task: {B0F6849A-29BA-490C-85AB-87E1B4E41574} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {B27187F8-76F1-4B81-85FB-42AE0106022F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {B2DF01B7-9F9B-4918-908B-D8B92C50AF05} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {B9BF9814-6BEC-4C41-9A87-A5D02E21929F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {C9C42D79-FA39-4444-8178-2ADBBFDAF993} - System32\Tasks\GoogleUpdateTaskMachineCore1ce9a9d4e3098d7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16] (Google Inc.)
Task: {CE3BAAB7-1E4A-4919-9653-20999DB9F728} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {D2656462-8C84-470A-97B3-3AE72DE13C23} - System32\Tasks\GoogleUpdateTaskMachineUA1ce9a9d4eb9a0f9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16] (Google Inc.)
Task: {D616B481-228A-47AE-8890-F3455612E13A} - System32\Tasks\Symantec\Norton Error Processor 5.2.2.3 => C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\symerr.exe [2012-06-07] (Symantec Corporation)
Task: {E2573242-D451-4058-ABBB-13416EA7153F} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-09] ()
Task: {ED96258A-A07A-42ED-87F7-80D1300FFEF5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce9a9d4e3098d7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce9a9d4eb9a0f9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-28 13:42 - 2014-07-02 11:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-03 11:09 - 2006-10-19 20:44 - 00047616 _____ () C:\Windows\System32\pdf995mon64.dll
2014-01-28 06:02 - 2014-01-28 06:02 - 00688128 _____ () C:\Program Files (x86)\CloudBerryLab\CloudBerry Online Backup\CloudBerryLab.Backup.Engine.XmlSerializers.dll
2011-11-17 10:40 - 2011-11-17 10:40 - 00006144 _____ () C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
2011-11-17 10:40 - 2011-11-17 10:40 - 00008704 _____ () C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
2011-11-17 10:40 - 2011-11-17 10:40 - 00007680 _____ () C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00086528 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_AAFilters.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00053760 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BakeView.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 02044928 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BitmapBuffer.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00129536 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFBlinn.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00076800 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFBump.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 01938944 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFCarPaint.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00087552 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFDiffuse.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00117760 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFGlass.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00061952 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFHair.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00071680 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFLayered.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00065024 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFLight.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00074240 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFMirror.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00081408 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFPhong.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00095744 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFSampled.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00133632 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFSimbiont.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 01101312 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\dte_wrapper.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00069632 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFSSS.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00142336 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFSSS2.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00317440 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_BRDFVRayMtl.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00053248 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_CameraDome.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00049664 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_CameraFilmTrans.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00116736 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_CameraPhysical.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00108032 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomBox.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00350208 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomHair.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00459776 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomMeshFile.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00077824 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomMeshLoader.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00087552 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomMeshLoader1.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00521216 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomMeshTest.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00251904 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomParticleInstance.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00096256 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomPlane.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00404480 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomStaticDisplacedMesh.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00371712 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomStaticMesh.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00617984 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomStaticNurbs.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00487424 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_GeomStaticSmoothedMesh.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00059904 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_Instancer.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00102400 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightDirect.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00147968 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightDome.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00148480 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightIES.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00199168 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightMesh.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00112128 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightOmni.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00185344 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightRectangle.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00139776 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightSphere.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00127488 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_LightSpot.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00091136 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MayaLightDirect.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00067072 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_Mtl2Sided.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00072192 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlBump.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00070144 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlDiffuse.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00061440 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlDoubleSided.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00064000 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlLayeredBRDF.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00051200 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlMaterialID.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00056832 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlMulti.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00054272 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlOverride.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00090624 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlRamp.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00055296 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlRenderStats.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00066560 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlRoundEdges.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00054272 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlSingleBRDF.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00115200 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_MtlWrapper.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00111616 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_NewGI.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00065024 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_Node.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00078848 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_OutputTest.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00133632 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_RenderChannelColor.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00094720 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_RenderChannelMultiMatte.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00071680 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_RenderView.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00565760 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_RTEngine.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00428544 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_Settings.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00060416 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_spherefade.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00195584 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_SphericalHarmonics.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00143360 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_sunsky.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00054272 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexAColor.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00135680 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexBitmap.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00063488 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexBlend.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00126464 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexBulge.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00148992 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexCellular.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00135168 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexChecker.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00061440 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexClamp.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00131072 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexCloth.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00138240 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexCustomBitmap.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00073216 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexDirt.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00051712 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_texedges.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00055808 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexFresnel.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00136192 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexGranite.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00130048 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexGrid.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00055808 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexInvert.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00119296 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexLayered.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00136192 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexLeather.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00134144 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexMarble.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00624640 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexMax.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00379392 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexMaya.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00055296 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexMulti.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00136704 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexNoise.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00059904 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_texparticle.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00499200 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexPtex.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00137216 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexRamp.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00078336 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexRemap.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00132608 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexRock.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00194048 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexSampler.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00127488 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexSnow.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00090112 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexSwitch.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00052736 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexUVW.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00069632 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexWater.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00133120 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexWood.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 01445888 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_TexXSI.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00077312 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_UVWGenChannel.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00072192 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_UVWGenEnvironment.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00048640 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_UVWGenExplicit.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00056832 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_UVWGenObject.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00068608 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_UVWGenPlanarWorld.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00113664 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_UVWGenProjection.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00210944 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_VolumeEnvironmentFog.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00062464 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_VolumeFog.dll
2014-03-10 11:17 - 2014-03-10 11:17 - 00051200 _____ () C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\plugins\vray_VolumeMulti.dll
2014-09-24 08:38 - 2014-09-03 20:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-09-24 08:38 - 2014-09-03 20:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-06-04 22:36 - 2014-06-04 22:36 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-06-04 22:36 - 2014-06-04 22:36 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-06-04 22:37 - 2014-06-04 22:37 - 00216064 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-06-04 22:36 - 2014-06-04 22:36 - 00127488 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-06-04 22:37 - 2014-06-04 22:37 - 00638976 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-22 08:52 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-22 08:52 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-03 23:42 - 2014-02-03 23:42 - 00269128 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll
2014-02-03 23:43 - 2014-02-03 23:43 - 00021320 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\QBCompressor.dll
2005-07-19 22:18 - 2005-07-19 22:18 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\zlib1.dll
2014-02-03 23:42 - 2014-02-03 23:42 - 00348488 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\BackupLib.dll
2014-02-03 23:43 - 2014-02-03 23:43 - 00126792 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\QBMAPILibrary.dll
2014-02-03 23:42 - 2014-02-03 23:42 - 00176968 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll
2014-02-03 23:43 - 2014-02-03 23:43 - 00042824 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\mbpopup.dll
2014-02-22 08:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-22 08:52 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-22 08:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-07 19:21 - 2014-09-03 20:41 - 00104328 _____ () C:\Users\Jason\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2014-12-10 00:51 - 2014-12-05 18:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 00:51 - 2014-12-05 18:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 00:51 - 2014-12-05 18:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 00:51 - 2014-12-05 18:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2012-04-03 10:53 - 2012-04-03 10:53 - 00011704 _____ () C:\Program Files (x86)\Citrix\SelfServicePlugin\ExtensionSDK.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:ir5w0EBC4rzthyslXiv8H4dYx
AlternateDataStreams: C:\ProgramData\Microsoft:N50eeMZn6CpfeeBtd
AlternateDataStreams: C:\Users\Jason\Local Settings:N9GRc56EiecB8lcZKpj
AlternateDataStreams: C:\Users\Jason\AppData\Local:N9GRc56EiecB8lcZKpj
AlternateDataStreams: C:\Users\Jason\AppData\Local\Application Data:N9GRc56EiecB8lcZKpj

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2015 07:21:44 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/07/2015 07:21:44 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/07/2015 07:21:44 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/07/2015 07:12:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: splwow64.exe, version: 6.1.7601.17777, time stamp: 0x4f35fbfe
Faulting module name: E_YUICHSA.DLL, version: 0.3.0.9, time stamp: 0x4ffbfdff
Exception code: 0xc0000005
Fault offset: 0x00000000000545af
Faulting process id: 0x21fc
Faulting application start time: 0xsplwow64.exe0
Faulting application path: splwow64.exe1
Faulting module path: splwow64.exe2
Report Id: splwow64.exe3

Error: (01/07/2015 07:11:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (01/07/2015 07:11:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (01/07/2015 07:06:02 PM) (Source: Self-service Plug-in) (User: )
Description: Self-service Plug-in exited unexpectedly. Exception was Not enough storage is available to process this command    at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start()
   at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start(String fileName, String arguments)
   at DazzlePlugin.ARForm.TimerPoll()
   at DazzlePlugin.ARForm.RefreshTimerTick(Object sender, EventArgs e)
   at System.Windows.Forms.Timer.OnTick(EventArgs e)
   at System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message& m)
   at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam).

Error: (01/07/2015 06:58:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (01/07/2015 06:48:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (01/07/2015 06:36:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.


System errors:
=============
Error: (01/08/2015 00:24:57 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (01/08/2015 00:24:57 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (01/07/2015 07:21:34 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (01/07/2015 07:09:44 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/07/2015 06:59:29 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d29\??\C:\Users\Jason\ntuser.dat

Error: (01/07/2015 06:52:55 PM) (Source: DCOM) (User: )
Description: {9E14B23B-5D8A-447F-B962-6D6D6897861E}

Error: (01/07/2015 06:51:38 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d29\??\C:\Users\Jason\ntuser.dat

Error: (01/07/2015 06:41:41 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d29\??\C:\Users\Jason\ntuser.dat

Error: (01/07/2015 06:40:22 PM) (Source: DCOM) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}1314{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (01/07/2015 06:39:04 PM) (Source: DCOM) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}1450{C39EE728-D419-4BD4-A3EF-EDA059DBD935}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-26 17:33:56.324
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-03-26 17:33:56.258
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:32:22.916
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:32:22.852
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:32:22.490
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\AppData\Local\Temp\Rar$EX64.408\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:32:22.426
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\AppData\Local\Temp\Rar$EX64.408\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:30:36.431
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:30:36.366
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:30:35.987
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\Desktop\AIDA 32\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-31 23:30:35.921
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Jason\Desktop\AIDA 32\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 12279.07 MB
Available physical RAM: 6735.18 MB
Total Pagefile: 24556.31 MB
Available Pagefile: 18707.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:762.82 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1327.52 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:2794.39 GB) (Free:1423.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5541D515)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CF2492D1)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2795 GB) (Disk ID: 023BDFE4)

Partition: GPT Partition Type
==================== End Of Log ============================


#4 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 08 January 2015 - 10:44 AM

Log from GMER Rootkit Scanner:

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-08 08:43:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000079 WDC_____ rev.04.0 931.51GB
Running: jrjvwf23.exe; Driver: C:\Users\Jason\AppData\Local\Temp\ufldrpow.sys

---- Processes - GMER 2.1 ----

Library  C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.2.gadget\GPUStatusReader.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2752] (GPUStatusReader/Orbmu2k)(2012-10-28 21:39:53)  000000006a210000
Library  C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.2.gadget\nvsulib64.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2752] (NVIDIA nTune Library/NVIDIA)(2012-10-28 21:39:53)    0000000020e00000
Library  C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2752](2011-11-17 17:40:35)                         000000005c080000
Library  C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2752](2011-11-17 17:40:35)                     000000005c070000
Library  C:\Users\Jason\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2752](2011-11-17 17:40:35)                             000000005c060000

---- EOF - GMER 2.1 ----



#5 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 08 January 2015 - 10:46 AM

TDSSKiller Log:

08:44:57.0143 0x1b60  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
08:45:06.0929 0x1b60  ============================================================
08:45:06.0929 0x1b60  Current date / time: 2015/01/08 08:45:06.0929
08:45:06.0929 0x1b60  SystemInfo:
08:45:06.0929 0x1b60  
08:45:06.0929 0x1b60  OS Version: 6.1.7601 ServicePack: 1.0
08:45:06.0929 0x1b60  Product type: Workstation
08:45:06.0929 0x1b60  ComputerName: AVATAR
08:45:06.0929 0x1b60  UserName: Jason
08:45:06.0929 0x1b60  Windows directory: C:\Windows
08:45:06.0929 0x1b60  System windows directory: C:\Windows
08:45:06.0929 0x1b60  Running under WOW64
08:45:06.0929 0x1b60  Processor architecture: Intel x64
08:45:06.0929 0x1b60  Number of processors: 8
08:45:06.0929 0x1b60  Page size: 0x1000
08:45:06.0929 0x1b60  Boot type: Normal boot
08:45:06.0929 0x1b60  ============================================================
08:45:07.0968 0x1b60  KLMD registered as C:\Windows\system32\drivers\42259374.sys
08:45:08.0262 0x1b60  System UUID: {17BD5CF7-6376-DFCC-5EA9-964BA5260369}
08:45:08.0909 0x1b60  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:45:08.0910 0x1b60  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:45:08.0910 0x1b60  Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1200000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:45:08.0935 0x1b60  ============================================================
08:45:08.0935 0x1b60  \Device\Harddisk0\DR0:
08:45:08.0935 0x1b60  MBR partitions:
08:45:08.0935 0x1b60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:45:08.0935 0x1b60  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D4000
08:45:08.0935 0x1b60  \Device\Harddisk1\DR1:
08:45:08.0935 0x1b60  MBR partitions:
08:45:08.0935 0x1b60  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
08:45:08.0935 0x1b60  \Device\Harddisk2\DR2:
08:45:08.0935 0x1b60  GPT partitions:
08:45:08.0935 0x1b60  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4FA71554-C9EC-459E-84DC-8EAAAB264872}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
08:45:08.0936 0x1b60  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {677F346E-CA96-4F99-9414-BC8A5D61156A}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C8000
08:45:08.0936 0x1b60  MBR partitions:
08:45:08.0936 0x1b60  ============================================================
08:45:08.0952 0x1b60  C: <-> \Device\Harddisk0\DR0\Partition2
08:45:08.0953 0x1b60  E: <-> \Device\Harddisk1\DR1\Partition1
08:45:08.0987 0x1b60  F: <-> \Device\Harddisk2\DR2\Partition2
08:45:08.0987 0x1b60  ============================================================
08:45:08.0987 0x1b60  Initialize success
08:45:08.0987 0x1b60  ============================================================
08:45:16.0080 0x149c  ============================================================
08:45:16.0080 0x149c  Scan started
08:45:16.0080 0x149c  Mode: Manual; 
08:45:16.0080 0x149c  ============================================================
08:45:16.0080 0x149c  KSN ping started
08:45:18.0914 0x149c  KSN ping finished: true
08:45:20.0625 0x149c  ================ Scan system memory ========================
08:45:20.0625 0x149c  System memory - ok
08:45:20.0625 0x149c  ================ Scan services =============================
08:45:20.0702 0x149c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:45:20.0706 0x149c  1394ohci - ok
08:45:20.0741 0x149c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:45:20.0747 0x149c  ACPI - ok
08:45:20.0765 0x149c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:45:20.0765 0x149c  AcpiPmi - ok
08:45:20.0836 0x149c  [ C81147AB3B711331DA930E56D896650C, CBBD154F49B993910EC13A09AA8F660E6B6ECE99133612A7AAD7B0767A9ACAD2 ] AdAppMgrSvc     C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
08:45:20.0844 0x149c  AdAppMgrSvc - ok
08:45:20.0881 0x149c  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:45:20.0882 0x149c  AdobeARMservice - ok
08:45:20.0943 0x149c  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:45:20.0947 0x149c  AdobeFlashPlayerUpdateSvc - ok
08:45:20.0975 0x149c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:45:20.0984 0x149c  adp94xx - ok
08:45:21.0004 0x149c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:45:21.0011 0x149c  adpahci - ok
08:45:21.0025 0x149c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:45:21.0028 0x149c  adpu320 - ok
08:45:21.0046 0x149c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:45:21.0048 0x149c  AeLookupSvc - ok
08:45:21.0073 0x149c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
08:45:21.0082 0x149c  AFD - ok
08:45:21.0100 0x149c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
08:45:21.0101 0x149c  agp440 - ok
08:45:21.0117 0x149c  AIDA64Driver - ok
08:45:21.0130 0x149c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
08:45:21.0132 0x149c  ALG - ok
08:45:21.0140 0x149c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:45:21.0141 0x149c  aliide - ok
08:45:21.0160 0x149c  ALSysIO - ok
08:45:21.0164 0x149c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
08:45:21.0165 0x149c  amdide - ok
08:45:21.0172 0x149c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:45:21.0173 0x149c  AmdK8 - ok
08:45:21.0179 0x149c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:45:21.0180 0x149c  AmdPPM - ok
08:45:21.0196 0x149c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:45:21.0198 0x149c  amdsata - ok
08:45:21.0209 0x149c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:45:21.0213 0x149c  amdsbs - ok
08:45:21.0228 0x149c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:45:21.0229 0x149c  amdxata - ok
08:45:21.0233 0x149c  AntiLog32 - ok
08:45:21.0239 0x149c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
08:45:21.0241 0x149c  AppID - ok
08:45:21.0243 0x149c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:45:21.0244 0x149c  AppIDSvc - ok
08:45:21.0268 0x149c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
08:45:21.0269 0x149c  Appinfo - ok
08:45:21.0303 0x149c  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:45:21.0304 0x149c  Apple Mobile Device - ok
08:45:21.0315 0x149c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:45:21.0317 0x149c  arc - ok
08:45:21.0324 0x149c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:45:21.0326 0x149c  arcsas - ok
08:45:21.0348 0x149c  [ 68726474C69B738EAC3A62E06B33ADDC, C470C9DB58840149CE002F3E6003382ECF740884A683BAE8F9D10831BE218FA2 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
08:45:21.0348 0x149c  AsIO - ok
08:45:21.0390 0x149c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:45:21.0392 0x149c  aspnet_state - ok
08:45:21.0398 0x149c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:45:21.0399 0x149c  AsyncMac - ok
08:45:21.0408 0x149c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:45:21.0409 0x149c  atapi - ok
08:45:21.0438 0x149c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:45:21.0456 0x149c  AudioEndpointBuilder - ok
08:45:21.0471 0x149c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:45:21.0481 0x149c  AudioSrv - ok
08:45:21.0510 0x149c  [ 95E684E3F80C1E22BDE3B96A20B03831, 8D6E22969177F9148B526D7C1B049A8BAF60E9394297A16B81529486549852E6 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
08:45:21.0511 0x149c  Autodesk Licensing Service - ok
08:45:21.0536 0x149c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:45:21.0539 0x149c  AxInstSV - ok
08:45:21.0557 0x149c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:45:21.0565 0x149c  b06bdrv - ok
08:45:21.0575 0x149c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:45:21.0580 0x149c  b57nd60a - ok
08:45:21.0599 0x149c  [ 7729395761F4061A643B573BF7F19AA8, 4CDDA920FA238E63563FB28C5B12E7DCDA3ADCBA7358E0996A0DF357EB51CBC4 ] BackupReader    C:\Windows\system32\DRIVERS\BackupReader.sys
08:45:21.0600 0x149c  BackupReader - ok
08:45:21.0608 0x149c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:45:21.0610 0x149c  BDESVC - ok
08:45:21.0615 0x149c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:45:21.0616 0x149c  Beep - ok
08:45:21.0650 0x149c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
08:45:21.0668 0x149c  BFE - ok
08:45:21.0865 0x149c  [ D90F5136CB6512B2B9A855C94F79B0B5, 7E2FFDF2B1147E25EA2530DB55667352116EE676D0B6F76ED4C6FEAFC88AB5D4 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20141209.001\BHDrvx64.sys
08:45:21.0902 0x149c  BHDrvx64 - ok
08:45:21.0934 0x149c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
08:45:21.0953 0x149c  BITS - ok
08:45:21.0958 0x149c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:45:21.0960 0x149c  blbdrive - ok
08:45:22.0000 0x149c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:45:22.0007 0x149c  Bonjour Service - ok
08:45:22.0031 0x149c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:45:22.0033 0x149c  bowser - ok
08:45:22.0041 0x149c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:45:22.0042 0x149c  BrFiltLo - ok
08:45:22.0049 0x149c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:45:22.0050 0x149c  BrFiltUp - ok
08:45:22.0075 0x149c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
08:45:22.0077 0x149c  BridgeMP - ok
08:45:22.0096 0x149c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
08:45:22.0099 0x149c  Browser - ok
08:45:22.0109 0x149c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:45:22.0115 0x149c  Brserid - ok
08:45:22.0123 0x149c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:45:22.0124 0x149c  BrSerWdm - ok
08:45:22.0130 0x149c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:45:22.0131 0x149c  BrUsbMdm - ok
08:45:22.0140 0x149c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:45:22.0140 0x149c  BrUsbSer - ok
08:45:22.0150 0x149c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:45:22.0151 0x149c  BTHMODEM - ok
08:45:22.0163 0x149c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
08:45:22.0165 0x149c  bthserv - ok
08:45:22.0180 0x149c  catchme - ok
08:45:22.0190 0x149c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:45:22.0192 0x149c  cdfs - ok
08:45:22.0212 0x149c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:45:22.0216 0x149c  cdrom - ok
08:45:22.0230 0x149c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:45:22.0232 0x149c  CertPropSvc - ok
08:45:22.0242 0x149c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:45:22.0243 0x149c  circlass - ok
08:45:22.0258 0x149c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
08:45:22.0265 0x149c  CLFS - ok
08:45:22.0296 0x149c  [ C334F21810D753F16B8E3A7231E3C53D, E5A585D69F747252815E503FF412ADE98E60BC3CBA94B016C2FF514FB594223B ] CloudBerry Backup Service C:\Program Files (x86)\CloudBerryLab\CloudBerry Online Backup\CloudBerry.Backup.Scheduler.exe
08:45:22.0297 0x149c  CloudBerry Backup Service - ok
08:45:22.0319 0x149c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:45:22.0321 0x149c  clr_optimization_v2.0.50727_32 - ok
08:45:22.0337 0x149c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:45:22.0339 0x149c  clr_optimization_v2.0.50727_64 - ok
08:45:22.0380 0x149c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:45:22.0383 0x149c  clr_optimization_v4.0.30319_32 - ok
08:45:22.0403 0x149c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:45:22.0406 0x149c  clr_optimization_v4.0.30319_64 - ok
08:45:22.0412 0x149c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:45:22.0413 0x149c  CmBatt - ok
08:45:22.0422 0x149c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:45:22.0423 0x149c  cmdide - ok
08:45:22.0445 0x149c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
08:45:22.0453 0x149c  CNG - ok
08:45:22.0458 0x149c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:45:22.0459 0x149c  Compbatt - ok
08:45:22.0475 0x149c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:45:22.0476 0x149c  CompositeBus - ok
08:45:22.0485 0x149c  COMSysApp - ok
08:45:22.0495 0x149c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:45:22.0495 0x149c  crcdisk - ok
08:45:22.0512 0x149c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:45:22.0516 0x149c  CryptSvc - ok
08:45:22.0536 0x149c  [ F02D7FD231AF76C69A8F09C619DEE384, 8A491BB0BFBD99804262A23E2687C58323A4042748CF201A32E35079FEDAF218 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
08:45:22.0538 0x149c  ctxusbm - ok
08:45:22.0562 0x149c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:45:22.0572 0x149c  DcomLaunch - ok
08:45:22.0595 0x149c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
08:45:22.0600 0x149c  defragsvc - ok
08:45:22.0617 0x149c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:45:22.0619 0x149c  DfsC - ok
08:45:22.0632 0x149c  dgderdrv - ok
08:45:22.0647 0x149c  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
08:45:22.0649 0x149c  dg_ssudbus - ok
08:45:22.0668 0x149c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:45:22.0674 0x149c  Dhcp - ok
08:45:22.0683 0x149c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
08:45:22.0684 0x149c  discache - ok
08:45:22.0692 0x149c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:45:22.0693 0x149c  Disk - ok
08:45:22.0707 0x149c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:45:22.0711 0x149c  Dnscache - ok
08:45:22.0731 0x149c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:45:22.0736 0x149c  dot3svc - ok
08:45:22.0755 0x149c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
08:45:22.0759 0x149c  DPS - ok
08:45:22.0781 0x149c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:45:22.0782 0x149c  drmkaud - ok
08:45:22.0818 0x149c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:45:22.0848 0x149c  DXGKrnl - ok
08:45:22.0858 0x149c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
08:45:22.0860 0x149c  EapHost - ok
08:45:22.0927 0x149c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:45:22.0994 0x149c  ebdrv - ok
08:45:23.0026 0x149c  [ 47A68B3DBBB34D4FE61DE221A8536627, BC61CE4BD4F3A12C75BA6EB9D239F24CD3F54495DE9D6C901F4DAF5D92E8366B ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:45:23.0035 0x149c  eeCtrl - ok
08:45:23.0044 0x149c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
08:45:23.0045 0x149c  EFS - ok
08:45:23.0087 0x149c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:45:23.0105 0x149c  ehRecvr - ok
08:45:23.0115 0x149c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
08:45:23.0118 0x149c  ehSched - ok
08:45:23.0137 0x149c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:45:23.0147 0x149c  elxstor - ok
08:45:23.0182 0x149c  [ DFEB7EE15BA8BA03E722C375F7E6A379, 6B73561E91D699576FD28AE36FB194443E3807C3696B435224B9D60808803344 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
08:45:23.0185 0x149c  EPSON_PM_RPCV4_05 - ok
08:45:23.0214 0x149c  [ B9773081AAF65E6D553496BA0CADCBB3, 3A77A12544755BFA1ABAA6DC53E5F03522627F57EF7092E3CC54C6431C75076A ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:45:23.0217 0x149c  EraserUtilRebootDrv - ok
08:45:23.0230 0x149c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:45:23.0231 0x149c  ErrDev - ok
08:45:23.0254 0x149c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
08:45:23.0262 0x149c  EventSystem - ok
08:45:23.0270 0x149c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:45:23.0274 0x149c  exfat - ok
08:45:23.0285 0x149c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:45:23.0290 0x149c  fastfat - ok
08:45:23.0323 0x149c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
08:45:23.0341 0x149c  Fax - ok
08:45:23.0355 0x149c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:45:23.0356 0x149c  fdc - ok
08:45:23.0372 0x149c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
08:45:23.0373 0x149c  fdPHost - ok
08:45:23.0381 0x149c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:45:23.0383 0x149c  FDResPub - ok
08:45:23.0388 0x149c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:45:23.0389 0x149c  FileInfo - ok
08:45:23.0398 0x149c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:45:23.0399 0x149c  Filetrace - ok
08:45:23.0444 0x149c  [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:45:23.0463 0x149c  FLEXnet Licensing Service 64 - ok
08:45:23.0471 0x149c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:45:23.0471 0x149c  flpydisk - ok
08:45:23.0493 0x149c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:45:23.0498 0x149c  FltMgr - ok
08:45:23.0537 0x149c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
08:45:23.0562 0x149c  FontCache - ok
08:45:23.0597 0x149c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:45:23.0598 0x149c  FontCache3.0.0.0 - ok
08:45:23.0631 0x149c  [ 528727E560B134057A45D995D02A004A, 771906D80C8C04535980B2AE3DAF47DB057662D9221B1D98EDAE2BC948DB5AD5 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
08:45:23.0633 0x149c  Freemake Improver - ok
08:45:23.0636 0x149c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:45:23.0638 0x149c  FsDepends - ok
08:45:23.0692 0x149c  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
08:45:23.0693 0x149c  FsUsbExDisk - ok
08:45:23.0709 0x149c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:45:23.0710 0x149c  Fs_Rec - ok
08:45:23.0730 0x149c  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:45:23.0734 0x149c  fvevol - ok
08:45:23.0739 0x149c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:45:23.0741 0x149c  gagp30kx - ok
08:45:23.0761 0x149c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:45:23.0762 0x149c  GEARAspiWDM - ok
08:45:23.0793 0x149c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:45:23.0812 0x149c  gpsvc - ok
08:45:23.0864 0x149c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:45:23.0866 0x149c  gupdate - ok
08:45:23.0870 0x149c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:45:23.0872 0x149c  gupdatem - ok
08:45:23.0882 0x149c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:45:23.0883 0x149c  hcw85cir - ok
08:45:23.0898 0x149c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:45:23.0904 0x149c  HdAudAddService - ok
08:45:23.0920 0x149c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:45:23.0923 0x149c  HDAudBus - ok
08:45:23.0928 0x149c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:45:23.0929 0x149c  HidBatt - ok
08:45:23.0940 0x149c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:45:23.0942 0x149c  HidBth - ok
08:45:23.0953 0x149c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:45:23.0954 0x149c  HidIr - ok
08:45:23.0969 0x149c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
08:45:23.0971 0x149c  hidserv - ok
08:45:23.0997 0x149c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:45:23.0998 0x149c  HidUsb - ok
08:45:24.0018 0x149c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:45:24.0021 0x149c  hkmsvc - ok
08:45:24.0040 0x149c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:45:24.0045 0x149c  HomeGroupListener - ok
08:45:24.0052 0x149c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:45:24.0057 0x149c  HomeGroupProvider - ok
08:45:24.0074 0x149c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:45:24.0076 0x149c  HpSAMD - ok
08:45:24.0109 0x149c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:45:24.0127 0x149c  HTTP - ok
08:45:24.0144 0x149c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:45:24.0144 0x149c  hwpolicy - ok
08:45:24.0162 0x149c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:45:24.0165 0x149c  i8042prt - ok
08:45:24.0196 0x149c  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iastor          C:\Windows\system32\DRIVERS\iaStor.sys
08:45:24.0204 0x149c  iastor - ok
08:45:24.0228 0x149c  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
08:45:24.0237 0x149c  iaStorA - ok
08:45:24.0282 0x149c  [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:45:24.0283 0x149c  IAStorDataMgrSvc - ok
08:45:24.0293 0x149c  [ 10E79E366FA255318F5D1D0ED07F947D, ED1511334356A582D0CAAB94A22BBA5C90FFB4AF3673D02FE0909D4105FD1191 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
08:45:24.0294 0x149c  iaStorF - ok
08:45:24.0319 0x149c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
08:45:24.0327 0x149c  iaStorV - ok
08:45:24.0363 0x149c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:45:24.0382 0x149c  idsvc - ok
08:45:24.0455 0x149c  [ B463A82741E67093B7DBAE8D460159D0, E4DD5FFF9F2C4322AD7E05DEAB5200346196995CBDAD5F7A583748041BB048A6 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20150107.001\IDSvia64.sys
08:45:24.0472 0x149c  IDSVia64 - ok
08:45:24.0474 0x149c  IEEtwCollectorService - ok
08:45:24.0480 0x149c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:45:24.0481 0x149c  iirsp - ok
08:45:24.0510 0x149c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
08:45:24.0529 0x149c  IKEEXT - ok
08:45:24.0594 0x149c  [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:45:24.0642 0x149c  IntcAzAudAddService - ok
08:45:24.0660 0x149c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:45:24.0661 0x149c  intelide - ok
08:45:24.0668 0x149c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:45:24.0670 0x149c  intelppm - ok
08:45:24.0682 0x149c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:45:24.0685 0x149c  IPBusEnum - ok
08:45:24.0700 0x149c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:45:24.0702 0x149c  IpFilterDriver - ok
08:45:24.0721 0x149c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:45:24.0732 0x149c  iphlpsvc - ok
08:45:24.0748 0x149c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:45:24.0749 0x149c  IPMIDRV - ok
08:45:24.0764 0x149c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:45:24.0766 0x149c  IPNAT - ok
08:45:24.0798 0x149c  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:45:24.0807 0x149c  iPod Service - ok
08:45:24.0827 0x149c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:45:24.0827 0x149c  IRENUM - ok
08:45:24.0839 0x149c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:45:24.0840 0x149c  isapnp - ok
08:45:24.0856 0x149c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:45:24.0862 0x149c  iScsiPrt - ok
08:45:24.0877 0x149c  [ A7D927151F9EC136863FC71B08C68B84, F8FB4D5E56BD861BC45783713951C5D8363DCA9BE35B5872B994A597B3A6CFC5 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
08:45:24.0879 0x149c  JRAID - ok
08:45:24.0896 0x149c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:45:24.0897 0x149c  kbdclass - ok
08:45:24.0914 0x149c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:45:24.0915 0x149c  kbdhid - ok
08:45:24.0932 0x149c  keycrypt - ok
08:45:24.0935 0x149c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
08:45:24.0936 0x149c  KeyIso - ok
08:45:24.0953 0x149c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:45:24.0955 0x149c  KSecDD - ok
08:45:24.0971 0x149c  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:45:24.0974 0x149c  KSecPkg - ok
08:45:24.0977 0x149c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:45:24.0977 0x149c  ksthunk - ok
08:45:24.0992 0x149c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:45:25.0000 0x149c  KtmRm - ok
08:45:25.0020 0x149c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
08:45:25.0025 0x149c  LanmanServer - ok
08:45:25.0037 0x149c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:45:25.0041 0x149c  LanmanWorkstation - ok
08:45:25.0058 0x149c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:45:25.0060 0x149c  lltdio - ok
08:45:25.0070 0x149c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:45:25.0076 0x149c  lltdsvc - ok
08:45:25.0084 0x149c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:45:25.0086 0x149c  lmhosts - ok
08:45:25.0099 0x149c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:45:25.0101 0x149c  LSI_FC - ok
08:45:25.0105 0x149c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:45:25.0107 0x149c  LSI_SAS - ok
08:45:25.0110 0x149c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:45:25.0112 0x149c  LSI_SAS2 - ok
08:45:25.0116 0x149c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:45:25.0118 0x149c  LSI_SCSI - ok
08:45:25.0136 0x149c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:45:25.0138 0x149c  luafv - ok
08:45:25.0154 0x149c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:45:25.0156 0x149c  Mcx2Svc - ok
08:45:25.0165 0x149c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:45:25.0166 0x149c  megasas - ok
08:45:25.0176 0x149c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:45:25.0182 0x149c  MegaSR - ok
08:45:25.0233 0x149c  [ AA0C4A2C33CE075DF2C272D678734991, 9C0273AF3821737DC3CC4CA308FFCC93CCE514F85A3DA1BAF82F40F179FD08FD ] mi-raysat_3dsmax9_64 C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_64server.exe
08:45:25.0234 0x149c  mi-raysat_3dsmax9_64 - ok
08:45:25.0244 0x149c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
08:45:25.0246 0x149c  MMCSS - ok
08:45:25.0254 0x149c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
08:45:25.0255 0x149c  Modem - ok
08:45:25.0263 0x149c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:45:25.0264 0x149c  monitor - ok
08:45:25.0273 0x149c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:45:25.0275 0x149c  mouclass - ok
08:45:25.0286 0x149c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:45:25.0287 0x149c  mouhid - ok
08:45:25.0300 0x149c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:45:25.0302 0x149c  mountmgr - ok
08:45:25.0326 0x149c  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
08:45:25.0330 0x149c  MpFilter - ok
08:45:25.0353 0x149c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:45:25.0356 0x149c  mpio - ok
08:45:25.0362 0x149c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:45:25.0364 0x149c  mpsdrv - ok
08:45:25.0395 0x149c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:45:25.0413 0x149c  MpsSvc - ok
08:45:25.0427 0x149c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:45:25.0430 0x149c  MRxDAV - ok
08:45:25.0448 0x149c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:45:25.0451 0x149c  mrxsmb - ok
08:45:25.0464 0x149c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:45:25.0469 0x149c  mrxsmb10 - ok
08:45:25.0476 0x149c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:45:25.0478 0x149c  mrxsmb20 - ok
08:45:25.0494 0x149c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
08:45:25.0495 0x149c  msahci - ok
08:45:25.0513 0x149c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:45:25.0516 0x149c  msdsm - ok
08:45:25.0524 0x149c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
08:45:25.0527 0x149c  MSDTC - ok
08:45:25.0538 0x149c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:45:25.0539 0x149c  Msfs - ok
08:45:25.0548 0x149c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:45:25.0548 0x149c  mshidkmdf - ok
08:45:25.0563 0x149c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:45:25.0563 0x149c  msisadrv - ok
08:45:25.0571 0x149c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:45:25.0575 0x149c  MSiSCSI - ok
08:45:25.0577 0x149c  msiserver - ok
08:45:25.0590 0x149c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:45:25.0608 0x149c  MSKSSRV - ok
08:45:25.0640 0x149c  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
08:45:25.0640 0x149c  MsMpSvc - ok
08:45:25.0648 0x149c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:45:25.0648 0x149c  MSPCLOCK - ok
08:45:25.0650 0x149c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:45:25.0651 0x149c  MSPQM - ok
08:45:25.0671 0x149c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:45:25.0677 0x149c  MsRPC - ok
08:45:25.0692 0x149c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:45:25.0693 0x149c  mssmbios - ok
08:45:25.0701 0x149c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:45:25.0702 0x149c  MSTEE - ok
08:45:25.0707 0x149c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:45:25.0708 0x149c  MTConfig - ok
08:45:25.0734 0x149c  [ 2219A3D695405E7BA2186BA6B9EDE14A, 8B99BD22DACB56FF544ED922962FE4EC1172BF90987A46E3A5F62A3B4E720B0C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
08:45:25.0735 0x149c  MTsensor - ok
08:45:25.0738 0x149c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
08:45:25.0739 0x149c  Mup - ok
08:45:25.0772 0x149c  [ E78A365CC3E0FBFC018A33DCE01909F8, 0A414BDD8F8FB4BA493B8FBE9EB63377D9BB0A6800C55B2E3500913CF0F96AC6 ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
08:45:25.0774 0x149c  N360 - ok
08:45:25.0799 0x149c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
08:45:25.0808 0x149c  napagent - ok
08:45:25.0831 0x149c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:45:25.0837 0x149c  NativeWifiP - ok
08:45:25.0859 0x149c  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20150107.035\ENG64.SYS
08:45:25.0861 0x149c  NAVENG - ok
08:45:25.0909 0x149c  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20150107.035\EX64.SYS
08:45:25.0940 0x149c  NAVEX15 - ok
08:45:25.0978 0x149c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:45:26.0009 0x149c  NDIS - ok
08:45:26.0015 0x149c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:45:26.0016 0x149c  NdisCap - ok
08:45:26.0022 0x149c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:45:26.0023 0x149c  NdisTapi - ok
08:45:26.0039 0x149c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:45:26.0040 0x149c  Ndisuio - ok
08:45:26.0059 0x149c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:45:26.0062 0x149c  NdisWan - ok
08:45:26.0075 0x149c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:45:26.0077 0x149c  NDProxy - ok
08:45:26.0081 0x149c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:45:26.0082 0x149c  NetBIOS - ok
08:45:26.0102 0x149c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:45:26.0107 0x149c  NetBT - ok
08:45:26.0111 0x149c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
08:45:26.0112 0x149c  Netlogon - ok
08:45:26.0130 0x149c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
08:45:26.0137 0x149c  Netman - ok
08:45:26.0166 0x149c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:45:26.0169 0x149c  NetMsmqActivator - ok
08:45:26.0175 0x149c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:45:26.0177 0x149c  NetPipeActivator - ok
08:45:26.0193 0x149c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
08:45:26.0202 0x149c  netprofm - ok
08:45:26.0211 0x149c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:45:26.0214 0x149c  NetTcpActivator - ok
08:45:26.0218 0x149c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:45:26.0220 0x149c  NetTcpPortSharing - ok
08:45:26.0229 0x149c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:45:26.0230 0x149c  nfrd960 - ok
08:45:26.0245 0x149c  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:45:26.0247 0x149c  NisDrv - ok
08:45:26.0270 0x149c  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
08:45:26.0277 0x149c  NisSrv - ok
08:45:26.0296 0x149c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:45:26.0303 0x149c  NlaSvc - ok
08:45:26.0309 0x149c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:45:26.0310 0x149c  Npfs - ok
08:45:26.0314 0x149c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
08:45:26.0315 0x149c  nsi - ok
08:45:26.0323 0x149c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:45:26.0324 0x149c  nsiproxy - ok
08:45:26.0374 0x149c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:45:26.0411 0x149c  Ntfs - ok
08:45:26.0418 0x149c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
08:45:26.0418 0x149c  Null - ok
08:45:26.0426 0x149c  [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
08:45:26.0428 0x149c  nusb3hub - ok
08:45:26.0447 0x149c  [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:45:26.0451 0x149c  nusb3xhc - ok
08:45:26.0465 0x149c  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
08:45:26.0468 0x149c  NVHDA - ok
08:45:26.0735 0x149c  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:45:26.0984 0x149c  nvlddmkm - ok
08:45:27.0010 0x149c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:45:27.0013 0x149c  nvraid - ok
08:45:27.0028 0x149c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:45:27.0032 0x149c  nvstor - ok
08:45:27.0061 0x149c  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
08:45:27.0091 0x149c  nvsvc - ok
08:45:27.0159 0x149c  [ 9592FF7DA13A0D687BDF011A61B0477C, AA06D02DC0445A6EBB84C6506A52E4F7272B5E505E4C357FDF8123007ABAAEC9 ] NVWMI           C:\Windows\system32\nvwmi64.exe
08:45:27.0208 0x149c  NVWMI - ok
08:45:27.0225 0x149c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:45:27.0228 0x149c  nv_agp - ok
08:45:27.0264 0x149c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:45:27.0272 0x149c  odserv - ok
08:45:27.0289 0x149c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:45:27.0290 0x149c  ohci1394 - ok
08:45:27.0304 0x149c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:45:27.0307 0x149c  ose - ok
08:45:27.0319 0x149c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:45:27.0326 0x149c  p2pimsvc - ok
08:45:27.0339 0x149c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
08:45:27.0348 0x149c  p2psvc - ok
08:45:27.0358 0x149c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:45:27.0360 0x149c  Parport - ok
08:45:27.0371 0x149c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:45:27.0372 0x149c  partmgr - ok
08:45:27.0386 0x149c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:45:27.0390 0x149c  PcaSvc - ok
08:45:27.0412 0x149c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
08:45:27.0416 0x149c  pci - ok
08:45:27.0425 0x149c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:45:27.0425 0x149c  pciide - ok
08:45:27.0431 0x149c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:45:27.0435 0x149c  pcmcia - ok
08:45:27.0443 0x149c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:45:27.0444 0x149c  pcw - ok
08:45:27.0463 0x149c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:45:27.0480 0x149c  PEAUTH - ok
08:45:27.0513 0x149c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:45:27.0514 0x149c  PerfHost - ok
08:45:27.0554 0x149c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
08:45:27.0591 0x149c  pla - ok
08:45:27.0614 0x149c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:45:27.0622 0x149c  PlugPlay - ok
08:45:27.0627 0x149c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:45:27.0648 0x149c  PNRPAutoReg - ok
08:45:27.0656 0x149c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:45:27.0661 0x149c  PNRPsvc - ok
08:45:27.0677 0x149c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:45:27.0687 0x149c  PolicyAgent - ok
08:45:27.0698 0x149c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
08:45:27.0702 0x149c  Power - ok
08:45:27.0722 0x149c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:45:27.0724 0x149c  PptpMiniport - ok
08:45:27.0730 0x149c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:45:27.0731 0x149c  Processor - ok
08:45:27.0747 0x149c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:45:27.0752 0x149c  ProfSvc - ok
08:45:27.0761 0x149c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:45:27.0762 0x149c  ProtectedStorage - ok
08:45:27.0784 0x149c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:45:27.0786 0x149c  Psched - ok
08:45:27.0797 0x149c  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
08:45:27.0798 0x149c  PxHlpa64 - ok
08:45:27.0832 0x149c  [ 119B221670D50C82BF203B673778F2D3, FC096329405669B06239FED869CDD585566A19F54F5484987EF4FE1C51921080 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:45:27.0832 0x149c  QBCFMonitorService - ok
08:45:27.0857 0x149c  [ 6BEE1814470DC12FA20C53DFC3C97EBB, 91E8C22E54A090966E9B96395392B2C03A32DB1AF8DB2289E2EA9460F0A76C0F ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:45:27.0858 0x149c  QBFCService - ok
08:45:27.0901 0x149c  [ BCE14E5F586700A1249307E66C2C7307, 448DB10F80B43937B9155532F2EE91703F7DB4D7A59EB0458DCFC1DD89369B48 ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
08:45:27.0919 0x149c  QBVSS - ok
08:45:27.0957 0x149c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:45:27.0987 0x149c  ql2300 - ok
08:45:27.0993 0x149c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:45:27.0995 0x149c  ql40xx - ok
08:45:28.0009 0x149c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
08:45:28.0014 0x149c  QWAVE - ok
08:45:28.0017 0x149c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:45:28.0019 0x149c  QWAVEdrv - ok
08:45:28.0025 0x149c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:45:28.0025 0x149c  RasAcd - ok
08:45:28.0035 0x149c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:45:28.0037 0x149c  RasAgileVpn - ok
08:45:28.0045 0x149c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
08:45:28.0048 0x149c  RasAuto - ok
08:45:28.0064 0x149c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:45:28.0067 0x149c  Rasl2tp - ok
08:45:28.0084 0x149c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
08:45:28.0091 0x149c  RasMan - ok
08:45:28.0101 0x149c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:45:28.0103 0x149c  RasPppoe - ok
08:45:28.0108 0x149c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:45:28.0110 0x149c  RasSstp - ok
08:45:28.0128 0x149c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:45:28.0134 0x149c  rdbss - ok
08:45:28.0140 0x149c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:45:28.0141 0x149c  rdpbus - ok
08:45:28.0146 0x149c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:45:28.0146 0x149c  RDPCDD - ok
08:45:28.0152 0x149c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:45:28.0153 0x149c  RDPENCDD - ok
08:45:28.0158 0x149c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:45:28.0159 0x149c  RDPREFMP - ok
08:45:28.0189 0x149c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:45:28.0190 0x149c  RdpVideoMiniport - ok
08:45:28.0211 0x149c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:45:28.0214 0x149c  RDPWD - ok
08:45:28.0231 0x149c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:45:28.0235 0x149c  rdyboost - ok
08:45:28.0246 0x149c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:45:28.0248 0x149c  RemoteAccess - ok
08:45:28.0257 0x149c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:45:28.0261 0x149c  RemoteRegistry - ok
08:45:28.0283 0x149c  [ C903D49655B4AAE46673F0AAA6BE0F58, 0F861775323CC1792A4A4B43D6375532D982FBC9FCC03184B55101A2A579A832 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
08:45:28.0284 0x149c  RimVSerPort - ok
08:45:28.0292 0x149c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
08:45:28.0292 0x149c  ROOTMODEM - ok
08:45:28.0298 0x149c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:45:28.0301 0x149c  RpcEptMapper - ok
08:45:28.0316 0x149c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
08:45:28.0317 0x149c  RpcLocator - ok
08:45:28.0340 0x149c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
08:45:28.0348 0x149c  RpcSs - ok
08:45:28.0360 0x149c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:45:28.0362 0x149c  rspndr - ok
08:45:28.0383 0x149c  [ 3AACAA62758FA6D178043D78BA89BEBC, 862D0FF27BB086145A33B9261142838651B0D2E1403BE321145E197600EB5015 ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
08:45:28.0384 0x149c  RTCore64 - ok
08:45:28.0410 0x149c  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:45:28.0420 0x149c  RTL8167 - ok
08:45:28.0437 0x149c  [ 41F8F530DEDCF7DB8C567E527658A088, C859269018CC51D8557C33B45FD0ED9B1F80D505DEBC581249F6FB4648E22DEB ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
08:45:28.0438 0x149c  rzendpt - ok
08:45:28.0466 0x149c  [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
08:45:28.0468 0x149c  rzudd - ok
08:45:28.0475 0x149c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
08:45:28.0476 0x149c  SamSs - ok
08:45:28.0491 0x149c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:45:28.0494 0x149c  sbp2port - ok
08:45:28.0505 0x149c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:45:28.0510 0x149c  SCardSvr - ok
08:45:28.0526 0x149c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:45:28.0527 0x149c  scfilter - ok
08:45:28.0561 0x149c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
08:45:28.0586 0x149c  Schedule - ok
08:45:28.0601 0x149c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:45:28.0603 0x149c  SCPolicySvc - ok
08:45:28.0618 0x149c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:45:28.0623 0x149c  SDRSVC - ok
08:45:28.0728 0x149c  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
08:45:28.0801 0x149c  SDScannerService - ok
08:45:28.0844 0x149c  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
08:45:28.0859 0x149c  SDUpdateService - ok
08:45:28.0867 0x149c  [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
08:45:28.0870 0x149c  SDWSCService - ok
08:45:28.0882 0x149c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:45:28.0883 0x149c  secdrv - ok
08:45:28.0898 0x149c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
08:45:28.0900 0x149c  seclogon - ok
08:45:28.0908 0x149c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
08:45:28.0910 0x149c  SENS - ok
08:45:28.0919 0x149c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:45:28.0921 0x149c  SensrSvc - ok
08:45:28.0935 0x149c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:45:28.0936 0x149c  Serenum - ok
08:45:28.0947 0x149c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:45:28.0949 0x149c  Serial - ok
08:45:28.0966 0x149c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:45:28.0967 0x149c  sermouse - ok
08:45:28.0984 0x149c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
08:45:28.0987 0x149c  SessionEnv - ok
08:45:28.0997 0x149c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:45:28.0998 0x149c  sffdisk - ok
08:45:29.0003 0x149c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:45:29.0003 0x149c  sffp_mmc - ok
08:45:29.0012 0x149c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:45:29.0013 0x149c  sffp_sd - ok
08:45:29.0017 0x149c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:45:29.0018 0x149c  sfloppy - ok
08:45:29.0026 0x149c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:45:29.0033 0x149c  SharedAccess - ok
08:45:29.0054 0x149c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:45:29.0061 0x149c  ShellHWDetection - ok
08:45:29.0070 0x149c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:45:29.0072 0x149c  SiSRaid2 - ok
08:45:29.0077 0x149c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:45:29.0079 0x149c  SiSRaid4 - ok
08:45:29.0086 0x149c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:45:29.0088 0x149c  Smb - ok
08:45:29.0098 0x149c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:45:29.0099 0x149c  SNMPTRAP - ok
08:45:29.0107 0x149c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:45:29.0107 0x149c  spldr - ok
08:45:29.0131 0x149c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
08:45:29.0147 0x149c  Spooler - ok
08:45:29.0228 0x149c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
08:45:29.0307 0x149c  sppsvc - ok
08:45:29.0320 0x149c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:45:29.0323 0x149c  sppuinotify - ok
08:45:29.0371 0x149c  [ 90EF30C3867BCDE4579C01A6D6E75A7A, 60A02EA23164561E09E783F5AED6016B5E2997667141EB4C7AD0ED64A66C4ADC ] SRTSP           C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
08:45:29.0395 0x149c  SRTSP - ok
08:45:29.0405 0x149c  [ C513E8A5E7978DA49077F5484344EE1B, EC173DB62B7BADEA5CCB7C13CB46067427A514EA431DFCD124D0833D9E13E094 ] SRTSPX          C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
08:45:29.0406 0x149c  SRTSPX - ok
08:45:29.0422 0x149c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:45:29.0431 0x149c  srv - ok
08:45:29.0445 0x149c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:45:29.0453 0x149c  srv2 - ok
08:45:29.0462 0x149c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:45:29.0465 0x149c  srvnet - ok
08:45:29.0475 0x149c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:45:29.0480 0x149c  SSDPSRV - ok
08:45:29.0489 0x149c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:45:29.0492 0x149c  SstpSvc - ok
08:45:29.0513 0x149c  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
08:45:29.0517 0x149c  ssudmdm - ok
08:45:29.0552 0x149c  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:45:29.0559 0x149c  Stereo Service - ok
08:45:29.0564 0x149c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:45:29.0565 0x149c  stexstor - ok
08:45:29.0592 0x149c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
08:45:29.0603 0x149c  stisvc - ok
08:45:29.0618 0x149c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:45:29.0619 0x149c  swenum - ok
08:45:29.0655 0x149c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:45:29.0662 0x149c  SwitchBoard - ok
08:45:29.0703 0x149c  [ 179DE6936FBB0702F89535B27E311B1F, 832512B73758242849771F9122B349027728823A299B02D65E21E284941B19D1 ] swmsflt         C:\Windows\System32\drivers\swmsflt.sys
08:45:29.0704 0x149c  swmsflt - ok
08:45:29.0719 0x149c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
08:45:29.0729 0x149c  swprv - ok
08:45:29.0745 0x149c  [ 6160145C7A87FC7672E8E3B886888176, 16B79AD77C53D5CA3125BE45120BD62097975FEF144DBC681FF3C5D76CF3D7D8 ] SymDS           C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
08:45:29.0754 0x149c  SymDS - ok
08:45:29.0779 0x149c  [ 96AEED40D4D3521568B42027687E69E0, 0BF6E20349EBE7AA9F98D3DEB5C86C77C74CA2FEA5F15FF9A278556C09BFC639 ] SymEFA          C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
08:45:29.0798 0x149c  SymEFA - ok
08:45:29.0808 0x149c  [ 21A1C2D694C3CF962D31F5E873AB3D6F, 4EB997BFF485A708BAD11C0CC53F750B40F968E69B532B5631840D105EC4344C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
08:45:29.0812 0x149c  SymEvent - ok
08:45:29.0825 0x149c  [ BD0D711D8CBFCAA19CA123306EAF53A5, 89E76A0BA4C3EF43FE8BF7AD075E4311CF08CEA460B2352C06497BBEC7198849 ] SymIRON         C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
08:45:29.0829 0x149c  SymIRON - ok
08:45:29.0844 0x149c  [ A6ADB3D83023F8DAA0F7B6FDA785D83B, 036A355654D2779FF930F863760D9877298D11CFA7DDCFEEFBF44D9466E28598 ] SymNetS         C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
08:45:29.0851 0x149c  SymNetS - ok
08:45:29.0899 0x149c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
08:45:29.0936 0x149c  SysMain - ok
08:45:29.0951 0x149c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:45:29.0954 0x149c  TabletInputService - ok
08:45:29.0974 0x149c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:45:29.0981 0x149c  TapiSrv - ok
08:45:29.0988 0x149c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
08:45:29.0991 0x149c  TBS - ok
08:45:30.0044 0x149c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:45:30.0086 0x149c  Tcpip - ok
08:45:30.0140 0x149c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:45:30.0167 0x149c  TCPIP6 - ok
08:45:30.0186 0x149c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:45:30.0187 0x149c  tcpipreg - ok
08:45:30.0196 0x149c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:45:30.0197 0x149c  TDPIPE - ok
08:45:30.0202 0x149c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:45:30.0202 0x149c  TDTCP - ok
08:45:30.0217 0x149c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:45:30.0219 0x149c  tdx - ok
08:45:30.0350 0x149c  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
08:45:30.0419 0x149c  TeamViewer9 - ok
08:45:30.0430 0x149c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:45:30.0431 0x149c  TermDD - ok
08:45:30.0457 0x149c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
08:45:30.0481 0x149c  TermService - ok
08:45:30.0488 0x149c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
08:45:30.0490 0x149c  Themes - ok
08:45:30.0500 0x149c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
08:45:30.0502 0x149c  THREADORDER - ok
08:45:30.0510 0x149c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
08:45:30.0514 0x149c  TrkWks - ok
08:45:30.0527 0x149c  TrueSight - ok
08:45:30.0553 0x149c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:45:30.0557 0x149c  TrustedInstaller - ok
08:45:30.0577 0x149c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:45:30.0578 0x149c  tssecsrv - ok
08:45:30.0601 0x149c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:45:30.0602 0x149c  TsUsbFlt - ok
08:45:30.0630 0x149c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:45:30.0633 0x149c  tunnel - ok
08:45:30.0638 0x149c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:45:30.0639 0x149c  uagp35 - ok
08:45:30.0661 0x149c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:45:30.0667 0x149c  udfs - ok
08:45:30.0684 0x149c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:45:30.0686 0x149c  UI0Detect - ok
08:45:30.0704 0x149c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:45:30.0705 0x149c  uliagpkx - ok
08:45:30.0724 0x149c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:45:30.0725 0x149c  umbus - ok
08:45:30.0733 0x149c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:45:30.0734 0x149c  UmPass - ok
08:45:30.0745 0x149c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
08:45:30.0753 0x149c  upnphost - ok
08:45:30.0773 0x149c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
08:45:30.0774 0x149c  USBAAPL64 - ok
08:45:30.0805 0x149c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
08:45:30.0807 0x149c  usbaudio - ok
08:45:30.0828 0x149c  [ C73CB90E6A2FF90FD02451A8DFC6AF8A, ED99FE8ECC86A761501B500B7C3F2304035D3BBC40C92BBAE18467CC4C354BCB ] usbbus          C:\Windows\system32\DRIVERS\lgx64bus.sys
08:45:30.0829 0x149c  usbbus - ok
08:45:30.0838 0x149c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:45:30.0840 0x149c  usbccgp - ok
08:45:30.0862 0x149c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:45:30.0864 0x149c  usbcir - ok
08:45:30.0875 0x149c  [ 856CE1F23785369BB5A2DE0AEDAD0AA7, EB61C7A870224352D9B19D01793F62043DAD229F79D5A65D4F16A77FBDBF698B ] UsbDiag         C:\Windows\system32\DRIVERS\lgx64diag.sys
08:45:30.0876 0x149c  UsbDiag - ok
08:45:30.0885 0x149c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:45:30.0886 0x149c  usbehci - ok
08:45:30.0897 0x149c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:45:30.0904 0x149c  usbhub - ok
08:45:30.0926 0x149c  [ F81055629778D33C9317B32E4D2B58DB, 30B85DCD924D5A54033812E8B9D04BA87EC9411A895B0A1DFE487DB769E1DE65 ] USBModem        C:\Windows\system32\DRIVERS\lgx64modem.sys
08:45:30.0927 0x149c  USBModem - ok
08:45:30.0934 0x149c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:45:30.0935 0x149c  usbohci - ok
08:45:30.0940 0x149c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:45:30.0941 0x149c  usbprint - ok
08:45:30.0959 0x149c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:45:30.0960 0x149c  usbscan - ok
08:45:30.0975 0x149c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:45:30.0977 0x149c  USBSTOR - ok
08:45:30.0982 0x149c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:45:30.0983 0x149c  usbuhci - ok
08:45:30.0990 0x149c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
08:45:30.0992 0x149c  UxSms - ok
08:45:30.0994 0x149c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
08:45:30.0996 0x149c  VaultSvc - ok
08:45:31.0010 0x149c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:45:31.0011 0x149c  vdrvroot - ok
08:45:31.0030 0x149c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
08:45:31.0041 0x149c  vds - ok
08:45:31.0053 0x149c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:45:31.0054 0x149c  vga - ok
08:45:31.0059 0x149c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:45:31.0060 0x149c  VgaSave - ok
08:45:31.0076 0x149c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:45:31.0081 0x149c  vhdmp - ok
08:45:31.0094 0x149c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:45:31.0094 0x149c  viaide - ok
08:45:31.0110 0x149c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:45:31.0112 0x149c  volmgr - ok
08:45:31.0130 0x149c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:45:31.0137 0x149c  volmgrx - ok
08:45:31.0161 0x149c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:45:31.0166 0x149c  volsnap - ok
08:45:31.0210 0x149c  [ BA9DDC02F67008F4519799EACCDCCCFB, EE1FD39D77F00B7FA83695D01279A826700F400AF2740244E29F28F97885C553 ] VRayRTSpawner   C:\Program Files\Chaos Group\V-Ray\RT for 3ds Max R9 for x64\bin\vrayrtspawner.exe
08:45:31.0212 0x149c  VRayRTSpawner - ok
08:45:31.0245 0x149c  [ 7542AEE50B3CE03583846BEDC455C863, 4F9951406F6A1FD5A2B36453E928EAC005DD2F52110606540A159536A0123A67 ] VRLService      C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x64\startvrlservice.exe
08:45:31.0249 0x149c  VRLService - ok
08:45:31.0258 0x149c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:45:31.0261 0x149c  vsmraid - ok
08:45:31.0310 0x149c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
08:45:31.0347 0x149c  VSS - ok
08:45:31.0355 0x149c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
08:45:31.0356 0x149c  vwifibus - ok
08:45:31.0366 0x149c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
08:45:31.0374 0x149c  W32Time - ok
08:45:31.0378 0x149c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:45:31.0379 0x149c  WacomPen - ok
08:45:31.0390 0x149c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:45:31.0392 0x149c  WANARP - ok
08:45:31.0395 0x149c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:45:31.0397 0x149c  Wanarpv6 - ok
08:45:31.0441 0x149c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:45:31.0478 0x149c  WatAdminSvc - ok
08:45:31.0519 0x149c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
08:45:31.0556 0x149c  wbengine - ok
08:45:31.0571 0x149c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:45:31.0576 0x149c  WbioSrvc - ok
08:45:31.0596 0x149c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:45:31.0604 0x149c  wcncsvc - ok
08:45:31.0607 0x149c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:45:31.0609 0x149c  WcsPlugInService - ok
08:45:31.0613 0x149c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:45:31.0614 0x149c  Wd - ok
08:45:31.0645 0x149c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:45:31.0669 0x149c  Wdf01000 - ok
08:45:31.0676 0x149c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:45:31.0679 0x149c  WdiServiceHost - ok
08:45:31.0682 0x149c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:45:31.0684 0x149c  WdiSystemHost - ok
08:45:31.0702 0x149c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
08:45:31.0708 0x149c  WebClient - ok
08:45:31.0737 0x149c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:45:31.0743 0x149c  Wecsvc - ok
08:45:31.0752 0x149c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:45:31.0755 0x149c  wercplsupport - ok
08:45:31.0771 0x149c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:45:31.0774 0x149c  WerSvc - ok
08:45:31.0779 0x149c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:45:31.0780 0x149c  WfpLwf - ok
08:45:31.0805 0x149c  [ F27BD4135954690B9C2C24258CACA933, 0A28FC8B67AF8AC834B07820398A0D5FBE89C7639FF6C6AC7E48F99544E3F43E ] WIBUKEY         C:\Windows\system32\DRIVERS\WibuKey64.sys
08:45:31.0807 0x149c  WIBUKEY - ok
08:45:31.0816 0x149c  [ 9B33BD737B6620E5DCD4909EFF719216, B32CFC5992FB390C1192979A02A03A2E166B4788F6C10AB3052B33B028805A27 ] Wibukey2_64     C:\Windows\system32\drivers\wibukey2_64.sys
08:45:31.0816 0x149c  Wibukey2_64 - ok
08:45:31.0823 0x149c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:45:31.0824 0x149c  WIMMount - ok
08:45:31.0830 0x149c  WinDefend - ok
08:45:31.0837 0x149c  WinHttpAutoProxySvc - ok
08:45:31.0868 0x149c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:45:31.0880 0x149c  Winmgmt - ok
08:45:32.0037 0x149c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
08:45:32.0074 0x149c  WinRM - ok
08:45:32.0093 0x149c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:45:32.0094 0x149c  WinUsb - ok
08:45:32.0115 0x149c  [ EC25ED59540DB3D4797795335409FD64, 4C5D0E5AED518DA96F97238027D88CFB02D5D694D129903BFDF4BA1B8F1783D7 ] WkSvw32.exe     C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe
08:45:32.0124 0x149c  WkSvw32.exe - ok
08:45:32.0156 0x149c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:45:32.0186 0x149c  Wlansvc - ok
08:45:32.0204 0x149c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:45:32.0204 0x149c  WmiAcpi - ok
08:45:32.0217 0x149c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:45:32.0221 0x149c  wmiApSrv - ok
08:45:32.0231 0x149c  WMPNetworkSvc - ok
08:45:32.0240 0x149c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:45:32.0241 0x149c  WPCSvc - ok
08:45:32.0250 0x149c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:45:32.0254 0x149c  WPDBusEnum - ok
08:45:32.0262 0x149c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:45:32.0263 0x149c  ws2ifsl - ok
08:45:32.0271 0x149c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
08:45:32.0274 0x149c  wscsvc - ok
08:45:32.0285 0x149c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
08:45:32.0286 0x149c  WSDPrintDevice - ok
08:45:32.0292 0x149c  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
08:45:32.0293 0x149c  WSDScan - ok
08:45:32.0295 0x149c  WSearch - ok
08:45:32.0360 0x149c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:45:32.0415 0x149c  wuauserv - ok
08:45:32.0433 0x149c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:45:32.0435 0x149c  WudfPf - ok
08:45:32.0456 0x149c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:45:32.0460 0x149c  WUDFRd - ok
08:45:32.0478 0x149c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:45:32.0481 0x149c  wudfsvc - ok
08:45:32.0500 0x149c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:45:32.0506 0x149c  WwanSvc - ok
08:45:32.0529 0x149c  [ 741D9BBFE2A392031157A39D921CE052, 3DA6FFFF6E7FC30F36105D7BDFC7F0E8C414535E4FA3FCE31F3A073BC8B25EC4 ] zghsdiag        C:\Windows\system32\DRIVERS\zghsdiag.sys
08:45:32.0532 0x149c  zghsdiag - ok
08:45:32.0555 0x149c  [ 741D9BBFE2A392031157A39D921CE052, 3DA6FFFF6E7FC30F36105D7BDFC7F0E8C414535E4FA3FCE31F3A073BC8B25EC4 ] zghsmdm         C:\Windows\system32\DRIVERS\zghsmdm.sys
08:45:32.0557 0x149c  zghsmdm - ok
08:45:32.0572 0x149c  [ 741D9BBFE2A392031157A39D921CE052, 3DA6FFFF6E7FC30F36105D7BDFC7F0E8C414535E4FA3FCE31F3A073BC8B25EC4 ] zghsnmea        C:\Windows\system32\DRIVERS\zghsnmea.sys
08:45:32.0574 0x149c  zghsnmea - ok
08:45:32.0579 0x149c  ================ Scan global ===============================
08:45:32.0596 0x149c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:45:32.0611 0x149c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:45:32.0621 0x149c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:45:32.0640 0x149c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:45:32.0656 0x149c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:45:32.0662 0x149c  [ Global ] - ok
08:45:32.0662 0x149c  ================ Scan MBR ==================================
08:45:32.0669 0x149c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:45:33.0057 0x149c  \Device\Harddisk0\DR0 - ok
08:45:33.0058 0x149c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:45:33.0062 0x149c  \Device\Harddisk1\DR1 - ok
08:45:33.0064 0x149c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
08:45:33.0067 0x149c  \Device\Harddisk2\DR2 - ok
08:45:33.0067 0x149c  ================ Scan VBR ==================================
08:45:33.0068 0x149c  [ 7086947607FA28C2571067F1ADC69F77 ] \Device\Harddisk0\DR0\Partition1
08:45:33.0088 0x149c  \Device\Harddisk0\DR0\Partition1 - ok
08:45:33.0089 0x149c  [ 9305E1B26D71AC79A62EBF077AFD50A3 ] \Device\Harddisk0\DR0\Partition2
08:45:33.0108 0x149c  \Device\Harddisk0\DR0\Partition2 - ok
08:45:33.0110 0x149c  [ C399EFA2375A87D9D6BF9A6EDC0607A6 ] \Device\Harddisk1\DR1\Partition1
08:45:33.0556 0x149c  \Device\Harddisk1\DR1\Partition1 - ok
08:45:33.0558 0x149c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
08:45:33.0558 0x149c  \Device\Harddisk2\DR2\Partition1 - ok
08:45:33.0560 0x149c  [ 0E4BD471309C228E13BD753509C16485 ] \Device\Harddisk2\DR2\Partition2
08:45:33.0632 0x149c  \Device\Harddisk2\DR2\Partition2 - ok
08:45:33.0632 0x149c  ================ Scan generic autorun ======================
08:45:33.0865 0x149c  [ 6D04467A68BFE25748575DF36638418F, 02CB1850D4286C8D6A6716002088D0F97497AFE193405062427657174395D42D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:45:34.0056 0x149c  RtHDVCpl - ok
08:45:34.0113 0x149c  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
08:45:34.0149 0x149c  MSC - ok
08:45:34.0173 0x149c  [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
08:45:34.0201 0x149c  IAStorIcon - ok
08:45:34.0279 0x149c  [ 43D9EA74B80A200FE2479B177895B7E4, DF8AF69439FCD224AD9C4448CD50DB66F9AC55842E618F709B7AAFBE16568635 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
08:45:34.0333 0x149c  nwiz - ok
08:45:34.0370 0x149c  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
08:45:34.0372 0x149c  NUSB3MON - ok
08:45:34.0385 0x149c  [ 17D9440D55500418C8FDB8EF1390C5AD, C4C57AE427FB89EFDFC1D111C300BB588E475BE90DD57084C03399557641F948 ] C:\Windows\RaidTool\xInsIDE.exe
08:45:34.0386 0x149c  JMB36X IDE Setup - ok
08:45:34.0504 0x149c  [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
08:45:34.0600 0x149c  SDTray - ok
08:45:34.0643 0x149c  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:45:34.0656 0x149c  Adobe ARM - ok
08:45:34.0677 0x149c  [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
08:45:34.0681 0x149c  SunJavaUpdateSched - ok
08:45:34.0774 0x149c  [ 818DA091BF0F17AFDFA19CF39226FF0F, 3967E0C3E111EB8E0E0F7D275F9E8F2C36536474842ECEF2153C9128749CB20A ] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
08:45:34.0846 0x149c  Intuit SyncManager - ok
08:45:34.0895 0x149c  [ 1C005F9EFA319039CAD54D90732645C4, DC183D847A731D09DB07D66ADEF0F89137A4D65AE28CF1487094CDA7007FF10C ] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe
08:45:34.0902 0x149c  ADSKAppManager - ok
08:45:35.0047 0x149c  [ 4DF6E378A00B6F89CB35078054057C36, 981BE3859AC48F43E739885BDA6756C5583BFD7353A57669067C8FB170DAE097 ] C:\Program Files\CCleaner\CCleaner64.exe
08:45:35.0156 0x149c  CCleaner Monitoring - ok
08:45:35.0212 0x149c  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
08:45:35.0249 0x149c  Sidebar - ok
08:45:35.0379 0x149c  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
08:45:35.0467 0x149c  Akamai NetSession Interface - ok
08:45:35.0471 0x149c  Waiting for KSN requests completion. In queue: 21
08:45:36.0471 0x149c  Waiting for KSN requests completion. In queue: 21
08:45:37.0472 0x149c  Waiting for KSN requests completion. In queue: 21
08:45:38.0480 0x149c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
08:45:38.0482 0x149c  Win FW state via NFP2: enabled
08:45:41.0351 0x149c  ============================================================
08:45:41.0351 0x149c  Scan finished
08:45:41.0351 0x149c  ============================================================
08:45:41.0355 0x1294  Detected object count: 0
08:45:41.0355 0x1294  Actual detected object count: 0



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 09 January 2015 - 06:08 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 10 January 2015 - 01:57 AM

FRST Fix Log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-11-2013
Ran by Jason at 2015-01-09 23:56:28 Run:1
Running from C:\Users\Jason\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\Microsoft:ir5w0EBC4rzthyslXiv8H4dYx
AlternateDataStreams: C:\ProgramData\Microsoft:N50eeMZn6CpfeeBtd
AlternateDataStreams: C:\Users\Jason\Local Settings:N9GRc56EiecB8lcZKpj
AlternateDataStreams: C:\Users\Jason\AppData\Local:N9GRc56EiecB8lcZKpj
AlternateDataStreams: C:\Users\Jason\AppData\Local\Application Data:N9GRc56EiecB8lcZKpj
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BootExecute: autocheck autochk * ?/???
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\uninstaller.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\uninstaller.exe <====== ATTENTION
EmptyTemp:
*****************

C:\ProgramData\Microsoft => ":ir5w0EBC4rzthyslXiv8H4dYx" ADS removed successfully.
C:\ProgramData\Microsoft => ":N50eeMZn6CpfeeBtd" ADS removed successfully.
"C:\Users\Jason\Local Settings" => ":N9GRc56EiecB8lcZKpj" ADS not found.
C:\Users\Jason\AppData\Local => ":N9GRc56EiecB8lcZKpj" ADS removed successfully.
"C:\Users\Jason\AppData\Local\Application Data" => ":N9GRc56EiecB8lcZKpj" ADS not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.

==== End of Fixlog ====


#8 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 10 January 2015 - 02:09 AM

Malwarebytes Scan Log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/9/2015
Scan Time: 11:58:47 PM
Logfile: 
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.10.06
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jason

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 379878
Time Elapsed: 8 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 12 January 2015 - 04:24 AM

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 13 January 2015 - 10:18 PM

Here you go...
 
C:\1_JB Graphics\ADMIN\Software Installers\Core-Temp-setup.exe a variant of Win32/Complitly.A potentially unwanted application
C:\1_JB Graphics\ADMIN\Software Installers\Computer Maintenance\disk-defrag-setup.exe MSIL/MyPCBackup.B potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 1.zip a variant of Win32/Complitly.A potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 49.zip Win32/Somoto.A potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 53.zip a variant of Win32/CNETInstaller.B potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-23 190001\Backup files 1.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-03-09 190002\Backup files 1.zip MSIL/MyPCBackup.B potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-03-09 190002\Backup files 5.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-03-30 190001\Backup files 10.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-06-22 190001\Backup files 1.zip a variant of Win32/Complitly.A potentially unwanted application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-06-22 190001\Backup files 6.zip MSIL/MyPCBackup.B potentially unwanted application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-08-10 190001\Backup files 3.zip a variant of Win32/ClientConnect.A potentially unwanted application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-09-07 190001\Backup files 7.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-10-26 190002\Backup files 5.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-11-02 190001\Backup files 5.zip a variant of Win32/OpenCandy.C potentially unsafe application
F:\AVATAR\Backup Set 2014-12-14 190001\Backup Files 2014-12-14 190001\Backup files 1.zip a variant of Win32/Complitly.A potentially unwanted application
F:\AVATAR\Backup Set 2014-12-14 190001\Backup Files 2014-12-14 190001\Backup files 6.zip MSIL/MyPCBackup.B potentially unwanted application


#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 14 January 2015 - 03:42 AM

 

F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 1.zip a variant of Win32/Complitly.A potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 49.zip Win32/Somoto.A potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 53.zip a variant of Win32/CNETInstaller.B potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-02-23 190001\Backup files 1.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-03-09 190002\Backup files 1.zip MSIL/MyPCBackup.B potentially unwanted application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-03-09 190002\Backup files 5.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-02-02 190002\Backup Files 2014-03-30 190001\Backup files 10.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-06-22 190001\Backup files 1.zip a variant of Win32/Complitly.A potentially unwanted application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-06-22 190001\Backup files 6.zip MSIL/MyPCBackup.B potentially unwanted application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-08-10 190001\Backup files 3.zip a variant of Win32/ClientConnect.A potentially unwanted application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-09-07 190001\Backup files 7.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-10-26 190002\Backup files 5.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
F:\AVATAR\Backup Set 2014-04-27 190001\Backup Files 2014-11-02 190001\Backup files 5.zip a variant of Win32/OpenCandy.C potentially unsafe application
F:\AVATAR\Backup Set 2014-12-14 190001\Backup Files 2014-12-14 190001\Backup files 1.zip a variant of Win32/Complitly.A potentially unwanted application
F:\AVATAR\Backup Set 2014-12-14 190001\Backup Files 2014-12-14 190001\Backup files 6.zip MSIL/MyPCBackup.B potentially unwanted application

These backup sets contain adware. I´d delete them and create a new one.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!





Are any problems left or may I post the final reply? :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 14 January 2015 - 11:15 PM

The computer seems to be working fine.  I haven't had any issues with the multiple dllhost.exe processes lately.

 

Here is the Adwcleaner Log:

# AdwCleaner v4.107 - Report created 14/01/2015 at 21:08:47
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jason - AVATAR
# Running from : C:\Users\Jason\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Jason\AppData\LocalLow\Simple Adblock

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


*************************

AdwCleaner[R0].txt - [1335 octets] - [26/03/2014 16:46:02]
AdwCleaner[R1].txt - [1047 octets] - [04/08/2014 07:40:07]
AdwCleaner[R2].txt - [1077 octets] - [14/01/2015 07:10:37]
AdwCleaner[R3].txt - [1081 octets] - [14/01/2015 07:11:05]
AdwCleaner[R4].txt - [1139 octets] - [14/01/2015 21:01:17]
AdwCleaner[S0].txt - [1410 octets] - [26/03/2014 16:46:42]
AdwCleaner[S1].txt - [1063 octets] - [14/01/2015 21:08:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1123 octets] ##########



#13 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 14 January 2015 - 11:21 PM

JRT Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jason on Wed 01/14/2015 at 21:17:54.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\CloudBerry Explorer for Amazon S3



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/14/2015 at 21:20:33.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#14 jblatnick

jblatnick
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 14 January 2015 - 11:32 PM

Here is the Security Check Up

 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Java 7 Update 60  
 Java version 32-bit out of Date! 
 Adobe Flash Player 16.0.0.257  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Google Chrome (39.0.2171.95) 
 Google Chrome (39.0.2171.99) 
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Spybot Teatimer.exe is disabled! 
 CloudBerryLab CloudBerry Online Backup CloudBerry.Backup.Scheduler.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 AM

Posted 17 January 2015 - 05:58 AM

Your system is clean now! :)

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.

After the reboot
  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.




Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:
  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now
More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users