Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus in windows and temporary folder


  • This topic is locked This topic is locked
16 replies to this topic

#1 yuko17

yuko17

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 21 January 2015 - 12:19 PM

hello :)

Last week, i noticed my computer was running slow,lag and disconnected with the network sometimes.

In this few days,bitdefender and the comodo firewall found some virus and many malware in the windows and temporary folder and they helped me to clean or quarantine them all

 

After it cleans or quarantines, my computer is keep running slow and lag, i reinstall the windows 7 but it doesnt work. :unsure:

Unfortunately, now 5-10 minutes i get warning from comodo and bitdefender that keep saying i have malware in my computer.This happens keep again and again.

I also find that they are like random file that looks like
C:\windows\temp\tmp00005242\tmp0005b38 ,C:\windows\temp\tmp00007d0b\tmp0005b38 

 

Then i ran full scans in  bitdefender and comodo firewall,it found nothings after the full scans.

 

But,found,clean,quarantine keep pop up and happens again,again and again.

 

Am i infected and what should i do? :unsure:

i would be very grateful if you could give me some feedback :wink: :)

Attached Files


Edited by yuko17, 21 January 2015 - 12:29 PM.


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 21 January 2015 - 07:03 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Step 2

zoek.jpg

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    process;
    services-list;
    systemspecs;
    startupall;
    filesrcm;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.

Edited by deeprybka, 21 January 2015 - 07:03 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 22 January 2015 - 12:26 PM

Hello Jürgen  :)
Thanks for the reply
here are the informations you request for  :) 

 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\CisTray.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12000984 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1546080 2013-05-31] (cFos Software GmbH)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243352 2014-12-09] (COMODO)
HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-22] (Comodo Security Solutions, Inc.)
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\...\MountPoints2: {1473e34c-a0c8-11e4-aed4-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\...\MountPoints2: {a7ae1851-a0ca-11e4-a9ee-806e6f6e6963} - F:\DVDSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5EF3BC5D-4356-46CC-8E4F-C0901E2E5FF1}: [NameServer] 156.154.70.25,156.154.71.25
 
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slide) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21]
CHR Extension: (Google File) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21]
CHR Extension: (Google Drive) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21]
CHR Extension: (YouTube) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21]
CHR Extension: (Google search) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21]
CHR Extension: (Google Spreadsheets) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21]
CHR Extension: (Google Wallet) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-21]
CHR Extension: (Gmail) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASRockIOMon; C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [550240 2013-05-31] (cFos Software GmbH)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2015-01-22] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2014-12-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2014-12-09] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-22] (Comodo Security Solutions, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [171072 2012-09-18] (Intel Corporation)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [129792 2013-07-08] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [167640 2013-06-18] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-11-07] (Windows ® Win 7 DDK provider)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [38152 2013-05-13] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [108008 2013-07-02] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1284960 2013-05-31] (cFos Software GmbH)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2014-06-26] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17088 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [617536 2014-12-09] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41248 2014-12-09] (COMODO)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d6232.sys [367880 2013-05-30] (Intel Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [505192 2013-08-07] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25448 2013-08-07] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91200 2014-12-09] (COMODO)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2012-11-02] (BitDefender)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-23 00:38 - 2015-01-23 00:39 - 00011672 _____ () C:\Users\Carmen\Desktop\FRST.txt
2015-01-23 00:38 - 2015-01-23 00:38 - 00000000 ____D () C:\FRST
2015-01-23 00:34 - 2015-01-23 00:34 - 02126848 _____ (Farbar) C:\Users\Carmen\Desktop\FRST64.exe
2015-01-23 00:34 - 2015-01-23 00:34 - 01118208 _____ (Farbar) C:\Users\Carmen\Desktop\FRST.exe
2015-01-22 00:54 - 2015-01-22 00:54 - 00000000 ____D () C:\Program Files\Common Files\COMODO
2015-01-21 03:36 - 2015-01-21 03:37 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Dropbox
2015-01-21 03:30 - 2015-01-21 04:26 - 00001768 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-01-21 03:30 - 2015-01-21 03:31 - 19844092 _____ (Malwarebytes Corporation ) C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-21 03:29 - 2015-01-21 03:30 - 19982792 _____ (Malwarebytes Corporation ) C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 03:26 - 2015-01-21 03:36 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-21 03:21 - 2015-01-21 03:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-21 03:21 - 2015-01-21 03:21 - 05006864 _____ (AVAST Software) C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe
2015-01-21 02:46 - 2015-01-23 00:24 - 00000526 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 02:46 - 2015-01-22 02:51 - 00000530 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 02:46 - 2015-01-21 02:46 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-21 02:46 - 2015-01-21 02:46 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Deployment
2015-01-21 02:46 - 2015-01-21 02:46 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Apps\2.0
2015-01-21 02:46 - 2015-01-21 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-21 02:28 - 2015-01-21 02:28 - 37046976 _____ (Microsoft Corporation) C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe
2015-01-21 02:28 - 2015-01-21 02:28 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 02:12 - 2015-01-21 02:12 - 00001114 _____ () C:\Users\Carmen\Desktop\MSI GamingApp.lnk
2015-01-21 02:12 - 2015-01-21 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-01-21 02:12 - 2015-01-21 02:12 - 00000000 ____D () C:\Program Files\MSI
2015-01-21 02:07 - 2015-01-23 00:33 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-01-21 02:07 - 2015-01-21 02:07 - 00001888 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-01-21 02:06 - 2015-01-21 02:06 - 00000000 ____D () C:\ProgramData\Shared Space
2015-01-21 02:04 - 2015-01-21 02:05 - 36210245 _____ () C:\Users\Carmen\Downloads\MSIAfterburnerSetup410.zip
2015-01-21 02:04 - 2015-01-21 02:04 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-21 02:04 - 2015-01-21 02:04 - 00000000 ____D () C:\Windows\system32\directx
2015-01-21 02:03 - 2015-01-21 02:04 - 00000000 ____D () C:\Program Files\MSI Afterburner
2015-01-21 02:03 - 2015-01-21 02:03 - 00001048 _____ () C:\Users\Carmen\Desktop\MSI Afterburner.lnk
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\ATI
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\Users\Carmen\AppData\Local\ATI
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\ProgramData\ATI
2015-01-21 02:01 - 2015-01-21 02:01 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-21 02:00 - 2015-01-22 00:54 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2015-01-21 02:00 - 2015-01-22 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-01-21 02:00 - 2015-01-21 02:06 - 00000000 ____D () C:\Program Files\Comodo
2015-01-21 02:00 - 2015-01-21 02:00 - 00059287 _____ () C:\Windows\system32\CCCInstall_201501210200331599.log
2015-01-21 02:00 - 2015-01-21 02:00 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2015-01-21 02:00 - 2015-01-21 02:00 - 00001078 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2015-01-21 02:00 - 2015-01-21 02:00 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Comodo
2015-01-21 02:00 - 2015-01-21 02:00 - 00000000 ____D () C:\ProgramData\AMD
2015-01-21 02:00 - 2015-01-21 02:00 - 00000000 ____D () C:\Program Files\AMD AVT
2015-01-21 01:59 - 2015-01-21 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-21 01:59 - 2015-01-21 01:59 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-01-21 01:58 - 2015-01-21 02:07 - 00000000 ____D () C:\ProgramData\Comodo
2015-01-21 01:58 - 2015-01-21 01:58 - 00000000 ____D () C:\AMD
2015-01-21 01:58 - 2013-09-24 22:52 - 00077312 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys
2015-01-21 01:58 - 2013-09-24 22:50 - 00084480 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2015-01-21 01:58 - 2013-09-12 10:26 - 00995342 _____ () C:\Windows\system32\amdocl_as32.exe
2015-01-21 01:58 - 2013-09-12 10:26 - 00798734 _____ () C:\Windows\system32\amdocl_ld32.exe
2015-01-21 01:58 - 2013-09-12 10:26 - 00200704 _____ () C:\Windows\system32\clinfo.exe
2015-01-21 01:58 - 2013-09-12 10:26 - 00114688 _____ (AMD) C:\Windows\system32\coinst_13.20.dll
2015-01-21 01:58 - 2013-09-12 10:26 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo.dll
2015-01-21 01:58 - 2013-09-12 10:25 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode.dll
2015-01-21 01:58 - 2013-09-12 10:23 - 24008704 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2015-01-21 01:58 - 2013-09-12 10:21 - 00057344 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-21 01:58 - 2013-09-12 10:09 - 00555744 _____ () C:\Windows\system32\atiapfxx.blb
2015-01-21 01:58 - 2013-09-12 09:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-01-21 01:58 - 2013-09-12 09:16 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2015-01-21 01:58 - 2013-09-12 09:16 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2015-01-21 01:58 - 2013-08-28 04:15 - 00083392 _____ () C:\Windows\system32\ativce02.dat
2015-01-21 01:58 - 2013-07-26 05:50 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2015-01-21 01:58 - 2013-07-18 23:47 - 00231856 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2015-01-21 01:58 - 2011-09-13 06:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2015-01-21 01:57 - 2015-01-21 01:57 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-21 01:57 - 2013-08-14 10:23 - 00047427 _____ () C:\Windows\atiogl.xml
2015-01-21 01:55 - 2015-01-21 01:58 - 226075384 _____ (COMODO) C:\Users\Carmen\Downloads\cispremium_installer_6100_08.exe
2015-01-21 01:55 - 2015-01-21 01:55 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-21 01:54 - 2015-01-21 01:59 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-21 01:54 - 2015-01-21 01:54 - 00000000 ____D () C:\Program Files\ATI
2015-01-21 01:52 - 2015-01-21 01:57 - 00002842 _____ () C:\Windows\system32\lic2.xml25457
2015-01-21 01:52 - 2015-01-21 01:52 - 00197160 _____ () C:\ProgramData\1421776296.bdinstall.bin
2015-01-21 01:52 - 2015-01-21 01:52 - 00002176 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2015-01-21 01:52 - 2015-01-21 01:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2015-01-21 01:52 - 2013-04-17 14:59 - 00633344 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-01-21 01:52 - 2013-04-17 14:59 - 00486536 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-01-21 01:52 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-01-21 01:51 - 2015-01-21 01:52 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-21 01:51 - 2015-01-21 01:51 - 09927424 _____ () C:\Users\Carmen\Downloads\Antivirus_Free_Edition_x86.exe
2015-01-21 01:51 - 2015-01-21 01:51 - 00162208 _____ () C:\Users\Carmen\Downloads\Antivirus_Free_Edition.exe
2015-01-21 01:51 - 2015-01-21 01:51 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\QuickScan
2015-01-21 01:51 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-01-21 01:51 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-01-21 01:49 - 2015-01-21 02:04 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Adobe
2015-01-21 01:48 - 2015-01-23 00:23 - 00422946 _____ () C:\Windows\PFRO.log
2015-01-21 01:47 - 2015-01-21 02:05 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Adobe
2015-01-21 01:47 - 2015-01-21 01:47 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Macromedia
2015-01-21 01:46 - 2015-01-21 02:05 - 00000000 ____D () C:\Program Files\Adobe
2015-01-21 01:46 - 2015-01-21 01:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-21 01:46 - 2015-01-21 01:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2015-01-21 01:46 - 2015-01-21 01:46 - 00001984 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2015-01-21 01:46 - 2015-01-21 01:46 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-21 01:44 - 2015-01-21 01:44 - 00002029 _____ () C:\Users\Carmen\Desktop\XFast LAN.lnk
2015-01-21 01:44 - 2015-01-21 01:44 - 00001225 _____ () C:\Users\Public\Desktop\A-Tuning.lnk
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\Windows\ASRock
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\Users\Carmen\AppData\Local\cFos
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\ProgramData\cFos
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\Program Files\ASRock
2015-01-21 01:44 - 2013-05-31 16:23 - 01284960 _____ (cFos Software GmbH) C:\Windows\system32\Drivers\cfosspeed6.sys
2015-01-21 01:44 - 2013-05-28 17:58 - 00505608 _____ () C:\Windows\system32\USBKeyCredentialProvider.dll
2015-01-21 01:44 - 2013-05-13 10:11 - 00038152 _____ (ASRock Inc.) C:\Windows\system32\Drivers\AsrRamDisk.sys
2015-01-21 01:43 - 2015-01-21 02:46 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Google
2015-01-21 01:43 - 2015-01-21 02:46 - 00000000 ____D () C:\Program Files\Google
2015-01-21 01:43 - 2015-01-21 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2015-01-21 01:43 - 2015-01-21 01:44 - 00000000 ____D () C:\Program Files\ASRock Utility
2015-01-21 01:43 - 2011-11-07 10:13 - 00015656 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\AsrAppCharger.sys
2015-01-21 01:42 - 2013-07-04 02:05 - 00317752 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-01-21 01:42 - 2013-05-30 08:53 - 00367880 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d6232.sys
2015-01-21 01:42 - 2013-05-11 03:48 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2015-01-21 01:42 - 2013-03-02 04:42 - 00083232 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2015-01-21 01:42 - 2012-01-06 14:03 - 00003109 _____ () C:\Windows\system32\e1d6232.din
2015-01-21 01:42 - 2009-05-26 10:05 - 00028792 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2015-01-21 01:42 - 2006-01-12 15:52 - 00001904 ____N () C:\Windows\system32\SetupBD.din
2015-01-21 01:41 - 2015-01-21 01:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-21 01:41 - 2013-04-26 10:24 - 00793072 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-01-21 01:41 - 2013-04-26 10:24 - 00361968 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-01-21 01:41 - 2013-04-26 10:24 - 00016880 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2015-01-21 01:41 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-21 01:39 - 2013-09-03 16:52 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-21 01:39 - 2013-09-03 16:52 - 00085464 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriver.sys
2015-01-21 01:38 - 2015-01-21 01:38 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2015-01-21 01:37 - 2015-01-21 01:37 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\InstallShield
2015-01-21 01:34 - 2015-01-21 01:45 - 00057952 _____ () C:\Users\Carmen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-21 01:34 - 2015-01-21 01:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-21 01:34 - 2015-01-21 01:34 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Intel Corporation
2015-01-21 01:34 - 2015-01-21 01:34 - 00000000 ____D () C:\ProgramData\Intel
2015-01-21 01:33 - 2015-01-21 01:37 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ___HD () C:\Program Files\Temp
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Users\Carmen\Intel
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Program Files\Realtek
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-01-21 01:33 - 2013-07-30 20:16 - 02782232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-21 01:33 - 2013-07-30 17:14 - 02326744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2015-01-21 01:33 - 2013-07-30 13:47 - 00620273 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-21 01:33 - 2013-07-29 18:41 - 00121560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-01-21 01:33 - 2013-07-22 15:37 - 00769752 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-21 01:33 - 2013-07-19 15:55 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-21 01:33 - 2013-07-18 14:48 - 02536664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-21 01:33 - 2013-07-17 16:16 - 02396192 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-01-21 01:33 - 2013-06-05 21:42 - 00181960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-01-21 01:33 - 2013-04-24 17:16 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-01-21 01:33 - 2012-06-20 17:26 - 00090624 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-21 01:33 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-01-21 01:33 - 2012-01-30 11:42 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-01-21 01:33 - 2012-01-10 10:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-01-21 01:33 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-01-21 01:33 - 2011-03-17 12:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-01-21 01:33 - 2011-03-07 17:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-01-21 01:30 - 2015-01-21 01:44 - 00000000 ____D () C:\Program Files\Intel
2015-01-21 01:30 - 2013-08-05 11:50 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2015-01-21 01:29 - 2015-01-21 01:29 - 00000000 ____D () C:\Intel
2015-01-21 01:28 - 2015-01-23 00:30 - 01288466 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 01:27 - 2015-01-21 01:27 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-01-21 01:27 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-21 01:27 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-21 01:27 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-21 01:27 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-21 01:27 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-21 01:23 - 2015-01-23 00:27 - 00105013 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 01:23 - 2015-01-21 01:23 - 00001329 _____ () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-21 01:23 - 2015-01-21 01:23 - 00000020 ___SH () C:\Users\Carmen\ntuser.ini
2015-01-21 01:23 - 2015-01-21 01:23 - 00000000 __SHD () C:\Recovery
2015-01-21 01:23 - 2015-01-21 01:23 - 00000000 ____D () C:\Users\Carmen\AppData\Local\VirtualStore
2015-01-21 01:23 - 2009-07-14 12:42 - 00000000 ___RD () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 01:23 - 2009-07-14 12:37 - 00000000 ___RD () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-21 01:20 - 2015-01-21 01:20 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-21 01:20 - 2015-01-21 01:20 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-21 01:19 - 2015-01-21 01:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-21 01:16 - 2015-01-21 01:23 - 00000000 ____D () C:\Windows\Panther
2015-01-21 01:16 - 2015-01-21 01:20 - 00001313 _____ () C:\Windows\TSSysprep.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-23 00:30 - 2009-07-14 16:44 - 00390570 _____ () C:\Windows\system32\prfh0404.dat
2015-01-23 00:30 - 2009-07-14 16:44 - 00114880 _____ () C:\Windows\system32\prfc0404.dat
2015-01-23 00:24 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 00:24 - 2009-07-14 12:39 - 00021298 _____ () C:\Windows\setupact.log
2015-01-23 00:23 - 2009-07-14 12:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 00:23 - 2009-07-14 12:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 00:07 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-21 02:03 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-01-21 01:54 - 2009-07-14 10:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-21 01:49 - 2009-07-14 10:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-21 01:48 - 2009-07-14 12:33 - 00267248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-21 01:27 - 2009-07-14 12:52 - 00000000 ____D () C:\Windows\system32\restore
2015-01-21 01:23 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2015-01-21 01:20 - 2009-07-14 12:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 01:20 - 2009-07-14 10:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 01:17 - 2009-07-14 17:20 - 00000000 ____D () C:\Windows\CSC
2015-01-21 01:16 - 2009-07-14 12:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-21 01:16 - 2009-07-14 12:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-21 01:16 - 2009-07-14 12:34 - 00001774 _____ () C:\Windows\DtcInstall.log
 
==================== Files in the root of some directories =======
2015-01-21 01:52 - 2015-01-21 01:52 - 0197160 _____ () C:\ProgramData\1421776296.bdinstall.bin
 
Some content of TEMP:
====================
C:\Users\Carmen\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Carmen\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-21 01:16
 
==================== End Of Log ============================

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by Carmen at 2015-01-23 00:39:18
Running from C:\Users\Carmen\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{121A3F18-E386-B7EF-CEEB-32864884E594}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v2.0.51.1 (HKLM\...\A-Tuning_is1) (Version: 2.0.51.1 - )
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.)
GeekBuddy (HKLM\...\{79B9250E-3714-4877-A2B0-D6C1E93E471A}) (Version: 4.18.121 - Comodo Security Solutions Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.10 - MSI)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
VC_CRT_x86 (Version: 1.02.0000 - Intel Corporation) Hidden
XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
21-01-2015 01:27:26 Windows Update
21-01-2015 01:33:40 IIF_MSI
21-01-2015 01:41:45 .
21-01-2015 01:44:54 Device and Driver Installation: cFos Software GmbH Network Service
21-01-2015 01:54:58 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
21-01-2015 02:06:19 Installing COMODO Internet Security Premium
21-01-2015 02:07:12 Device and Driver Installation: COMODO Network Service
21-01-2015 03:22:04 avast! antivirus system restore point
21-01-2015 03:53:17 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {5BAFC39F-D7EA-4301-9502-1DED81DF5F0F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)
Task: {5BFB73CB-0AE4-43F5-AC39-19F5ADCC75F4} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {A4AFFC93-D1E2-42A6-BBB7-08B954A03094} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {BC94C2C3-BB88-4EBC-B45F-1D56F961E8A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {F1744D22-0EDA-4EEB-B376-90783B3638B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {F31BCE1D-DB5A-48E6-932F-B27D9B10C833} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {FB2B8C7D-AA1D-4266-A5DD-68A363647A38} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
 
==================== Loaded Modules (whitelisted) =============
 
2015-01-21 01:52 - 2013-03-19 12:07 - 00508136 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2015-01-21 01:52 - 2013-09-03 14:29 - 00095088 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2015-01-21 01:44 - 2013-05-28 17:58 - 00454656 _____ () C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2013-04-15 17:39 - 2013-04-15 17:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-09-25 07:04 - 2014-09-25 07:04 - 00976080 _____ () C:\Program Files\Comodo\GeekBuddy\QtNetwork4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 02254544 _____ () C:\Program Files\Comodo\GeekBuddy\QtCore4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 08024784 _____ () C:\Program Files\Comodo\GeekBuddy\QtGui4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 00032976 _____ () C:\Program Files\Comodo\GeekBuddy\imageformats\qgif4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 01299664 _____ () C:\Program Files\Comodo\GeekBuddy\QtScript4.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3420857839-3590272722-2620093553-500 - Administrator - Disabled)
Carmen (S-1-5-21-3420857839-3590272722-2620093553-1000 - Administrator - Enabled) => C:\Users\Carmen
Guest (S-1-5-21-3420857839-3590272722-2620093553-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3420857839-3590272722-2620093553-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log fileC:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore:Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log fileC:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。。
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log file C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1536) SUS20ClientDataStore: Unable to read the log fileC:\Windows\SoftwareDistribution\DataStore\Logs\edb.log  error -546。
 
 
System errors:
=============
Error: (01/21/2015 01:52:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: bdfwfpf Service could not start because the following error: 
%%2
 
Error: (01/21/2015 01:35:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search Service terminated unexpectedly, the service had to complete this action once. The following corrective action will be executed in 30000 milliseconds: Restart the service.
 
Error: (01/21/2015 01:35:23 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search Service due to service-specific error %% --1,073,473,535 terminated.
 
 
Microsoft Office Sessions:
=========================
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:03 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/23/2015 00:27:02 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1536SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 49%
Total physical RAM: 3535.06 MB
Available physical RAM: 1797.68 MB
Total Pagefile: 7068.4 MB
Available Pagefile: 4504.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1879.75 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:443.87 GB) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:465.66 GB) (Free:464.99 GB) NTFS
Drive f: (G71-VAW1014) (CDROM) (Total:0.99 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3D8B2748)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 400C28E4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
Zoek.exe v5.0.0.0 Updated 18-01-2015
Tool run by Carmen on 23/01/2015 friday at  0:54:21.55.
 
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Carmen\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2015-01-22-165344.log 54431 bytes
 
==== Running Processes ======================
 
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Users\Carmen\Desktop\zoek.exe
 
==== System Specs ======================
 
Windows: Windows 7 Ultimate Edition (Build 7600)
Memory (RAM): 3536 MB
CPU Info: Intel® Core™ i5-4440 CPU @ 3.10GHz
CPU Speed: 3094.0 MHz
Sound Card: speaker (Realtek High Definition A | 
Realtek Digital Output (Realtek | 
Display Adapters: AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; normal PnP monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Intel® Ethernet Connection I217-V
CD / DVD Drives: 1x (F: | ) F:
Ports: COM1 LPT1
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  465.7GB | D:  100.0MB | E:  465.7GB
Hard Disks - Free: C:  443.9GB | D:  84.7MB | E:  465.0GB
Manufacturer *: 
BIOS Info: AT/AT COMPATIBLE | 07/03/14 | ALASKA - 1072009
Time Zone: 
Motherboard *: 
Country: 
Language: ZHH 
 
==== System Specs (Software) ======================
 
Default Browser: Google Chrome 39.0.2171.99
Internet Explorer version: 8.0.7600.16385 
Google Chrome version: 39.0.2171.99
Adobe Reader version: 9.0.0.2008061200
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2015-01-20 18:01:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin
2015-01-20 17:57:37 8FA6BAC0034E15F41BD511BC7512D15C 47427 ----a-w- C:\Windows\atiogl.xml
2015-01-20 17:33:03 04FEFB002A13CE5027A947CF0F500AF4 2080472 ----a-r- C:\Windows\RtlExUpd.dll
====== C:\Users\Carmen\AppData\Local\Temp ====
2015-01-20 18:15:03 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Carmen\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe
2015-01-20 18:15:03 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Carmen\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe
2015-01-20 17:58:40 CCF5EBF43CC7CEEA08846DFA4C6CD082 2704600 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\cmdstat.dll
2015-01-20 17:58:40 70D9179A264E618F8B4C79E46B637E41 281816 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\7za.dll
2015-01-20 17:58:40 686C080363A9237FDDA82C19568AAF34 3342552 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\cmdhtml.dll
2015-01-20 17:58:34 B157FEC804F69608071F6070EBEB58AF 2395864 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\bsm_chrome.exe
2015-01-20 17:58:34 9AA89475C59D1AE1122CDE8B0AB4B8A3 5273816 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\cmdinstall.exe
2015-01-20 17:58:24 46210B2C9EF6BDA921A5BE669DF488CD 25893888 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\cis\download\installs\xml_binaries\geekbuddy\lps-gb-vt-x64.msi
2015-01-20 17:58:15 0985025E430B5AFEA74E58E0BA2E1C6C 165365248 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\cis\download\installs\xml_binaries\cis\cis_setup_x64.msi
2015-01-20 17:53:33 0CB1706A998131AF1D5400681CC5C15D 9180976 ------w- C:\Users\Carmen\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
2015-01-20 17:51:47 DF28752E709F9A8A347EFB8A73E0808F 16312272 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\ThreatScanner.exe
2015-01-20 17:51:46 EC4EFE362C99E3E9DEE9C35A005D1936 15790240 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\installerpackage.exe
2015-01-20 17:51:36 C361C370297D565BD8485FBF1CD32A45 969400 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\it-IT.exe
2015-01-20 17:51:36 C167FBDB4070C4A35ACDBDA7A837A2E9 1043000 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe
2015-01-20 17:51:36 920A27BCCCB454D0B2E365A79D0E58D2 1837096 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\en-US.exe
2015-01-20 17:51:36 48CDB66C135C11BFA71E87C9577E2D7A 970088 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe
2015-01-20 17:51:35 F6467FF6940D1FD91556D5AE39FB9F06 815600 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\setuplauncher.exe
2015-01-20 17:51:35 F39A06583B9830BC2B5421592370CA0E 2108232 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\additional.dll
2015-01-20 17:51:35 D6B4DD48E3506887FE0D401FF0292AD5 95088 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\bdmetrics.dll
2015-01-20 17:51:35 D69F4C8D140998323AD660F2BC641AA2 1202904 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\wslib.dll
2015-01-20 17:51:35 D620F4CC59880B7FB2ED4C1424030B2D 486512 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\Installer.exe
2015-01-20 17:51:35 A6324D2203644C81EE7835CF9A3C8778 15768 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe
2015-01-20 17:51:35 9E0453906CF2D2C81F456E67A44AC04F 932984 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\htmlayout.dll
2015-01-20 17:51:35 973E9E23C84767058857787865E98DD5 129608 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\bdnc.dll
2015-01-20 17:51:35 88E0F99FDB8DDCB6E6A15380E164FEA2 355744 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\trufos.sys
2015-01-20 17:51:35 7970901BCCDC4740A2AF340F159F6386 15256 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe
2015-01-20 17:51:35 7032B760CDDB15D518AC7684BA1B4CBA 168760 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\bdardrv.dll
2015-01-20 17:51:35 6A55C45176E863C58760A74A73285CC3 401528 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\trufos.dll
2015-01-20 17:51:35 69743FCFCCA50A2F473FFC8E9EA94B89 68832 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\gzfltum.dll
2015-01-20 17:51:35 66668490AC6165FDA83089BF71511BF4 135472 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\bdselfpr.sys
2015-01-20 17:51:35 5016DEACCCD15B7E07A7C085BB2AD112 250112 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\wsutils.dll
2015-01-20 17:51:35 46524E4F27A44A86F28772D80BC3CE02 164952 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\gzflt.sys
2015-01-20 17:51:35 377DBA1E531CD11EBC45B907B454D247 156304 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\avcheck.exe
2015-01-20 17:51:35 362DA37F23A4F0BCB97B2E8379CCA37B 195016 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\wspack.dll
2015-01-20 17:51:35 33F49D9F5A6A106EF93A8586B0916EF7 113616 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\npcomm.dll
2015-01-20 17:51:35 1DB0F4E9FA8E99BF4C92C66FB75F115E 189360 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\unrar.dll
2015-01-20 17:51:35 1755023407FDE00D9916505A557569D5 113904 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\core\bdcore.dll
2015-01-20 17:35:36 30EBD4E80B1DDA05EAC709A1DC5965B4 164784 ----a-r- C:\Users\Carmen\AppData\Local\Temp\{9D88DB4A-A027-446A-9BB2-C3290D9D7376}\_Setup.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2015-01-20 18:28:57 348E3DFC717E77368FF41E665303F0DC 110348472 ----a-w- C:\Windows\System32\MRT.exe
2015-01-20 18:00:21 E6BB9F8C97B2CCF676227226700800AF 48392 ----a-w- C:\Windows\System32\certsentry.dll
2015-01-20 17:58:16 E88E212E5A3DF005B35A8D261DCEF70B 84480 ----a-w- C:\Windows\System32\DelayAPO.dll
2015-01-20 17:58:02 9B3A6A0A5006748F34CEBE48E95444AE 57344 ----a-w- C:\Windows\System32\OpenCL.dll
2015-01-20 17:58:02 81D6E18F07DB949E13CBA452539B4A8C 200704 ----a-w- C:\Windows\System32\clinfo.exe
2015-01-20 17:58:02 1FF7C4C87524AB79121B10A930DE50E2 24008704 ----a-w- C:\Windows\System32\amdocl.dll
2015-01-20 17:58:01 BCEBAE3415052A6C0E3FF22D348E2E17 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2015-01-20 17:58:01 8ED4CB3357A6B66347B79267A2F47921 231856 ----a-w- C:\Windows\System32\ativvaxy_cik_nd.dat
2015-01-20 17:58:01 7C163EDE63854539828F5B2C1BC529FD 157144 ----a-w- C:\Windows\System32\ativvsva.dat
2015-01-20 17:58:01 7322D73EB475675AB6C68B2C93128C4E 83456 ----a-w- C:\Windows\System32\OpenVideo.dll
2015-01-20 17:58:01 64A0869F18560CD529120ADE00155C3E 3917 ----a-w- C:\Windows\System32\atipblag.dat
2015-01-20 17:58:01 56B986D13C74903FE27B71BA85C76037 995342 ----a-w- C:\Windows\System32\amdocl_as32.exe
2015-01-20 17:58:01 28F4F5BAC73505F71B8AEC95B7FBE1DD 798734 ----a-w- C:\Windows\System32\amdocl_ld32.exe
2015-01-20 17:58:01 272F1671799F2A1EE536C78D8FB8411E 555744 ----a-w- C:\Windows\System32\atiapfxx.blb
2015-01-20 17:58:01 219D7091DD1D93728392337FE9C7ADD6 204952 ----a-w- C:\Windows\System32\ativvsvl.dat
2015-01-20 17:58:01 10CA0B0912CD9A612B02E11913658C91 73216 ----a-w- C:\Windows\System32\OVDecode.dll
2015-01-20 17:58:01 0E08E479E0A35EF45C1063336D55A008 114688 ----a-w- C:\Windows\System32\coinst_13.20.dll
2015-01-20 17:58:00 B8C32405EB052877707424EC0E50D674 234292 ----a-w- C:\Windows\System32\ativvaxy_cik.dat
2015-01-20 17:58:00 22753269FC055AB423D7578B600E4DCA 83392 ----a-w- C:\Windows\System32\ativce02.dat
2015-01-20 17:52:39 EB2DB9D5EFE1340B25B46898C65A5CDD 2842 ----a-w- C:\Windows\System32\lic2.xml25457
2015-01-20 17:44:16 5E0569BB45EBD134E69D919E196EB107 505608 ----a-w- C:\Windows\System32\USBKeyCredentialProvider.dll
2015-01-20 17:42:50 8C3D0C73A0850A0EE62DF9EC36DBDE80 1904 ------w- C:\Windows\System32\SetupBD.din
2015-01-20 17:42:48 736E21F84D241A6D8CF2319C27B3FEC2 317752 ----a-r- C:\Windows\System32\PROUnstl.exe
2015-01-20 17:42:05 4469C829623B7EBB7D03F9A2EA55488F 73480 ----a-w- C:\Windows\System32\e1dmsg.dll
2015-01-20 17:42:05 4192468FB10D604673BC46AC50AFA22F 28792 ----a-w- C:\Windows\System32\NicCo36.dll
2015-01-20 17:42:05 2C843A8A9B4CF4DBBAB7CA6980E85C67 3109 ----a-w- C:\Windows\System32\e1d6232.din
2015-01-20 17:42:03 116694114C52EC081475505D3C385087 83232 ----a-w- C:\Windows\System32\NicInstD.dll
2015-01-20 17:41:25 A9970042BE512C7981B36E689C5F3F9F 1461992 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2015-01-20 17:39:00 3D2A2D921135801835073451F002480F 1629040 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2015-01-20 17:33:05 8F3710245B1B923D6C0A2C15BB49C84A 58264 ----a-w- C:\Windows\System32\TepeqAPO.dll
2015-01-20 17:33:05 8D62DA5C9C7672DEB6E8093C3796DF4A 819648 ----a-w- C:\Windows\System32\tadefxapo2.dll
2015-01-20 17:33:05 47AC41518B5DCD65FCED33A129CDB1C1 134584 ----a-w- C:\Windows\System32\tadefxapo.dll
2015-01-20 17:33:05 38136C24E80EA6C7C0A227A2AD433FA7 1379760 ----a-w- C:\Windows\System32\tosade.dll
2015-01-20 17:33:04 E232507C219A1957880D4EB6D022FAC7 170840 ----a-w- C:\Windows\System32\RTEED32A.dll
2015-01-20 17:33:04 D59EAD8016979FD31C21667DA08E3C15 2326744 ----a-w- C:\Windows\System32\RtkAPO.dll
2015-01-20 17:33:04 CBFC170869FA687CE07435241D8E4E8A 769752 ----a-w- C:\Windows\System32\RtkApoApi.dll
2015-01-20 17:33:04 C619CDFA5CDC5A346C89870010A2391C 295768 ----a-w- C:\Windows\System32\RP3DAA32.dll
2015-01-20 17:33:04 A6686775084244141483AEA0391508D2 359768 ----a-w- C:\Windows\System32\RTEEP32A.dll
2015-01-20 17:33:04 68EEB48834838105CEA8A90070EAAF56 1596488 ----a-w- C:\Windows\System32\RTSndMgr.cpl
2015-01-20 17:33:04 5B18398DEDE4A4A78651CD34F0A217A5 78680 ----a-w- C:\Windows\System32\RTEEL32A.dll
2015-01-20 17:33:04 5249E0018F2F937EA295861533EDB563 121560 ----a-w- C:\Windows\System32\RtkCoInstII.dll
2015-01-20 17:33:04 4F92047498EFEA076E3745C291481975 295768 ----a-w- C:\Windows\System32\RP3DHT32.dll
2015-01-20 17:33:04 4B540CD34B883C174008F33F249D6773 13416 ----a-w- C:\Windows\System32\RtkCoLDR.dll
2015-01-20 17:33:04 3DE99987154319C901A6537BA8777CB9 64856 ----a-w- C:\Windows\System32\RTEEG32A.dll
2015-01-20 17:33:04 2AAA33D4E0B97FB431A74D776710FE26 2536664 ----a-w- C:\Windows\System32\RtkPgExt.dll
2015-01-20 17:33:03 C86A0967E5C040AAB947F883F0B6D96F 95840 ----a-w- C:\Windows\System32\AERTARen.dll
2015-01-20 17:33:03 6B9BCED6220A074E3F3CC3B3E30DD0AF 181960 ----a-w- C:\Windows\System32\AERTACap.dll
2015-01-20 17:33:03 254ACF29130F8143C88A54ED81738ACF 90624 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2015-01-20 17:33:03 0612C32C6C11BAF594B453AA1B002396 2396192 ----a-w- C:\Windows\System32\FMAPO.dll
2015-01-20 17:30:06 FDEF330575C8C8EAD815F58BB7A93ED3 53248 ----a-r- C:\Windows\System32\CSVer.dll
2015-01-20 17:28:03 6B24CBB412B5237A23266D694C134E1B 1288466 ----a-w- C:\Windows\System32\PerfStringBackup.INI
2015-01-20 17:27:36 FA4B5940B31853ADE67A73026884C8C9 1130824 ----a-w- C:\Windows\System32\dfshim.dll
2015-01-20 17:27:36 DFF617498211FBB3D8D3FCC51A37B777 99176 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2015-01-20 17:27:36 302964DCAC79D618CC7B72C778DA9FD2 295264 ----a-w- C:\Windows\System32\PresentationHost.exe
2015-01-20 17:27:36 15515AE1540B4EE2B75DF63FC15129DF 49472 ----a-w- C:\Windows\System32\netfxperf.dll
2015-01-20 17:27:36 128DD9AF8640DBCC711940903C8B554F 297808 ----a-w- C:\Windows\System32\mscoree.dll
====== C:\Windows\system32\drivers =====
2015-01-20 19:30:36 260D2560F47F20FEEA966377EE23117E 2864 ----a-w- C:\Windows\System32\drivers\fvstore.dat
2015-01-20 18:07:33 F7CC5F6704FCB932C175251C764ED04A 1474832 ----a-w- C:\Windows\System32\drivers\sfi.dat
2015-01-20 17:58:16 E868CC139495DCE9FCEAF0E63FF93F9C 77312 ----a-w- C:\Windows\System32\drivers\AtihdW73.sys
2015-01-20 17:52:14 B5B8FC2C4D520F1F1EED52A980ED5091 633344 ----a-w- C:\Windows\System32\drivers\avc3.sys
2015-01-20 17:52:14 818E7E029DB594DCB8D6218A7D6FA575 486536 ----a-w- C:\Windows\System32\drivers\avckf.sys
2015-01-20 17:52:14 7F9B99B564E7C9FBB6729ED95B5BBB24 242504 ----a-w- C:\Windows\System32\drivers\avchv.sys
2015-01-20 17:51:44 88E0F99FDB8DDCB6E6A15380E164FEA2 355744 ----a-w- C:\Windows\System32\drivers\trufos.sys
2015-01-20 17:51:44 46524E4F27A44A86F28772D80BC3CE02 164952 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2015-01-20 17:44:44 10DB71D52DB96E6ED58BB9C0EB076AE4 1284960 ----a-w- C:\Windows\System32\drivers\cfosspeed6.sys
2015-01-20 17:44:13 AFE874810D728C5E06946963FB0DF344 38152 ----a-w- C:\Windows\System32\drivers\AsrRamDisk.sys
2015-01-20 17:43:25 6133404B5B260433922BBAC04E3254B2 15656 ----a-w- C:\Windows\System32\drivers\AsrAppCharger.sys
2015-01-20 17:42:05 B5C557433835A2FB6604A66D8CAF52EB 367880 ----a-w- C:\Windows\System32\drivers\e1d6232.sys
2015-01-20 17:41:32 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-20 17:41:29 4232E075A2E1C2E01B83666B0885C35F 16880 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2015-01-20 17:41:17 92A7944E8379F910BEF44858D43FF7C1 793072 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2015-01-20 17:41:17 90DCED9D906CFC405D09A21B16EAD0D7 361968 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2015-01-20 17:39:00 97AEFCC50287E647876CF19F5F9A367F 85464 ----a-w- C:\Windows\System32\drivers\TeeDriver.sys
2015-01-20 17:33:04 DFA16A1C41989C28074E00C40D67C23C 620273 ----a-w- C:\Windows\System32\drivers\RTAIODAT.DAT
2015-01-20 17:33:04 DC36560FB4AC03F379836B5F81144E4A 2782232 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys
2015-01-20 17:19:21 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
====== C:\Windows\Tasks ======
2015-01-20 18:46:33 37E5789271E25ED81B34574813E23A09 530 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 18:46:33 0F07E19678B2BE674B83780FDEA4457A 3526 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2015-01-20 18:46:32 E049F23A4DBDF5755C118517E4EE0310 526 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-20 18:46:32 2FE6FD70703AF5DE82E756DBFD73CA0C 3274 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2015-01-20 18:07:39 -------- d-----w- C:\Windows\system32\Tasks\COMODO
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-21 16:54:25 -------- d-----w- C:\Program Files\Common Files\COMODO
2015-01-20 18:12:29 -------- d-----w- C:\Program Files\MSI
2015-01-20 18:03:10 -------- d-----w- C:\Program Files\MSI Afterburner
2015-01-20 18:00:48 -------- d-----w- C:\Program Files\AMD AVT
2015-01-20 18:00:13 -------- d-----w- C:\Program Files\Comodo
2015-01-20 17:54:48 -------- d-----w- C:\Program Files\ATI
2015-01-20 17:51:45 -------- d-----w- C:\Program Files\Bitdefender
2015-01-20 17:46:56 -------- d-----w- C:\Program Files\Common Files\Adobe
2015-01-20 17:46:56 -------- d-----w- C:\Program Files\Adobe
2015-01-20 17:44:44 -------- d-----w- C:\Program Files\ASRock
2015-01-20 17:43:40 -------- d-----w- C:\Program Files\Google
2015-01-20 17:43:25 -------- d-----w- C:\Program Files\ASRock Utility
2015-01-20 17:38:17 -------- d-----w- C:\Program Files\Common Files\Intel Corporation
2015-01-20 17:33:03 -------- d--h--w- C:\Program Files\Temp
2015-01-20 17:33:03 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2015-01-20 17:33:03 -------- d-----w- C:\Program Files\Realtek
2015-01-20 17:33:01 -------- d-----w- C:\Program Files\Common Files\InstallShield
2015-01-20 17:30:06 -------- d-----w- C:\Program Files\Intel
2015-01-20 17:27:52 -------- d-----w- C:\Program Files\Microsoft.NET
======= C: =====
====== C:\Users\Carmen\AppData\Roaming ======
2015-01-20 19:36:22 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Dropbox
2015-01-20 18:46:12 -------- d-----w- C:\Users\Carmen\AppData\Local\Deployment
2015-01-20 18:46:12 -------- d-----w- C:\Users\Carmen\AppData\Local\Apps
2015-01-20 18:03:16 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-01-20 18:03:10 -------- d-----w- C:\Users\Carmen\AppData\Roaming\ATI
2015-01-20 18:03:10 -------- d-----w- C:\Users\Carmen\AppData\Local\ATI
2015-01-20 18:02:20 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Locallow\COMODO
2015-01-20 18:00:22 -------- d-----w- C:\Users\Carmen\AppData\Local\Comodo
2015-01-20 18:00:21 -------- d-----w- C:\Users\Carmen\AppData\Locallow\COMODO
2015-01-20 17:57:55 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\QuickScan
2015-01-20 17:51:36 -------- d-----w- C:\Users\Carmen\AppData\Roaming\QuickScan
2015-01-20 17:50:23 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2015-01-20 17:49:49 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2015-01-20 17:49:08 -------- d-----w- C:\Users\Carmen\AppData\Local\Adobe
2015-01-20 17:47:32 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Adobe
2015-01-20 17:46:50 -------- d-s---w- C:\Users\Carmen\AppData\Locallow\Microsoft
2015-01-20 17:44:38 -------- d-----w- C:\Users\Carmen\AppData\Local\cFos
2015-01-20 17:44:12 -------- d-----w- C:\Users\Carmen\AppData\Local\Programs
2015-01-20 17:43:40 -------- d-----w- C:\Users\Carmen\AppData\Local\Google
2015-01-20 17:37:28 -------- d-----w- C:\Users\Carmen\AppData\Roaming\InstallShield
2015-01-20 17:34:16 C6F930B71961D5C4331DF04B26607DC9 57952 ----a-w- C:\Users\Carmen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-20 17:34:16 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Intel Corporation
2015-01-20 17:23:31 -------- d-----r- C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-01-20 17:23:31 -------- d-----r- C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2015-01-20 17:23:21 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Identities
2015-01-20 17:23:14 -------- d-----w- C:\Users\Carmen\AppData\Local\VirtualStore
2015-01-20 17:23:12 -------- d-s---w- C:\Users\Carmen\AppData\Roaming\Microsoft
2015-01-20 17:23:12 -------- d-----w- C:\Users\Carmen\AppData\Roaming\Media Center Programs
2015-01-20 17:23:12 -------- d-----w- C:\Users\Carmen\AppData\Local\Temp
2015-01-20 17:23:12 -------- d-----w- C:\Users\Carmen\AppData\Local\Microsoft
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
====== C:\Users\Carmen ======
2015-01-22 16:34:26 B71791E5B54467B16712EB1316EB910C 1118208 ----a-w- C:\Users\Carmen\Desktop\FRST.exe
2015-01-22 16:34:10 DD55080C38BF607930A99950B95B0814 2126848 ----a-w- C:\Users\Carmen\Desktop\FRST64.exe
2015-01-20 19:30:54 807BBAF9E2B8E912708331A89634F350 19844092 ----a-w- C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-20 19:29:56 C60E56FA437147534D381218C799EBB2 19982792 ----a-w- C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 19:21:08 1AC91AB0DC51CD0B8258945CDED565DB 5006864 ----a-w- C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe
2015-01-20 18:46:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-20 18:28:32 952DB40482F285ED134F37D3E673895F 37046976 ----a-w- C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe
2015-01-20 18:12:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-01-20 18:06:46 -------- d-----w- C:\ProgramData\Shared Space
2015-01-20 18:03:10 -------- d-----w- C:\ProgramData\ATI
2015-01-20 18:00:49 -------- d-----w- C:\ProgramData\AMD
2015-01-20 18:00:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-01-20 17:59:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-20 17:59:28 -------- d-----w- C:\ProgramData\Comodo Downloader
2015-01-20 17:58:47 -------- d-----w- C:\ProgramData\Comodo
2015-01-20 17:55:31 9BB42331A34825BCD9A15F853F91204B 226075384 ----a-w- C:\Users\Carmen\Downloads\cispremium_installer_6100_08.exe
2015-01-20 17:55:07 -------- d-----w- C:\ProgramData\Package Cache
2015-01-20 17:52:26 59EA6C85B9DF81DC67093907EC588707 197160 ----a-w- C:\ProgramData\1421776296.bdinstall.bin
2015-01-20 17:52:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2015-01-20 17:51:21 5DCB5CCEDAC03172525868E52A4BD436 9927424 ----a-w- C:\Users\Carmen\Downloads\Antivirus_Free_Edition_x86.exe
2015-01-20 17:51:17 DE1F74C3471F2C9A8C0B3969E692F7B2 162208 ----a-w- C:\Users\Carmen\Downloads\Antivirus_Free_Edition.exe
2015-01-20 17:46:57 -------- d-----w- C:\ProgramData\Adobe
2015-01-20 17:44:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN
2015-01-20 17:44:38 -------- d-----w- C:\ProgramData\cFos
2015-01-20 17:43:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2015-01-20 17:34:08 -------- d-----w- C:\Windows\system32\config\systemprofile\Intel
2015-01-20 17:34:04 -------- d-----w- C:\ProgramData\Intel
2015-01-20 17:34:04 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-20 17:33:38 -------- d-----w- C:\Users\Carmen\Intel
2015-01-20 17:23:31 -------- d-----r- C:\Users\Carmen\Searches
2015-01-20 17:23:20 -------- d-----r- C:\Users\Carmen\Contacts
2015-01-20 17:23:13 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Carmen\ntuser.ini
2015-01-20 17:23:12 -------- d--h--w- C:\Users\Carmen\AppData
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Videos
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Saved Games
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Pictures
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Music
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Links
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Favorites
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Downloads
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Documents
2015-01-20 17:23:12 -------- d-----r- C:\Users\Carmen\Desktop
 
====== C: exe-files ==
2015-01-22 16:34:26 B71791E5B54467B16712EB1316EB910C 1118208 ----a-w- C:\Users\Carmen\Desktop\FRST.exe
2015-01-22 16:34:10 DD55080C38BF607930A99950B95B0814 2126848 ----a-w- C:\Users\Carmen\Desktop\FRST64.exe
2015-01-22 16:24:58 BE697FFD9BA39B3806B1731EEFED9347 1014024 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_browser_addons_api_release-4.0.292287.4.exe
2015-01-20 19:30:54 807BBAF9E2B8E912708331A89634F350 19844092 ----a-w- C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-20 19:29:56 C60E56FA437147534D381218C799EBB2 19982792 ----a-w- C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 19:21:08 1AC91AB0DC51CD0B8258945CDED565DB 5006864 ----a-w- C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe
2015-01-20 18:46:41 0446920FEC618F01F4262C09B330878B 40756304 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.99\39.0.2171.99_chrome_installer.exe
2015-01-20 18:46:31 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
2015-01-20 18:46:31 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
2015-01-20 18:46:30 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe
2015-01-20 18:46:30 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
2015-01-20 18:46:23 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
2015-01-20 18:46:23 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
2015-01-20 18:46:23 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
2015-01-20 18:46:22 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdate.exe
2015-01-20 18:46:18 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Carmen\AppData\Local\Apps\2.0\JOQQEWM3.EC5\J32MWGMO.MRZ\google.app_4fe91ede9f9bdca3_0001.0003_0ec783ef23a254b8\GoogleUpdateSetup.exe
2015-01-20 18:46:18 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Carmen\AppData\Local\Apps\2.0\JOQQEWM3.EC5\J32MWGMO.MRZ\clic...exe_4fe91ede9f9bdca3_0001.0003_none_b1328e123920ace1\GoogleUpdateSetup.exe
2015-01-20 18:46:18 0C03930EAEB2C336A067451192677F28 10120 ------w- C:\Users\Carmen\AppData\Local\Apps\2.0\JOQQEWM3.EC5\J32MWGMO.MRZ\google.app_4fe91ede9f9bdca3_0001.0003_0ec783ef23a254b8\clickonce_bootstrap.exe
2015-01-20 18:43:19 0FD25D85C25CBA5908A6BF15782BAC0E 563896 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_cross_selling_installer_monitor_release-4.12.318569.13.exe
2015-01-20 18:43:10 42FC3DA39F9D50137C5151993BADB6AE 459432 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_memory_monitor_release-4.10.301764.3.exe
2015-01-20 18:43:01 27562984CA653EC72C5893DEEE822CF7 637864 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_application_vulnerability_monitor_release-4.10.307677.9.exe
2015-01-20 18:28:57 348E3DFC717E77368FF41E665303F0DC 110348472 ----a-w- C:\Windows\System32\MRT.exe
2015-01-20 18:28:32 952DB40482F285ED134F37D3E673895F 37046976 ----a-w- C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe
2015-01-20 18:15:03 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Carmen\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe
2015-01-20 18:15:03 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Carmen\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe
2015-01-20 18:12:29 E2A73AE83092315F245BFA41F3D6C3A2 81408 ---ha-w- C:\Program Files\MSI\MSI GamingApp\devcon64.exe
2015-01-20 18:12:29 DB9FC131C58B66E4FE696DDA10309CA3 77312 ---ha-w- C:\Program Files\MSI\MSI GamingApp\devcon86.exe
2015-01-20 18:12:29 1F8EC547F9ADA1B949AC815232996F31 1306608 ----a-w- C:\Program Files\MSI\MSI GamingApp\unins000.exe
2015-01-20 18:12:29 016F01116F41944440330771EF0C5D9A 5699568 ----a-w- C:\Program Files\MSI\MSI GamingApp\MSIGamingApp.exe
2015-01-20 18:05:54 CEC88F19A71819B2FC00475B420CF548 1152480 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_system_cleaner_api_release-4.2.292287.3.exe
2015-01-20 18:05:51 C5D5FAF66F0937A6E741EA4A64F65715 3625288 ----a-w- C:\ProgramData\Comodo Downloader\cis\download\installs\xml_binaries\yandex_bm\browsermanagerinstaller.exe
2015-01-20 18:05:51 3ECDCE5F32AF041FF25CCD02B6BE6F3D 53161456 ----a-w- C:\ProgramData\Comodo Downloader\cis\download\installs\xml_binaries\dragon\dragonsetup.exe
2015-01-20 18:05:28 B7A010E36C7F1704A3210B9F90D48645 1989272 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_system_cleaner_monitor_release-4.12.317464.8.exe
2015-01-20 18:04:42 4AC6149320AB8E8784AB137BFC1F5856 554240 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_browser_addons_monitor_release-4.12.315370.6.exe
2015-01-20 18:04:36 A6C6A02F08F1BC4989446A5F2D888D43 586096 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_windows_event_monitor_release-4.11.311355.6.exe
2015-01-20 18:04:21 0AAC2182AE74DF031679664B5CBE590B 2196272 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_autoruns_manager_api_release-4.14.330616.6.exe
2015-01-20 18:04:14 A67214E5B4B731B7EBEC9B611BBD56F3 547088 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_boot_time_monitor_release-4.12.315371.9.exe
2015-01-20 18:03:49 3B3E057DD67F988BFE8F58EB1A23A3B7 949864 ----a-w- C:\ProgramData\Comodo\lps4\temp\setup_clps_client_transaction_release-4.14.338029.75.exe
2015-01-20 18:03:10 57D20973DAA70C3E5940C65282B69891 88202 ----a-w- C:\Program Files\MSI Afterburner\Uninstall.exe
2015-01-20 17:58:34 B157FEC804F69608071F6070EBEB58AF 2395864 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\bsm_chrome.exe
2015-01-20 17:58:34 9AA89475C59D1AE1122CDE8B0AB4B8A3 5273816 ----a-w- C:\Users\Carmen\AppData\Local\Temp\7ZipSfx.000\cmdinstall.exe
2015-01-20 17:58:02 81D6E18F07DB949E13CBA452539B4A8C 200704 ----a-w- C:\Windows\System32\clinfo.exe
2015-01-20 17:58:02 81D6E18F07DB949E13CBA452539B4A8C 200704 ------w- C:\Windows\System32\DriverStore\FileRepository\cw163984.inf_x86_neutral_49bf1ecd1d751b6a\B162477\clinfo.exe
2015-01-20 17:58:01 56B986D13C74903FE27B71BA85C76037 995342 ----a-w- C:\Windows\System32\amdocl_as32.exe
2015-01-20 17:58:01 56B986D13C74903FE27B71BA85C76037 995342 ------w- C:\Windows\System32\DriverStore\FileRepository\cw163984.inf_x86_neutral_49bf1ecd1d751b6a\B162477\amdocl_as32.exe
2015-01-20 17:58:01 28F4F5BAC73505F71B8AEC95B7FBE1DD 798734 ----a-w- C:\Windows\System32\amdocl_ld32.exe
2015-01-20 17:58:01 28F4F5BAC73505F71B8AEC95B7FBE1DD 798734 ------w- C:\Windows\System32\DriverStore\FileRepository\cw163984.inf_x86_neutral_49bf1ecd1d751b6a\B162477\amdocl_ld32.exe
2015-01-20 17:55:31 9BB42331A34825BCD9A15F853F91204B 226075384 ----a-w- C:\Users\Carmen\Downloads\cispremium_installer_6100_08.exe
2015-01-20 17:55:07 B01FE4E8BDBE96AC3DFB2DC4AF6DB1E9 453920 ------w- C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
2015-01-20 17:53:33 0CB1706A998131AF1D5400681CC5C15D 9180976 ------w- C:\Users\Carmen\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
2015-01-20 17:52:22 F6467FF6940D1FD91556D5AE39FB9F06 815600 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\setuplauncher.exe
2015-01-20 17:52:22 EC4EFE362C99E3E9DEE9C35A005D1936 15790240 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\installerpackage.exe
2015-01-20 17:52:22 DF28752E709F9A8A347EFB8A73E0808F 16312272 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\ThreatScanner.exe
2015-01-20 17:52:22 D620F4CC59880B7FB2ED4C1424030B2D 486512 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\Installer.exe
2015-01-20 17:52:22 C361C370297D565BD8485FBF1CD32A45 969400 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\it-IT.exe
2015-01-20 17:52:22 C167FBDB4070C4A35ACDBDA7A837A2E9 1043000 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\ro-RO.exe
2015-01-20 17:52:22 A6324D2203644C81EE7835CF9A3C8778 15768 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\WPFKickstarter4.exe
2015-01-20 17:52:22 920A27BCCCB454D0B2E365A79D0E58D2 1837096 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\en-US.exe
2015-01-20 17:52:22 7970901BCCDC4740A2AF340F159F6386 15256 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\WPFKickstarter.exe
2015-01-20 17:52:22 48CDB66C135C11BFA71E87C9577E2D7A 970088 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\lang\pt-BR.exe
2015-01-20 17:52:22 377DBA1E531CD11EBC45B907B454D247 156304 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\avcheck.exe
2015-01-20 17:52:14 E27A7E8D037AEC4E5898F7325124BCA6 603408 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\gztray4.exe
2015-01-20 17:52:14 D506DFC52878532A4570020E88C3E2F0 18384 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\gzifaceexec.exe
2015-01-20 17:52:14 D4A809241E26BB59826F27F360ECACA3 16848 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\elevator.exe
2015-01-20 17:52:14 D48131B6BC7EBF24E40AC73FBAAB46BA 48232 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\ThreatScanner\gc.exe
2015-01-20 17:52:14 BA8370C97B5F6BA40CB5AB0309ECAF81 153816 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\ifacemodel4.exe
2015-01-20 17:52:14 AD1F9D3DDB651D9E45933803077338BD 62152 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\driverctrl.exe
2015-01-20 17:52:14 771676DB364B444C6333B5F30C7A1755 57520 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
2015-01-20 17:52:14 6AD95635BE7BFA545D75240825577E97 70928 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\avchvinst.exe
2015-01-20 17:52:14 524FF67B37026814D9DFD7F436812632 60592 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\setloadorder.exe
2015-01-20 17:52:14 499CB43B0F7A468FCEABE37EB8BB19B1 1133864 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
2015-01-20 17:52:14 387E52F2FEC775B98BF48F6BC698F23E 157352 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\ifacemodel.exe
2015-01-20 17:52:14 2CF8FC3A776474CD9A2EAD5B5042DB8B 528152 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\gztray.exe
2015-01-20 17:52:14 0CAF0E7CA6F76C503A425F4A76CCC03F 188336 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\bdreinit.exe
2015-01-20 17:52:14 097E01773795FE0B652AF6BC63177EF8 235728 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
2015-01-20 17:51:47 DF28752E709F9A8A347EFB8A73E0808F 16312272 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\ThreatScanner.exe
2015-01-20 17:51:46 EC4EFE362C99E3E9DEE9C35A005D1936 15790240 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\installerpackage.exe
2015-01-20 17:51:36 C361C370297D565BD8485FBF1CD32A45 969400 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\it-IT.exe
2015-01-20 17:51:36 C167FBDB4070C4A35ACDBDA7A837A2E9 1043000 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe
2015-01-20 17:51:36 920A27BCCCB454D0B2E365A79D0E58D2 1837096 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\en-US.exe
2015-01-20 17:51:36 48CDB66C135C11BFA71E87C9577E2D7A 970088 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe
2015-01-20 17:51:35 F6467FF6940D1FD91556D5AE39FB9F06 815600 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\setuplauncher.exe
2015-01-20 17:51:35 D620F4CC59880B7FB2ED4C1424030B2D 486512 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\Installer.exe
2015-01-20 17:51:35 A6324D2203644C81EE7835CF9A3C8778 15768 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe
2015-01-20 17:51:35 7970901BCCDC4740A2AF340F159F6386 15256 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe
2015-01-20 17:51:35 377DBA1E531CD11EBC45B907B454D247 156304 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\avcheck.exe
2015-01-20 17:51:21 5DCB5CCEDAC03172525868E52A4BD436 9927424 ----a-w- C:\Users\Carmen\Downloads\Antivirus_Free_Edition_x86.exe
2015-01-20 17:51:17 DE1F74C3471F2C9A8C0B3969E692F7B2 162208 ----a-w- C:\Users\Carmen\Downloads\Antivirus_Free_Edition.exe
2015-01-20 17:44:44 E8D6B91FBADEBFAAB05159E8790EB5AF 1607520 ----a-r- C:\Program Files\ASRock\XFast LAN\setup.exe
2015-01-20 17:44:44 631699AFF7492E43617198FDA82B5E6D 1546080 ----a-r- C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
2015-01-20 17:44:44 411F3290A5BB70EF696EE7DB22BC89FD 550240 ----a-r- C:\Program Files\ASRock\XFast LAN\spd.exe
2015-01-20 17:44:13 DD5BEC49CD1A23B516794C6501D5CF22 9549064 ----a-w- C:\Program Files\ASRock Utility\XFast RAM\XFastRAM.exe
2015-01-20 17:44:13 ADC4AEAC0014FEAFC85ED3FA79AD81AD 86312 ----a-w- C:\Program Files\ASRock Utility\XFast RAM\AsrRamDiskInstaller.exe
2015-01-20 17:44:13 84AEF8B189B060859C6DF780E82A5D23 1184008 ----a-w- C:\Program Files\ASRock Utility\XFast RAM\unins000.exe
2015-01-20 17:44:13 2993FE36F566F8259C791CEDF8F6A372 1596168 ----a-w- C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
2015-01-20 17:44:10 E199288F016C354255C39A84378A48F6 171072 ----a-w- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
2015-01-20 17:44:10 4CC34CA199E330E15310129AD0D73E02 895808 ----a-w- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\uninstall\Setup.exe
2015-01-20 17:44:09 F913BC3A57497FCA9739709CF15E0AEF 2101760 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\AsrOMG.exe
2015-01-20 17:44:09 D208B82330EB0CA9E1285520630183F1 454656 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2015-01-20 17:44:09 D182DB605F6D4CE468334825B3830F10 5188360 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\LiveSetup.exe
2015-01-20 17:44:09 A6C8C232B779E1389EF526DAF9610C0C 3931648 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\InstantBoot.exe
2015-01-20 17:44:09 0AFC1887277CC7FC94B63049873788EA 3937760 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Linpack64\linpack_xeon64_AMD.exe
2015-01-20 17:44:08 DCD3E3A2699D181ECBDD7B5665F1B9A5 2264032 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Linpack32\linpack_xeon32_AMD.exe
2015-01-20 17:44:08 64FC45A4DD79F57FF348B9E3B0E692C5 2349464 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Linpack32\linpack_xeon32.exe
2015-01-20 17:44:08 37F40AA0861263CC757391A3DA1AF77E 4188568 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Linpack64\linpack_xeon64.exe
2015-01-20 17:44:03 9005290D2B7C1328414D4E08649FD1D0 3692192 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\ASRXFastRAM.exe
2015-01-20 17:44:03 8B1B987443967E6B35318211DD3D8956 1471520 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\HDMISwitchSetup.exe
2015-01-20 17:44:03 505EBD9D197DBF2BDABDEB1E9CD819E9 1392640 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\SetupICCS.exe
2015-01-20 17:44:01 1372CAC19226BA4662D150B833159208 1707784 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\AsrSvc.exe
2015-01-20 17:44:00 8DD999E325AF07C073EC0B4F9BECFE82 9800456 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\Bin\ATuning.exe
2015-01-20 17:44:00 07B6FAB1F7D55DF599F79D89D0183ECA 1173256 ----a-w- C:\Program Files\ASRock Utility\A-Tuning\unins000.exe
2015-01-20 17:43:25 E4B375D015D9C43B5EF761BBEC21A04F 1161480 ----a-w- C:\Program Files\ASRock Utility\AsrAppCharger\unins000.exe
2015-01-20 17:42:48 736E21F84D241A6D8CF2319C27B3FEC2 317752 ----a-r- C:\Windows\System32\PROUnstl.exe
2015-01-20 17:41:35 094E4E76FB9AB960A73F841BC6733F42 292848 ----a-r- C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2015-01-20 17:41:15 639BE31B5E10CFD29F9132178754A218 966640 ----a-r- C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\uninstall\Setup.exe
2015-01-20 17:39:54 FD110B805D3022A5D5E34ED8E2807F09 988632 ----a-w- C:\Program Files\Intel\Intel® Management Engine Components\uninstall\Setup.exe
2015-01-20 17:37:59 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files\InstallShield Installation Information\{40FEF622-6E0F-46B6-824B-A40C178FD4CD}\setup.exe
2015-01-20 17:34:12 8DD7FDE100BB0ACBA108C39056B8B192 1241088 ----a-w- C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe
2015-01-20 17:33:31 659A96A6198D1BA544B37785386C04CC 1523416 ----a-r- C:\Program Files\Realtek\Audio\InstallShield\Rtkupd.exe
2015-01-20 17:33:27 4813ABBDF20D5C43B8A054FAF2F4FB05 167640 ------w- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
2015-01-20 17:33:05 659A96A6198D1BA544B37785386C04CC 1523416 ------w- C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe
2015-01-20 17:33:04 C0A97DA46F83E47B35C24E4F1B977836 12000984 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\RtHDVCpl.exe
2015-01-20 17:33:04 C0A97DA46F83E47B35C24E4F1B977836 12000984 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2015-01-20 17:33:04 946BB11972B22A726FE7A4C2F62D14A2 978648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\RtHDVBg.exe
2015-01-20 17:33:04 946BB11972B22A726FE7A4C2F62D14A2 978648 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
2015-01-20 17:33:04 659A96A6198D1BA544B37785386C04CC 1523416 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\RtlUpd.exe
2015-01-20 17:33:04 659A96A6198D1BA544B37785386C04CC 1523416 ------w- C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe
2015-01-20 17:33:03 F9EDCA74B8CB3744159DEF02352F7BD6 58880 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\CreateRtkToastLnk.exe
2015-01-20 17:33:03 F9EDCA74B8CB3744159DEF02352F7BD6 58880 ------w- C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe
2015-01-20 17:33:03 A6CE73469591554279DA63BE715DBC93 87968 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\AERTSrv.exe
2015-01-20 17:33:03 A6CE73469591554279DA63BE715DBC93 87968 ------w- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
2015-01-20 17:33:03 879BBDF616FE27FECEABB2910259FD0E 52288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\FMAPP.exe
2015-01-20 17:33:03 879BBDF616FE27FECEABB2910259FD0E 52288 ------w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-01-20 17:33:03 49B3D2077199C44C1F3BBB16B4094AE6 121064 ----a-w- C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
2015-01-20 17:33:01 D87A2C80695F22C428BD4A64291D45E3 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2015-01-20 17:27:36 302964DCAC79D618CC7B72C778DA9FD2 295264 ----a-w- C:\Windows\System32\PresentationHost.exe
=== C: other files ==
2015-01-20 19:36:45 22EF8965101685ADD128F03A2B03CE16 118784 ----a-w- C:\Windows\System32\vbox\E1G60I32.sys
2015-01-20 19:36:11 9256191B2151AF9F4B37717B11486389 308832 ----a-w- C:\Windows\System32\vbox\VBoxVideoW8.sys
2015-01-20 19:35:42 DF115A47F78B1C456E2B1AA2C5F13EE5 304200 ----a-w- C:\Windows\System32\vbox\VBoxVideoWddm.sys
2015-01-20 19:35:24 EF7F600FD0DE0174CA345AB4815B5890 121384 ----a-w- C:\Windows\System32\vbox\VBoxVideo.sys
2015-01-20 19:35:11 6B7009DE790FEAC767D61E186AE282FF 103832 ----a-w- C:\Windows\System32\vbox\VBoxMouse.sys
2015-01-20 19:34:54 D5E56960E6FE10188D4DE8B6E5CAA312 127528 ----a-w- C:\Windows\System32\vbox\VBoxGuest.sys
2015-01-20 18:04:56 AB5AC830AB24E809BE50E468559A38FF 36210245 ----a-w- C:\Users\Carmen\Downloads\MSIAfterburnerSetup410.zip
2015-01-20 18:00:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\fallback\1\avchv.sys
2015-01-20 17:58:16 E868CC139495DCE9FCEAF0E63FF93F9C 77312 ----a-w- C:\Windows\System32\drivers\AtihdW73.sys
2015-01-20 17:58:16 E868CC139495DCE9FCEAF0E63FF93F9C 77312 ------w- C:\Windows\System32\DriverStore\FileRepository\atihdw73.inf_x86_neutral_6bf8a7c1febc373c\AtihdW73.sys
2015-01-20 17:52:22 88E0F99FDB8DDCB6E6A15380E164FEA2 355744 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\trufos.sys
2015-01-20 17:52:22 66668490AC6165FDA83089BF71511BF4 135472 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\bdselfpr.sys
2015-01-20 17:52:22 66668490AC6165FDA83089BF71511BF4 135472 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys
2015-01-20 17:52:22 46524E4F27A44A86F28772D80BC3CE02 164952 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\Install\gzflt.sys
2015-01-20 17:52:14 BC0795019263D9421003008C5211350C 108008 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys
2015-01-20 17:52:14 B5B8FC2C4D520F1F1EED52A980ED5091 633344 ----a-w- C:\Windows\System32\drivers\avc3.sys
2015-01-20 17:52:14 B5B8FC2C4D520F1F1EED52A980ED5091 633344 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\avc3.sys
2015-01-20 17:52:14 818E7E029DB594DCB8D6218A7D6FA575 486536 ----a-w- C:\Windows\System32\drivers\avckf.sys
2015-01-20 17:52:14 818E7E029DB594DCB8D6218A7D6FA575 486536 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\avckf.sys
2015-01-20 17:52:14 7F9B99B564E7C9FBB6729ED95B5BBB24 242504 ----a-w- C:\Windows\System32\DriverStore\FileRepository\avchv.inf_x86_neutral_062efed5180470ed\avchv.sys
2015-01-20 17:52:14 7F9B99B564E7C9FBB6729ED95B5BBB24 242504 ----a-w- C:\Windows\System32\drivers\avchv.sys
2015-01-20 17:52:14 7F9B99B564E7C9FBB6729ED95B5BBB24 242504 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\avchv.sys
2015-01-20 17:52:14 560E3C3D50F8FAA6227EBE97600D3220 148600 ----a-w- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys
2015-01-20 17:51:44 88E0F99FDB8DDCB6E6A15380E164FEA2 355744 ----a-w- C:\Windows\System32\drivers\trufos.sys
2015-01-20 17:51:44 46524E4F27A44A86F28772D80BC3CE02 164952 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2015-01-20 17:51:35 88E0F99FDB8DDCB6E6A15380E164FEA2 355744 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\trufos.sys
2015-01-20 17:51:35 66668490AC6165FDA83089BF71511BF4 135472 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\bdselfpr.sys
2015-01-20 17:51:35 46524E4F27A44A86F28772D80BC3CE02 164952 ----a-w- C:\Users\Carmen\AppData\Local\Temp\RarSFX0\gzflt.sys
2015-01-20 17:44:44 CFF0E908AF1334C0EB71B6822DCA4320 1265504 ----a-r- C:\Program Files\ASRock\XFast LAN\cfosspeed.sys
2015-01-20 17:44:44 10DB71D52DB96E6ED58BB9C0EB076AE4 1284960 ----a-w- C:\Windows\System32\DriverStore\FileRepository\speed6.inf_x86_neutral_d3eb997b73e2a4f5\cfosspeed6.sys
2015-01-20 17:44:44 10DB71D52DB96E6ED58BB9C0EB076AE4 1284960 ----a-w- C:\Windows\System32\drivers\cfosspeed6.sys
2015-01-20 17:44:44 10DB71D52DB96E6ED58BB9C0EB076AE4 1284960 ----a-r- C:\Program Files\ASRock\XFast LAN\cfosspeed6.sys
2015-01-20 17:44:13 AFE874810D728C5E06946963FB0DF344 38152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\asrramdisk.inf_x86_neutral_707fd88503c4ec4f\AsrRamDisk.sys
2015-01-20 17:44:13 AFE874810D728C5E06946963FB0DF344 38152 ----a-w- C:\Windows\System32\drivers\AsrRamDisk.sys
2015-01-20 17:44:13 AFE874810D728C5E06946963FB0DF344 38152 ----a-w- C:\Program Files\ASRock Utility\XFast RAM\AsrRamDisk.sys
2015-01-20 17:43:25 6133404B5B260433922BBAC04E3254B2 15656 ----a-w- C:\Windows\System32\drivers\AsrAppCharger.sys
2015-01-20 17:43:25 6133404B5B260433922BBAC04E3254B2 15656 ----a-w- C:\Program Files\ASRock Utility\AsrAppCharger\AsrAppChargerX86.sys
2015-01-20 17:42:42 F544D12D3A0429E74690C836E3036D86 259336 ------w- C:\Windows\System32\DriverStore\FileRepository\ixt6232.inf_x86_neutral_7f3afb80cbf2c424\ixt6232.sys
2015-01-20 17:42:38 5912041ECD3C792780483EA04D7C3726 264456 ------w- C:\Windows\System32\DriverStore\FileRepository\ixn6232.inf_x86_neutral_6a9e8a6134917d75\ixn6232.sys
2015-01-20 17:42:33 6A98E9A8254670FAFB6D5BB2DB8EADDC 200872 ------w- C:\Windows\System32\DriverStore\FileRepository\ixe6232.inf_x86_neutral_85146fd70a9fa3bb\ixe6232.sys
2015-01-20 17:42:29 DFBD4C1F602B5048933E2C39EAC4679E 232664 ------w- C:\Windows\System32\DriverStore\FileRepository\e1y6232.inf_x86_neutral_32efc299b4c99c89\e1y6232.sys
2015-01-20 17:42:24 FD9B381B22C2932482538014D1B579D5 367880 ------w- C:\Windows\System32\DriverStore\FileRepository\e1r6232.inf_x86_neutral_8dba9104a9863579\e1r6232.sys
2015-01-20 17:42:20 B65513711183C23222BBE131D84CFD43 367880 ------w- C:\Windows\System32\DriverStore\FileRepository\e1q6232.inf_x86_neutral_8da4aeae77a0abf8\e1q6232.sys
2015-01-20 17:42:14 BBE75ED2A421A637C783ED5962E36C7A 388264 ------w- C:\Windows\System32\DriverStore\FileRepository\e1k6232.inf_x86_neutral_4988db7e15c025bc\e1k6232.sys
2015-01-20 17:42:10 377AD53E4154477339290B4212E69D53 232312 ------w- C:\Windows\System32\DriverStore\FileRepository\e1e6232.inf_x86_neutral_313433dc77078bcc\e1e6232.sys
2015-01-20 17:42:05 B5C557433835A2FB6604A66D8CAF52EB 367880 ----a-w- C:\Windows\System32\drivers\e1d6232.sys
2015-01-20 17:42:05 B5C557433835A2FB6604A66D8CAF52EB 367880 ------w- C:\Windows\System32\DriverStore\FileRepository\e1d6232.inf_x86_neutral_70a288f4602d92fc\e1d6232.sys
2015-01-20 17:42:01 43529B8D3655555D4C600538A1C90328 368392 ------w- C:\Windows\System32\DriverStore\FileRepository\e1c6232.inf_x86_neutral_2da03b8fb725b540\e1c6232.sys
2015-01-20 17:41:54 4D53E034842CF552B727A16134DB72F7 156160 ------w- C:\Windows\System32\DriverStore\FileRepository\fei6232.inf_x86_neutral_85e8e4c9db8946d6\fei6232.sys
2015-01-20 17:41:29 4232E075A2E1C2E01B83666B0885C35F 16880 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2015-01-20 17:41:29 4232E075A2E1C2E01B83666B0885C35F 16880 ------w- C:\Windows\System32\DriverStore\FileRepository\iusb3hcs.inf_x86_neutral_5f2a0d2c6ea32f43\iusb3hcs.sys
2015-01-20 17:41:17 92A7944E8379F910BEF44858D43FF7C1 793072 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2015-01-20 17:41:17 92A7944E8379F910BEF44858D43FF7C1 793072 ------w- C:\Windows\System32\DriverStore\FileRepository\iusb3xhc.inf_x86_neutral_c86c5b560f779775\iusb3xhc.sys
2015-01-20 17:41:17 90DCED9D906CFC405D09A21B16EAD0D7 361968 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2015-01-20 17:41:17 90DCED9D906CFC405D09A21B16EAD0D7 361968 ------w- C:\Windows\System32\DriverStore\FileRepository\iusb3hub.inf_x86_neutral_d6f6cd823e535bad\iusb3hub.sys
2015-01-20 17:39:00 97AEFCC50287E647876CF19F5F9A367F 85464 ----a-w- C:\Windows\System32\drivers\TeeDriver.sys
2015-01-20 17:33:04 DC36560FB4AC03F379836B5F81144E4A 2782232 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdasrsa.inf_x86_neutral_c5cc4b583213dbbe\RTKVHDA.sys
2015-01-20 17:33:04 DC36560FB4AC03F379836B5F81144E4A 2782232 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-21-3420857839-3590272722-2620093553-1000\Software\Microsoft\Windows\CurrentVersion\Run]
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"
"XFast LAN"="C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun"
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"tvncontrol"="C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
 
==== Startup Folders ======================
 
2015-01-20 18:00:54 2013 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [21/01/2015 02:46]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [21/01/2015 02:46]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}" ["C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"]
"C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on 23/01/2015 friday at  0:59:18.78 ======================
 

Edited by yuko17, 22 January 2015 - 12:34 PM.


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 22 January 2015 - 05:19 PM

Hi,

warning.gif Multiple Anti-Virus Software

I see that you're running more than one antivirus program at the same time.
This is a bad idea.
Using more than one AV will not give you any better protection, but may cause interferences between them, slow your machine or even completely block your OS. You should choose only one to stay, and remove any others. Think carefully and stay with only one AV. It should be done before any other steps in malware removal will be taken.

Please uninstall all but one using the tools you may find in the following link: Uninstallers (removal tools) for common Windows antivirus software.

 

 

 

Step 1

 

Please download and install mbam.pngMalwarebytes Anti-Malware

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png

  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

mbameng.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 23 January 2015 - 01:27 AM

hello  :)

here is the log from Malwarebytes Anti-Malware

a bit weird that it seems like no any detected  :unsure:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 23/01/2015
Scan Time: 14:14:56
Logfile: 1.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.23.02
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x86
File System: NTFS
User: Carmen
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291785
Time Elapsed: 7 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Edited by yuko17, 23 January 2015 - 01:32 AM.


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 23 January 2015 - 04:35 AM

Hi,


Step 1


Don't remove on your own anything that HitmanPro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.

hitman.gif


Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 23 January 2015 - 11:17 AM

hello  :)
all of the antivirus softwares are removed in my computer,the antivirus softwares cant pop up the warning,clean,quarantine and notice the malware and virus to me.So...im not sure if the problems are still persist now... :(
 
and i keep weird that it seems like no any detected from the scaning :o  
but im wonder that if i havent any detected,why i got warning from the antivirus softwares?
 
here are the two logs:
 

ESETSmartInstaller@High as downloader log:

all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a1ccd8575e3a4a43a738e90ce7f849a3
# engine=22115
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-01-23 04:01:36
# local_time=2015-01-24 12:01:36 )
# country="United Kingdom"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 247967 174467823 0 0
# scanned=60751
# found=0
# cleaned=0
# scan_time=440
 
 
HitmanPro 3.7.9.234
www.hitmanpro.com
 
   Computer name . . . . : CARMEN-PC
   Windows . . . . . . . : 6.1.0.7600.X86/4
   User name . . . . . . : Carmen-PC\Carmen
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2015-01-23 23:43:47
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 16s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 21
 
   Objects scanned . . . : 552,940
   Files scanned . . . . : 9,786
   Remnants scanned  . . : 86,113 files / 457,041 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\Carmen\Desktop\FRST.exe
      Size . . . . . . . : 1,118,208 bytes
      Age  . . . . . . . : 1.0 days (2015-01-23 00:34:26)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : CF4B526A74D57E69024D4395C8A255786C1B6104F50369B0B4A7DC0BF56E2E0F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -16.0s C:\Users\Carmen\Desktop\FRST64.exe
         -14.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000dff
          0.0s C:\Users\Carmen\Desktop\FRST.exe
         21.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e03
         22.8s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e07
         22.9s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e08
         22.9s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e09
         22.9s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0a
         23.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0b
         23.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0c
         23.2s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0d
         23.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0e
         26.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e11
         26.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e12
         26.8s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e13
         27.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e15
         27.2s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e18
         27.2s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e00.58109.gzquar
         38.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1a
         38.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1b
         38.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1c
         38.8s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1f
         49.5s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e23
         49.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e24
         49.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e24
 
   C:\Users\Carmen\Desktop\FRST64.exe
      Size . . . . . . . : 2,126,848 bytes
      Age  . . . . . . . : 1.0 days (2015-01-23 00:34:10)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 4197EA9100675E349849D13ED144F9E88E0039DAEBB6D2DB343A3E424CA79CD9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Carmen\Desktop\FRST64.exe
          2.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000dff
         16.0s C:\Users\Carmen\Desktop\FRST.exe
         37.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e03
         38.8s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e07
         38.9s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e08
         39.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e09
         39.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0a
         39.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0b
         39.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0c
         39.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0d
         39.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e0e
         42.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e11
         42.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e12
         42.9s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e13
         43.0s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e15
         43.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e18
         43.3s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e00.58109.gzquar
         54.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1a
         54.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1b
         54.7s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1c
         54.9s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e1f
         65.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e23
         65.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e24
         65.6s C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e24
 
 
Cookies _____________________________________________________________________
 
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
 
 
 

Edited by yuko17, 23 January 2015 - 11:21 AM.


#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 23 January 2015 - 12:02 PM

why i got warning from the antivirus softwares?


maybe because:
 

warning.gif Multiple Anti-Virus Software

I see that you're running more than one antivirus program at the same time.
This is a bad idea.
Using more than one AV will not give you any better protection, but may cause interferences between them, slow your machine or even completely block your OS. You should choose only one to stay, and remove any others. Think carefully and stay with only one AV. It should be done before any other steps in malware removal will be taken.

Please uninstall all but one using the tools you may find in the following link: Uninstallers (removal tools) for common Windows antivirus software.


Step 1


frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 23 January 2015 - 12:44 PM

hello again

hope that is only cause interference between Multiple Anti-Virus Software in my computer..  :wink:

but still no idea about am i detected... :mellow:

 

here are the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by Carmen (administrator) on CARMEN-PC on 24-01-2015 01:30:42
Running from C:\Users\Carmen\Desktop
Loaded Profiles: Carmen (Available profiles: Carmen)
Platform: Microsoft Windows 7 home  (X86) OS Language: 
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12000984 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1546080 2013-05-31] (cFos Software GmbH)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-09-11] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\...\MountPoints2: {1473e34c-a0c8-11e4-aed4-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\...\MountPoints2: {a7ae1851-a0ca-11e4-a9ee-806e6f6e6963} - F:\DVDSetup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3420857839-3590272722-2620093553-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slide) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21]
CHR Extension: (Google File) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21]
CHR Extension: (Google Drive) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21]
CHR Extension: (YouTube) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21]
CHR Extension: (Google search) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21]
CHR Extension: (Google Spreadsheets) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21]
CHR Extension: (Google Wallet) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-21]
CHR Extension: (Gmail) - C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASRockIOMon; C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [550240 2013-05-31] (cFos Software GmbH)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [171072 2012-09-18] (Intel Corporation)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [129792 2013-07-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [167640 2013-06-18] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-11-07] (Windows ® Win 7 DDK provider)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [38152 2013-05-13] (ASRock Inc.)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1284960 2013-05-31] (cFos Software GmbH)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d6232.sys [367880 2013-05-30] (Intel Corporation)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [505192 2013-08-07] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25448 2013-08-07] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-23 23:45 - 2015-01-23 23:45 - 00017576 _____ () C:\Users\Carmen\Desktop\HitmanPro_20150123_2345.log
2015-01-23 23:45 - 2015-01-23 23:45 - 00000000 ____D () C:\Program Files\ESET
2015-01-23 23:43 - 2015-01-23 23:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-23 23:43 - 2015-01-23 23:41 - 10285456 _____ (SurfRight B.V.) C:\Users\Carmen\Desktop\HitmanPro.exe
2015-01-23 23:43 - 2015-01-23 23:36 - 02347384 _____ (ESET) C:\Users\Carmen\Desktop\esetsmartinstaller_enu.exe
2015-01-23 23:36 - 2015-01-23 23:36 - 02347384 _____ (ESET) C:\Users\Carmen\Downloads\esetsmartinstaller_enu.exe
2015-01-23 23:35 - 2015-01-23 23:41 - 10285456 _____ (SurfRight B.V.) C:\Users\Carmen\Downloads\HitmanPro.exe
2015-01-23 14:24 - 2015-01-23 14:24 - 00001036 _____ () C:\Users\Carmen\Desktop\1.txt
2015-01-23 14:14 - 2015-01-24 01:28 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 14:13 - 2015-01-23 14:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (3).exe
2015-01-23 14:13 - 2015-01-23 14:13 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-23 14:13 - 2015-01-23 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-23 14:13 - 2015-01-23 14:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 14:13 - 2015-01-23 14:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-23 14:13 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-23 14:13 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-23 14:13 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-23 14:12 - 2015-01-23 14:12 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-23 14:06 - 2015-01-23 14:06 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (2).exe
2015-01-23 14:06 - 2015-01-23 14:06 - 00098846 _____ () C:\ProgramData\1421993141.bdinstall.bin
2015-01-23 14:05 - 2015-01-23 14:05 - 00037630 _____ () C:\ProgramData\1421993138.bdinstall.bin
2015-01-23 14:04 - 2015-01-23 14:04 - 01132704 _____ (ESET spol. s r.o.) C:\Users\Carmen\Downloads\eset_av_remover.exe
2015-01-23 02:06 - 2015-01-23 02:34 - 00000000 ____D () C:\Users\Carmen\Desktop\new file
2015-01-23 00:46 - 2015-01-23 00:46 - 01295360 _____ () C:\Users\Carmen\Downloads\zoek.exe
2015-01-23 00:46 - 2015-01-23 00:46 - 01295360 _____ () C:\Users\Carmen\Desktop\zoek.exe
2015-01-23 00:39 - 2015-01-23 00:39 - 00017450 _____ () C:\Users\Carmen\Desktop\Addition.txt
2015-01-23 00:38 - 2015-01-24 01:30 - 00008918 _____ () C:\Users\Carmen\Desktop\FRST.txt
2015-01-23 00:38 - 2015-01-24 01:30 - 00000000 ____D () C:\FRST
2015-01-23 00:34 - 2015-01-23 00:34 - 02126848 _____ (Farbar) C:\Users\Carmen\Desktop\FRST64.exe
2015-01-23 00:34 - 2015-01-23 00:34 - 01118208 _____ (Farbar) C:\Users\Carmen\Desktop\FRST.exe
2015-01-21 03:36 - 2015-01-21 03:37 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Dropbox
2015-01-21 03:30 - 2015-01-21 03:31 - 19844092 _____ (Malwarebytes Corporation ) C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-21 03:29 - 2015-01-21 03:30 - 19982792 _____ (Malwarebytes Corporation ) C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 03:26 - 2015-01-21 03:36 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-21 03:21 - 2015-01-21 03:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-21 03:21 - 2015-01-21 03:21 - 05006864 _____ (AVAST Software) C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe
2015-01-21 02:46 - 2015-01-24 00:51 - 00000530 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 02:46 - 2015-01-23 23:16 - 00000526 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 02:46 - 2015-01-21 02:46 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-21 02:46 - 2015-01-21 02:46 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Deployment
2015-01-21 02:46 - 2015-01-21 02:46 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Apps\2.0
2015-01-21 02:46 - 2015-01-21 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-21 02:28 - 2015-01-21 02:28 - 37046976 _____ (Microsoft Corporation) C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe
2015-01-21 02:28 - 2015-01-21 02:28 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 02:12 - 2015-01-21 02:12 - 00001114 _____ () C:\Users\Carmen\Desktop\MSI GamingApp.lnk
2015-01-21 02:12 - 2015-01-21 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-01-21 02:12 - 2015-01-21 02:12 - 00000000 ____D () C:\Program Files\MSI
2015-01-21 02:04 - 2015-01-21 02:05 - 36210245 _____ () C:\Users\Carmen\Downloads\MSIAfterburnerSetup410.zip
2015-01-21 02:04 - 2015-01-21 02:04 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-21 02:04 - 2015-01-21 02:04 - 00000000 ____D () C:\Windows\system32\directx
2015-01-21 02:03 - 2015-01-21 02:04 - 00000000 ____D () C:\Program Files\MSI Afterburner
2015-01-21 02:03 - 2015-01-21 02:03 - 00001048 _____ () C:\Users\Carmen\Desktop\MSI Afterburner.lnk
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\ATI
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\Users\Carmen\AppData\Local\ATI
2015-01-21 02:03 - 2015-01-21 02:03 - 00000000 ____D () C:\ProgramData\ATI
2015-01-21 02:01 - 2015-01-21 02:01 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-21 02:00 - 2015-01-23 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-01-21 02:00 - 2015-01-23 14:10 - 00000000 ____D () C:\Program Files\Comodo
2015-01-21 02:00 - 2015-01-21 02:00 - 00059287 _____ () C:\Windows\system32\CCCInstall_201501210200331599.log
2015-01-21 02:00 - 2015-01-21 02:00 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2015-01-21 02:00 - 2015-01-21 02:00 - 00001078 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2015-01-21 02:00 - 2015-01-21 02:00 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Comodo
2015-01-21 02:00 - 2015-01-21 02:00 - 00000000 ____D () C:\ProgramData\AMD
2015-01-21 02:00 - 2015-01-21 02:00 - 00000000 ____D () C:\Program Files\AMD AVT
2015-01-21 01:59 - 2015-01-21 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-21 01:58 - 2015-01-23 14:10 - 00000000 ____D () C:\ProgramData\Comodo
2015-01-21 01:58 - 2015-01-21 01:58 - 00000000 ____D () C:\AMD
2015-01-21 01:58 - 2013-09-24 22:52 - 00077312 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys
2015-01-21 01:58 - 2013-09-24 22:50 - 00084480 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2015-01-21 01:58 - 2013-09-12 10:26 - 00995342 _____ () C:\Windows\system32\amdocl_as32.exe
2015-01-21 01:58 - 2013-09-12 10:26 - 00798734 _____ () C:\Windows\system32\amdocl_ld32.exe
2015-01-21 01:58 - 2013-09-12 10:26 - 00200704 _____ () C:\Windows\system32\clinfo.exe
2015-01-21 01:58 - 2013-09-12 10:26 - 00114688 _____ (AMD) C:\Windows\system32\coinst_13.20.dll
2015-01-21 01:58 - 2013-09-12 10:26 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo.dll
2015-01-21 01:58 - 2013-09-12 10:25 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode.dll
2015-01-21 01:58 - 2013-09-12 10:23 - 24008704 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2015-01-21 01:58 - 2013-09-12 10:21 - 00057344 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-21 01:58 - 2013-09-12 10:09 - 00555744 _____ () C:\Windows\system32\atiapfxx.blb
2015-01-21 01:58 - 2013-09-12 09:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-01-21 01:58 - 2013-09-12 09:16 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2015-01-21 01:58 - 2013-09-12 09:16 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2015-01-21 01:58 - 2013-08-28 04:15 - 00083392 _____ () C:\Windows\system32\ativce02.dat
2015-01-21 01:58 - 2013-07-26 05:50 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2015-01-21 01:58 - 2013-07-18 23:47 - 00231856 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2015-01-21 01:58 - 2011-09-13 06:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2015-01-21 01:57 - 2015-01-21 01:57 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-21 01:57 - 2013-08-14 10:23 - 00047427 _____ () C:\Windows\atiogl.xml
2015-01-21 01:55 - 2015-01-21 01:58 - 226075384 _____ (COMODO) C:\Users\Carmen\Downloads\cispremium_installer_6100_08.exe
2015-01-21 01:55 - 2015-01-21 01:55 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-21 01:54 - 2015-01-21 01:59 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-21 01:54 - 2015-01-21 01:54 - 00000000 ____D () C:\Program Files\ATI
2015-01-21 01:52 - 2015-01-21 01:57 - 00002842 _____ () C:\Windows\system32\lic2.xml25457
2015-01-21 01:52 - 2015-01-21 01:52 - 00197160 _____ () C:\ProgramData\1421776296.bdinstall.bin
2015-01-21 01:51 - 2015-01-21 01:51 - 09927424 _____ () C:\Users\Carmen\Downloads\Antivirus_Free_Edition_x86.exe
2015-01-21 01:51 - 2015-01-21 01:51 - 00162208 _____ () C:\Users\Carmen\Downloads\Antivirus_Free_Edition.exe
2015-01-21 01:51 - 2015-01-21 01:51 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\QuickScan
2015-01-21 01:49 - 2015-01-21 02:04 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Adobe
2015-01-21 01:48 - 2015-01-23 23:15 - 00540964 _____ () C:\Windows\PFRO.log
2015-01-21 01:47 - 2015-01-21 02:05 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Adobe
2015-01-21 01:47 - 2015-01-21 01:47 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Macromedia
2015-01-21 01:46 - 2015-01-21 02:05 - 00000000 ____D () C:\Program Files\Adobe
2015-01-21 01:46 - 2015-01-21 01:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-21 01:46 - 2015-01-21 01:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2015-01-21 01:46 - 2015-01-21 01:46 - 00001984 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2015-01-21 01:46 - 2015-01-21 01:46 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-21 01:44 - 2015-01-21 01:44 - 00002029 _____ () C:\Users\Carmen\Desktop\XFast LAN.lnk
2015-01-21 01:44 - 2015-01-21 01:44 - 00001225 _____ () C:\Users\Public\Desktop\A-Tuning.lnk
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\Windows\ASRock
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\Users\Carmen\AppData\Local\cFos
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\ProgramData\cFos
2015-01-21 01:44 - 2015-01-21 01:44 - 00000000 ____D () C:\Program Files\ASRock
2015-01-21 01:44 - 2013-05-31 16:23 - 01284960 _____ (cFos Software GmbH) C:\Windows\system32\Drivers\cfosspeed6.sys
2015-01-21 01:44 - 2013-05-28 17:58 - 00505608 _____ () C:\Windows\system32\USBKeyCredentialProvider.dll
2015-01-21 01:44 - 2013-05-13 10:11 - 00038152 _____ (ASRock Inc.) C:\Windows\system32\Drivers\AsrRamDisk.sys
2015-01-21 01:43 - 2015-01-21 02:46 - 00000000 ____D () C:\Users\Carmen\AppData\Local\Google
2015-01-21 01:43 - 2015-01-21 02:46 - 00000000 ____D () C:\Program Files\Google
2015-01-21 01:43 - 2015-01-21 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2015-01-21 01:43 - 2015-01-21 01:44 - 00000000 ____D () C:\Program Files\ASRock Utility
2015-01-21 01:43 - 2011-11-07 10:13 - 00015656 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\AsrAppCharger.sys
2015-01-21 01:42 - 2013-07-04 02:05 - 00317752 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-01-21 01:42 - 2013-05-30 08:53 - 00367880 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d6232.sys
2015-01-21 01:42 - 2013-05-11 03:48 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2015-01-21 01:42 - 2013-03-02 04:42 - 00083232 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2015-01-21 01:42 - 2012-01-06 14:03 - 00003109 _____ () C:\Windows\system32\e1d6232.din
2015-01-21 01:42 - 2009-05-26 10:05 - 00028792 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2015-01-21 01:42 - 2006-01-12 15:52 - 00001904 ____N () C:\Windows\system32\SetupBD.din
2015-01-21 01:41 - 2015-01-21 01:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-21 01:41 - 2013-04-26 10:24 - 00793072 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-01-21 01:41 - 2013-04-26 10:24 - 00361968 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-01-21 01:41 - 2013-04-26 10:24 - 00016880 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2015-01-21 01:41 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-21 01:39 - 2013-09-03 16:52 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-21 01:39 - 2013-09-03 16:52 - 00085464 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriver.sys
2015-01-21 01:38 - 2015-01-21 01:38 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2015-01-21 01:37 - 2015-01-21 01:37 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\InstallShield
2015-01-21 01:34 - 2015-01-21 01:45 - 00057952 _____ () C:\Users\Carmen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-21 01:34 - 2015-01-21 01:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-21 01:34 - 2015-01-21 01:34 - 00000000 ____D () C:\Users\Carmen\AppData\Roaming\Intel Corporation
2015-01-21 01:34 - 2015-01-21 01:34 - 00000000 ____D () C:\ProgramData\Intel
2015-01-21 01:33 - 2015-01-21 01:37 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ___HD () C:\Program Files\Temp
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Users\Carmen\Intel
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Program Files\Realtek
2015-01-21 01:33 - 2015-01-21 01:33 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-01-21 01:33 - 2013-07-30 20:16 - 02782232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-21 01:33 - 2013-07-30 17:14 - 02326744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2015-01-21 01:33 - 2013-07-30 13:47 - 00620273 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-21 01:33 - 2013-07-29 18:41 - 00121560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-01-21 01:33 - 2013-07-22 15:37 - 00769752 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-21 01:33 - 2013-07-19 15:55 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-21 01:33 - 2013-07-18 14:48 - 02536664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-21 01:33 - 2013-07-17 16:16 - 02396192 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-01-21 01:33 - 2013-06-05 21:42 - 00181960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-01-21 01:33 - 2013-04-24 17:16 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-01-21 01:33 - 2012-06-20 17:26 - 00090624 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-21 01:33 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-01-21 01:33 - 2012-01-30 11:42 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-01-21 01:33 - 2012-01-10 10:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-01-21 01:33 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-01-21 01:33 - 2011-03-17 12:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-01-21 01:33 - 2011-03-07 17:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-01-21 01:33 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-01-21 01:30 - 2015-01-21 01:44 - 00000000 ____D () C:\Program Files\Intel
2015-01-21 01:30 - 2013-08-05 11:50 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2015-01-21 01:29 - 2015-01-21 01:29 - 00000000 ____D () C:\Intel
2015-01-21 01:28 - 2015-01-23 23:20 - 01288284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 01:27 - 2015-01-21 01:27 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-01-21 01:27 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-21 01:27 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-21 01:27 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-21 01:27 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-21 01:27 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-21 01:23 - 2015-01-24 01:19 - 00138214 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 01:23 - 2015-01-21 01:23 - 00001329 _____ () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-21 01:23 - 2015-01-21 01:23 - 00000020 ___SH () C:\Users\Carmen\ntuser.ini
2015-01-21 01:23 - 2015-01-21 01:23 - 00000000 __SHD () C:\Recovery
2015-01-21 01:23 - 2015-01-21 01:23 - 00000000 ____D () C:\Users\Carmen\AppData\Local\VirtualStore
2015-01-21 01:23 - 2009-07-14 12:42 - 00000000 ___RD () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 01:23 - 2009-07-14 12:37 - 00000000 ___RD () C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-21 01:20 - 2015-01-21 01:20 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-21 01:20 - 2015-01-21 01:20 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-21 01:19 - 2015-01-21 01:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-21 01:16 - 2015-01-21 01:23 - 00000000 ____D () C:\Windows\Panther
2015-01-21 01:16 - 2015-01-21 01:20 - 00001313 _____ () C:\Windows\TSSysprep.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-24 01:18 - 2009-07-14 12:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 01:18 - 2009-07-14 12:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 23:20 - 2009-07-14 16:44 - 00390570 _____ () C:\Windows\system32\prfh0404.dat
2015-01-23 23:20 - 2009-07-14 16:44 - 00114880 _____ () C:\Windows\system32\prfc0404.dat
2015-01-23 23:15 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 23:15 - 2009-07-14 12:39 - 00021466 _____ () C:\Windows\setupact.log
2015-01-22 00:07 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-21 02:03 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-01-21 01:54 - 2009-07-14 10:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-21 01:49 - 2009-07-14 10:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-21 01:48 - 2009-07-14 12:33 - 00267248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-21 01:27 - 2009-07-14 12:52 - 00000000 ____D () C:\Windows\system32\restore
2015-01-21 01:23 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2015-01-21 01:20 - 2009-07-14 12:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 01:20 - 2009-07-14 10:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 01:17 - 2009-07-14 17:20 - 00000000 ____D () C:\Windows\CSC
2015-01-21 01:16 - 2009-07-14 12:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-21 01:16 - 2009-07-14 12:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-21 01:16 - 2009-07-14 12:34 - 00001774 _____ () C:\Windows\DtcInstall.log
 
==================== Files in the root of some directories =======
2015-01-21 01:52 - 2015-01-21 01:52 - 0197160 _____ () C:\ProgramData\1421776296.bdinstall.bin
2015-01-23 14:05 - 2015-01-23 14:05 - 0037630 _____ () C:\ProgramData\1421993138.bdinstall.bin
2015-01-23 14:06 - 2015-01-23 14:06 - 0098846 _____ () C:\ProgramData\1421993141.bdinstall.bin
 
Some content of TEMP:
====================
C:\Users\Carmen\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Carmen\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-21 01:16
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by Carmen at 2015-01-24 01:31:03
Running from C:\Users\Carmen\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{121A3F18-E386-B7EF-CEEB-32864884E594}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v2.0.51.1 (HKLM\...\A-Tuning_is1) (Version: 2.0.51.1 - )
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.10 - MSI)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
VC_CRT_x86 (Version: 1.02.0000 - Intel Corporation) Hidden
XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
21-01-2015 01:27:26 Windows Update
21-01-2015 01:33:40 IIF_MSI
21-01-2015 01:41:45 .
21-01-2015 01:44:54 Device and Driver Installation: cFos Software GmbH Network Service
21-01-2015 01:54:58 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
21-01-2015 02:06:19 Installing COMODO Internet Security Premium
21-01-2015 02:07:12 Device and Driver Installation: COMODO Network Service
21-01-2015 03:22:04 avast! antivirus system restore point
21-01-2015 03:53:17 avast! antivirus system restore point
23-01-2015 14:06:56 Removing COMODO Internet Security Premium
23-01-2015 14:11:44 Removed GeekBuddy.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {BC94C2C3-BB88-4EBC-B45F-1D56F961E8A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {F1744D22-0EDA-4EEB-B376-90783B3638B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2015-01-21 01:44 - 2013-05-28 17:58 - 00454656 _____ () C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2015-01-21 02:46 - 2015-01-09 08:35 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-21 02:46 - 2015-01-09 08:35 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\12.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\1421939144KOJIYOU.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\B78_EHMCQAAkQ1P.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\c2RBx9l.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\caf5c43887225edeefbdd29dc6f0b162.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Desktop\IMG_7188.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\IMG_7245.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\IMG_7249.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\obwQHIj.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\wvhbJsF.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\zoek.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\zoek.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\zoek.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\avast_free_antivirus_setup_online.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\eset_av_remover.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\eset_av_remover.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\eset_av_remover.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (1).exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028 (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\mbam-setup-2.0.4.1028.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:BDU
AlternateDataStreams: C:\Users\Carmen\Downloads\zoek.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\zoek.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\zoek.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3420857839-3590272722-2620093553-500 - Administrator - Disabled)
Carmen (S-1-5-21-3420857839-3590272722-2620093553-1000 - Administrator - Enabled) => C:\Users\Carmen
Guest (S-1-5-21-3420857839-3590272722-2620093553-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3420857839-3590272722-2620093553-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 00:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
Error: (01/24/2015 00:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1124) SUS20ClientDataStore: Unable to read the log  C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log error -546。
 
 
System errors:
=============
Error: (01/23/2015 11:15:46 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (01/23/2015 02:05:56 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Service could not start because the following error: ,ScRegSetValueExW Call cannot be executed DeleteFlag: 
%%5
 
Error: (01/23/2015 02:05:52 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Service could not start because the following error: ,ScRegSetValueExW Call cannot be executed FailureActions: 
%%5
 
Error: (01/23/2015 01:10:46 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
 
Error: (01/21/2015 01:52:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: bdfwfpf Service could not start because the following error: 
%%2
 
Error: (01/21/2015 01:35:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search Service terminated unexpectedly, the service had to complete this action once. 
The following corrective action will be executed in 30000 milliseconds: Restart the service.
 
Error: (01/21/2015 01:35:23 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search Service due to service-specific error %% --1,073,473,535 terminated.
 
 
Microsoft Office Sessions:
=========================
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 01:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 00:49:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 00:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (01/24/2015 00:19:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1124SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 58%
Total physical RAM: 3535.06 MB
Available physical RAM: 1473.31 MB
Total Pagefile: 7068.4 MB
Available Pagefile: 4685.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.22 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:441.28 GB) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:465.66 GB) (Free:464.99 GB) NTFS
Drive f: (G71-VAW1014) (CDROM) (Total:0.99 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3D8B2748)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 400C28E4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 23 January 2015 - 12:49 PM

warning.gif No resident protection warning

Always have one (and no more than one!) Antivirus program, as the resident protection is absolutely a must-have on any Windows!

Each paid-for Anti-Virus comes with a free trial if you wish to try the software before purchasing. Alternatively, you may wish to use the trial, and revert to a free anti-virus afterwards.

For a paid solution, my choice of anti-virus is ESET NOD32. For a free solution, my choice of anti-virus is avast!. However, please be aware that there is no universal solution that works for everyone, and there is no single best anti-virus. What works for me may not work for you and your machine.
 
Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

tdss.gif
 
 
 
 
Step 2

secheck.png
Please download SecurityCheck and save the file to your Desktop.

  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your Desktop.
  • Copy the contents of the log and paste in your next reply.

Edited by deeprybka, 23 January 2015 - 12:51 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 23 January 2015 - 01:10 PM

hello again  :welcome:

 

 

02:05:13.0383 0x1560  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
02:05:16.0442 0x1560  ============================================================
02:05:16.0442 0x1560  Current date / time: 2015/01/24 02:05:16.0442
02:05:16.0442 0x1560  SystemInfo:
02:05:16.0442 0x1560  
02:05:16.0442 0x1560  OS Version: 6.1.7600 ServicePack: 0.0
02:05:16.0442 0x1560  Product type: Workstation
02:05:16.0442 0x1560  ComputerName: CARMEN-PC
02:05:16.0442 0x1560  UserName: Carmen
02:05:16.0442 0x1560  Windows directory: C:\Windows
02:05:16.0442 0x1560  System windows directory: C:\Windows
02:05:16.0442 0x1560  Processor architecture: Intel x86
02:05:16.0442 0x1560  Number of processors: 4
02:05:16.0442 0x1560  Page size: 0x1000
02:05:16.0442 0x1560  Boot type: Normal boot
02:05:16.0442 0x1560  ============================================================
02:05:23.0590 0x1560  KLMD registered as C:\Windows\system32\drivers\86913504.sys
02:05:24.0795 0x1560  System UUID: {17D431D8-410C-8203-CD40-104A9131716E}
02:05:26.0654 0x1560  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
02:05:26.0670 0x1560  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
02:05:26.0670 0x1560  ============================================================
02:05:26.0670 0x1560  \Device\Harddisk0\DR0:
02:05:26.0670 0x1560  MBR partitions:
02:05:26.0670 0x1560  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:05:26.0670 0x1560  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800
02:05:26.0670 0x1560  \Device\Harddisk1\DR1:
02:05:26.0701 0x1560  MBR partitions:
02:05:26.0701 0x1560  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
02:05:26.0701 0x1560  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
02:05:26.0701 0x1560  ============================================================
02:05:26.0773 0x1560  C: <-> \Device\Harddisk1\DR1\Partition2
02:05:26.0804 0x1560  D: <-> \Device\Harddisk0\DR0\Partition1
02:05:26.0819 0x1560  E: <-> \Device\Harddisk0\DR0\Partition2
02:05:26.0819 0x1560  ============================================================
02:05:26.0819 0x1560  Initialize success
02:05:26.0819 0x1560  ============================================================
02:05:34.0432 0x0ad4  ============================================================
02:05:34.0432 0x0ad4  Scan started
02:05:34.0432 0x0ad4  Mode: Manual; SigCheck; TDLFS; 
02:05:34.0432 0x0ad4  ============================================================
02:05:34.0432 0x0ad4  KSN ping started
02:05:37.0073 0x0ad4  KSN ping finished: true
02:05:41.0531 0x0ad4  ================ Scan system memory ========================
02:05:41.0531 0x0ad4  System memory - ok
02:05:41.0531 0x0ad4  ================ Scan services =============================
02:05:44.0402 0x0ad4  [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
02:05:44.0625 0x0ad4  1394ohci - ok
02:05:44.0712 0x0ad4  [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
02:05:44.0712 0x0ad4  ACPI - ok
02:05:44.0994 0x0ad4  [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
02:05:45.0025 0x0ad4  AcpiPmi - ok
02:05:45.0241 0x0ad4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
02:05:45.0270 0x0ad4  adp94xx - ok
02:05:45.0453 0x0ad4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
02:05:45.0470 0x0ad4  adpahci - ok
02:05:45.0740 0x0ad4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
02:05:45.0765 0x0ad4  adpu320 - ok
02:05:45.0802 0x0ad4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
02:05:45.0818 0x0ad4  AeLookupSvc - ok
02:05:46.0035 0x0ad4  [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD             C:\Windows\system32\drivers\afd.sys
02:05:46.0071 0x0ad4  AFD - ok
02:05:46.0121 0x0ad4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
02:05:46.0126 0x0ad4  agp440 - ok
02:05:46.0188 0x0ad4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
02:05:46.0194 0x0ad4  aic78xx - ok
02:05:46.0315 0x0ad4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
02:05:46.0337 0x0ad4  ALG - ok
02:05:46.0379 0x0ad4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
02:05:46.0401 0x0ad4  aliide - ok
02:05:46.0626 0x0ad4  [ 68E6B7F04A308B9069EF311AE0FFB9BB, 759E0AC7B3C53130A7C14F4EE7E6EA406B8CBD6104B51ED854BB77411E887E04 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
02:05:46.0638 0x0ad4  AMD External Events Utility - ok
02:05:46.0689 0x0ad4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
02:05:46.0699 0x0ad4  amdagp - ok
02:05:46.0750 0x0ad4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
02:05:46.0755 0x0ad4  amdide - ok
02:05:46.0871 0x0ad4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
02:05:46.0902 0x0ad4  AmdK8 - ok
02:05:48.0358 0x0ad4  [ 9B1B15B2796D474EAF381ACF770C193A, E81C14FFC2D3766F892CBD1C7487FD6FD2C8AE5BBEA8E57A4D1ADEF7F5EFBD99 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
02:05:48.0564 0x0ad4  amdkmdag - ok
02:05:48.0993 0x0ad4  [ 28A72E0885161078A18767844980F99F, F99D863ACC6739E64D624EB7B0E1C2D52A0F6F96EFEF5B206694CC79251BF6A7 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
02:05:49.0010 0x0ad4  amdkmdap - ok
02:05:49.0176 0x0ad4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
02:05:49.0194 0x0ad4  AmdPPM - ok
02:05:49.0463 0x0ad4  [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
02:05:49.0475 0x0ad4  amdsata - ok
02:05:49.0749 0x0ad4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
02:05:49.0774 0x0ad4  amdsbs - ok
02:05:49.0837 0x0ad4  [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
02:05:49.0859 0x0ad4  amdxata - ok
02:05:50.0088 0x0ad4  [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID           C:\Windows\system32\drivers\appid.sys
02:05:50.0120 0x0ad4  AppID - ok
02:05:50.0355 0x0ad4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
02:05:50.0381 0x0ad4  AppIDSvc - ok
02:05:50.0439 0x0ad4  [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo         C:\Windows\System32\appinfo.dll
02:05:50.0474 0x0ad4  Appinfo - ok
02:05:50.0598 0x0ad4  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
02:05:50.0612 0x0ad4  AppMgmt - ok
02:05:50.0686 0x0ad4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
02:05:50.0705 0x0ad4  arc - ok
02:05:50.0748 0x0ad4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
02:05:50.0769 0x0ad4  arcsas - ok
02:05:51.0549 0x0ad4  [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
02:05:51.0555 0x0ad4  aspnet_state - ok
02:05:51.0642 0x0ad4  [ 6133404B5B260433922BBAC04E3254B2, D9111F412FE8EF7A1EBF3DA2B73E262A24863FEA2C82EB2991345F1BE2CBBDE8 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
02:05:51.0685 0x0ad4  AsrAppCharger - ok
02:05:52.0018 0x0ad4  [ D208B82330EB0CA9E1285520630183F1, 1122E08493BFDF639ECB80A7F3BD640971FF3639154F4130434F98E1831E004A ] ASRockIOMon     C:\Program Files\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
02:05:52.0030 0x0ad4  ASRockIOMon - detected UnsignedFile.Multi.Generic ( 1 )
02:05:55.0253 0x0ad4  Detect skipped due to KSN trusted
02:05:55.0253 0x0ad4  ASRockIOMon - ok
02:05:55.0412 0x0ad4  [ AFE874810D728C5E06946963FB0DF344, D220386F03817DDC76DDBE8E2DD2797ABEE056AEAFC0A50CBFF2820A904C754B ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
02:05:55.0432 0x0ad4  AsrRamDisk - ok
02:05:55.0582 0x0ad4  [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
02:05:55.0602 0x0ad4  aswHwid - ok
02:05:55.0692 0x0ad4  [ 98F4C60F5C3E77B4A2CD1F06F7198D49, 00F04E8FB7625821837612FEACEE28AE2A5517F5BB7FBBA0DDD4C7E8FE36248B ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
02:05:55.0712 0x0ad4  aswMonFlt - ok
02:05:55.0922 0x0ad4  [ DE8D7912469E4BC5FAED78D9D1076888, 8545139B7A7D0B672A0225686BFB03EBEA6E7202D93B772CB2F74CA9E4D7F81D ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
02:05:55.0942 0x0ad4  aswRdr - ok
02:05:56.0162 0x0ad4  [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
02:05:56.0182 0x0ad4  aswRvrt - ok
02:05:56.0582 0x0ad4  [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
02:05:56.0612 0x0ad4  aswSnx - ok
02:05:57.0052 0x0ad4  [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
02:05:57.0082 0x0ad4  aswSP - ok
02:05:57.0326 0x0ad4  [ 401E663D9CBAFB580FF37A1A44AC84D9, EFF1DA23A1F316B0FA03467F6C04B83EA39D8484A1A7EDF5FCFF20F1CF8DC2E2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
02:05:57.0336 0x0ad4  aswStm - ok
02:05:57.0566 0x0ad4  [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
02:05:57.0586 0x0ad4  aswVmm - ok
02:05:57.0656 0x0ad4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
02:05:57.0696 0x0ad4  AsyncMac - ok
02:05:57.0726 0x0ad4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
02:05:57.0726 0x0ad4  atapi - ok
02:05:57.0856 0x0ad4  [ E868CC139495DCE9FCEAF0E63FF93F9C, DDF799EED336140EDFAD4D8FE7D043C7EAF9C213B0F5EADA771E5F70FC49333B ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
02:05:57.0856 0x0ad4  AtiHDAudioService - ok
02:05:57.0906 0x0ad4  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:05:57.0936 0x0ad4  AudioEndpointBuilder - ok
02:05:57.0946 0x0ad4  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
02:05:57.0966 0x0ad4  Audiosrv - ok
02:05:58.0226 0x0ad4  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
02:05:58.0246 0x0ad4  avast! Antivirus - ok
02:05:58.0430 0x0ad4  [ 496208E0276BFAA171696D7EB38CCC01, B1E0914A2421DA91F9E6442B8BCDD6650D45801A091BC17531312E88E6A46369 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
02:05:58.0490 0x0ad4  AvastVBoxSvc - ok
02:05:58.0707 0x0ad4  [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV        C:\Windows\System32\AxInstSV.dll
02:05:58.0754 0x0ad4  AxInstSV - ok
02:05:59.0120 0x0ad4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
02:05:59.0200 0x0ad4  b06bdrv - ok
02:05:59.0309 0x0ad4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
02:05:59.0389 0x0ad4  b57nd60x - ok
02:05:59.0509 0x0ad4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
02:05:59.0529 0x0ad4  BDESVC - ok
02:05:59.0545 0x0ad4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
02:05:59.0567 0x0ad4  Beep - ok
02:05:59.0586 0x0ad4  [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE             C:\Windows\System32\bfe.dll
02:05:59.0611 0x0ad4  BFE - ok
02:05:59.0694 0x0ad4  [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS            C:\Windows\System32\qmgr.dll
02:05:59.0734 0x0ad4  BITS - ok
02:05:59.0764 0x0ad4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
02:05:59.0764 0x0ad4  blbdrive - ok
02:05:59.0774 0x0ad4  [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
02:05:59.0784 0x0ad4  bowser - ok
02:05:59.0794 0x0ad4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:05:59.0794 0x0ad4  BrFiltLo - ok
02:05:59.0804 0x0ad4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:05:59.0804 0x0ad4  BrFiltUp - ok
02:05:59.0824 0x0ad4  [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser         C:\Windows\System32\browser.dll
02:05:59.0844 0x0ad4  Browser - ok
02:05:59.0854 0x0ad4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
02:05:59.0874 0x0ad4  Brserid - ok
02:05:59.0874 0x0ad4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
02:05:59.0884 0x0ad4  BrSerWdm - ok
02:05:59.0984 0x0ad4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
02:06:00.0004 0x0ad4  BrUsbMdm - ok
02:06:00.0014 0x0ad4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
02:06:00.0034 0x0ad4  BrUsbSer - ok
02:06:00.0034 0x0ad4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
02:06:00.0054 0x0ad4  BTHMODEM - ok
02:06:00.0074 0x0ad4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
02:06:00.0104 0x0ad4  bthserv - ok
02:06:00.0104 0x0ad4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
02:06:00.0124 0x0ad4  cdfs - ok
02:06:00.0124 0x0ad4  [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
02:06:00.0134 0x0ad4  cdrom - ok
02:06:00.0164 0x0ad4  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
02:06:00.0174 0x0ad4  CertPropSvc - ok
02:06:00.0414 0x0ad4  [ 10DB71D52DB96E6ED58BB9C0EB076AE4, 2F459496F2AF528EEF6DDD37C6677FEB0F5044F5C0B284A1B95617461902F925 ] cFosSpeed       C:\Windows\system32\DRIVERS\cfosspeed6.sys
02:06:00.0434 0x0ad4  cFosSpeed - ok
02:06:00.0544 0x0ad4  [ 411F3290A5BB70EF696EE7DB22BC89FD, 16FE8426C15B96EDCB94E6DAB1B066C60B9FC75D670509ADD9F7540CD3996703 ] cFosSpeedS      C:\Program Files\ASRock\XFast LAN\spd.exe
02:06:00.0574 0x0ad4  cFosSpeedS - ok
02:06:00.0644 0x0ad4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
02:06:00.0664 0x0ad4  circlass - ok
02:06:00.0704 0x0ad4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
02:06:00.0724 0x0ad4  CLFS - ok
02:06:00.0794 0x0ad4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:06:00.0814 0x0ad4  clr_optimization_v2.0.50727_32 - ok
02:06:00.0884 0x0ad4  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:06:00.0904 0x0ad4  clr_optimization_v4.0.30319_32 - ok
02:06:00.0974 0x0ad4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
02:06:01.0004 0x0ad4  CmBatt - ok
02:06:01.0054 0x0ad4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
02:06:01.0074 0x0ad4  cmdide - ok
02:06:01.0104 0x0ad4  [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG             C:\Windows\system32\Drivers\cng.sys
02:06:01.0144 0x0ad4  CNG - ok
02:06:01.0174 0x0ad4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
02:06:01.0184 0x0ad4  Compbatt - ok
02:06:01.0264 0x0ad4  [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
02:06:01.0294 0x0ad4  CompositeBus - ok
02:06:01.0294 0x0ad4  COMSysApp - ok
02:06:01.0304 0x0ad4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
02:06:01.0314 0x0ad4  crcdisk - ok
02:06:01.0354 0x0ad4  [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
02:06:01.0384 0x0ad4  CryptSvc - ok
02:06:01.0664 0x0ad4  [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC             C:\Windows\system32\drivers\csc.sys
02:06:01.0694 0x0ad4  CSC - ok
02:06:02.0147 0x0ad4  [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService      C:\Windows\System32\cscsvc.dll
02:06:02.0227 0x0ad4  CscService - ok
02:06:02.0960 0x0ad4  [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch      C:\Windows\system32\rpcss.dll
02:06:03.0007 0x0ad4  DcomLaunch - ok
02:06:03.0037 0x0ad4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
02:06:03.0057 0x0ad4  defragsvc - ok
02:06:03.0157 0x0ad4  [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
02:06:03.0207 0x0ad4  DfsC - ok
02:06:03.0487 0x0ad4  [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp            C:\Windows\system32\dhcpcore.dll
02:06:03.0527 0x0ad4  Dhcp - ok
02:06:03.0587 0x0ad4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
02:06:03.0627 0x0ad4  discache - ok
02:06:03.0827 0x0ad4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
02:06:03.0847 0x0ad4  Disk - ok
02:06:03.0897 0x0ad4  [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
02:06:03.0957 0x0ad4  Dnscache - ok
02:06:04.0029 0x0ad4  [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc         C:\Windows\System32\dot3svc.dll
02:06:04.0129 0x0ad4  dot3svc - ok
02:06:04.0229 0x0ad4  [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS             C:\Windows\system32\dps.dll
02:06:04.0259 0x0ad4  DPS - ok
02:06:04.0579 0x0ad4  [ E4A0D0C8F17073BE392F062DD1F6B50E, 26CF71517C09B24B6F6AB5AC902FF0D1426351BCCD6AB571510C83D0F6E32FE6 ] DragonUpdater   C:\Program Files\Comodo\Dragon\dragon_updater.exe
02:06:04.0619 0x0ad4  DragonUpdater - ok
02:06:04.0659 0x0ad4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
02:06:04.0689 0x0ad4  drmkaud - ok
02:06:04.0854 0x0ad4  [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
02:06:04.0894 0x0ad4  DXGKrnl - ok
02:06:04.0954 0x0ad4  [ B5C557433835A2FB6604A66D8CAF52EB, F2D09FA3F0D8E25B561CB9553CCE536BA55CFED6FEF7675853A28D677D26EF5A ] e1dexpress      C:\Windows\system32\DRIVERS\e1d6232.sys
02:06:04.0984 0x0ad4  e1dexpress - ok
02:06:05.0034 0x0ad4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
02:06:05.0074 0x0ad4  EapHost - ok
02:06:05.0234 0x0ad4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
02:06:05.0304 0x0ad4  ebdrv - ok
02:06:05.0334 0x0ad4  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS             C:\Windows\System32\lsass.exe
02:06:05.0344 0x0ad4  EFS - ok
02:06:05.0534 0x0ad4  [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
02:06:05.0594 0x0ad4  ehRecvr - ok
02:06:05.0664 0x0ad4  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
02:06:05.0724 0x0ad4  ehSched - ok
02:06:06.0153 0x0ad4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
02:06:06.0174 0x0ad4  elxstor - ok
02:06:06.0266 0x0ad4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
02:06:06.0290 0x0ad4  ErrDev - ok
02:06:06.0963 0x0ad4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
02:06:07.0247 0x0ad4  EventSystem - ok
02:06:07.0574 0x0ad4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
02:06:07.0638 0x0ad4  exfat - ok
02:06:07.0668 0x0ad4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
02:06:07.0718 0x0ad4  fastfat - ok
02:06:07.0888 0x0ad4  [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax             C:\Windows\system32\fxssvc.exe
02:06:07.0918 0x0ad4  Fax - ok
02:06:07.0968 0x0ad4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
02:06:07.0988 0x0ad4  fdc - ok
02:06:08.0008 0x0ad4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
02:06:08.0028 0x0ad4  fdPHost - ok
02:06:08.0038 0x0ad4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
02:06:08.0058 0x0ad4  FDResPub - ok
02:06:08.0078 0x0ad4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
02:06:08.0078 0x0ad4  FileInfo - ok
02:06:08.0078 0x0ad4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
02:06:08.0098 0x0ad4  Filetrace - ok
02:06:08.0098 0x0ad4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
02:06:08.0108 0x0ad4  flpydisk - ok
02:06:08.0138 0x0ad4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
02:06:08.0138 0x0ad4  FltMgr - ok
02:06:08.0168 0x0ad4  [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache       C:\Windows\system32\FntCache.dll
02:06:08.0198 0x0ad4  FontCache - ok
02:06:08.0278 0x0ad4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
02:06:08.0288 0x0ad4  FontCache3.0.0.0 - ok
02:06:08.0312 0x0ad4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
02:06:08.0322 0x0ad4  FsDepends - ok
02:06:08.0332 0x0ad4  [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
02:06:08.0342 0x0ad4  Fs_Rec - ok
02:06:08.0362 0x0ad4  [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
02:06:08.0372 0x0ad4  fvevol - ok
02:06:08.0382 0x0ad4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
02:06:08.0392 0x0ad4  gagp30kx - ok
02:06:08.0422 0x0ad4  [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc           C:\Windows\System32\gpsvc.dll
02:06:08.0452 0x0ad4  gpsvc - ok
02:06:08.0512 0x0ad4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
02:06:08.0522 0x0ad4  gupdate - ok
02:06:08.0572 0x0ad4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
02:06:08.0592 0x0ad4  gupdatem - ok
02:06:08.0752 0x0ad4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
02:06:08.0912 0x0ad4  hcw85cir - ok
02:06:09.0062 0x0ad4  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:06:09.0112 0x0ad4  HdAudAddService - ok
02:06:09.0212 0x0ad4  [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
02:06:09.0242 0x0ad4  HDAudBus - ok
02:06:09.0242 0x0ad4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
02:06:09.0252 0x0ad4  HidBatt - ok
02:06:09.0262 0x0ad4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
02:06:09.0272 0x0ad4  HidBth - ok
02:06:09.0302 0x0ad4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
02:06:09.0312 0x0ad4  HidIr - ok
02:06:09.0332 0x0ad4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
02:06:09.0374 0x0ad4  hidserv - ok
02:06:09.0384 0x0ad4  [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
02:06:09.0394 0x0ad4  HidUsb - ok
02:06:09.0414 0x0ad4  [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc          C:\Windows\system32\kmsvc.dll
02:06:09.0434 0x0ad4  hkmsvc - ok
02:06:09.0444 0x0ad4  [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:06:09.0454 0x0ad4  HomeGroupListener - ok
02:06:09.0474 0x0ad4  [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:06:09.0484 0x0ad4  HomeGroupProvider - ok
02:06:09.0484 0x0ad4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
02:06:09.0494 0x0ad4  HpSAMD - ok
02:06:09.0554 0x0ad4  [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
02:06:09.0594 0x0ad4  HTTP - ok
02:06:09.0714 0x0ad4  [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
02:06:09.0724 0x0ad4  hwpolicy - ok
02:06:09.0914 0x0ad4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
02:06:09.0944 0x0ad4  i8042prt - ok
02:06:10.0086 0x0ad4  [ D339C4CA42E96B710567861F7645AF51, 4AD4E8DD82A805769B0D3C30E260B8D6A3BAFC11B5A7855C7C4847127BBC8F51 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
02:06:10.0106 0x0ad4  iaStorA - ok
02:06:10.0446 0x0ad4  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
02:06:10.0466 0x0ad4  IAStorDataMgrSvc - ok
02:06:10.0496 0x0ad4  [ F2AB8BD9DF7B2497ED2A28038140A970, 8E59396121DF144B4ED3B08A934BFDAD674AACB55997A61F165CE0957B37810D ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
02:06:10.0506 0x0ad4  iaStorF - ok
02:06:10.0656 0x0ad4  [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
02:06:10.0706 0x0ad4  iaStorV - ok
02:06:10.0786 0x0ad4  [ E199288F016C354255C39A84378A48F6, 881B41D64D73F7A3A1680EDD68201E14AC5C60B848374EEAE44CCDDE46010E81 ] ICCS            C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
02:06:10.0796 0x0ad4  ICCS - ok
02:06:11.0056 0x0ad4  [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
02:06:11.0086 0x0ad4  idsvc - ok
02:06:11.0126 0x0ad4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
02:06:11.0126 0x0ad4  iirsp - ok
02:06:11.0176 0x0ad4  [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT          C:\Windows\System32\ikeext.dll
02:06:11.0216 0x0ad4  IKEEXT - ok
02:06:11.0836 0x0ad4  [ DC36560FB4AC03F379836B5F81144E4A, 4D385A01EA339AB692BBBD8B74C6CC1B823C0F077BF47A4ED3F6E93A4B17AB8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
02:06:11.0886 0x0ad4  IntcAzAudAddService - ok
02:06:11.0966 0x0ad4  [ 94166D995E0408FD63F98EF8CAD0A204, DB50BED42BCE664799BA7E8E5851FDD34FB5B5E77566C995A60F8A0D84612541 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
02:06:11.0976 0x0ad4  Intel® PROSet Monitoring Service - ok
02:06:11.0996 0x0ad4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
02:06:12.0006 0x0ad4  intelide - ok
02:06:12.0026 0x0ad4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
02:06:12.0036 0x0ad4  intelppm - ok
02:06:12.0066 0x0ad4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
02:06:12.0086 0x0ad4  IPBusEnum - ok
02:06:12.0156 0x0ad4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:06:12.0166 0x0ad4  IpFilterDriver - ok
02:06:12.0196 0x0ad4  [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
02:06:12.0227 0x0ad4  iphlpsvc - ok
02:06:12.0238 0x0ad4  [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
02:06:12.0238 0x0ad4  IPMIDRV - ok
02:06:12.0308 0x0ad4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
02:06:12.0328 0x0ad4  IPNAT - ok
02:06:12.0328 0x0ad4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
02:06:12.0338 0x0ad4  IRENUM - ok
02:06:12.0348 0x0ad4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
02:06:12.0348 0x0ad4  isapnp - ok
02:06:12.0368 0x0ad4  [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
02:06:12.0368 0x0ad4  iScsiPrt - ok
02:06:12.0428 0x0ad4  [ 4232E075A2E1C2E01B83666B0885C35F, 6D1CDD5988611B7641985D8854EB352ACADD55D938D91E1C4E9EF08BD664CE1C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
02:06:12.0448 0x0ad4  iusb3hcs - ok
02:06:12.0478 0x0ad4  [ 90DCED9D906CFC405D09A21B16EAD0D7, 0CEABF881F898273BD54C470B3F1DADE33B8C261F4CC63DA233A4DBCA59D213A ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
02:06:12.0498 0x0ad4  iusb3hub - ok
02:06:12.0738 0x0ad4  [ 92A7944E8379F910BEF44858D43FF7C1, 00C610F699FD10C1EB84903DF973C2175686156869F8E7C6E123359B980F5CA3 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
02:06:12.0768 0x0ad4  iusb3xhc - ok
02:06:12.0818 0x0ad4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
02:06:12.0838 0x0ad4  kbdclass - ok
02:06:12.0868 0x0ad4  [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
02:06:12.0878 0x0ad4  kbdhid - ok
02:06:12.0908 0x0ad4  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso          C:\Windows\system32\lsass.exe
02:06:12.0928 0x0ad4  KeyIso - ok
02:06:12.0928 0x0ad4  [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
02:06:12.0938 0x0ad4  KSecDD - ok
02:06:12.0951 0x0ad4  [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
02:06:12.0954 0x0ad4  KSecPkg - ok
02:06:13.0054 0x0ad4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
02:06:13.0084 0x0ad4  KtmRm - ok
02:06:13.0124 0x0ad4  [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer    C:\Windows\system32\srvsvc.dll
02:06:13.0174 0x0ad4  LanmanServer - ok
02:06:13.0204 0x0ad4  [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:06:13.0224 0x0ad4  LanmanWorkstation - ok
02:06:13.0264 0x0ad4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
02:06:13.0284 0x0ad4  lltdio - ok
02:06:13.0314 0x0ad4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
02:06:13.0354 0x0ad4  lltdsvc - ok
02:06:13.0354 0x0ad4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
02:06:13.0374 0x0ad4  lmhosts - ok
02:06:13.0404 0x0ad4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
02:06:13.0404 0x0ad4  LSI_FC - ok
02:06:13.0484 0x0ad4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
02:06:13.0504 0x0ad4  LSI_SAS - ok
02:06:13.0514 0x0ad4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:06:13.0524 0x0ad4  LSI_SAS2 - ok
02:06:13.0534 0x0ad4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:06:13.0544 0x0ad4  LSI_SCSI - ok
02:06:13.0564 0x0ad4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
02:06:13.0594 0x0ad4  luafv - ok
02:06:13.0634 0x0ad4  [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
02:06:13.0654 0x0ad4  MBAMProtector - ok
02:06:13.0764 0x0ad4  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
02:06:13.0794 0x0ad4  MBAMScheduler - ok
02:06:14.0004 0x0ad4  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
02:06:14.0028 0x0ad4  MBAMService - ok
02:06:14.0178 0x0ad4  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
02:06:14.0198 0x0ad4  MBAMSwissArmy - ok
02:06:14.0258 0x0ad4  [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
02:06:14.0278 0x0ad4  MBAMWebAccessControl - ok
02:06:14.0409 0x0ad4  [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
02:06:14.0473 0x0ad4  Mcx2Svc - ok
02:06:14.0503 0x0ad4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
02:06:14.0513 0x0ad4  megasas - ok
02:06:14.0523 0x0ad4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
02:06:14.0543 0x0ad4  MegaSR - ok
02:06:14.0563 0x0ad4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
02:06:14.0582 0x0ad4  MMCSS - ok
02:06:14.0585 0x0ad4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
02:06:14.0602 0x0ad4  Modem - ok
02:06:14.0603 0x0ad4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
02:06:14.0613 0x0ad4  monitor - ok
02:06:14.0693 0x0ad4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
02:06:14.0713 0x0ad4  mouclass - ok
02:06:14.0713 0x0ad4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
02:06:14.0738 0x0ad4  mouhid - ok
02:06:14.0747 0x0ad4  [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
02:06:14.0757 0x0ad4  mountmgr - ok
02:06:14.0767 0x0ad4  [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
02:06:14.0777 0x0ad4  mpio - ok
02:06:14.0807 0x0ad4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
02:06:14.0817 0x0ad4  mpsdrv - ok
02:06:15.0007 0x0ad4  [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc          C:\Windows\system32\mpssvc.dll
02:06:15.0047 0x0ad4  MpsSvc - ok
02:06:15.0057 0x0ad4  [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
02:06:15.0067 0x0ad4  MRxDAV - ok
02:06:15.0087 0x0ad4  [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
02:06:15.0097 0x0ad4  mrxsmb - ok
02:06:15.0107 0x0ad4  [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:06:15.0127 0x0ad4  mrxsmb10 - ok
02:06:15.0127 0x0ad4  [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:06:15.0147 0x0ad4  mrxsmb20 - ok
02:06:15.0187 0x0ad4  [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
02:06:15.0187 0x0ad4  msahci - ok
02:06:15.0277 0x0ad4  [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
02:06:15.0297 0x0ad4  msdsm - ok
02:06:15.0327 0x0ad4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
02:06:15.0357 0x0ad4  MSDTC - ok
02:06:15.0377 0x0ad4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
02:06:15.0417 0x0ad4  Msfs - ok
02:06:15.0447 0x0ad4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
02:06:15.0467 0x0ad4  mshidkmdf - ok
02:06:15.0467 0x0ad4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
02:06:15.0477 0x0ad4  msisadrv - ok
02:06:15.0607 0x0ad4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
02:06:15.0657 0x0ad4  MSiSCSI - ok
02:06:15.0667 0x0ad4  msiserver - ok
02:06:15.0707 0x0ad4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
02:06:15.0747 0x0ad4  MSKSSRV - ok
02:06:15.0767 0x0ad4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
02:06:15.0799 0x0ad4  MSPCLOCK - ok
02:06:15.0799 0x0ad4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
02:06:15.0809 0x0ad4  MSPQM - ok
02:06:15.0819 0x0ad4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
02:06:15.0819 0x0ad4  MsRPC - ok
02:06:15.0829 0x0ad4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
02:06:15.0829 0x0ad4  mssmbios - ok
02:06:15.0829 0x0ad4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
02:06:15.0849 0x0ad4  MSTEE - ok
02:06:15.0849 0x0ad4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
02:06:15.0859 0x0ad4  MTConfig - ok
02:06:15.0859 0x0ad4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
02:06:15.0869 0x0ad4  Mup - ok
02:06:15.0939 0x0ad4  [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent        C:\Windows\system32\qagentRT.dll
02:06:15.0979 0x0ad4  napagent - ok
02:06:16.0009 0x0ad4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
02:06:16.0019 0x0ad4  NativeWifiP - ok
02:06:16.0059 0x0ad4  [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS            C:\Windows\system32\drivers\ndis.sys
02:06:16.0079 0x0ad4  NDIS - ok
02:06:16.0089 0x0ad4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
02:06:16.0109 0x0ad4  NdisCap - ok
02:06:16.0119 0x0ad4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
02:06:16.0129 0x0ad4  NdisTapi - ok
02:06:16.0139 0x0ad4  [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
02:06:16.0149 0x0ad4  Ndisuio - ok
02:06:16.0159 0x0ad4  [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
02:06:16.0169 0x0ad4  NdisWan - ok
02:06:16.0229 0x0ad4  [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
02:06:16.0279 0x0ad4  NDProxy - ok
02:06:16.0360 0x0ad4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
02:06:16.0410 0x0ad4  NetBIOS - ok
02:06:16.0430 0x0ad4  [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
02:06:16.0463 0x0ad4  NetBT - ok
02:06:16.0577 0x0ad4  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon        C:\Windows\system32\lsass.exe
02:06:16.0587 0x0ad4  Netlogon - ok
02:06:16.0637 0x0ad4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
02:06:16.0677 0x0ad4  Netman - ok
02:06:16.0797 0x0ad4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
02:06:16.0807 0x0ad4  NetMsmqActivator - ok
02:06:16.0817 0x0ad4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
02:06:16.0827 0x0ad4  NetPipeActivator - ok
02:06:16.0857 0x0ad4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
02:06:16.0877 0x0ad4  netprofm - ok
02:06:16.0887 0x0ad4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
02:06:16.0897 0x0ad4  NetTcpActivator - ok
02:06:16.0897 0x0ad4  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
02:06:16.0907 0x0ad4  NetTcpPortSharing - ok
02:06:16.0967 0x0ad4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
02:06:16.0967 0x0ad4  nfrd960 - ok
02:06:16.0987 0x0ad4  [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
02:06:17.0017 0x0ad4  NlaSvc - ok
02:06:17.0017 0x0ad4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
02:06:17.0037 0x0ad4  Npfs - ok
02:06:17.0047 0x0ad4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
02:06:17.0077 0x0ad4  nsi - ok
02:06:17.0077 0x0ad4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
02:06:17.0087 0x0ad4  nsiproxy - ok
02:06:17.0137 0x0ad4  [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
02:06:17.0157 0x0ad4  Ntfs - ok
02:06:17.0207 0x0ad4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
02:06:17.0297 0x0ad4  Null - ok
02:06:17.0339 0x0ad4  [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
02:06:17.0359 0x0ad4  nvraid - ok
02:06:17.0369 0x0ad4  [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
02:06:17.0379 0x0ad4  nvstor - ok
02:06:17.0420 0x0ad4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
02:06:17.0438 0x0ad4  nv_agp - ok
02:06:17.0446 0x0ad4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
02:06:17.0456 0x0ad4  ohci1394 - ok
02:06:17.0493 0x0ad4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
02:06:17.0512 0x0ad4  p2pimsvc - ok
02:06:17.0641 0x0ad4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
02:06:17.0681 0x0ad4  p2psvc - ok
02:06:17.0741 0x0ad4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
02:06:17.0751 0x0ad4  Parport - ok
02:06:17.0751 0x0ad4  [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
02:06:17.0761 0x0ad4  partmgr - ok
02:06:17.0761 0x0ad4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
02:06:17.0771 0x0ad4  Parvdm - ok
02:06:17.0806 0x0ad4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
02:06:17.0829 0x0ad4  PcaSvc - ok
02:06:17.0841 0x0ad4  [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci             C:\Windows\system32\DRIVERS\pci.sys
02:06:17.0848 0x0ad4  pci - ok
02:06:17.0851 0x0ad4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
02:06:17.0851 0x0ad4  pciide - ok
02:06:17.0861 0x0ad4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
02:06:17.0861 0x0ad4  pcmcia - ok
02:06:17.0871 0x0ad4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
02:06:17.0871 0x0ad4  pcw - ok
02:06:17.0970 0x0ad4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
02:06:17.0996 0x0ad4  PEAUTH - ok
02:06:18.0079 0x0ad4  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
02:06:18.0109 0x0ad4  PeerDistSvc - ok
02:06:18.0159 0x0ad4  [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla             C:\Windows\system32\pla.dll
02:06:18.0209 0x0ad4  pla - ok
02:06:18.0370 0x0ad4  [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
02:06:18.0410 0x0ad4  PlugPlay - ok
02:06:18.0450 0x0ad4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
02:06:18.0460 0x0ad4  PNRPAutoReg - ok
02:06:18.0520 0x0ad4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
02:06:18.0550 0x0ad4  PNRPsvc - ok
02:06:18.0627 0x0ad4  [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
02:06:18.0674 0x0ad4  PolicyAgent - ok
02:06:18.0744 0x0ad4  [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power           C:\Windows\system32\umpo.dll
02:06:18.0784 0x0ad4  Power - ok
02:06:18.0864 0x0ad4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
02:06:18.0894 0x0ad4  PptpMiniport - ok
02:06:18.0904 0x0ad4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
02:06:18.0923 0x0ad4  Processor - ok
02:06:18.0962 0x0ad4  [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc         C:\Windows\system32\profsvc.dll
02:06:18.0989 0x0ad4  ProfSvc - ok
02:06:19.0093 0x0ad4  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:06:19.0103 0x0ad4  ProtectedStorage - ok
02:06:19.0223 0x0ad4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
02:06:19.0243 0x0ad4  Psched - ok
02:06:19.0783 0x0ad4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
02:06:19.0814 0x0ad4  ql2300 - ok
02:06:19.0851 0x0ad4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
02:06:19.0857 0x0ad4  ql40xx - ok
02:06:19.0887 0x0ad4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
02:06:19.0908 0x0ad4  QWAVE - ok
02:06:19.0910 0x0ad4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
02:06:19.0919 0x0ad4  QWAVEdrv - ok
02:06:20.0037 0x0ad4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
02:06:20.0137 0x0ad4  RasAcd - ok
02:06:20.0299 0x0ad4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
02:06:20.0309 0x0ad4  RasAgileVpn - ok
02:06:20.0430 0x0ad4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
02:06:20.0475 0x0ad4  RasAuto - ok
02:06:20.0555 0x0ad4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
02:06:20.0578 0x0ad4  Rasl2tp - ok
02:06:20.0605 0x0ad4  [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan          C:\Windows\System32\rasmans.dll
02:06:20.0629 0x0ad4  RasMan - ok
02:06:20.0633 0x0ad4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
02:06:20.0650 0x0ad4  RasPppoe - ok
02:06:20.0687 0x0ad4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
02:06:20.0704 0x0ad4  RasSstp - ok
02:06:20.0714 0x0ad4  [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
02:06:20.0733 0x0ad4  rdbss - ok
02:06:20.0786 0x0ad4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
02:06:20.0816 0x0ad4  rdpbus - ok
02:06:20.0826 0x0ad4  [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
02:06:20.0848 0x0ad4  RDPCDD - ok
02:06:20.0918 0x0ad4  [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
02:06:20.0927 0x0ad4  RDPDR - ok
02:06:20.0944 0x0ad4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
02:06:20.0960 0x0ad4  RDPENCDD - ok
02:06:20.0964 0x0ad4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
02:06:20.0979 0x0ad4  RDPREFMP - ok
02:06:21.0025 0x0ad4  [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
02:06:21.0045 0x0ad4  RDPWD - ok
02:06:21.0095 0x0ad4  [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
02:06:21.0095 0x0ad4  rdyboost - ok
02:06:21.0125 0x0ad4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
02:06:21.0165 0x0ad4  RemoteAccess - ok
02:06:21.0235 0x0ad4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
02:06:21.0255 0x0ad4  RemoteRegistry - ok
02:06:21.0289 0x0ad4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
02:06:21.0300 0x0ad4  RpcEptMapper - ok
02:06:21.0320 0x0ad4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
02:06:21.0340 0x0ad4  RpcLocator - ok
02:06:21.0470 0x0ad4  [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs           C:\Windows\system32\rpcss.dll
02:06:21.0520 0x0ad4  RpcSs - ok
02:06:21.0650 0x0ad4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
02:06:21.0680 0x0ad4  rspndr - ok
02:06:21.0780 0x0ad4  [ 4813ABBDF20D5C43B8A054FAF2F4FB05, 51D5996B0B69D226EF77B897228BCC12A7928AB0927DA01F67D4DEBB567579B2 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
02:06:21.0800 0x0ad4  RtkAudioService - ok
02:06:21.0820 0x0ad4  [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
02:06:21.0850 0x0ad4  s3cap - ok
02:06:21.0870 0x0ad4  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs           C:\Windows\system32\lsass.exe
02:06:21.0880 0x0ad4  SamSs - ok
02:06:21.0944 0x0ad4  [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
02:06:21.0965 0x0ad4  sbp2port - ok
02:06:22.0016 0x0ad4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
02:06:22.0060 0x0ad4  SCardSvr - ok
02:06:22.0106 0x0ad4  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
02:06:22.0137 0x0ad4  scfilter - ok
02:06:22.0267 0x0ad4  [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule        C:\Windows\system32\schedsvc.dll
02:06:22.0307 0x0ad4  Schedule - ok
02:06:22.0366 0x0ad4  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
02:06:22.0386 0x0ad4  SCPolicySvc - ok
02:06:22.0407 0x0ad4  [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC          C:\Windows\System32\SDRSVC.dll
02:06:22.0437 0x0ad4  SDRSVC - ok
02:06:22.0637 0x0ad4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
02:06:22.0657 0x0ad4  secdrv - ok
02:06:22.0787 0x0ad4  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
02:06:22.0877 0x0ad4  seclogon - ok
02:06:22.0917 0x0ad4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
02:06:22.0947 0x0ad4  SENS - ok
02:06:22.0997 0x0ad4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
02:06:23.0007 0x0ad4  SensrSvc - ok
02:06:23.0047 0x0ad4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
02:06:23.0057 0x0ad4  Serenum - ok
02:06:23.0057 0x0ad4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
02:06:23.0067 0x0ad4  Serial - ok
02:06:23.0087 0x0ad4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
02:06:23.0097 0x0ad4  sermouse - ok
02:06:23.0167 0x0ad4  [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv      C:\Windows\system32\sessenv.dll
02:06:23.0187 0x0ad4  SessionEnv - ok
02:06:23.0187 0x0ad4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
02:06:23.0217 0x0ad4  sffdisk - ok
02:06:23.0217 0x0ad4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
02:06:23.0227 0x0ad4  sffp_mmc - ok
02:06:23.0227 0x0ad4  [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
02:06:23.0237 0x0ad4  sffp_sd - ok
02:06:23.0247 0x0ad4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
02:06:23.0247 0x0ad4  sfloppy - ok
02:06:23.0447 0x0ad4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
02:06:23.0467 0x0ad4  SharedAccess - ok
02:06:23.0557 0x0ad4  [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:06:23.0587 0x0ad4  ShellHWDetection - ok
02:06:23.0617 0x0ad4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
02:06:23.0627 0x0ad4  sisagp - ok
02:06:23.0677 0x0ad4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:06:23.0677 0x0ad4  SiSRaid2 - ok
02:06:23.0687 0x0ad4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
02:06:23.0687 0x0ad4  SiSRaid4 - ok
02:06:23.0707 0x0ad4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
02:06:23.0727 0x0ad4  Smb - ok
02:06:23.0777 0x0ad4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
02:06:23.0857 0x0ad4  SNMPTRAP - ok
02:06:23.0871 0x0ad4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
02:06:23.0879 0x0ad4  spldr - ok
02:06:23.0900 0x0ad4  [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler         C:\Windows\System32\spoolsv.exe
02:06:23.0916 0x0ad4  Spooler - ok
02:06:24.0420 0x0ad4  [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc          C:\Windows\system32\sppsvc.exe
02:06:24.0488 0x0ad4  sppsvc - ok
02:06:24.0526 0x0ad4  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
02:06:24.0546 0x0ad4  sppuinotify - ok
02:06:24.0606 0x0ad4  [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv             C:\Windows\system32\DRIVERS\srv.sys
02:06:24.0626 0x0ad4  srv - ok
02:06:24.0636 0x0ad4  [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
02:06:24.0656 0x0ad4  srv2 - ok
02:06:24.0726 0x0ad4  [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
02:06:24.0743 0x0ad4  srvnet - ok
02:06:24.0861 0x0ad4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
02:06:25.0031 0x0ad4  SSDPSRV - ok
02:06:25.0060 0x0ad4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
02:06:25.0101 0x0ad4  SstpSvc - ok
02:06:25.0110 0x0ad4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
02:06:25.0115 0x0ad4  stexstor - ok
02:06:25.0357 0x0ad4  [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc          C:\Windows\System32\wiaservc.dll
02:06:25.0427 0x0ad4  StiSvc - ok
02:06:25.0508 0x0ad4  [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
02:06:25.0521 0x0ad4  storflt - ok
02:06:25.0541 0x0ad4  [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
02:06:25.0551 0x0ad4  storvsc - ok
02:06:25.0563 0x0ad4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
02:06:25.0572 0x0ad4  swenum - ok
02:06:25.0606 0x0ad4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
02:06:25.0645 0x0ad4  swprv - ok
02:06:25.0694 0x0ad4  [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain         C:\Windows\system32\sysmain.dll
02:06:25.0744 0x0ad4  SysMain - ok
02:06:25.0814 0x0ad4  [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:06:25.0844 0x0ad4  TabletInputService - ok
02:06:25.0874 0x0ad4  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv         C:\Windows\System32\tapisrv.dll
02:06:25.0904 0x0ad4  TapiSrv - ok
02:06:25.0924 0x0ad4  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
02:06:25.0944 0x0ad4  TBS - ok
02:06:26.0095 0x0ad4  [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
02:06:26.0125 0x0ad4  Tcpip - ok
02:06:26.0178 0x0ad4  [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
02:06:26.0200 0x0ad4  TCPIP6 - ok
02:06:26.0200 0x0ad4  [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
02:06:26.0223 0x0ad4  tcpipreg - ok
02:06:26.0260 0x0ad4  [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
02:06:26.0276 0x0ad4  TDPIPE - ok
02:06:26.0314 0x0ad4  [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
02:06:26.0334 0x0ad4  TDTCP - ok
02:06:26.0344 0x0ad4  [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
02:06:26.0371 0x0ad4  tdx - ok
02:06:26.0411 0x0ad4  [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
02:06:26.0419 0x0ad4  TermDD - ok
02:06:26.0469 0x0ad4  [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService     C:\Windows\System32\termsrv.dll
02:06:26.0509 0x0ad4  TermService - ok
02:06:26.0539 0x0ad4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
02:06:26.0550 0x0ad4  Themes - ok
02:06:26.0563 0x0ad4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
02:06:26.0581 0x0ad4  THREADORDER - ok
02:06:26.0597 0x0ad4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
02:06:26.0625 0x0ad4  TrkWks - ok
02:06:26.0690 0x0ad4  [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:06:26.0717 0x0ad4  TrustedInstaller - ok
02:06:26.0770 0x0ad4  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
02:06:26.0791 0x0ad4  tssecsrv - ok
02:06:26.0836 0x0ad4  [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
02:06:26.0859 0x0ad4  tunnel - ok
02:06:27.0024 0x0ad4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
02:06:27.0038 0x0ad4  uagp35 - ok
02:06:27.0050 0x0ad4  [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
02:06:27.0078 0x0ad4  udfs - ok
02:06:27.0117 0x0ad4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
02:06:27.0136 0x0ad4  UI0Detect - ok
02:06:27.0223 0x0ad4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
02:06:27.0232 0x0ad4  uliagpkx - ok
02:06:27.0309 0x0ad4  [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
02:06:27.0445 0x0ad4  umbus - ok
02:06:27.0528 0x0ad4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
02:06:27.0603 0x0ad4  UmPass - ok
02:06:27.0725 0x0ad4  [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService    C:\Windows\System32\umrdp.dll
02:06:27.0743 0x0ad4  UmRdpService - ok
02:06:28.0006 0x0ad4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
02:06:28.0103 0x0ad4  upnphost - ok
02:06:28.0204 0x0ad4  [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
02:06:28.0222 0x0ad4  usbccgp - ok
02:06:28.0248 0x0ad4  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
02:06:28.0384 0x0ad4  usbcir - ok
02:06:28.0462 0x0ad4  [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
02:06:28.0488 0x0ad4  usbehci - ok
02:06:28.0506 0x0ad4  [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
02:06:28.0523 0x0ad4  usbhub - ok
02:06:28.0564 0x0ad4  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
02:06:28.0571 0x0ad4  usbohci - ok
02:06:28.0574 0x0ad4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
02:06:28.0582 0x0ad4  usbprint - ok
02:06:28.0585 0x0ad4  [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:06:28.0593 0x0ad4  USBSTOR - ok
02:06:28.0596 0x0ad4  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
02:06:28.0603 0x0ad4  usbuhci - ok
02:06:28.0698 0x0ad4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
02:06:28.0726 0x0ad4  UxSms - ok
02:06:28.0820 0x0ad4  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc        C:\Windows\system32\lsass.exe
02:06:28.0832 0x0ad4  VaultSvc - ok
02:06:29.0196 0x0ad4  [ 534C6B89EAC808A6C0B98591D37CDF67, 5458E8B3CA2BED60CFD2AD2F2640A6C94C6D1D9B3D9B1A8CA9BE9F1B861B1AB1 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
02:06:29.0223 0x0ad4  VBoxAswDrv - ok
02:06:29.0252 0x0ad4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
02:06:29.0257 0x0ad4  vdrvroot - ok
02:06:29.0355 0x0ad4  [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds             C:\Windows\System32\vds.exe
02:06:29.0373 0x0ad4  vds - ok
02:06:29.0596 0x0ad4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
02:06:29.0614 0x0ad4  vga - ok
02:06:29.0644 0x0ad4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
02:06:29.0667 0x0ad4  VgaSave - ok
02:06:29.0782 0x0ad4  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
02:06:29.0798 0x0ad4  vhdmp - ok
02:06:30.0163 0x0ad4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
02:06:30.0172 0x0ad4  viaagp - ok
02:06:30.0209 0x0ad4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
02:06:30.0218 0x0ad4  ViaC7 - ok
02:06:30.0355 0x0ad4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
02:06:30.0361 0x0ad4  viaide - ok
02:06:30.0489 0x0ad4  [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
02:06:30.0497 0x0ad4  vmbus - ok
02:06:30.0524 0x0ad4  [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
02:06:30.0608 0x0ad4  VMBusHID - ok
02:06:30.0633 0x0ad4  [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
02:06:30.0639 0x0ad4  volmgr - ok
02:06:30.0700 0x0ad4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
02:06:30.0709 0x0ad4  volmgrx - ok
02:06:30.0803 0x0ad4  [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
02:06:30.0811 0x0ad4  volsnap - ok
02:06:30.0888 0x0ad4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
02:06:30.0914 0x0ad4  vsmraid - ok
02:06:31.0044 0x0ad4  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS             C:\Windows\system32\vssvc.exe
02:06:31.0073 0x0ad4  VSS - ok
02:06:31.0119 0x0ad4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
02:06:31.0129 0x0ad4  vwifibus - ok
02:06:31.0208 0x0ad4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
02:06:31.0280 0x0ad4  W32Time - ok
02:06:31.0340 0x0ad4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
02:06:31.0356 0x0ad4  WacomPen - ok
02:06:31.0517 0x0ad4  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
02:06:31.0545 0x0ad4  WANARP - ok
02:06:31.0583 0x0ad4  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
02:06:31.0599 0x0ad4  Wanarpv6 - ok
02:06:31.0950 0x0ad4  [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine        C:\Windows\system32\wbengine.exe
02:06:31.0982 0x0ad4  wbengine - ok
02:06:32.0059 0x0ad4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
02:06:32.0155 0x0ad4  WbioSrvc - ok
02:06:32.0163 0x0ad4  [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
02:06:32.0180 0x0ad4  wcncsvc - ok
02:06:32.0244 0x0ad4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:06:32.0343 0x0ad4  WcsPlugInService - ok
02:06:32.0474 0x0ad4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
02:06:32.0480 0x0ad4  Wd - ok
02:06:32.0637 0x0ad4  [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
02:06:32.0648 0x0ad4  Wdf01000 - ok
02:06:32.0704 0x0ad4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
02:06:32.0725 0x0ad4  WdiServiceHost - ok
02:06:32.0784 0x0ad4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
02:06:32.0814 0x0ad4  WdiSystemHost - ok
02:06:32.0855 0x0ad4  [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient       C:\Windows\System32\webclnt.dll
02:06:32.0890 0x0ad4  WebClient - ok
02:06:32.0939 0x0ad4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
02:06:32.0989 0x0ad4  Wecsvc - ok
02:06:33.0019 0x0ad4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
02:06:33.0052 0x0ad4  wercplsupport - ok
02:06:33.0183 0x0ad4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
02:06:33.0218 0x0ad4  WerSvc - ok
02:06:33.0243 0x0ad4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
02:06:33.0259 0x0ad4  WfpLwf - ok
02:06:33.0295 0x0ad4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
02:06:33.0300 0x0ad4  WIMMount - ok
02:06:33.0522 0x0ad4  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
02:06:33.0557 0x0ad4  WinDefend - ok
02:06:33.0557 0x0ad4  WinHttpAutoProxySvc - ok
02:06:33.0699 0x0ad4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
02:06:33.0747 0x0ad4  Winmgmt - ok
02:06:33.0896 0x0ad4  [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM           C:\Windows\system32\WsmSvc.dll
02:06:33.0952 0x0ad4  WinRM - ok
02:06:33.0986 0x0ad4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
02:06:34.0011 0x0ad4  Wlansvc - ok
02:06:34.0021 0x0ad4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
02:06:34.0033 0x0ad4  WmiAcpi - ok
02:06:34.0047 0x0ad4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
02:06:34.0057 0x0ad4  wmiApSrv - ok
02:06:34.0198 0x0ad4  [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
02:06:34.0238 0x0ad4  WMPNetworkSvc - ok
02:06:34.0283 0x0ad4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
02:06:34.0321 0x0ad4  WPCSvc - ok
02:06:34.0331 0x0ad4  [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
02:06:34.0357 0x0ad4  WPDBusEnum - ok
02:06:34.0436 0x0ad4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
02:06:34.0467 0x0ad4  ws2ifsl - ok
02:06:34.0507 0x0ad4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
02:06:34.0677 0x0ad4  wscsvc - ok
02:06:34.0677 0x0ad4  WSearch - ok
02:06:34.0849 0x0ad4  [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv        C:\Windows\system32\wuaueng.dll
02:06:34.0909 0x0ad4  wuauserv - ok
02:06:34.0973 0x0ad4  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
02:06:35.0014 0x0ad4  WudfPf - ok
02:06:35.0038 0x0ad4  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
02:06:35.0055 0x0ad4  WUDFRd - ok
02:06:35.0099 0x0ad4  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
02:06:35.0118 0x0ad4  wudfsvc - ok
02:06:35.0134 0x0ad4  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
02:06:35.0149 0x0ad4  WwanSvc - ok
02:06:35.0150 0x0ad4  ================ Scan global ===============================
02:06:35.0180 0x0ad4  [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
02:06:35.0190 0x0ad4  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
02:06:35.0210 0x0ad4  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
02:06:35.0306 0x0ad4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
02:06:35.0347 0x0ad4  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
02:06:35.0347 0x0ad4  [ Global ] - ok
02:06:35.0347 0x0ad4  ================ Scan MBR ==================================
02:06:35.0347 0x0ad4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:06:35.0413 0x0ad4  \Device\Harddisk0\DR0 - ok
02:06:35.0473 0x0ad4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
02:06:36.0856 0x0ad4  \Device\Harddisk1\DR1 - ok
02:06:36.0876 0x0ad4  ================ Scan VBR ==================================
02:06:36.0886 0x0ad4  [ F2AC0AB87C219C1DDEDB0B857E72AA7A ] \Device\Harddisk0\DR0\Partition1
02:06:36.0897 0x0ad4  \Device\Harddisk0\DR0\Partition1 - ok
02:06:36.0898 0x0ad4  [ F7A6D081BDB90B8F56B3411B2FCE76C8 ] \Device\Harddisk0\DR0\Partition2
02:06:36.0899 0x0ad4  \Device\Harddisk0\DR0\Partition2 - ok
02:06:36.0911 0x0ad4  [ 4783D69E0AEDBF8A44E529A012EDA18D ] \Device\Harddisk1\DR1\Partition1
02:06:36.0932 0x0ad4  \Device\Harddisk1\DR1\Partition1 - ok
02:06:36.0968 0x0ad4  [ CFF242F9A2FA5942F7C607117CF6DEF9 ] \Device\Harddisk1\DR1\Partition2
02:06:37.0000 0x0ad4  \Device\Harddisk1\DR1\Partition2 - ok
02:06:37.0000 0x0ad4  ================ Scan generic autorun ======================
02:06:38.0242 0x0ad4  [ C0A97DA46F83E47B35C24E4F1B977836, B0D99DBFC16DF5C531B74D2CE078BE1EF9E3F3C1D23A1EC09C043C4BBE66B453 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
02:06:38.0432 0x0ad4  RtHDVCpl - ok
02:06:38.0475 0x0ad4  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
02:06:38.0478 0x0ad4  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
02:06:41.0750 0x0ad4  Detect skipped due to KSN trusted
02:06:41.0750 0x0ad4  IAStorIcon - ok
02:06:42.0126 0x0ad4  [ 631699AFF7492E43617198FDA82B5E6D, 382A4FB56AC22DBD006E3A05EB626DC181574420B93CC07F3AC51107F0E97AAD ] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
02:06:42.0156 0x0ad4  XFast LAN - ok
02:06:42.0340 0x0ad4  [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
02:06:42.0344 0x0ad4  Adobe Reader Speed Launcher - ok
02:06:42.0756 0x0ad4  [ 0619778577CDB2BC87C47B1CF4AF3531, E1180C2AE44869D20E04B863A66FAAB78EE60ECF8394FE4A526F9FA882C0E3DE ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
02:06:42.0776 0x0ad4  StartCCC - ok
02:06:43.0026 0x0ad4  [ 07AF92553C94A548C38BE54B6A668318, C43269A6F2B7F95290D4ABF9EFDA8E2631408671A7A6E01A06DD90E503467C36 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
02:06:43.0116 0x0ad4  AvastUI.exe - ok
02:06:43.0272 0x0ad4  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
02:06:43.0305 0x0ad4  Sidebar - ok
02:06:43.0325 0x0ad4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
02:06:43.0449 0x0ad4  mctadmin - ok
02:06:43.0606 0x0ad4  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
02:06:43.0646 0x0ad4  Sidebar - ok
02:06:43.0676 0x0ad4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
02:06:43.0686 0x0ad4  mctadmin - ok
02:06:43.0696 0x0ad4  Waiting for KSN requests completion. In queue: 84
02:06:44.0696 0x0ad4  Waiting for KSN requests completion. In queue: 8
02:06:45.0696 0x0ad4  Waiting for KSN requests completion. In queue: 8
02:06:46.0705 0x0ad4  Waiting for KSN requests completion. In queue: 8
02:06:47.0806 0x0ad4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
02:06:47.0826 0x0ad4  Win FW state via NFP2: enabled
02:06:50.0625 0x0ad4  ============================================================
02:06:50.0625 0x0ad4  Scan finished
02:06:50.0625 0x0ad4  ============================================================
02:06:50.0625 0x0f18  Detected object count: 0
02:06:50.0625 0x0f18  Actual detected object count: 0
 
 
 
 
 
 
 
 

Results of screen317's Security Check version 0.99.95  
 Windows 7  x86 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome (39.0.2171.99) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng ngtool.exe 
 AVAST Software Avast avastUi.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng vbox\aswFe.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 23 January 2015 - 01:27 PM

Hello :)

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Attached File  fixlist.txt   1.19KB   3 downloads

That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

 

Microsoft Windows 7 home (SP1 is missing)
Internet Explorer Version 8
Adobe Reader 9

 

 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

 


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 23 January 2015 - 01:52 PM

:welcome: 
 
hope that it is the final log B) 
so,what is the problem on my computer ?  :smash:   

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-01-2015
Ran by Carmen at 2015-01-24 02:33:21 Run:1
Running from C:\Users\Carmen\Desktop
Loaded Profiles: Carmen &  (Available profiles: Carmen)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Desktop\12.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\1421939144KOJIYOU.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\B78_EHMCQAAkQ1P.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\c2RBx9l.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\caf5c43887225edeefbdd29dc6f0b162.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\IMG_7188.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\IMG_7245.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\IMG_7249.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\obwQHIj.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Desktop\wvhbJsF.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:$CmdTcID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:$CmdZnID
AlternateDataStreams: C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe:BDU
CreateRestorePoint:
EmptyTemp:
 
*****************
 
Processes closed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
C:\Windows\system32\MRT.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\Carmen\Desktop\12.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\1421939144KOJIYOU.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\B78_EHMCQAAkQ1P.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\c2RBx9l.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\caf5c43887225edeefbdd29dc6f0b162.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\IMG_7188.JPG => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\IMG_7245.JPG => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\IMG_7249.JPG => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\obwQHIj.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Desktop\wvhbJsF.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\Carmen\Downloads\Windows-KB890830-V5.20.exe => ":BDU" ADS removed successfully.
Restore point was successfully created.
EmptyTemp: => Removed 704 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 02:33:53 ====


 


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:58 PM

Posted 23 January 2015 - 01:57 PM

I don't see any problem. :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 yuko17

yuko17
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 23 January 2015 - 02:00 PM

I don't see any problem. :)

so, i got the warning because of the interference between Multiple Anti-Virus Software? no any detected file in my pc? safe?  :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users