Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

So much adware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

So much adware

Unread postby c_rodes76 » April 28th, 2014, 9:52 am

Last night I foolishly tried downloading a free version of Neat Video and following the installation, all the links to my browsers were deleted. I was also unable to access the internet until I restarted my computer. After I restarted my computer, I was able to get on the internet again, but my browsers were drowning in ads. Everytime I use any browser I'm surrounded by ads and pop-ups. I've run MalwareBytes, Spy-bot, Adaware, and a paid for pro version of SpyHunter4. These applications were able to delete a good chunk of malware/etc. but my problems still persist. However, now whenever I run these apps, they say there are no threats - this is obviously not true. I've run out of ideas so I'm coming to the experts for help.

I was unable to run the DDS on my Windows 8.1 PC, so I ran the OTL instead. I couldn't post both the OTL.txt and the Extras.txt because I was over the allowed character limit, so if you need the extras.txt let me know and I'll post it in a separate response. Thanks for your help!



OTL logfile created on: 4/28/2014 8:33:41 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\c.rodes76\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

16.00 Gb Total Physical Memory | 13.59 Gb Available Physical Memory | 84.92% Memory free
18.37 Gb Paging File | 15.54 Gb Available in Paging File | 84.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1857.69 Gb Total Space | 1476.22 Gb Free Space | 79.47% Space Free | Partition Type: NTFS

Computer Name: PC-RODEY | User Name: c.rodes76 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/28 08:32:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\c.rodes76\Downloads\OTL.exe
PRC - [2014/04/28 07:59:41 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
PRC - [2014/04/23 17:42:26 | 000,016,384 | ---- | M] () -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
PRC - [2014/04/23 17:01:04 | 000,572,096 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/04/23 17:01:02 | 001,825,984 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/04/01 20:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/03/28 17:26:12 | 000,228,744 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
PRC - [2014/02/21 03:54:40 | 000,152,392 | ---- | M] (Apple Inc.) -- C:\Users\c.rodes76\Music\iTunesHelper.exe
PRC - [2014/01/30 16:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/10/23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/10/15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/09/20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/09/13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/05/24 12:08:22 | 002,703,104 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/14 03:33:08 | 000,318,312 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
PRC - [2011/12/08 19:53:32 | 008,364,288 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
PRC - [2011/12/07 21:31:00 | 000,303,360 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/28 08:00:05 | 001,175,040 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._core_.pyd
MOD - [2014/04/28 08:00:05 | 001,157,120 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\_ssl.pyd
MOD - [2014/04/28 08:00:05 | 001,062,400 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._controls_.pyd
MOD - [2014/04/28 08:00:05 | 000,811,008 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._windows_.pyd
MOD - [2014/04/28 08:00:05 | 000,805,888 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._gdi_.pyd
MOD - [2014/04/28 08:00:05 | 000,735,232 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._misc_.pyd
MOD - [2014/04/28 08:00:05 | 000,712,192 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\_hashlib.pyd
MOD - [2014/04/28 08:00:05 | 000,686,080 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\unicodedata.pyd
MOD - [2014/04/28 08:00:05 | 000,557,056 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\pysqlite2._sqlite.pyd
MOD - [2014/04/28 08:00:05 | 000,525,640 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\windows._lib_cacheinvalidation.pyd
MOD - [2014/04/28 08:00:05 | 000,364,544 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\pythoncom27.dll
MOD - [2014/04/28 08:00:05 | 000,320,512 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32com.shell.shell.pyd
MOD - [2014/04/28 08:00:05 | 000,128,512 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\_elementtree.pyd
MOD - [2014/04/28 08:00:05 | 000,127,488 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\pyexpat.pyd
MOD - [2014/04/28 08:00:05 | 000,122,368 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._wizard.pyd
MOD - [2014/04/28 08:00:05 | 000,119,808 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32file.pyd
MOD - [2014/04/28 08:00:05 | 000,110,080 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\pywintypes27.dll
MOD - [2014/04/28 08:00:05 | 000,108,544 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32security.pyd
MOD - [2014/04/28 08:00:05 | 000,098,816 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32api.pyd
MOD - [2014/04/28 08:00:05 | 000,087,040 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\_ctypes.pyd
MOD - [2014/04/28 08:00:05 | 000,070,656 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\wx._html2.pyd
MOD - [2014/04/28 08:00:05 | 000,044,032 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\_socket.pyd
MOD - [2014/04/28 08:00:05 | 000,038,912 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32inet.pyd
MOD - [2014/04/28 08:00:05 | 000,035,840 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32process.pyd
MOD - [2014/04/28 08:00:05 | 000,026,624 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\_multiprocessing.pyd
MOD - [2014/04/28 08:00:05 | 000,025,600 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32pdh.pyd
MOD - [2014/04/28 08:00:05 | 000,024,064 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32pipe.pyd
MOD - [2014/04/28 08:00:05 | 000,022,528 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32ts.pyd
MOD - [2014/04/28 08:00:05 | 000,018,432 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32event.pyd
MOD - [2014/04/28 08:00:05 | 000,017,408 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32profile.pyd
MOD - [2014/04/28 08:00:05 | 000,011,264 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\win32crypt.pyd
MOD - [2014/04/28 08:00:05 | 000,010,240 | ---- | M] () -- C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI50162\select.pyd
MOD - [2014/04/23 17:01:04 | 001,092,288 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/04/21 17:55:38 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/04/21 17:55:38 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/04/01 20:58:03 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014/04/01 20:58:02 | 013,691,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
MOD - [2014/04/01 20:57:59 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014/04/01 20:57:54 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014/04/01 20:57:53 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014/04/01 20:57:52 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014/04/01 20:57:49 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2014/03/31 17:09:18 | 000,754,688 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/03/03 14:15:40 | 020,626,624 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/06/14 18:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 18:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 18:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011/12/08 19:53:32 | 008,364,288 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
MOD - [2011/09/13 19:57:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/04/28 00:15:22 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/03/22 18:16:52 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/22 18:15:51 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/22 18:14:17 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/22 18:14:17 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/22 18:13:23 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/03/22 18:13:23 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/22 18:11:09 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/01/23 16:09:18 | 000,702,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2013/11/14 02:24:26 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/11/14 02:24:26 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/14 02:21:14 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/11/14 02:21:14 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/11/14 02:21:14 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 04:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2010/04/06 19:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014/04/23 17:42:26 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2014/04/23 17:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/03/12 14:04:07 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/14 02:21:13 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/10/27 09:12:26 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/10/23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/16 23:16:21 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/16 00:01:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/12/14 03:33:08 | 000,318,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe -- (AnviCsbSvc)
SRV - [2011/12/07 21:31:00 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2011/08/30 18:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/03/22 18:14:17 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/22 18:14:17 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/22 18:14:17 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/22 18:11:48 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/22 18:11:09 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/22 18:11:09 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/22 18:11:09 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/22 18:11:09 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/10 05:35:53 | 000,377,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/11/14 02:24:25 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 02:21:13 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/11/14 02:21:13 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/11/14 02:21:13 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 02:19:23 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/11/14 02:14:07 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 02:14:04 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/10/27 09:12:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 07:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/17 17:10:52 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2013/06/18 09:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/13 16:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/01 07:41:38 | 000,446,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/10/25 12:01:20 | 000,022,680 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012/08/21 16:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/22 13:33:48 | 000,025,056 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:64bit: - [2011/04/19 12:52:20 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2011/03/02 20:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2010/02/03 14:21:56 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2008/02/06 06:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/05/10 00:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/05/10 00:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2007/05/10 00:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV - [2013/02/16 00:56:49 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2013/02/16 00:55:29 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013/02/16 00:55:22 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

IE - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Users\c.rodes76\Music\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/02/16 20:38:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c.rodes76\AppData\Roaming\mozilla\Extensions
[2013/08/16 23:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/16 23:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/16 23:16:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2013/02/16 00:25:27 | 000,001,364 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Users\c.rodes76\Music\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002..\Run: [CloudSystemBooster] C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe (Anvisoft)
O4 - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-4012131871-1557372686-3524768994-1002..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C06FB0B-932E-4CC5-999E-AD9DEE65E288}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6230B41C-1D8C-45C8-9802-5CD9EE30815D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/02/16 23:01:08 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/28 08:24:16 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\c.rodes76\Desktop\dds.scr
[2014/04/28 07:37:17 | 000,000,000 | ---D | C] -- C:\Users\c.rodes76\AppData\Roaming\Lavasoft
[2014/04/28 07:37:07 | 000,000,000 | ---D | C] -- C:\Users\c.rodes76\AppData\Roaming\LavasoftStatistics
[2014/04/28 07:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/04/28 07:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/04/28 07:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/04/28 07:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/04/28 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/04/28 00:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/28 00:05:02 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/04/27 23:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/04/27 23:56:20 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2014/04/27 23:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/04/27 23:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/04/27 22:27:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft
[2014/04/27 22:27:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/04/27 22:27:08 | 000,000,000 | ---D | C] -- C:\Users\c.rodes76\AppData\Roaming\Wise
[2014/04/19 11:48:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2014/04/18 21:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2014/04/18 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\c.rodes76\AppData\Roaming\Origin
[2014/04/18 21:34:18 | 000,000,000 | ---D | C] -- C:\Users\c.rodes76\AppData\Local\Origin
[2014/04/18 20:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/04/18 20:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014/04/18 20:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2014/04/14 09:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/04/14 09:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/04/14 09:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/04/14 09:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/04/14 09:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/04/14 09:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/04/10 10:34:13 | 000,000,000 | ---D | C] -- C:\Users\c.rodes76\AppData\Local\ElevatedDiagnostics
[2014/04/09 14:12:14 | 000,377,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/04/09 14:12:13 | 001,287,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/04/09 14:12:12 | 001,109,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/04/28 08:31:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/28 08:24:17 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\c.rodes76\Desktop\dds.scr
[2014/04/28 08:05:45 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/04/28 08:05:45 | 000,730,408 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/04/28 08:05:45 | 000,135,520 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/04/28 08:04:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/28 08:01:11 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/28 08:00:21 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/28 07:59:37 | 000,002,336 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/28 07:59:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/04/28 07:59:03 | 856,924,157 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/28 07:52:16 | 000,000,181 | ---- | M] () -- C:\Users\c.rodes76\Desktop\Ad-Aware_Report_Quick_Manual_2014-04-28T07-51-57.645636.xml
[2014/04/28 00:24:58 | 000,001,008 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/04/28 00:15:22 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/04/27 23:56:24 | 000,001,402 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/04/27 23:49:58 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/27 23:35:16 | 000,001,825 | ---- | M] () -- C:\Users\c.rodes76\Desktop\chrome - Shortcut.lnk
[2014/04/27 23:34:51 | 000,001,523 | ---- | M] () -- C:\Users\c.rodes76\Desktop\firefox - Shortcut.lnk
[2014/04/27 22:43:35 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/27 18:31:27 | 000,100,879 | ---- | M] () -- C:\spyhunter.fix
[2014/04/19 12:10:14 | 000,001,217 | ---- | M] () -- C:\Users\Public\Desktop\Dead Space.lnk
[2014/04/18 20:25:45 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2014/04/14 09:54:41 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/14 09:51:45 | 000,001,864 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/03/31 16:23:52 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/03/31 16:23:52 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/04/28 07:52:16 | 000,000,181 | ---- | C] () -- C:\Users\c.rodes76\Desktop\Ad-Aware_Report_Quick_Manual_2014-04-28T07-51-57.645636.xml
[2014/04/28 07:23:30 | 000,002,336 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/28 00:24:58 | 000,001,008 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/04/28 00:15:22 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/04/27 23:56:24 | 000,001,414 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/04/27 23:56:24 | 000,001,402 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/04/27 23:34:51 | 000,001,523 | ---- | C] () -- C:\Users\c.rodes76\Desktop\firefox - Shortcut.lnk
[2014/04/27 23:34:29 | 000,001,825 | ---- | C] () -- C:\Users\c.rodes76\Desktop\chrome - Shortcut.lnk
[2014/04/27 22:27:27 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/19 12:10:14 | 000,001,217 | ---- | C] () -- C:\Users\Public\Desktop\Dead Space.lnk
[2014/04/18 20:25:45 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2014/04/14 09:54:41 | 000,001,906 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/04/14 09:51:45 | 000,001,864 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/03/22 18:11:48 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/16 19:23:05 | 000,038,407 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2013/02/15 10:43:34 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll
[2013/01/09 07:57:39 | 000,030,528 | ---- | C] () -- C:\WINDOWS\GVTDrv64.sys

========== ZeroAccess Check ==========

[2014/03/23 14:02:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/22 18:11:49 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/22 18:11:49 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/24 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\Awesomium
[2013/10/08 21:13:10 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\LucasArts
[2014/04/18 21:34:36 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\Origin
[2013/02/17 10:17:02 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\QuickScan
[2013/02/19 01:12:46 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\SkyGoblin
[2013/02/16 23:19:50 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\Webcam Simulator
[2014/04/27 22:27:08 | 000,000,000 | ---D | M] -- C:\Users\c.rodes76\AppData\Roaming\Wise

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\c.rodes76\SkyDrive:ms-properties

< End of report >
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am
Advertisement
Register to Remove

Re: So much adware

Unread postby nunped » May 1st, 2014, 2:09 pm

Hello c_rodes76, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: So much adware

Unread postby nunped » May 1st, 2014, 2:26 pm

Hi c_rodes76,

Please run these following scans:
Step 1 - FRST
Please download FRST ... by Farbar, from the link below and save it to your Desktop.
For 64 bit Systems
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Step 2 - CKScanner
Please download CKScanner ... Save it to your desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  1. Right-click on the CKScanner.exe icon and select "Run as Administrator", then click the Search For Files button.
  2. When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  3. Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  4. Please copy/paste the contents of ckfiles.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: So much adware

Unread postby c_rodes76 » May 1st, 2014, 2:43 pm

Thanks for your assistance, nunped!

I had to split the FRST.txt file in half since it was too many characters for a post. Here is the first half of FRST.txt:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 01
Ran by c.rodes76 (administrator) on PC-RODEY on 01-05-2014 13:29:03
Running from C:\Users\c.rodes76\Desktop
Windows 8.1 Single Language (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Windows\Temp\34.0.1847.131_34.0.1847.116_chrome_updater.exe1309da0
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\setup.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Users\c.rodes76\Music\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Users\c.rodes76\Music\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\S-1-5-21-4012131871-1557372686-3524768994-1002\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [2703104 2013-05-24] (Anvisoft)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\c.rodes76\AppData\Roaming\Mozilla\Firefox\Profiles\tlojoxdu.default-1398663725347
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Users\c.rodes76\Music\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Drive) - C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-17]
CHR Extension: (YouTube) - C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-17]
CHR Extension: (Google Search) - C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-17]
CHR Extension: (Google Wallet) - C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\c.rodes76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-17]

==================== Services (Whitelisted) =================

R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [318312 2012-12-14] ()
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 System Update kb70007; C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe [16384 2014-04-23] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-03-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-22] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-02-16] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-03-22] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 13:29 - 2014-05-01 13:29 - 00011616 _____ () C:\Users\c.rodes76\Desktop\FRST.txt
2014-05-01 13:28 - 2014-05-01 13:29 - 00000000 ____D () C:\FRST
2014-05-01 13:28 - 2014-05-01 13:28 - 02061824 _____ (Farbar) C:\Users\c.rodes76\Desktop\FRST64.exe
2014-05-01 08:52 - 2014-05-01 08:52 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-30 11:07 - 2014-04-30 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-30 11:07 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-04-30 11:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-04-30 11:07 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-04-30 11:07 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-04-30 11:06 - 2014-04-30 11:07 - 00004278 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-30 10:56 - 2014-04-30 10:56 - 00003074 _____ () C:\WINDOWS\DPINST.LOG
2014-04-30 10:56 - 2014-04-09 07:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-30 10:56 - 2014-04-08 22:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-30 10:56 - 2014-04-08 22:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-30 10:56 - 2014-04-08 22:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-30 10:56 - 2014-04-08 22:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-30 10:55 - 2014-04-30 10:55 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-04-30 10:50 - 2014-04-30 10:50 - 00003228 _____ () C:\WINDOWS\System32\Tasks\{BADA0EB2-1E32-46F9-9604-13DEB6410268}
2014-04-30 10:48 - 2014-05-01 08:52 - 00001475 _____ () C:\WINDOWS\setupact.log
2014-04-29 10:35 - 2014-03-19 23:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-29 10:35 - 2014-03-19 22:48 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-29 10:35 - 2014-03-19 22:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-29 10:35 - 2014-03-19 22:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-29 10:35 - 2014-03-19 22:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-29 10:35 - 2014-03-19 20:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-29 10:35 - 2014-03-19 20:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-04-29 10:35 - 2014-03-19 18:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-29 10:35 - 2014-03-19 02:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-29 10:35 - 2014-03-11 07:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-29 10:35 - 2014-03-08 00:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-29 10:35 - 2014-03-06 09:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-29 10:35 - 2014-03-06 07:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-29 10:35 - 2014-03-06 07:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-29 10:35 - 2014-03-06 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-29 10:35 - 2014-03-06 04:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-29 10:35 - 2014-03-06 03:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-29 10:35 - 2014-03-06 02:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-29 10:35 - 2014-03-06 01:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-29 10:35 - 2014-03-06 01:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-29 10:35 - 2014-03-06 01:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-29 10:35 - 2014-03-06 01:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-29 10:35 - 2014-03-06 01:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-04-29 10:35 - 2014-03-06 01:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-29 10:35 - 2014-03-06 00:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-29 10:35 - 2014-03-06 00:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-29 10:35 - 2014-03-06 00:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-29 10:35 - 2014-03-06 00:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-29 10:35 - 2014-03-04 07:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-29 10:35 - 2014-03-04 07:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-29 10:35 - 2014-03-04 06:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-29 10:34 - 2014-03-19 19:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-29 10:34 - 2014-03-19 19:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-29 10:34 - 2014-03-19 18:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-29 10:34 - 2014-03-19 18:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-29 10:34 - 2014-03-19 00:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-29 10:34 - 2014-03-19 00:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-29 10:34 - 2014-03-19 00:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-29 10:34 - 2014-03-19 00:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-29 10:34 - 2014-03-19 00:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-29 10:34 - 2014-03-18 23:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-29 10:34 - 2014-03-18 23:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-29 10:34 - 2014-03-13 07:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-29 10:34 - 2014-03-12 08:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-29 10:34 - 2014-03-11 10:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-29 10:34 - 2014-03-11 10:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-29 10:34 - 2014-03-11 10:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-29 10:34 - 2014-03-11 09:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-29 10:34 - 2014-03-11 09:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-29 10:34 - 2014-03-11 09:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-29 10:34 - 2014-03-11 09:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-29 10:34 - 2014-03-11 09:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-29 10:34 - 2014-03-11 08:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-29 10:34 - 2014-03-11 08:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-29 10:34 - 2014-03-11 07:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-29 10:34 - 2014-03-08 15:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-29 10:34 - 2014-03-08 15:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-29 10:34 - 2014-03-08 15:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-29 10:34 - 2014-03-08 15:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-29 10:34 - 2014-03-08 15:35 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-29 10:34 - 2014-03-08 15:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-29 10:34 - 2014-03-08 10:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-29 10:34 - 2014-03-08 10:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-29 10:34 - 2014-03-08 06:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-29 10:34 - 2014-03-08 04:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-29 10:34 - 2014-03-08 04:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-29 10:34 - 2014-03-08 03:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-29 10:34 - 2014-03-08 03:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-29 10:34 - 2014-03-08 03:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-29 10:34 - 2014-03-08 03:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-29 10:34 - 2014-03-08 02:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-29 10:34 - 2014-03-08 02:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-29 10:34 - 2014-03-08 02:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-29 10:34 - 2014-03-08 02:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-29 10:34 - 2014-03-08 02:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-29 10:34 - 2014-03-08 02:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-29 10:34 - 2014-03-08 02:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-29 10:34 - 2014-03-08 02:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-29 10:34 - 2014-03-08 01:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-29 10:34 - 2014-03-08 01:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-29 10:34 - 2014-03-08 01:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-29 10:34 - 2014-03-08 01:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-29 10:34 - 2014-03-08 01:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-29 10:34 - 2014-03-08 01:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-29 10:34 - 2014-03-08 01:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-29 10:34 - 2014-03-08 01:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-29 10:34 - 2014-03-08 01:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-29 10:34 - 2014-03-08 01:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-29 10:34 - 2014-03-08 01:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-29 10:34 - 2014-03-08 01:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-29 10:34 - 2014-03-08 00:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-29 10:34 - 2014-03-08 00:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-29 10:34 - 2014-03-06 09:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-29 10:34 - 2014-03-06 09:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-29 10:34 - 2014-03-06 07:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-29 10:34 - 2014-03-06 07:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-29 10:34 - 2014-03-06 07:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-29 10:34 - 2014-03-06 07:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-29 10:34 - 2014-03-06 07:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-29 10:34 - 2014-03-06 07:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-29 10:34 - 2014-03-06 07:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-29 10:34 - 2014-03-06 07:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-29 10:34 - 2014-03-06 07:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-29 10:34 - 2014-03-06 06:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-29 10:34 - 2014-03-06 06:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-29 10:34 - 2014-03-06 06:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-29 10:34 - 2014-03-06 06:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-29 10:34 - 2014-03-06 06:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-29 10:34 - 2014-03-06 05:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-29 10:34 - 2014-03-06 05:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-29 10:34 - 2014-03-06 05:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-29 10:34 - 2014-03-06 05:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-29 10:34 - 2014-03-06 05:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-29 10:34 - 2014-03-06 04:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-29 10:34 - 2014-03-06 04:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-29 10:34 - 2014-03-06 04:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-29 10:34 - 2014-03-06 04:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-29 10:34 - 2014-03-06 04:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-29 10:34 - 2014-03-06 04:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-29 10:34 - 2014-03-06 04:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-29 10:34 - 2014-03-06 04:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-29 10:34 - 2014-03-06 04:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-29 10:34 - 2014-03-06 04:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-29 10:34 - 2014-03-06 04:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-29 10:34 - 2014-03-06 04:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-29 10:34 - 2014-03-06 04:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-29 10:34 - 2014-03-06 04:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-29 10:34 - 2014-03-06 04:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-29 10:34 - 2014-03-06 04:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-29 10:34 - 2014-03-06 03:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-29 10:34 - 2014-03-06 03:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-29 10:34 - 2014-03-06 03:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-29 10:34 - 2014-03-06 03:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-29 10:34 - 2014-03-06 03:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-29 10:34 - 2014-03-06 03:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-29 10:34 - 2014-03-06 03:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-29 10:34 - 2014-03-06 02:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-29 10:34 - 2014-03-06 02:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-29 10:34 - 2014-03-06 02:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-29 10:34 - 2014-03-06 02:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-29 10:34 - 2014-03-06 02:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-29 10:34 - 2014-03-06 02:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-29 10:34 - 2014-03-06 01:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-29 10:34 - 2014-03-06 01:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-29 10:34 - 2014-03-06 01:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-29 10:34 - 2014-03-06 01:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-29 10:34 - 2014-03-06 01:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-29 10:34 - 2014-03-06 01:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-29 10:34 - 2014-03-06 01:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-29 10:34 - 2014-03-06 01:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-29 10:34 - 2014-03-06 01:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-29 10:34 - 2014-03-06 01:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-29 10:34 - 2014-03-06 01:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-29 10:34 - 2014-03-06 01:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-29 10:34 - 2014-03-06 01:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-29 10:34 - 2014-03-06 01:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-29 10:34 - 2014-03-06 01:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-29 10:34 - 2014-03-06 01:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-29 10:34 - 2014-03-06 01:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-29 10:34 - 2014-03-06 01:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-29 10:34 - 2014-03-06 01:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-29 10:34 - 2014-03-06 01:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-29 10:34 - 2014-03-06 01:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-29 10:34 - 2014-03-06 00:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-29 10:34 - 2014-03-06 00:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-29 10:34 - 2014-03-06 00:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-29 10:34 - 2014-03-06 00:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-29 10:34 - 2014-03-06 00:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-29 10:34 - 2014-03-06 00:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-29 10:34 - 2014-03-06 00:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-29 10:34 - 2014-03-06 00:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-29 10:34 - 2014-03-06 00:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-04-29 10:34 - 2014-03-04 07:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-29 10:34 - 2014-03-04 07:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-29 10:34 - 2014-03-04 06:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-29 10:34 - 2014-03-04 02:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-29 10:34 - 2014-03-04 02:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-29 10:34 - 2014-03-04 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-29 10:34 - 2014-03-04 02:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-29 10:34 - 2014-03-04 01:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-29 10:34 - 2014-03-04 01:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-29 10:34 - 2014-03-04 01:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-29 10:34 - 2014-03-04 01:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-29 10:34 - 2014-03-04 01:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-29 10:34 - 2014-03-04 01:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-29 10:34 - 2014-03-04 01:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-29 10:34 - 2014-03-04 01:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-29 10:34 - 2014-03-04 01:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-29 10:34 - 2014-03-04 00:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-29 10:34 - 2014-03-04 00:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-29 10:34 - 2014-02-06 17:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-29 10:34 - 2014-02-06 16:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-29 10:34 - 2013-12-23 18:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-29 10:34 - 2013-12-23 18:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-29 10:33 - 2014-03-02 05:20 - 23549952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 10:33 - 2014-03-02 04:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-29 10:33 - 2014-02-26 01:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-29 10:32 - 2014-02-22 07:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-29 10:32 - 2014-02-22 06:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-29 10:32 - 2014-02-22 06:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-29 10:32 - 2014-02-22 05:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-29 10:32 - 2014-02-22 05:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-29 10:32 - 2014-02-22 05:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-29 10:32 - 2014-02-22 04:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-29 10:32 - 2014-02-22 04:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-29 10:32 - 2014-02-22 04:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-29 10:32 - 2014-02-22 03:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-29 10:32 - 2014-02-22 03:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby c_rodes76 » May 1st, 2014, 2:44 pm

Here is the second half of FRST.txt:


2014-04-29 10:32 - 2014-02-07 20:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-29 10:31 - 2014-02-22 11:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-29 10:31 - 2014-02-22 11:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-29 10:31 - 2014-02-22 11:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-29 10:31 - 2014-02-22 11:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-29 10:31 - 2014-02-22 11:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-29 10:31 - 2014-02-22 11:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-29 10:31 - 2014-02-22 11:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-29 10:31 - 2014-02-22 11:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-29 10:31 - 2014-02-22 11:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-29 10:31 - 2014-02-22 11:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-29 10:31 - 2014-02-22 10:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-29 10:31 - 2014-02-22 10:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-29 10:31 - 2014-02-22 10:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-29 10:31 - 2014-02-22 10:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-29 10:31 - 2014-02-22 10:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-29 10:31 - 2014-02-22 10:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-29 10:31 - 2014-02-22 10:50 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-04-29 10:31 - 2014-02-22 10:49 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-29 10:31 - 2014-02-22 10:49 - 00280920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-29 10:31 - 2014-02-22 10:49 - 00148824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-29 10:31 - 2014-02-22 10:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-29 10:31 - 2014-02-22 10:48 - 01791752 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-29 10:31 - 2014-02-22 10:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-29 10:31 - 2014-02-22 10:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-29 10:31 - 2014-02-22 10:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-29 10:31 - 2014-02-22 10:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-29 10:31 - 2014-02-22 10:44 - 00539992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-29 10:31 - 2014-02-22 10:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-29 10:31 - 2014-02-22 10:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-29 10:31 - 2014-02-22 10:44 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-29 10:31 - 2014-02-22 10:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-29 10:31 - 2014-02-22 10:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-29 10:31 - 2014-02-22 10:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-29 10:31 - 2014-02-22 10:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-29 10:31 - 2014-02-22 10:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-29 10:31 - 2014-02-22 10:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-29 10:31 - 2014-02-22 10:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-29 10:31 - 2014-02-22 10:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-29 10:31 - 2014-02-22 09:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-29 10:31 - 2014-02-22 09:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-29 10:31 - 2014-02-22 09:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-29 10:31 - 2014-02-22 09:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-29 10:31 - 2014-02-22 09:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-04-29 10:31 - 2014-02-22 09:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-04-29 10:31 - 2014-02-22 09:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-04-29 10:31 - 2014-02-22 09:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-29 10:31 - 2014-02-22 09:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-29 10:31 - 2014-02-22 09:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-29 10:31 - 2014-02-22 09:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-04-29 10:31 - 2014-02-22 09:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-29 10:31 - 2014-02-22 09:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-29 10:31 - 2014-02-22 07:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-29 10:31 - 2014-02-22 07:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-29 10:31 - 2014-02-22 07:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-29 10:31 - 2014-02-22 07:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-29 10:31 - 2014-02-22 07:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-29 10:31 - 2014-02-22 07:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-29 10:31 - 2014-02-22 07:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-29 10:31 - 2014-02-22 06:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-29 10:31 - 2014-02-22 06:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-29 10:31 - 2014-02-22 06:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-29 10:31 - 2014-02-22 06:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-29 10:31 - 2014-02-22 06:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-29 10:31 - 2014-02-22 06:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-29 10:31 - 2014-02-22 06:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-29 10:31 - 2014-02-22 06:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-29 10:31 - 2014-02-22 06:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-29 10:31 - 2014-02-22 06:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-29 10:31 - 2014-02-22 05:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-04-29 10:31 - 2014-02-22 05:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-29 10:31 - 2014-02-22 05:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-29 10:31 - 2014-02-22 05:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-29 10:31 - 2014-02-22 05:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-29 10:31 - 2014-02-22 05:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-04-29 10:31 - 2014-02-22 05:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-29 10:31 - 2014-02-22 05:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-29 10:31 - 2014-02-22 05:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-29 10:31 - 2014-02-22 05:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-29 10:31 - 2014-02-22 05:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-29 10:31 - 2014-02-22 05:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-29 10:31 - 2014-02-22 05:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-29 10:31 - 2014-02-22 05:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-04-29 10:31 - 2014-02-22 05:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-29 10:31 - 2014-02-22 05:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-29 10:31 - 2014-02-22 05:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-29 10:31 - 2014-02-22 05:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-29 10:31 - 2014-02-22 05:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-29 10:31 - 2014-02-22 05:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-29 10:31 - 2014-02-22 05:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-29 10:31 - 2014-02-22 05:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-29 10:31 - 2014-02-22 05:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-29 10:31 - 2014-02-22 04:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-29 10:31 - 2014-02-22 04:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-29 10:31 - 2014-02-22 04:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-29 10:31 - 2014-02-22 04:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-29 10:31 - 2014-02-22 04:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-29 10:31 - 2014-02-22 04:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-29 10:31 - 2014-02-22 04:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-29 10:31 - 2014-02-22 04:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-29 10:31 - 2014-02-22 04:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-29 10:31 - 2014-02-22 04:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-29 10:31 - 2014-02-22 04:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-04-29 10:31 - 2014-02-22 04:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-29 10:31 - 2014-02-22 04:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-29 10:31 - 2014-02-22 04:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-29 10:31 - 2014-02-22 04:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-29 10:31 - 2014-02-22 04:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-29 10:31 - 2014-02-22 04:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-29 10:31 - 2014-02-22 04:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-29 10:31 - 2014-02-22 04:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-29 10:31 - 2014-02-22 04:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-29 10:31 - 2014-02-22 04:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-29 10:31 - 2014-02-22 04:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-29 10:31 - 2014-02-22 04:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-29 10:31 - 2014-02-22 04:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-29 10:31 - 2014-02-22 04:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-29 10:31 - 2014-02-22 04:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-29 10:31 - 2014-02-22 04:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-29 10:31 - 2014-02-22 04:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-29 10:31 - 2014-02-22 04:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-29 10:31 - 2014-02-22 04:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-29 10:31 - 2014-02-22 04:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-29 10:31 - 2014-02-22 04:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-29 10:31 - 2014-02-22 04:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-29 10:31 - 2014-02-22 04:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-29 10:31 - 2014-02-22 04:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-29 10:31 - 2014-02-22 04:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-29 10:31 - 2014-02-22 04:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-29 10:31 - 2014-02-22 04:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-29 10:31 - 2014-02-22 04:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-29 10:31 - 2014-02-22 04:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-04-29 10:31 - 2014-02-22 04:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-29 10:31 - 2014-02-22 04:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-29 10:31 - 2014-02-22 04:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-29 10:31 - 2014-02-22 03:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-29 10:31 - 2014-02-22 03:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-29 10:31 - 2014-02-22 03:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-29 10:31 - 2014-02-22 03:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-29 10:31 - 2014-02-22 03:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-29 10:31 - 2014-02-22 03:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-29 10:31 - 2014-02-22 03:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-29 10:31 - 2014-02-22 03:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-29 10:31 - 2014-02-22 03:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-29 10:31 - 2014-02-22 03:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-29 10:31 - 2014-02-22 03:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-29 10:31 - 2014-02-22 03:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-04-29 10:31 - 2014-02-22 03:46 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-04-29 10:31 - 2014-02-22 03:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-29 10:31 - 2014-02-22 03:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-29 10:31 - 2014-02-22 03:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-29 10:31 - 2014-02-22 03:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-04-29 10:31 - 2014-02-22 03:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-29 10:31 - 2014-02-22 03:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-29 10:31 - 2014-02-22 03:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-29 10:31 - 2014-02-22 03:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-29 10:31 - 2014-02-22 03:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-29 10:31 - 2014-02-22 03:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-29 10:31 - 2014-02-22 03:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-29 10:31 - 2014-02-22 03:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-29 10:31 - 2014-02-22 03:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-29 10:31 - 2014-02-22 03:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-29 10:31 - 2014-02-22 03:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-29 10:31 - 2014-02-22 03:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-04-29 10:31 - 2014-02-22 03:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-04-29 10:31 - 2014-02-22 03:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-04-29 10:31 - 2014-02-22 03:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-29 10:31 - 2014-02-22 03:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-29 10:31 - 2014-02-22 03:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-29 10:31 - 2014-02-22 03:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-29 10:31 - 2014-02-22 03:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-29 10:31 - 2014-02-22 03:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-29 10:31 - 2014-02-22 03:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-29 10:31 - 2014-02-22 03:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-29 10:31 - 2014-02-21 23:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-29 10:31 - 2014-02-02 09:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-29 10:31 - 2014-02-02 08:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-29 10:31 - 2014-01-29 03:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-29 10:31 - 2014-01-29 02:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-29 10:31 - 2014-01-27 10:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-29 10:31 - 2014-01-07 20:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-29 10:31 - 2013-12-10 02:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-29 10:30 - 2014-02-22 11:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-29 10:30 - 2014-02-22 11:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-29 10:30 - 2014-02-22 11:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-29 10:30 - 2014-02-22 11:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-29 10:30 - 2014-02-22 11:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-29 10:30 - 2014-02-22 11:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-29 10:30 - 2014-02-22 11:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-29 10:30 - 2014-02-22 11:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-29 10:30 - 2014-02-22 11:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-29 10:30 - 2014-02-22 11:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-29 10:30 - 2014-02-22 11:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-29 10:30 - 2014-02-22 11:00 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-29 10:30 - 2014-02-22 11:00 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-29 10:30 - 2014-02-22 11:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-29 10:30 - 2014-02-22 10:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-29 10:30 - 2014-02-22 10:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-29 10:30 - 2014-02-22 10:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-29 10:30 - 2014-02-22 10:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-29 10:30 - 2014-02-22 10:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-29 10:30 - 2014-02-22 10:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-29 10:30 - 2014-02-22 10:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-29 10:30 - 2014-02-22 10:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-29 10:30 - 2014-02-22 10:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-29 10:30 - 2014-02-22 10:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-29 10:30 - 2014-02-22 10:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-29 10:30 - 2014-02-22 10:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-29 10:30 - 2014-02-22 10:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-29 10:30 - 2014-02-22 10:49 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-29 10:30 - 2014-02-22 10:49 - 00189784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-29 10:30 - 2014-02-22 10:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-29 10:30 - 2014-02-22 10:49 - 00079192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-29 10:30 - 2014-02-22 10:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-29 10:30 - 2014-02-22 10:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-29 10:30 - 2014-02-22 10:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-29 10:30 - 2014-02-22 10:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-29 10:30 - 2014-02-22 10:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-29 10:30 - 2014-02-22 10:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-29 10:30 - 2014-02-22 09:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-29 10:30 - 2014-02-22 09:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-29 10:30 - 2014-02-22 09:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-29 10:30 - 2014-02-22 09:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-29 10:30 - 2014-02-22 09:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-29 10:30 - 2014-02-22 09:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-29 10:30 - 2014-02-22 09:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-29 10:30 - 2014-02-22 09:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-29 10:30 - 2014-02-22 09:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-29 10:30 - 2014-02-22 09:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-29 10:30 - 2014-02-22 09:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-29 10:30 - 2014-02-22 09:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-29 10:30 - 2014-02-22 09:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-29 10:30 - 2014-02-22 09:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-29 10:30 - 2014-02-22 09:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-29 10:30 - 2014-02-22 09:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-29 10:30 - 2014-02-22 09:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-29 10:30 - 2014-02-22 07:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-29 10:30 - 2014-02-22 07:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-29 10:30 - 2014-02-22 07:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-29 10:30 - 2014-02-22 07:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-29 10:30 - 2014-02-22 07:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-29 10:30 - 2014-02-22 07:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-29 10:30 - 2014-02-22 07:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-29 10:30 - 2014-02-22 07:14 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-29 10:30 - 2014-02-22 07:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-29 10:30 - 2014-02-22 07:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-29 10:30 - 2014-02-22 07:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-29 10:30 - 2014-02-22 07:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-29 10:30 - 2014-02-22 07:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-29 10:30 - 2014-02-22 07:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-29 10:30 - 2014-02-22 07:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-29 10:30 - 2014-02-22 07:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-29 10:30 - 2014-02-22 06:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-29 10:30 - 2014-02-22 06:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-29 10:30 - 2014-02-22 06:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-29 10:30 - 2014-02-22 06:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-29 10:30 - 2014-02-22 06:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-29 10:30 - 2014-02-22 06:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-29 10:30 - 2014-02-22 06:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-29 10:30 - 2014-02-22 06:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-29 10:30 - 2014-02-22 06:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-29 10:30 - 2014-02-22 06:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-29 10:30 - 2014-02-22 06:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-29 10:30 - 2014-02-22 06:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-29 10:30 - 2014-02-22 06:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-29 10:30 - 2014-02-22 06:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-29 10:30 - 2014-02-22 06:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-29 10:30 - 2014-02-22 06:25 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-04-29 10:30 - 2014-02-22 06:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-29 10:30 - 2014-02-22 06:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-29 10:30 - 2014-02-22 06:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-29 10:30 - 2014-02-22 06:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-29 10:30 - 2014-02-22 06:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-29 10:30 - 2014-02-22 06:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-29 10:30 - 2014-02-22 06:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-29 10:30 - 2014-02-22 06:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-29 10:30 - 2014-02-22 06:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-29 10:30 - 2014-02-22 06:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-29 10:30 - 2014-02-22 06:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-29 10:30 - 2014-02-22 06:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-29 10:30 - 2014-02-22 06:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-29 10:30 - 2014-02-22 06:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-29 10:30 - 2014-02-22 06:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-29 10:30 - 2014-02-22 06:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-29 10:30 - 2014-02-22 06:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-29 10:30 - 2014-02-22 06:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-29 10:30 - 2014-02-22 06:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-29 10:30 - 2014-02-22 06:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-29 10:30 - 2014-02-22 06:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-29 10:30 - 2014-02-22 05:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-29 10:30 - 2014-02-22 05:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-29 10:30 - 2014-02-22 05:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-04-29 10:30 - 2014-02-22 05:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-29 10:30 - 2014-02-22 05:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-29 10:30 - 2014-02-22 05:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-29 10:30 - 2014-02-22 05:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-29 10:30 - 2014-02-22 05:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-29 10:30 - 2014-02-22 05:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-29 10:30 - 2014-02-22 05:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-29 10:30 - 2014-02-22 05:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-29 10:30 - 2014-02-22 05:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-29 10:30 - 2014-02-22 05:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-29 10:30 - 2014-02-22 05:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-29 10:30 - 2014-02-22 05:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-29 10:30 - 2014-02-22 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-29 10:30 - 2014-02-22 05:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-29 10:30 - 2014-02-22 05:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-29 10:30 - 2014-02-22 05:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-29 10:30 - 2014-02-22 05:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-29 10:30 - 2014-02-22 05:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-29 10:30 - 2014-02-22 05:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-29 10:30 - 2014-02-22 05:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-29 10:30 - 2014-02-22 05:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-29 10:30 - 2014-02-22 05:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-29 10:30 - 2014-02-22 05:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-29 10:30 - 2014-02-22 05:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-29 10:30 - 2014-02-22 05:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-29 10:30 - 2014-02-22 05:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-29 10:30 - 2014-02-22 05:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-29 10:30 - 2014-02-22 05:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-29 10:30 - 2014-02-22 05:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-29 10:30 - 2014-02-22 05:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-29 10:30 - 2014-02-22 05:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-29 10:30 - 2014-02-22 05:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-29 10:30 - 2014-02-22 05:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-29 10:30 - 2014-02-22 05:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-29 10:30 - 2014-02-22 05:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-29 10:30 - 2014-02-22 05:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-29 10:30 - 2014-02-22 05:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-29 10:30 - 2014-02-22 05:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-29 10:30 - 2014-02-22 05:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-29 10:30 - 2014-02-22 05:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-29 10:30 - 2014-02-22 05:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-29 10:30 - 2014-02-22 05:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-29 10:30 - 2014-02-22 05:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 10:30 - 2014-02-22 05:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-29 10:30 - 2014-02-22 05:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-29 10:30 - 2014-02-22 05:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-29 10:30 - 2014-02-22 05:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-29 10:30 - 2014-02-22 05:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-29 10:30 - 2014-02-22 05:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-29 10:30 - 2014-02-22 05:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-29 10:30 - 2014-02-22 04:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-29 10:30 - 2014-02-22 04:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-29 10:30 - 2014-02-22 04:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-29 10:30 - 2014-02-22 04:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-29 10:30 - 2014-02-22 04:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-29 10:30 - 2014-02-22 04:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-29 10:30 - 2014-02-22 04:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-29 10:30 - 2014-02-22 04:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-29 10:30 - 2014-02-22 04:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-29 10:30 - 2014-02-22 04:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-29 10:30 - 2014-02-22 04:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-29 10:30 - 2014-02-22 04:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-29 10:30 - 2014-02-22 04:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-29 10:30 - 2014-02-22 04:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-29 10:30 - 2014-02-22 04:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-29 10:30 - 2014-02-22 04:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-29 10:30 - 2014-02-22 04:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-29 10:30 - 2014-02-22 04:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-29 10:30 - 2014-02-22 04:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-29 10:30 - 2014-02-22 04:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-29 10:30 - 2014-02-22 04:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-29 10:30 - 2014-02-22 04:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-29 10:30 - 2014-02-22 04:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-29 10:30 - 2014-02-22 04:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-04-29 10:30 - 2014-02-22 04:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-29 10:30 - 2014-02-22 04:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-29 10:30 - 2014-02-22 04:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-29 10:30 - 2014-02-22 04:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-29 10:30 - 2014-02-22 04:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-29 10:30 - 2014-02-22 04:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-29 10:30 - 2014-02-22 04:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-29 10:30 - 2014-02-22 04:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-29 10:30 - 2014-02-22 04:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-29 10:30 - 2014-02-22 04:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-29 10:30 - 2014-02-22 04:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-29 10:30 - 2014-02-22 04:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-29 10:30 - 2014-02-22 04:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-29 10:30 - 2014-02-22 04:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-29 10:30 - 2014-02-22 04:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-29 10:30 - 2014-02-22 04:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-29 10:30 - 2014-02-22 04:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-29 10:30 - 2014-02-22 04:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-29 10:30 - 2014-02-22 04:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-29 10:30 - 2014-02-22 04:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-29 10:30 - 2014-02-22 04:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-29 10:30 - 2014-02-22 04:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-04-29 10:30 - 2014-02-22 04:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-29 10:30 - 2014-02-22 04:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-29 10:30 - 2014-02-22 04:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-29 10:30 - 2014-02-22 04:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-29 10:30 - 2014-02-22 03:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-29 10:30 - 2014-02-22 03:55 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-04-29 10:30 - 2014-02-22 03:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-29 10:30 - 2014-02-22 03:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-29 10:30 - 2014-02-22 03:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-29 10:30 - 2014-02-22 03:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-29 10:30 - 2014-02-22 03:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-29 10:30 - 2014-02-22 03:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-29 10:30 - 2014-02-22 03:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-29 10:30 - 2014-02-22 03:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-29 10:30 - 2014-02-22 03:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-29 10:30 - 2014-02-22 03:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-29 10:30 - 2014-02-22 03:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-29 10:30 - 2014-02-22 03:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-04-29 10:30 - 2014-02-22 03:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-29 10:30 - 2014-02-22 03:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-29 10:30 - 2014-02-22 03:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-04-29 10:30 - 2014-02-22 03:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-29 10:30 - 2014-02-22 03:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-29 10:30 - 2014-02-22 03:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-29 10:30 - 2014-02-22 03:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-29 10:30 - 2014-02-22 03:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-29 10:30 - 2014-02-22 03:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-29 10:30 - 2014-02-22 03:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-04-29 10:30 - 2014-02-22 03:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-29 10:30 - 2014-02-22 03:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-29 10:30 - 2014-02-22 03:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-29 10:30 - 2014-02-22 03:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-29 10:30 - 2014-02-22 03:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-29 10:30 - 2014-02-22 03:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-29 10:30 - 2014-02-22 03:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-29 10:30 - 2014-02-22 03:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-29 10:30 - 2014-02-22 03:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-29 10:30 - 2014-02-22 03:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-29 10:30 - 2014-02-22 03:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-04-29 10:30 - 2014-02-22 03:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-29 10:30 - 2014-02-22 03:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-29 10:30 - 2014-02-22 03:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-29 10:30 - 2014-02-22 03:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-29 10:30 - 2014-02-22 03:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-29 10:30 - 2014-02-22 03:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-29 10:30 - 2014-02-22 03:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-29 10:30 - 2014-02-22 03:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-04-29 10:30 - 2014-02-22 03:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-29 10:30 - 2014-02-22 03:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-29 10:30 - 2014-02-22 03:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-29 10:30 - 2014-02-22 03:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-29 10:30 - 2014-02-22 03:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-29 10:30 - 2014-02-22 03:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-29 10:30 - 2014-02-22 03:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-29 10:30 - 2014-02-22 03:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-29 10:30 - 2014-02-22 03:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-29 10:30 - 2014-02-22 03:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-29 10:30 - 2014-02-22 03:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-29 10:30 - 2014-02-22 03:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-29 10:30 - 2014-02-22 03:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-29 10:30 - 2014-02-22 02:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-29 10:30 - 2014-02-01 01:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-29 10:30 - 2014-02-01 01:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-29 10:30 - 2014-01-31 06:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-29 10:30 - 2014-01-31 06:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-29 10:30 - 2014-01-31 04:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-29 10:30 - 2014-01-31 04:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-29 10:30 - 2014-01-31 04:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-29 10:30 - 2014-01-31 04:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-29 10:30 - 2014-01-31 04:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-29 10:30 - 2014-01-31 04:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-29 10:30 - 2014-01-31 04:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-29 10:30 - 2014-01-31 03:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-29 10:30 - 2014-01-31 03:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-29 10:30 - 2014-01-29 03:52 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-29 10:30 - 2014-01-29 03:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-29 10:30 - 2014-01-28 19:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-29 10:30 - 2014-01-28 19:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-29 10:30 - 2014-01-28 19:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-29 10:30 - 2014-01-27 14:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-29 10:30 - 2014-01-27 12:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-29 10:30 - 2014-01-22 01:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-29 10:30 - 2014-01-22 00:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-29 10:30 - 2014-01-17 12:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-29 10:30 - 2014-01-17 12:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-29 10:30 - 2014-01-07 19:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-04-29 10:30 - 2013-12-04 10:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-29 10:30 - 2013-12-04 10:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-29 10:30 - 2013-12-04 09:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-29 10:30 - 2013-12-04 08:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-29 10:30 - 2013-11-27 04:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-29 10:30 - 2013-11-27 03:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-29 10:30 - 2013-11-10 18:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-29 10:30 - 2013-11-07 23:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-29 10:29 - 2014-02-22 07:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-29 10:29 - 2014-02-22 07:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-29 10:29 - 2014-02-22 07:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-29 10:29 - 2014-02-22 07:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-29 10:29 - 2014-02-22 07:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-29 10:29 - 2014-02-22 07:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-29 10:29 - 2014-02-22 07:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-29 10:29 - 2014-02-22 07:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-29 10:29 - 2014-02-22 07:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-29 10:29 - 2014-02-22 07:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-29 10:29 - 2014-02-22 07:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-29 10:29 - 2014-02-22 07:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-04-29 10:29 - 2014-02-22 07:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-29 10:29 - 2014-02-22 07:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-29 10:29 - 2014-02-22 06:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-29 10:29 - 2014-02-22 06:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-29 10:29 - 2014-02-22 06:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-29 10:29 - 2014-02-22 06:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-29 10:29 - 2014-02-22 06:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-29 10:29 - 2014-02-22 06:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-29 10:29 - 2014-02-22 06:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-29 10:29 - 2014-02-22 06:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-29 10:29 - 2014-02-22 06:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-29 10:29 - 2014-02-22 06:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-29 10:29 - 2014-02-22 06:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-29 10:29 - 2014-02-22 06:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-29 10:29 - 2014-02-22 06:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-29 10:29 - 2014-02-22 06:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-29 10:29 - 2014-02-22 06:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-29 10:29 - 2014-02-22 06:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-29 10:29 - 2014-02-22 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-04-29 10:29 - 2014-02-22 06:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-29 10:29 - 2014-02-22 06:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-29 10:29 - 2014-02-22 06:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-29 10:29 - 2014-02-22 06:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-29 10:29 - 2014-02-22 06:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-29 10:29 - 2014-02-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-29 10:29 - 2014-02-22 06:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-29 10:29 - 2014-02-22 06:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-29 10:29 - 2014-02-22 06:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-29 10:29 - 2014-02-22 05:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-29 10:29 - 2014-02-22 05:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-29 10:29 - 2014-02-22 05:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-29 10:29 - 2014-02-22 05:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-29 10:29 - 2014-02-22 05:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-29 10:29 - 2014-02-22 05:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-29 10:29 - 2014-02-22 05:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-29 10:29 - 2014-02-22 05:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-29 10:29 - 2014-02-22 05:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-04-29 10:29 - 2014-02-22 05:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-29 10:29 - 2014-02-22 05:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-29 10:29 - 2014-02-22 05:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-04-29 10:29 - 2014-02-22 05:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-29 10:29 - 2014-02-22 05:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-29 10:29 - 2014-02-22 05:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-29 10:29 - 2014-02-22 05:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-29 10:29 - 2014-02-22 05:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-29 10:29 - 2014-02-22 05:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-29 10:29 - 2014-02-22 05:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-29 10:29 - 2014-02-22 05:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-29 10:29 - 2014-02-22 05:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-29 10:29 - 2014-02-22 05:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-29 10:29 - 2014-02-22 04:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-29 10:29 - 2014-02-22 04:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-04-29 10:29 - 2014-02-22 04:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-29 10:29 - 2014-02-22 04:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-29 10:29 - 2014-02-22 04:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-29 10:29 - 2014-02-22 04:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-29 10:29 - 2014-02-22 04:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-29 10:29 - 2014-02-22 04:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-29 10:29 - 2014-02-22 04:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-29 10:29 - 2014-02-22 04:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-29 10:29 - 2014-02-22 04:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-29 10:29 - 2014-02-22 04:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-29 10:29 - 2014-02-22 04:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-29 10:29 - 2014-02-22 04:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-29 10:29 - 2014-02-22 04:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-29 10:29 - 2014-02-22 04:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-29 10:29 - 2014-02-22 04:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-29 10:29 - 2014-02-22 04:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-29 10:29 - 2014-02-22 04:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-29 10:29 - 2014-02-22 04:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-29 10:29 - 2014-02-22 04:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-29 10:29 - 2014-02-22 04:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-29 10:29 - 2014-02-22 04:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-29 10:29 - 2014-02-22 03:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-04-29 10:29 - 2014-02-22 03:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-29 10:29 - 2014-02-22 03:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-04-29 10:29 - 2014-02-22 03:55 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-29 10:29 - 2014-02-22 03:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-29 10:29 - 2014-02-22 03:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-29 10:29 - 2014-02-22 03:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-29 10:29 - 2014-02-22 03:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-29 10:29 - 2014-02-22 03:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-29 10:29 - 2014-02-22 03:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-04-29 10:29 - 2014-02-22 03:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-29 10:29 - 2014-02-22 03:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-29 10:29 - 2014-02-22 03:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-29 10:29 - 2014-02-22 03:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-29 10:29 - 2014-02-22 03:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-29 10:29 - 2014-02-22 03:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-29 10:29 - 2014-02-22 03:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-29 10:29 - 2014-02-22 03:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-29 10:29 - 2014-02-22 03:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-29 10:29 - 2014-02-22 03:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-29 10:29 - 2014-02-22 03:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-29 10:29 - 2014-02-22 03:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-29 10:29 - 2014-02-22 03:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-29 10:29 - 2014-02-21 23:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-29 10:29 - 2014-02-21 23:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-29 10:29 - 2014-02-21 23:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-29 10:29 - 2014-02-21 23:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-29 10:29 - 2014-02-21 23:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-29 10:29 - 2014-02-07 20:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-29 10:29 - 2014-02-07 20:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-29 10:29 - 2014-02-01 01:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-29 10:29 - 2014-02-01 01:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-29 10:29 - 2014-02-01 01:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-29 10:29 - 2014-02-01 01:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-29 10:29 - 2014-02-01 01:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-29 10:29 - 2014-02-01 01:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-29 10:29 - 2014-01-27 12:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-29 10:29 - 2014-01-27 06:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-29 10:29 - 2013-11-27 04:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-29 10:29 - 2013-11-27 04:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-29 10:29 - 2013-11-07 22:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-29 10:11 - 2014-04-29 10:11 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-29 10:11 - 2014-04-29 10:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-29 10:06 - 2014-04-29 10:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-29 10:06 - 2014-04-29 10:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-29 10:06 - 2014-04-29 10:06 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-28 08:39 - 2014-05-01 09:03 - 00277980 _____ () C:\Users\c.rodes76\Downloads\OTL.Txt
2014-04-28 08:39 - 2014-05-01 09:03 - 00108346 _____ () C:\Users\c.rodes76\Downloads\Extras.Txt
2014-04-28 08:32 - 2014-04-28 08:32 - 00602112 _____ (OldTimer Tools) C:\Users\c.rodes76\Downloads\OTL.exe
2014-04-28 08:30 - 2014-04-28 08:30 - 00688992 _____ (Swearware) C:\Users\c.rodes76\Downloads\dds.com
2014-04-28 08:25 - 2014-04-28 08:25 - 00688992 _____ (Swearware) C:\Users\c.rodes76\Downloads\dds.scr
2014-04-28 07:37 - 2014-04-28 07:37 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\LavasoftStatistics
2014-04-28 07:21 - 2014-04-28 07:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-28 07:19 - 2014-04-28 07:19 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\c.rodes76\Downloads\SpyHunter-Installer.exe
2014-04-28 00:24 - 2014-04-28 00:24 - 00001008 _____ () C:\WINDOWS\system32\.crusader
2014-04-28 00:15 - 2014-04-30 10:50 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-28 00:15 - 2014-04-28 00:25 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-28 00:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-04-27 23:59 - 2014-05-01 13:25 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BA170C56-A55A-4A3C-B25F-0131974EA86B}
2014-04-27 23:56 - 2014-04-30 10:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-27 23:56 - 2014-04-30 10:55 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-04-27 23:34 - 2014-04-27 23:35 - 00001825 _____ () C:\Users\c.rodes76\Desktop\chrome - Shortcut.lnk
2014-04-27 23:34 - 2014-04-27 23:34 - 00001523 _____ () C:\Users\c.rodes76\Desktop\firefox - Shortcut.lnk
2014-04-27 22:27 - 2014-04-27 22:43 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-27 22:27 - 2014-04-27 22:27 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\Wise
2014-04-27 22:27 - 2014-04-27 22:27 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-04-22 12:29 - 2014-04-22 12:29 - 00000483 _____ () C:\Users\c.rodes76\Documents\IRS response.txt
2014-04-19 12:10 - 2014-04-19 12:10 - 00001217 _____ () C:\Users\Public\Desktop\Dead Space.lnk
2014-04-18 21:39 - 2014-04-18 21:39 - 00000568 _____ () C:\WINDOWS\wmsetup.log
2014-04-18 21:34 - 2014-04-19 11:04 - 00000000 ____D () C:\Users\c.rodes76\AppData\Local\Origin
2014-04-18 21:34 - 2014-04-18 21:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-18 21:34 - 2014-04-18 21:34 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\Origin
2014-04-18 20:25 - 2014-04-19 22:16 - 00000000 ____D () C:\ProgramData\Origin
2014-04-18 20:25 - 2014-04-18 21:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-18 20:25 - 2014-04-18 20:25 - 00001002 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-04-18 20:25 - 2014-04-18 20:25 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-04-14 09:54 - 2014-04-14 09:54 - 00001906 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\Program Files\iTunes
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\Program Files\iPod
2014-04-14 09:51 - 2014-04-14 09:51 - 00001864 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-14 09:51 - 2014-04-14 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-04-14 09:51 - 2014-04-14 09:51 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 05:27 - 2014-04-10 05:27 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 14:11 - 2014-04-09 14:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

==================== One Month Modified Files and Folders =======

2014-05-01 13:29 - 2014-05-01 13:29 - 00011616 _____ () C:\Users\c.rodes76\Desktop\FRST.txt
2014-05-01 13:29 - 2014-05-01 13:28 - 00000000 ____D () C:\FRST
2014-05-01 13:28 - 2014-05-01 13:28 - 02061824 _____ (Farbar) C:\Users\c.rodes76\Desktop\FRST64.exe
2014-05-01 13:25 - 2014-04-27 23:59 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BA170C56-A55A-4A3C-B25F-0131974EA86B}
2014-05-01 13:04 - 2013-02-16 20:42 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-01 13:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-01 12:31 - 2013-02-15 23:38 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 10:45 - 2014-03-22 15:21 - 01843307 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-01 10:35 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-01 09:18 - 2013-02-14 11:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4012131871-1557372686-3524768994-1002
2014-05-01 09:15 - 2013-02-16 23:04 - 00052231 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-05-01 09:03 - 2014-04-28 08:39 - 00277980 _____ () C:\Users\c.rodes76\Downloads\OTL.Txt
2014-05-01 09:03 - 2014-04-28 08:39 - 00108346 _____ () C:\Users\c.rodes76\Downloads\Extras.Txt
2014-05-01 08:52 - 2014-05-01 08:52 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-01 08:52 - 2014-04-30 10:48 - 00001475 _____ () C:\WINDOWS\setupact.log
2014-05-01 08:48 - 2014-03-22 15:51 - 00000000 __RDO () C:\Users\c.rodes76\SkyDrive
2014-05-01 08:48 - 2013-02-16 03:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-01 08:48 - 2013-02-16 03:19 - 00000000 ___RD () C:\Users\c.rodes76\Google Drive
2014-05-01 08:48 - 2013-02-15 23:38 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 15:15 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-30 11:08 - 2013-09-13 17:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-30 11:07 - 2014-04-30 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-30 11:07 - 2014-04-30 11:06 - 00004278 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-30 11:07 - 2013-11-14 02:24 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-30 11:07 - 2013-02-15 23:26 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-30 10:59 - 2014-04-27 23:56 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-30 10:59 - 2014-03-22 15:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-30 10:59 - 2013-11-14 02:17 - 00005744 _____ () C:\WINDOWS\PFRO.log
2014-04-30 10:59 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-30 10:58 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-30 10:56 - 2014-04-30 10:56 - 00003074 _____ () C:\WINDOWS\DPINST.LOG
2014-04-30 10:56 - 2013-01-09 07:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-30 10:55 - 2014-04-30 10:55 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-04-30 10:55 - 2014-04-27 23:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-30 10:55 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-30 10:53 - 2013-01-09 06:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-30 10:50 - 2014-04-30 10:50 - 00003228 _____ () C:\WINDOWS\System32\Tasks\{BADA0EB2-1E32-46F9-9604-13DEB6410268}
2014-04-30 10:50 - 2014-04-28 00:15 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-30 10:44 - 2013-02-14 11:37 - 00000000 ___RD () C:\Users\c.rodes76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-30 10:44 - 2013-02-14 11:37 - 00000000 ___RD () C:\Users\c.rodes76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-30 10:41 - 2013-08-22 09:44 - 02940672 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-30 10:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-30 10:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-30 10:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-30 10:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-30 10:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-30 10:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-30 10:38 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-29 10:11 - 2014-04-29 10:11 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-29 10:11 - 2014-04-29 10:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-29 10:06 - 2014-04-29 10:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-29 10:06 - 2014-04-29 10:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-29 10:06 - 2014-04-29 10:06 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-29 10:06 - 2014-04-29 10:06 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-28 12:04 - 2013-02-16 20:42 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-04-28 10:42 - 2013-02-14 11:56 - 00000000 ____D () C:\Users\c.rodes76\Documents\Program Set-Ups
2014-04-28 08:32 - 2014-04-28 08:32 - 00602112 _____ (OldTimer Tools) C:\Users\c.rodes76\Downloads\OTL.exe
2014-04-28 08:30 - 2014-04-28 08:30 - 00688992 _____ (Swearware) C:\Users\c.rodes76\Downloads\dds.com
2014-04-28 08:25 - 2014-04-28 08:25 - 00688992 _____ (Swearware) C:\Users\c.rodes76\Downloads\dds.scr
2014-04-28 07:37 - 2014-04-28 07:37 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\LavasoftStatistics
2014-04-28 07:21 - 2014-04-28 07:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-28 07:19 - 2014-04-28 07:19 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\c.rodes76\Downloads\SpyHunter-Installer.exe
2014-04-28 00:25 - 2014-04-28 00:15 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-28 00:24 - 2014-04-28 00:24 - 00001008 _____ () C:\WINDOWS\system32\.crusader
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-04-27 23:49 - 2013-02-16 23:21 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-27 23:49 - 2013-02-16 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-04-27 23:49 - 2013-02-16 23:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-27 23:35 - 2014-04-27 23:34 - 00001825 _____ () C:\Users\c.rodes76\Desktop\chrome - Shortcut.lnk
2014-04-27 23:34 - 2014-04-27 23:34 - 00001523 _____ () C:\Users\c.rodes76\Desktop\firefox - Shortcut.lnk
2014-04-27 22:43 - 2014-04-27 22:27 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-27 22:28 - 2013-02-15 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 22:27 - 2014-04-27 22:27 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\Wise
2014-04-27 22:27 - 2014-04-27 22:27 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-04-27 22:27 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-04-27 22:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-04-27 22:27 - 2013-08-16 23:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-27 18:31 - 2013-02-17 10:48 - 00100879 _____ () C:\spyhunter.fix
2014-04-27 18:31 - 2013-02-17 02:49 - 00003664 ____N () C:\spyhunter.log
2014-04-25 08:42 - 2013-02-14 14:11 - 00000000 ____D () C:\Users\c.rodes76\Documents\Games
2014-04-22 19:24 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-22 19:24 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 12:29 - 2014-04-22 12:29 - 00000483 _____ () C:\Users\c.rodes76\Documents\IRS response.txt
2014-04-19 22:16 - 2014-04-18 20:25 - 00000000 ____D () C:\ProgramData\Origin
2014-04-19 21:11 - 2014-03-23 09:57 - 00403456 ___SH () C:\Users\c.rodes76\Desktop\Thumbs.db
2014-04-19 12:10 - 2014-04-19 12:10 - 00001217 _____ () C:\Users\Public\Desktop\Dead Space.lnk
2014-04-19 12:10 - 2013-02-17 22:36 - 00141760 _____ () C:\WINDOWS\DirectX.log
2014-04-19 11:04 - 2014-04-18 21:34 - 00000000 ____D () C:\Users\c.rodes76\AppData\Local\Origin
2014-04-18 21:39 - 2014-04-18 21:39 - 00000568 _____ () C:\WINDOWS\wmsetup.log
2014-04-18 21:36 - 2014-04-18 21:34 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-18 21:34 - 2014-04-18 21:34 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\Origin
2014-04-18 21:34 - 2014-04-18 20:25 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-18 20:25 - 2014-04-18 20:25 - 00001002 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-04-18 20:25 - 2014-04-18 20:25 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-04-14 20:13 - 2014-04-30 11:07 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-30 11:07 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-30 11:07 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-30 11:07 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-04-14 09:54 - 2014-04-14 09:54 - 00001906 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\Program Files\iTunes
2014-04-14 09:54 - 2014-04-14 09:54 - 00000000 ____D () C:\Program Files\iPod
2014-04-14 09:51 - 2014-04-14 09:51 - 00001864 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-14 09:51 - 2014-04-14 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-04-14 09:51 - 2014-04-14 09:51 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-10 10:41 - 2013-02-16 00:01 - 00000000 ____D () C:\Users\c.rodes76\AppData\Local\Adobe
2014-04-10 10:40 - 2013-02-14 11:37 - 00000000 ____D () C:\Users\c.rodes76\AppData\Roaming\Adobe
2014-04-10 05:35 - 2013-08-16 19:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-10 05:27 - 2014-04-10 05:27 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-10 05:27 - 2013-02-16 00:43 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-09 14:11 - 2014-04-09 14:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 09:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-09 07:00 - 2014-04-30 10:56 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-08 22:32 - 2014-04-30 10:56 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-08 22:31 - 2014-04-30 10:56 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-08 22:23 - 2014-04-30 10:56 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-08 22:21 - 2014-04-30 10:56 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

Some content of TEMP:
====================
C:\Users\c.rodes76\AppData\Local\Temp\HitmanPro.exe
C:\Users\c.rodes76\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\c.rodes76\AppData\Local\Temp\_is3890.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-30 11:23

==================== End Of Log ============================
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby c_rodes76 » May 1st, 2014, 2:45 pm

Here is Addition.txt:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014 01
Ran by c.rodes76 at 2014-05-01 13:29:27
Running from C:\Users\c.rodes76\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (HKLM-x32\...\Adobe_26b63376f4efc354dae41af6b5e3343) (Version: 4 - Adobe Systems Incorporated)
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Alpha Protocol (HKLM-x32\...\Steam App 34010) (Version: - Obsidian Entertainment)
Analogue: A Hate Story (HKLM-x32\...\Steam App 209370) (Version: - Christine Love)
Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capsized (HKLM-x32\...\Steam App 95300) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 2.0 - Anvisoft)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic)
Costume Quest (HKLM-x32\...\Steam App 115100) (Version: - Double Fine Productions)
Daggerfall (HKLM-x32\...\{75118CF3-44B5-411A-B3DD-C10432217693}) (Version: 1.00.0000 - Bethesda Softworks)
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 1.0.0.222 - Electronic Arts)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Easy Tune 6 B12.1018.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1018.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Fallout (HKLM-x32\...\Steam App 38400) (Version: - Black Isle Studios)
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version: - )
Fallout Tactics (HKLM-x32\...\Steam App 38420) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - )
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)
Guild Wars (HKLM-x32\...\Guild Wars) (Version: - )
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo)
Home (HKLM-x32\...\Steam App 215670) (Version: - Benjamin Rivers)
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
honestech VHS to DVD 5.0 Deluxe (x32 Version: 5.0 - honestech) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version: - LucasArts)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSI Afterburner 2.2.2 (HKLM-x32\...\Afterburner) (Version: 2.2.2 - MSI Co., LTD)
My Game Long Name (HKLM\...\UDK-3717dc5a-5c30-46b0-96b8-5df951f56f50) (Version: - Epic Games, Inc.)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
NVIDIA 3D Vision Controller Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.2.0416 - Bethesda Softworks)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Psychonauts (HKLM-x32\...\Steam App 3830) (Version: - Double Fine Productions)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Receiver (HKLM-x32\...\Steam App 234190) (Version: - Wolfire Games)
RegHunter (HKLM\...\{D4EFA08D-A192-4007-987D-71BFF23B2F8F}) (Version: 1.2.2.1568 - Enigma Software Group USA, LLC)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version: - ACE Team)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version: - The Creative Assembly)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
Sequence (HKLM-x32\...\Steam App 200910) (Version: - Iridium Studios)
Sid Meier’s Ace Patrol: Pacific Skies (HKLM-x32\...\Steam App 244090) (Version: - Firaxis)
Sid Meier's Ace Patrol (HKLM-x32\...\Steam App 244070) (Version: - Firaxis Games)
Sid Meier's Civilization III: Complete (HKLM-x32\...\Steam App 3910) (Version: - Firaxis Games)
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Colonization (HKLM-x32\...\Steam App 16810) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Warlords (HKLM-x32\...\Steam App 3990) (Version: - Firaxis Games)
Sid Meier's Railroads! (HKLM-x32\...\Steam App 7600) (Version: - Firaxis Games)
Skype™ 6.9 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SpyHunter (HKLM\...\{6B6C4C46-1B7E-4A41-9E70-ACFBB22B1D81}) (Version: 4.12.13.4202 - Enigma Software Group USA, LLC)
Stacking (HKLM-x32\...\Steam App 115110) (Version: - Double Fine Productions)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Symphony (HKLM-x32\...\Steam App 207750) (Version: - Empty Clip Studios)
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version: - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls Arena (HKLM-x32\...\{62E2BBFA-BE97-42CD-AE89-A4EEF7F36992}) (Version: 1.00.0000 - Bethesda Softworks)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version: - )
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version: - LucasArts)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version: - Outerlight)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
Thief 2 (HKLM-x32\...\Steam App 211740) (Version: - Looking Glass Studios)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version: - Looking Glass Studios)
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Ys Origin (HKLM-x32\...\Steam App 207350) (Version: - Falcom)

==================== Restore Points =========================

19-04-2014 02:38:59 Installed DirectX
26-04-2014 03:08:02 Scheduled Checkpoint
28-04-2014 12:22:07 AA11
30-04-2014 15:46:37 AA11

==================== Hosts content: ==========================

2014-04-30 19:03 - 2014-04-30 19:03 - 00000698 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1993DC08-432D-41F9-9836-C17662BA8745} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22E08FA5-929D-42F7-A1F3-5C1B994C233C} - System32\Tasks\{CD33A659-9BAF-44A0-9E30-8CB5F505659E} => Chrome.exe http://www.skype.com/go/downloading?sou ... tError=404
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {58696498-D695-431A-B18F-FD8A88C86272} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {61BAD3B2-09F4-4DF3-BCEF-1FE5B6245F6C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7D25E423-E0E5-4965-85B6-B7D1A4BD5C0E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {82517CD2-F324-4235-B002-89EE0CFBDDAF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A8392E65-14AE-4E0B-8CE2-C537501CF7EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15] (Google Inc.)
Task: {C544728C-A938-449D-9B58-AFC7B8F3DD6D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CC45F3C7-AD9B-4C7C-9977-715815B0A4D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD636118-619A-4066-97DD-BBF1B6A96D37} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-10] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F998BA09-1E9F-448B-BD7A-4FFDC13BFD29} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-14 03:33 - 2012-12-14 03:33 - 00318312 _____ () C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
2014-04-27 22:27 - 2014-04-23 17:42 - 00016384 _____ () C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe
2013-02-15 10:43 - 2011-12-07 21:31 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2014-03-22 15:22 - 2013-10-23 03:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-15 10:43 - 2011-12-08 19:53 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-27 22:27 - 2014-04-23 17:42 - 00033792 _____ () C:\WINDOWS\Microsoft\System Update kb70007\InstallerLibrary.dll
2014-04-27 22:27 - 2014-04-23 17:42 - 00015360 _____ () C:\WINDOWS\Microsoft\System Update kb70007\Installer.dll
2013-02-15 10:43 - 2011-10-25 17:54 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2014-05-01 08:48 - 2014-05-01 08:48 - 00098816 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32api.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00110080 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\pywintypes27.dll
2014-05-01 08:48 - 2014-05-01 08:48 - 00364544 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\pythoncom27.dll
2014-05-01 08:48 - 2014-05-01 08:48 - 00044032 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\_socket.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 01157120 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\_ssl.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00320512 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32com.shell.shell.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00712192 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\_hashlib.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 01175040 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._core_.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00805888 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._gdi_.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00811008 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._windows_.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 01062400 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._controls_.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00735232 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._misc_.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00128512 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\_elementtree.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00127488 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\pyexpat.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00557056 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\pysqlite2._sqlite.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00087040 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\_ctypes.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00119808 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32file.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00108544 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32security.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00018432 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32event.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00038912 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32inet.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00122368 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._wizard.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00070656 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\wx._html2.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00026624 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\_multiprocessing.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00010240 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\select.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00024064 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32pipe.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00686080 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\unicodedata.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00025600 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32pdh.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00525640 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\windows._lib_cacheinvalidation.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00011264 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32crypt.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00035840 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32process.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00017408 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32profile.pyd
2014-05-01 08:48 - 2014-05-01 08:48 - 00022528 _____ () C:\Users\CE2FF~1.ROD\AppData\Local\Temp\_MEI36522\win32ts.pyd
2014-01-21 20:48 - 2014-04-21 17:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-27 23:13 - 2014-04-21 17:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-25 14:23 - 2014-03-31 17:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-02-15 16:08 - 2014-04-23 17:01 - 01092288 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-01-22 07:22 - 2014-03-03 14:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 12:51 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 12:51 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 12:51 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-02-15 10:43 - 2011-09-13 19:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-30 16:31 - 2014-04-23 19:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2014-04-27 22:27 - 2014-05-01 11:00 - 00086528 _____ () C:\Program Files (x86)\MSR\Privoxy\mgwz.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\c.rodes76\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2014 02:29:18 PM) (Source: Application Hang) (User: )
Description: The program OTL (1).exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16b4

Start Time: 01cf648ea7eb88f4

Termination Time: 2

Application Path: C:\Users\c.rodes76\Downloads\OTL (1).exe

Report Id: b4df72c5-d09d-11e3-bea9-902b34aff94b

Faulting package full name:

Faulting package-relative application ID:

Error: (04/30/2014 10:49:38 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17039, time stamp: 0x53156588
Faulting module name: SHELL32.dll, version: 6.3.9600.17055, time stamp: 0x53292661
Exception code: 0xc0000005
Fault offset: 0x0000000000165e90
Faulting process id: 0xb5c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (04/27/2014 10:43:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: PluginService.exe, version: 13.27.0.223, time stamp: 0x53474b44
Faulting module name: DpInterface32.dll, version: 3.0.2.3481, time stamp: 0x533bad50
Exception code: 0xc0000005
Fault offset: 0x0009b04e
Faulting process id: 0x11d4
Faulting application start time: 0xPluginService.exe0
Faulting application path: PluginService.exe1
Faulting module path: PluginService.exe2
Report Id: PluginService.exe3
Faulting package full name: PluginService.exe4
Faulting package-relative application ID: PluginService.exe5

Error: (04/20/2014 01:40:44 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/19/2014 11:48:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: touchup.exe, version: 3.6.3.1, time stamp: 0x52430f47
Faulting module name: msvcrt.dll, version: 7.0.9600.16384, time stamp: 0x52158ff5
Exception code: 0xc0000005
Fault offset: 0x00022285
Faulting process id: 0x119c
Faulting application start time: 0xtouchup.exe0
Faulting application path: touchup.exe1
Faulting module path: touchup.exe2
Report Id: touchup.exe3
Faulting package full name: touchup.exe4
Faulting package-relative application ID: touchup.exe5

Error: (04/19/2014 11:48:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: touchup.exe, version: 3.6.3.1, time stamp: 0x52430f47
Faulting module name: Wpc.dll_unloaded, version: 6.3.9600.16384, time stamp: 0x52157f36
Exception code: 0xc00001a5
Fault offset: 0x0006803c
Faulting process id: 0x119c
Faulting application start time: 0xtouchup.exe0
Faulting application path: touchup.exe1
Faulting module path: touchup.exe2
Report Id: touchup.exe3
Faulting package full name: touchup.exe4
Faulting package-relative application ID: touchup.exe5

Error: (04/14/2014 00:24:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484

Error: (04/14/2014 00:24:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1484

Error: (04/14/2014 00:24:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 08:46:15 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall


System errors:
=============
Error: (04/30/2014 02:27:04 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (04/30/2014 11:02:08 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/30/2014 11:02:08 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/30/2014 10:59:58 AM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (04/30/2014 10:44:34 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/30/2014 10:44:34 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1326

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/30/2014 10:43:32 AM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (04/30/2014 10:43:29 AM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (04/30/2014 10:42:12 AM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (04/29/2014 10:49:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Windows 8.1 Update for x64-based Systems (KB2919355).


Microsoft Office Sessions:
=========================
Error: (04/30/2014 02:29:18 PM) (Source: Application Hang)(User: )
Description: OTL (1).exe3.2.69.016b401cf648ea7eb88f42C:\Users\c.rodes76\Downloads\OTL (1).exeb4df72c5-d09d-11e3-bea9-902b34aff94b

Error: (04/30/2014 10:49:38 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.3.9600.1703953156588SHELL32.dll6.3.9600.1705553292661c00000050000000000165e90b5c01cf648b1a7d96bcC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\SHELL32.dll08e09c3f-d07f-11e3-bea8-902b34aff94b

Error: (04/27/2014 10:43:36 PM) (Source: Application Error)(User: )
Description: PluginService.exe13.27.0.22353474b44DpInterface32.dll3.0.2.3481533bad50c00000050009b04e11d401cf6291e3ec09eeC:\ProgramData\IePluginService\PluginService.exeC:\Program Files (x86)\SupTab\DpInterface32.dll46c57601-ce87-11e3-be9e-902b34aff94b

Error: (04/20/2014 01:40:44 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/19/2014 11:48:57 AM) (Source: Application Error)(User: )
Description: touchup.exe3.6.3.152430f47msvcrt.dll7.0.9600.1638452158ff5c000000500022285119c01cf5bef2939f62aC:\PROGRA~2\ORIGIN~1\DEADSP~1\__INST~1\touchup.exeC:\WINDOWS\SYSTEM32\msvcrt.dll7f90673c-c7e2-11e3-be9e-902b34aff94b

Error: (04/19/2014 11:48:57 AM) (Source: Application Error)(User: )
Description: touchup.exe3.6.3.152430f47Wpc.dll_unloaded6.3.9600.1638452157f36c00001a50006803c119c01cf5bef2939f62aC:\PROGRA~2\ORIGIN~1\DEADSP~1\__INST~1\touchup.exeWpc.dll7f39e148-c7e2-11e3-be9e-902b34aff94b

Error: (04/14/2014 00:24:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484

Error: (04/14/2014 00:24:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1484

Error: (04/14/2014 00:24:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2014 08:46:15 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall


CodeIntegrity Errors:
===================================
Date: 2014-04-28 00:04:56.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-04-28 00:04:56.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-04-22 12:29:08.096
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-22 15:38:50.135
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC834307-0B76-42E4-BCF3-565B4E8B14A7}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2013-02-17 09:53:10.823
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_179\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-17 09:51:56.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_179\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-17 09:38:23.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_179\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-17 09:20:35.417
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_179\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-17 09:14:49.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_000\avcuf64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 16381.54 MB
Available physical RAM: 14008.91 MB
Total Pagefile: 18813.54 MB
Available Pagefile: 16151.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1857.69 GB) (Free:1478.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B035ECCD)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-204341248000) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5 GB) - (Type=27)

==================== End Of Log ============================
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby c_rodes76 » May 1st, 2014, 2:46 pm

and finally ckfiles.txt:


CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\steam\steamapps\common\castlecrashers\data\sounds\sound_frost_crackle.xma
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\nature\ground\dirt01_cracked_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\nature\ground\dirt01_cracked_nrm_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\floor_cracks_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\floor_cracks_nrm_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\pillar_cracked00_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\pillar_cracked00_nrm02_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\wall_cracked00_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\wall_cracked01_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\wall_cracked_nrm_0.xnb
c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\mods\afterworld\assets\art\terrain\features\afterworldwalls\shadow_wall_2_cracked.dds
c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\mods\afterworld\assets\art\terrain\features\afterworldwalls\wall_2_cracked.nif
c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\mods\afterworld\assets\art\terrain\features\afterworldwalls\wall_2_cracked_diff.dds
c:\program files (x86)\steam\steamapps\common\sid meier's railroads\assets\terrain\textures\crackeddesertground.dds
c:\program files (x86)\steam\steamapps\common\sid meier's railroads\assets\terrain\textures\crackeddesertground2.dds
c:\program files (x86)\steam\steamapps\common\sid meier's railroads\assets\terrain\textures\crackeddesertground2_normal.dds
c:\program files (x86)\steam\steamapps\common\sid meier's railroads\assets\terrain\textures\crackeddesertground_normal.dds
c:\users\c.rodes76\music\my itunes\brand new\deja entendu\11 play crack the sky.m4a
c:\users\c.rodes76\music\my itunes\sam _the man_ taylor\the history of the honkin' & screamin' s\3-20 cracklin' bread.m4a
c:\users\c.rodes76\music\my itunes\stone temple pilots\core\11 crackerman.m4a
c:\users\c.rodes76\music\my itunes\the great river big band\a warm breeze\13 the nutcracker suite.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\01 the devil's paintbrush road.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\02 glory bound.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\03 begin.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\04 things that you know.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\05 swallow.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\06 starlight.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\07 apocalypse lullaby.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\08 this heart of mine.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\09 long time traveller.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\10 avila.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\11 some good thing.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\12 prairie town.m4a
c:\users\c.rodes76\music\my itunes\the wailin' jennys\firecracker\13 firecracker.m4a
c:\users\c.rodes76\music\my itunes\white williams\smoke\09 fleetwood crack.m4a
scanner sequence 3.ZZ.11.JGNAWZ
----- EOF -----
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby nunped » May 1st, 2014, 3:49 pm

Hi c_rodes76,

Next:
Step 1 - Online Multi Antivirus file scan
Please go to Virus Total and upload -only one file per scan- the following file(s) for scanning:
C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe

  • Press the Browse button and navigate to -one- of the files in the list.
  • Double click the located file name. The file name should now appear in the online scanner's text entry box.
  • Click on Send File button.
  • The file will be queued, uploaded and scanned by various antivirus scanners. This may take a few minutes.
      If you receive the message: File has already been analysed:
      Please press the Reanalyse file now button, so your file will be scanned.
  • When all scans have completed the results page is displayed
  • Please highlight and copy the page web address link from your browser window.
    Example of web address :
    Image
  • Please repeat this procedure for each file listed above.
  • Paste the Web address link(s) for the scan results in your next reply.

Step 2 - Junkware Removal Tool Image
  • Please download jrt.exe by thisisu and save it to your desktop. Alternate download here.
  • Please temporarily disable your security/protection software as found here, to avoid potential conflicts.
  • Right-click jrt.exe and select "Run as Administrator"
    The tool will open and start scanning your system. Please be patient, it can take a while depending on your system.
    On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  • Please copy and paste the contents of JRT.txt and post in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: So much adware

Unread postby c_rodes76 » May 1st, 2014, 9:09 pm

Online Multi Antivirus scan (the link doesn't look quite the same as the example, but this was the only link I was able to find):

WindowsUpdater.exe - https://www.virustotal.com/en/file/ea34 ... /analysis/



JRT.txt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by c.rodes76 on Thu 05/01/2014 at 20:02:38.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/01/2014 at 20:05:55.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby nunped » May 2nd, 2014, 10:39 am

Hi c_rodes76,

Can you give me an update on your computer's performance? What issues are you experiencing?

Please run the next scan:
Please download TDSSKiller and save it to your Desktop.

  • Right click TDSSKiller.exe and select " Run as administrator " to run it.
  • Click Change parameters
  • Under Additional Options check Detect TDLFS file system
  • Ensure Verify file digital signatures is unchecked.
  • Click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure Cure is selected then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue
    • If TDLFS file system is detected, the default action will be Skip, Change to Delete & then click Continue

    DO NOT change the default actions other than for the TDLFS file system.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  • A log will be created on your root (usually C:) drive. The log is like UtilityName.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  • If no reboot is required, click on Report. A log file should appear.
  • Please post the contents in your next reply
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: So much adware

Unread postby c_rodes76 » May 2nd, 2014, 11:33 am

Hey nunped - thanks for all your help so far.

Update: My computer still seems to be running the same as before. I'm still getting a whole bunch of pop-ups in my browsers and it doesn't look like they've diminished in any way.

The TDSSKiller scan resulted in "No threats found." The report was too long for a single post, so here is the first half of the report:

10:28:04.0255 0x1830 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
10:28:08.0913 0x1830 ============================================================
10:28:08.0913 0x1830 Current date / time: 2014/05/02 10:28:08.0913
10:28:08.0913 0x1830 SystemInfo:
10:28:08.0913 0x1830
10:28:08.0913 0x1830 OS Version: 6.3.9600 ServicePack: 0.0
10:28:08.0913 0x1830 Product type: Workstation
10:28:08.0913 0x1830 ComputerName: PC-RODEY
10:28:08.0913 0x1830 UserName: c.rodes76
10:28:08.0913 0x1830 Windows directory: C:\WINDOWS
10:28:08.0913 0x1830 System windows directory: C:\WINDOWS
10:28:08.0913 0x1830 Running under WOW64
10:28:08.0913 0x1830 Processor architecture: Intel x64
10:28:08.0913 0x1830 Number of processors: 8
10:28:08.0913 0x1830 Page size: 0x1000
10:28:08.0913 0x1830 Boot type: Normal boot
10:28:08.0913 0x1830 ============================================================
10:28:09.0130 0x1830 KLMD registered as C:\WINDOWS\system32\drivers\47176611.sys
10:28:09.0337 0x1830 System UUID: {B06D2FA4-5CA3-2547-ADE5-9A03D3D4FD30}
10:28:09.0705 0x1830 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:28:09.0710 0x1830 ============================================================
10:28:09.0710 0x1830 \Device\Harddisk0\DR0:
10:28:09.0710 0x1830 MBR partitions:
10:28:09.0710 0x1830 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE1000
10:28:09.0710 0x1830 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE1800, BlocksNum 0xE8362800
10:28:09.0710 0x1830 ============================================================
10:28:09.0748 0x1830 C: <-> \Device\Harddisk0\DR0\Partition2
10:28:09.0748 0x1830 ============================================================
10:28:09.0748 0x1830 Initialize success
10:28:09.0748 0x1830 ============================================================
10:28:18.0633 0x173c ============================================================
10:28:18.0633 0x173c Scan started
10:28:18.0633 0x173c Mode: Manual; TDLFS;
10:28:18.0633 0x173c ============================================================
10:28:18.0633 0x173c KSN ping started
10:28:20.0925 0x173c KSN ping finished: true
10:28:21.0249 0x173c ================ Scan system memory ========================
10:28:21.0249 0x173c System memory - ok
10:28:21.0250 0x173c ================ Scan services =============================
10:28:21.0327 0x173c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
10:28:21.0331 0x173c 1394ohci - ok
10:28:21.0347 0x173c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
10:28:21.0348 0x173c 3ware - ok
10:28:21.0385 0x173c [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
10:28:21.0394 0x173c ACPI - ok
10:28:21.0408 0x173c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
10:28:21.0409 0x173c acpiex - ok
10:28:21.0415 0x173c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
10:28:21.0416 0x173c acpipagr - ok
10:28:21.0445 0x173c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
10:28:21.0446 0x173c AcpiPmi - ok
10:28:21.0451 0x173c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
10:28:21.0452 0x173c acpitime - ok
10:28:21.0543 0x173c [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:28:21.0547 0x173c AdobeFlashPlayerUpdateSvc - ok
10:28:21.0572 0x173c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:28:21.0584 0x173c ADP80XX - ok
10:28:21.0626 0x173c [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
10:28:21.0630 0x173c AeLookupSvc - ok
10:28:21.0644 0x173c [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD C:\WINDOWS\system32\drivers\afd.sys
10:28:21.0654 0x173c AFD - ok
10:28:21.0674 0x173c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
10:28:21.0675 0x173c agp440 - ok
10:28:21.0688 0x173c [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:28:21.0689 0x173c ahcache - ok
10:28:21.0718 0x173c [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
10:28:21.0720 0x173c ALG - ok
10:28:21.0736 0x173c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
10:28:21.0738 0x173c AmdK8 - ok
10:28:21.0747 0x173c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
10:28:21.0749 0x173c AmdPPM - ok
10:28:21.0763 0x173c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
10:28:21.0764 0x173c amdsata - ok
10:28:21.0773 0x173c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
10:28:21.0777 0x173c amdsbs - ok
10:28:21.0793 0x173c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
10:28:21.0794 0x173c amdxata - ok
10:28:21.0845 0x173c [ 0CE79F00BC069F94BBE8139CAE38A9C2, CD619B1F8A32D3DB337F2A0914307F4E2BE53FDDDAC33509862174DECDAFE8B2 ] AnviCsbSvc C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
10:28:21.0850 0x173c AnviCsbSvc - ok
10:28:21.0862 0x173c [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
10:28:21.0864 0x173c AppID - ok
10:28:21.0892 0x173c [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
10:28:21.0893 0x173c AppIDSvc - ok
10:28:21.0922 0x173c [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll
10:28:21.0924 0x173c Appinfo - ok
10:28:21.0975 0x173c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:28:21.0976 0x173c Apple Mobile Device - ok
10:28:21.0994 0x173c [ CC19A6452BA688EA32D14D8DBEC190F4, 6D52B63926E1766DB8BD00CC5CC0AD9EA3B68FC1E6C66FAF4E899606437468A3 ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys
10:28:21.0995 0x173c AppleCharger - ok
10:28:22.0006 0x173c [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe
10:28:22.0007 0x173c AppleChargerSrv - ok
10:28:22.0024 0x173c [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
10:28:22.0033 0x173c AppReadiness - ok
10:28:22.0077 0x173c [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
10:28:22.0097 0x173c AppXSvc - ok
10:28:22.0111 0x173c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
10:28:22.0113 0x173c arcsas - ok
10:28:22.0119 0x173c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
10:28:22.0120 0x173c atapi - ok
10:28:22.0130 0x173c [ F83D49F4B10E813A1F9AC8B92F16592D, E7B2F508D33861A9826F2C7B2087F14F6937C9B8F660D6363F737BAC60BD4578 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:28:22.0133 0x173c AudioEndpointBuilder - ok
10:28:22.0159 0x173c [ 9A71BD2E4B8EB550D0022AFDF8616014, 34D595684624114F23265CE8031ADC9E03AD374A5AFEEBB794AC57796A3CDA2F ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
10:28:22.0172 0x173c Audiosrv - ok
10:28:22.0209 0x173c [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
10:28:22.0211 0x173c AxInstSV - ok
10:28:22.0224 0x173c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
10:28:22.0233 0x173c b06bdrv - ok
10:28:22.0251 0x173c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:28:22.0252 0x173c BasicDisplay - ok
10:28:22.0267 0x173c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
10:28:22.0268 0x173c BasicRender - ok
10:28:22.0275 0x173c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
10:28:22.0275 0x173c bcmfn2 - ok
10:28:22.0331 0x173c [ 6FA3557EA5FA09BA705298CC6B0E9F5A, 3C8EA2080973619DEC613FC2F2022AA1A931EE9640C32C6DF6B50C46671BE5F5 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh664.sys
10:28:22.0350 0x173c BCMH43XX - ok
10:28:22.0372 0x173c [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
10:28:22.0378 0x173c BDESVC - ok
10:28:22.0382 0x173c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:28:22.0382 0x173c Beep - ok
10:28:22.0409 0x173c [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE C:\WINDOWS\System32\bfe.dll
10:28:22.0422 0x173c BFE - ok
10:28:22.0472 0x173c [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
10:28:22.0488 0x173c BITS - ok
10:28:22.0578 0x173c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:28:22.0585 0x173c Bonjour Service - ok
10:28:22.0597 0x173c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
10:28:22.0599 0x173c bowser - ok
10:28:22.0630 0x173c [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:28:22.0634 0x173c BrokerInfrastructure - ok
10:28:22.0646 0x173c [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll
10:28:22.0648 0x173c Browser - ok
10:28:22.0657 0x173c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:28:22.0658 0x173c BthAvrcpTg - ok
10:28:22.0666 0x173c [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
10:28:22.0667 0x173c BthHFEnum - ok
10:28:22.0676 0x173c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
10:28:22.0677 0x173c bthhfhid - ok
10:28:22.0686 0x173c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
10:28:22.0687 0x173c BTHMODEM - ok
10:28:22.0698 0x173c [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
10:28:22.0700 0x173c bthserv - ok
10:28:22.0735 0x173c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:28:22.0737 0x173c cdfs - ok
10:28:22.0756 0x173c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
10:28:22.0759 0x173c cdrom - ok
10:28:22.0771 0x173c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
10:28:22.0774 0x173c CertPropSvc - ok
10:28:22.0785 0x173c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
10:28:22.0786 0x173c circlass - ok
10:28:22.0797 0x173c [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
10:28:22.0802 0x173c CLFS - ok
10:28:22.0819 0x173c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
10:28:22.0819 0x173c CmBatt - ok
10:28:22.0839 0x173c [ 4627C1FBF2802425A408A2D2AF28CF85, 8B91C1BE1104BE93C0D689A20315FD106D89A076267493319B104EE73A90CDCB ] CNG C:\WINDOWS\system32\Drivers\cng.sys
10:28:22.0847 0x173c CNG - ok
10:28:22.0859 0x173c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
10:28:22.0860 0x173c CompositeBus - ok
10:28:22.0863 0x173c COMSysApp - ok
10:28:22.0866 0x173c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
10:28:22.0867 0x173c condrv - ok
10:28:22.0902 0x173c [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
10:28:22.0904 0x173c CryptSvc - ok
10:28:22.0911 0x173c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
10:28:22.0912 0x173c dam - ok
10:28:22.0953 0x173c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:28:22.0966 0x173c DcomLaunch - ok
10:28:22.0986 0x173c [ 78089FCDE082FD4FA471C30A7C2DC736, C4816D7125C39290C3B0B1F580CEE8BB7FFC004F727EA9E9767671D3EDB946AE ] defragsvc C:\WINDOWS\System32\defragsvc.dll
10:28:22.0993 0x173c defragsvc - ok
10:28:23.0012 0x173c [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:28:23.0018 0x173c DeviceAssociationService - ok
10:28:23.0034 0x173c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
10:28:23.0037 0x173c DeviceInstall - ok
10:28:23.0048 0x173c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
10:28:23.0050 0x173c Dfsc - ok
10:28:23.0067 0x173c [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
10:28:23.0073 0x173c Dhcp - ok
10:28:23.0086 0x173c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
10:28:23.0088 0x173c disk - ok
10:28:23.0098 0x173c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
10:28:23.0099 0x173c dmvsc - ok
10:28:23.0108 0x173c [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:28:23.0112 0x173c Dnscache - ok
10:28:23.0121 0x173c [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
10:28:23.0125 0x173c dot3svc - ok
10:28:23.0146 0x173c [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
10:28:23.0149 0x173c DPS - ok
10:28:23.0167 0x173c [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:28:23.0167 0x173c drmkaud - ok
10:28:23.0182 0x173c [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
10:28:23.0186 0x173c DsmSvc - ok
10:28:23.0226 0x173c [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:28:23.0249 0x173c DXGKrnl - ok
10:28:23.0261 0x173c [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
10:28:23.0264 0x173c Eaphost - ok
10:28:23.0350 0x173c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
10:28:23.0400 0x173c ebdrv - ok
10:28:23.0428 0x173c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
10:28:23.0430 0x173c EFS - ok
10:28:23.0444 0x173c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
10:28:23.0445 0x173c EhStorClass - ok
10:28:23.0458 0x173c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:28:23.0459 0x173c EhStorTcgDrv - ok
10:28:23.0466 0x173c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
10:28:23.0467 0x173c ErrDev - ok
10:28:23.0503 0x173c [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D, 4D9E779684D19137D43472CA18C8A955AD29C82C5F9D7C7E248A1400EE40EE59 ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
10:28:23.0504 0x173c esgiguard - ok
10:28:23.0515 0x173c [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
10:28:23.0516 0x173c etdrv - ok
10:28:23.0535 0x173c [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
10:28:23.0542 0x173c EventSystem - ok
10:28:23.0559 0x173c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
10:28:23.0562 0x173c exfat - ok
10:28:23.0575 0x173c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
10:28:23.0579 0x173c fastfat - ok
10:28:23.0622 0x173c [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:28:23.0632 0x173c Fax - ok
10:28:23.0655 0x173c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
10:28:23.0655 0x173c fdc - ok
10:28:23.0664 0x173c [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
10:28:23.0665 0x173c fdPHost - ok
10:28:23.0670 0x173c [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
10:28:23.0671 0x173c FDResPub - ok
10:28:23.0692 0x173c [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
10:28:23.0694 0x173c fhsvc - ok
10:28:23.0717 0x173c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
10:28:23.0719 0x173c FileInfo - ok
10:28:23.0726 0x173c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
10:28:23.0727 0x173c Filetrace - ok
10:28:23.0767 0x173c [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:28:23.0777 0x173c FLEXnet Licensing Service - ok
10:28:23.0782 0x173c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
10:28:23.0783 0x173c flpydisk - ok
10:28:23.0839 0x173c [ 46D1DF775FFF14585218BBE16E5B2C9A, F39EF615B18CEC7BA3F68C7639B636C06812AD9DBEDE90EB7B2C04C64396FC9E ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:28:23.0844 0x173c FltMgr - ok
10:28:23.0880 0x173c [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache C:\WINDOWS\system32\FntCache.dll
10:28:23.0903 0x173c FontCache - ok
10:28:23.0995 0x173c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:28:23.0996 0x173c FontCache3.0.0.0 - ok
10:28:24.0011 0x173c [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
10:28:24.0013 0x173c FsDepends - ok
10:28:24.0024 0x173c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:28:24.0025 0x173c Fs_Rec - ok
10:28:24.0042 0x173c [ B2BD017231836DA9F63F41E3A075D73E, 31B1DD677FE8B4F90B8AB5A131DA0105439AC2D91BC0CEDC972D2D87E595A686 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:28:24.0051 0x173c fvevol - ok
10:28:24.0059 0x173c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
10:28:24.0060 0x173c FxPPM - ok
10:28:24.0074 0x173c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
10:28:24.0075 0x173c gagp30kx - ok
10:28:24.0083 0x173c [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
10:28:24.0084 0x173c gdrv - ok
10:28:24.0108 0x173c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:28:24.0109 0x173c GEARAspiWDM - ok
10:28:24.0138 0x173c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
10:28:24.0139 0x173c gencounter - ok
10:28:24.0151 0x173c [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:28:24.0153 0x173c GPIOClx0101 - ok
10:28:24.0207 0x173c [ 58C11DCCC6241CC13861A559E31A69F0, 78B38BBC362C9209B06849CC79301EC595AFCE3E2BDE402A0B1F2725D3EDEFA3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
10:28:24.0227 0x173c gpsvc - ok
10:28:24.0268 0x173c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:28:24.0269 0x173c gupdate - ok
10:28:24.0274 0x173c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:28:24.0276 0x173c gupdatem - ok
10:28:24.0295 0x173c [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
10:28:24.0296 0x173c GVTDrv64 - ok
10:28:24.0335 0x173c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:28:24.0342 0x173c HdAudAddService - ok
10:28:24.0354 0x173c [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
10:28:24.0356 0x173c HDAudBus - ok
10:28:24.0363 0x173c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
10:28:24.0364 0x173c HidBatt - ok
10:28:24.0372 0x173c [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
10:28:24.0373 0x173c HidBth - ok
10:28:24.0384 0x173c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
10:28:24.0385 0x173c hidi2c - ok
10:28:24.0397 0x173c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
10:28:24.0398 0x173c HidIr - ok
10:28:24.0423 0x173c [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
10:28:24.0424 0x173c hidserv - ok
10:28:24.0431 0x173c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
10:28:24.0432 0x173c HidUsb - ok
10:28:24.0460 0x173c [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
10:28:24.0463 0x173c hkmsvc - ok
10:28:24.0476 0x173c [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:28:24.0481 0x173c HomeGroupListener - ok
10:28:24.0519 0x173c [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:28:24.0526 0x173c HomeGroupProvider - ok
10:28:24.0538 0x173c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
10:28:24.0539 0x173c HpSAMD - ok
10:28:24.0566 0x173c [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
10:28:24.0581 0x173c HTTP - ok
10:28:24.0589 0x173c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
10:28:24.0590 0x173c hwpolicy - ok
10:28:24.0600 0x173c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
10:28:24.0601 0x173c hyperkbd - ok
10:28:24.0612 0x173c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
10:28:24.0612 0x173c HyperVideo - ok
10:28:24.0619 0x173c [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
10:28:24.0621 0x173c i8042prt - ok
10:28:24.0626 0x173c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:28:24.0627 0x173c iaLPSSi_GPIO - ok
10:28:24.0637 0x173c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:28:24.0638 0x173c iaLPSSi_I2C - ok
10:28:24.0659 0x173c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
10:28:24.0669 0x173c iaStorAV - ok
10:28:24.0681 0x173c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
10:28:24.0687 0x173c iaStorV - ok
10:28:24.0712 0x173c [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
10:28:24.0715 0x173c ICCS - ok
10:28:24.0745 0x173c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:28:24.0747 0x173c IDriverT - ok
10:28:24.0750 0x173c IEEtwCollectorService - ok
10:28:24.0789 0x173c [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
10:28:24.0806 0x173c IKEEXT - ok
10:28:24.0817 0x173c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
10:28:24.0818 0x173c intelide - ok
10:28:24.0850 0x173c [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
10:28:24.0851 0x173c intelpep - ok
10:28:24.0867 0x173c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
10:28:24.0868 0x173c intelppm - ok
10:28:24.0882 0x173c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:28:24.0883 0x173c IpFilterDriver - ok
10:28:24.0928 0x173c [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
10:28:24.0943 0x173c iphlpsvc - ok
10:28:24.0984 0x173c [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:28:24.0986 0x173c IPMIDRV - ok
10:28:25.0012 0x173c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
10:28:25.0015 0x173c IPNAT - ok
10:28:25.0047 0x173c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:28:25.0057 0x173c iPod Service - ok
10:28:25.0065 0x173c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
10:28:25.0066 0x173c IRENUM - ok
10:28:25.0083 0x173c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
10:28:25.0084 0x173c isapnp - ok
10:28:25.0098 0x173c [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
10:28:25.0102 0x173c iScsiPrt - ok
10:28:25.0112 0x173c [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
10:28:25.0113 0x173c kbdclass - ok
10:28:25.0119 0x173c [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
10:28:25.0120 0x173c kbdhid - ok
10:28:25.0131 0x173c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
10:28:25.0132 0x173c kdnic - ok
10:28:25.0145 0x173c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
10:28:25.0146 0x173c KeyIso - ok
10:28:25.0161 0x173c [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
10:28:25.0162 0x173c KSecDD - ok
10:28:25.0180 0x173c [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:28:25.0183 0x173c KSecPkg - ok
10:28:25.0190 0x173c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
10:28:25.0191 0x173c ksthunk - ok
10:28:25.0218 0x173c [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
10:28:25.0225 0x173c KtmRm - ok
10:28:25.0255 0x173c [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
10:28:25.0261 0x173c LanmanServer - ok
10:28:25.0281 0x173c [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:28:25.0287 0x173c LanmanWorkstation - ok
10:28:25.0325 0x173c [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
10:28:25.0334 0x173c lfsvc - ok
10:28:25.0344 0x173c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
10:28:25.0345 0x173c lltdio - ok
10:28:25.0364 0x173c [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
10:28:25.0369 0x173c lltdsvc - ok
10:28:25.0376 0x173c [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
10:28:25.0378 0x173c lmhosts - ok
10:28:25.0391 0x173c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
10:28:25.0393 0x173c LSI_SAS - ok
10:28:25.0406 0x173c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
10:28:25.0408 0x173c LSI_SAS2 - ok
10:28:25.0422 0x173c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
10:28:25.0423 0x173c LSI_SAS3 - ok
10:28:25.0438 0x173c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
10:28:25.0439 0x173c LSI_SSS - ok
10:28:25.0481 0x173c [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
10:28:25.0493 0x173c LSM - ok
10:28:25.0532 0x173c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
10:28:25.0534 0x173c luafv - ok
10:28:25.0555 0x173c [ 4CB64D7458ABD8396BCD389A69C8FC80, 99B363E6A3C3920002F9FA98E2AAE42C24F072CA03CD5DD9DC8881EC495F3C93 ] lvpepf64 C:\WINDOWS\system32\DRIVERS\lv302a64.sys
10:28:25.0556 0x173c lvpepf64 - ok
10:28:25.0559 0x173c [ 0034F69D0007D3F77F6B96FA51228E85, 2A8B4ABF4AFE5E5F272678053399E3664D32F6CE2AEE34C8944C4E79973712A3 ] LVUSBS64 C:\WINDOWS\system32\DRIVERS\LVUSBS64.sys
10:28:25.0560 0x173c LVUSBS64 - ok
10:28:25.0578 0x173c [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
10:28:25.0579 0x173c MBAMProtector - ok
10:28:25.0619 0x173c [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:28:25.0625 0x173c MBAMScheduler - ok
10:28:25.0645 0x173c [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:28:25.0656 0x173c MBAMService - ok
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby c_rodes76 » May 2nd, 2014, 11:33 am

and here is the second half of the TDSSKiller report:


10:28:25.0684 0x173c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
10:28:25.0685 0x173c megasas - ok
10:28:25.0704 0x173c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
10:28:25.0713 0x173c megasr - ok
10:28:25.0739 0x173c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
10:28:25.0741 0x173c MMCSS - ok
10:28:25.0746 0x173c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
10:28:25.0747 0x173c Modem - ok
10:28:25.0751 0x173c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
10:28:25.0751 0x173c monitor - ok
10:28:25.0756 0x173c [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
10:28:25.0757 0x173c mouclass - ok
10:28:25.0765 0x173c [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
10:28:25.0766 0x173c mouhid - ok
10:28:25.0780 0x173c [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
10:28:25.0782 0x173c mountmgr - ok
10:28:25.0813 0x173c [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:28:25.0815 0x173c MozillaMaintenance - ok
10:28:25.0824 0x173c [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
10:28:25.0825 0x173c mpsdrv - ok
10:28:25.0851 0x173c [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
10:28:25.0865 0x173c MpsSvc - ok
10:28:25.0880 0x173c [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
10:28:25.0882 0x173c MRxDAV - ok
10:28:25.0908 0x173c [ C997E6A37BA8915224B3FB5024A34F69, 43E1B83072DF9E878151D276DDB6EB7B3801D72494C43E9B9ABECA4B2DCFD606 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:28:25.0914 0x173c mrxsmb - ok
10:28:25.0933 0x173c [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:28:25.0937 0x173c mrxsmb10 - ok
10:28:25.0949 0x173c [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:28:25.0952 0x173c mrxsmb20 - ok
10:28:25.0964 0x173c [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
10:28:25.0966 0x173c MsBridge - ok
10:28:25.0991 0x173c [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
10:28:25.0994 0x173c MSDTC - ok
10:28:26.0006 0x173c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:28:26.0007 0x173c Msfs - ok
10:28:26.0013 0x173c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:28:26.0014 0x173c msgpiowin32 - ok
10:28:26.0024 0x173c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:28:26.0025 0x173c mshidkmdf - ok
10:28:26.0028 0x173c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
10:28:26.0028 0x173c mshidumdf - ok
10:28:26.0054 0x173c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
10:28:26.0055 0x173c msisadrv - ok
10:28:26.0085 0x173c [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
10:28:26.0088 0x173c MSiSCSI - ok
10:28:26.0091 0x173c msiserver - ok
10:28:26.0103 0x173c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:28:26.0104 0x173c MSKSSRV - ok
10:28:26.0113 0x173c [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
10:28:26.0114 0x173c MsLldp - ok
10:28:26.0124 0x173c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:28:26.0125 0x173c MSPCLOCK - ok
10:28:26.0131 0x173c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:28:26.0131 0x173c MSPQM - ok
10:28:26.0146 0x173c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
10:28:26.0151 0x173c MsRPC - ok
10:28:26.0157 0x173c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
10:28:26.0158 0x173c mssmbios - ok
10:28:26.0167 0x173c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:28:26.0167 0x173c MSTEE - ok
10:28:26.0178 0x173c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
10:28:26.0179 0x173c MTConfig - ok
10:28:26.0189 0x173c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
10:28:26.0190 0x173c Mup - ok
10:28:26.0202 0x173c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
10:28:26.0203 0x173c mvumis - ok
10:28:26.0240 0x173c [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
10:28:26.0249 0x173c napagent - ok
10:28:26.0267 0x173c [ 647C7652FA19F98CADF2BFDA2164BFEC, 711A4A06309393922A70D7FBE5684938CD634F5DED158D847BFADDD5ACF9E44C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:28:26.0273 0x173c NativeWifiP - ok
10:28:26.0300 0x173c [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
10:28:26.0304 0x173c NcaSvc - ok
10:28:26.0314 0x173c [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
10:28:26.0318 0x173c NcbService - ok
10:28:26.0332 0x173c [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
10:28:26.0334 0x173c NcdAutoSetup - ok
10:28:26.0384 0x173c [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
10:28:26.0404 0x173c NDIS - ok
10:28:26.0421 0x173c [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
10:28:26.0422 0x173c NdisCap - ok
10:28:26.0431 0x173c [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
10:28:26.0433 0x173c NdisImPlatform - ok
10:28:26.0440 0x173c [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:28:26.0441 0x173c NdisTapi - ok
10:28:26.0450 0x173c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:28:26.0451 0x173c Ndisuio - ok
10:28:26.0460 0x173c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:28:26.0461 0x173c NdisVirtualBus - ok
10:28:26.0476 0x173c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:28:26.0480 0x173c NdisWan - ok
10:28:26.0485 0x173c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:28:26.0489 0x173c NdisWanLegacy - ok
10:28:26.0497 0x173c [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:28:26.0499 0x173c NDProxy - ok
10:28:26.0511 0x173c [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
10:28:26.0513 0x173c Ndu - ok
10:28:26.0520 0x173c [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:28:26.0521 0x173c NetBIOS - ok
10:28:26.0530 0x173c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:28:26.0535 0x173c NetBT - ok
10:28:26.0545 0x173c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:28:26.0546 0x173c Netlogon - ok
10:28:26.0584 0x173c [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
10:28:26.0589 0x173c Netman - ok
10:28:26.0613 0x173c [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
10:28:26.0622 0x173c netprofm - ok
10:28:26.0655 0x173c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:26.0657 0x173c NetTcpPortSharing - ok
10:28:26.0673 0x173c [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
10:28:26.0675 0x173c netvsc - ok
10:28:26.0691 0x173c [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
10:28:26.0698 0x173c NlaSvc - ok
10:28:26.0729 0x173c [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF C:\WINDOWS\system32\DRIVERS\npf.sys
10:28:26.0730 0x173c NPF - ok
10:28:26.0744 0x173c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:28:26.0745 0x173c Npfs - ok
10:28:26.0756 0x173c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
10:28:26.0757 0x173c npsvctrig - ok
10:28:26.0765 0x173c [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
10:28:26.0767 0x173c nsi - ok
10:28:26.0780 0x173c [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
10:28:26.0781 0x173c nsiproxy - ok
10:28:26.0833 0x173c [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:28:26.0864 0x173c Ntfs - ok
10:28:26.0890 0x173c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
10:28:26.0890 0x173c Null - ok
10:28:26.0919 0x173c [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
10:28:26.0922 0x173c NVHDA - ok
10:28:27.0220 0x173c [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
10:28:27.0414 0x173c nvlddmkm - ok
10:28:27.0440 0x173c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
10:28:27.0442 0x173c nvraid - ok
10:28:27.0449 0x173c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
10:28:27.0452 0x173c nvstor - ok
10:28:27.0482 0x173c [ 4D54C8D56111E4B7C86CF73E1CD8B4CB, 40822F785A2F2E9B149BEDBCF90C8C3C4F7EFE8FD5A908BDAD1C752ADE76D565 ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
10:28:27.0488 0x173c NvStUSB - ok
10:28:27.0538 0x173c [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
10:28:27.0555 0x173c nvsvc - ok
10:28:27.0609 0x173c [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:28:27.0633 0x173c nvUpdatusService - ok
10:28:27.0658 0x173c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
10:28:27.0660 0x173c nv_agp - ok
10:28:27.0692 0x173c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
10:28:27.0699 0x173c p2pimsvc - ok
10:28:27.0734 0x173c [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:28:27.0742 0x173c p2psvc - ok
10:28:27.0758 0x173c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
10:28:27.0760 0x173c Parport - ok
10:28:27.0771 0x173c [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
10:28:27.0773 0x173c partmgr - ok
10:28:27.0785 0x173c [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
10:28:27.0794 0x173c PcaSvc - ok
10:28:27.0826 0x173c [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\WINDOWS\system32\drivers\pci.sys
10:28:27.0830 0x173c pci - ok
10:28:27.0843 0x173c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
10:28:27.0843 0x173c pciide - ok
10:28:27.0853 0x173c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
10:28:27.0856 0x173c pcmcia - ok
10:28:27.0868 0x173c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
10:28:27.0869 0x173c pcw - ok
10:28:27.0888 0x173c [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
10:28:27.0889 0x173c pdc - ok
10:28:27.0926 0x173c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
10:28:27.0937 0x173c PEAUTH - ok
10:28:28.0005 0x173c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
10:28:28.0006 0x173c PerfHost - ok
10:28:28.0051 0x173c [ 37EA62238E17AE88E4713D9246CA1C1C, 3D0D62472C00526702F4FF699A06A9C944DF7618EBF59A44CBBC0EE6154BE64B ] PID_PEPI C:\WINDOWS\system32\DRIVERS\LV302V64.SYS
10:28:28.0068 0x173c PID_PEPI - ok
10:28:28.0117 0x173c [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
10:28:28.0140 0x173c pla - ok
10:28:28.0159 0x173c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
10:28:28.0162 0x173c PlugPlay - ok
10:28:28.0174 0x173c [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
10:28:28.0175 0x173c PNRPAutoReg - ok
10:28:28.0186 0x173c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
10:28:28.0192 0x173c PNRPsvc - ok
10:28:28.0222 0x173c [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
10:28:28.0229 0x173c PolicyAgent - ok
10:28:28.0264 0x173c [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
10:28:28.0267 0x173c Power - ok
10:28:28.0350 0x173c [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:28:28.0393 0x173c PrintNotify - ok
10:28:28.0412 0x173c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
10:28:28.0414 0x173c Processor - ok
10:28:28.0432 0x173c [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
10:28:28.0436 0x173c ProfSvc - ok
10:28:28.0465 0x173c [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
10:28:28.0468 0x173c Psched - ok
10:28:28.0503 0x173c [ 901DBA98359966A62A6548596988E931, 01EB45DC6B382A8F45BB2F4ECA8F89263CEE4BE1C412C94FFF706544942A74A8 ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
10:28:28.0504 0x173c PxHlpa64 - ok
10:28:28.0523 0x173c [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
10:28:28.0528 0x173c QWAVE - ok
10:28:28.0533 0x173c [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
10:28:28.0534 0x173c QWAVEdrv - ok
10:28:28.0544 0x173c [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:28:28.0545 0x173c RasAcd - ok
10:28:28.0556 0x173c [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:28:28.0559 0x173c RasAuto - ok
10:28:28.0599 0x173c [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:28:28.0608 0x173c RasMan - ok
10:28:28.0621 0x173c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:28:28.0622 0x173c RasPppoe - ok
10:28:28.0653 0x173c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:28:28.0659 0x173c rdbss - ok
10:28:28.0671 0x173c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
10:28:28.0672 0x173c rdpbus - ok
10:28:28.0689 0x173c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
10:28:28.0692 0x173c RDPDR - ok
10:28:28.0698 0x173c [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:28:28.0698 0x173c RdpVideoMiniport - ok
10:28:28.0741 0x173c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
10:28:28.0745 0x173c rdyboost - ok
10:28:28.0796 0x173c [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
10:28:28.0810 0x173c ReFS - ok
10:28:28.0840 0x173c [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:28:28.0845 0x173c RemoteAccess - ok
10:28:28.0851 0x173c [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:28:28.0856 0x173c RemoteRegistry - ok
10:28:28.0866 0x173c [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
10:28:28.0869 0x173c RpcEptMapper - ok
10:28:28.0905 0x173c [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:28:28.0906 0x173c RpcLocator - ok
10:28:28.0928 0x173c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:28:28.0940 0x173c RpcSs - ok
10:28:28.0985 0x173c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
10:28:28.0987 0x173c rspndr - ok
10:28:29.0021 0x173c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
10:28:29.0030 0x173c RTL8168 - ok
10:28:29.0045 0x173c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
10:28:29.0045 0x173c s3cap - ok
10:28:29.0053 0x173c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
10:28:29.0054 0x173c SamSs - ok
10:28:29.0066 0x173c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
10:28:29.0068 0x173c sbp2port - ok
10:28:29.0075 0x173c [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
10:28:29.0079 0x173c SCardSvr - ok
10:28:29.0084 0x173c [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
10:28:29.0088 0x173c ScDeviceEnum - ok
10:28:29.0117 0x173c [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:28:29.0118 0x173c scfilter - ok
10:28:29.0154 0x173c [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:28:29.0173 0x173c Schedule - ok
10:28:29.0203 0x173c [ 2A50BE713FAF033420466C25979C028E, 46EAF744B8EB23F5D134D63C4600EE46662FAB28282CD762945DFB448D2463B3 ] SCMNdisP C:\WINDOWS\system32\DRIVERS\scmndisp.sys
10:28:29.0203 0x173c SCMNdisP - ok
10:28:29.0237 0x173c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
10:28:29.0240 0x173c SCPolicySvc - ok
10:28:29.0256 0x173c [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
10:28:29.0260 0x173c sdbus - ok
10:28:29.0272 0x173c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
10:28:29.0273 0x173c sdstor - ok
10:28:29.0280 0x173c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
10:28:29.0280 0x173c secdrv - ok
10:28:29.0291 0x173c [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
10:28:29.0292 0x173c seclogon - ok
10:28:29.0300 0x173c [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
10:28:29.0303 0x173c SENS - ok
10:28:29.0310 0x173c [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
10:28:29.0315 0x173c SensrSvc - ok
10:28:29.0327 0x173c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
10:28:29.0328 0x173c SerCx - ok
10:28:29.0362 0x173c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
10:28:29.0364 0x173c SerCx2 - ok
10:28:29.0370 0x173c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
10:28:29.0371 0x173c Serenum - ok
10:28:29.0376 0x173c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
10:28:29.0378 0x173c Serial - ok
10:28:29.0386 0x173c [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
10:28:29.0387 0x173c sermouse - ok
10:28:29.0405 0x173c [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
10:28:29.0411 0x173c SessionEnv - ok
10:28:29.0428 0x173c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
10:28:29.0428 0x173c sfloppy - ok
10:28:29.0468 0x173c [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:28:29.0475 0x173c SharedAccess - ok
10:28:29.0497 0x173c [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:28:29.0509 0x173c ShellHWDetection - ok
10:28:29.0516 0x173c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:28:29.0517 0x173c SiSRaid2 - ok
10:28:29.0524 0x173c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
10:28:29.0526 0x173c SiSRaid4 - ok
10:28:29.0590 0x173c [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:28:29.0593 0x173c SkypeUpdate - ok
10:28:29.0602 0x173c [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
10:28:29.0603 0x173c smphost - ok
10:28:29.0634 0x173c [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
10:28:29.0636 0x173c SNMPTRAP - ok
10:28:29.0656 0x173c [ 87765EF43C33BE342F4ACB0E3FBF89A6, 3C1DDED7F96F796702F1BC73D5CEE5251DD16011AA349FE4EE1D9C002E0171C6 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
10:28:29.0662 0x173c spaceport - ok
10:28:29.0676 0x173c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
10:28:29.0677 0x173c SpbCx - ok
10:28:29.0704 0x173c [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe
10:28:29.0718 0x173c Spooler - ok
10:28:29.0880 0x173c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
10:28:29.0977 0x173c sppsvc - ok
10:28:30.0003 0x173c [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:28:30.0010 0x173c srv - ok
10:28:30.0037 0x173c [ E62EAEF0BAC9DD61BF22D4A7F2F18571, 910D85FDDBAF0E003A0CA0C23D27615F1B7D6145FB9E3A1661E93498196B303A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
10:28:30.0047 0x173c srv2 - ok
10:28:30.0066 0x173c [ 466BDC0006103F2547D308DD3CD64398, 334E0729B369C7F7CBB9878F423B53E05476D1288A8ECEB18240318ABF2370C1 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:28:30.0070 0x173c srvnet - ok
10:28:30.0100 0x173c [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:28:30.0105 0x173c SSDPSRV - ok
10:28:30.0116 0x173c [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
10:28:30.0120 0x173c SstpSvc - ok
10:28:30.0163 0x173c [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:28:30.0172 0x173c Steam Client Service - ok
10:28:30.0244 0x173c [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:28:30.0251 0x173c Stereo Service - ok
10:28:30.0257 0x173c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
10:28:30.0258 0x173c stexstor - ok
10:28:30.0296 0x173c [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
10:28:30.0307 0x173c stisvc - ok
10:28:30.0320 0x173c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
10:28:30.0322 0x173c storahci - ok
10:28:30.0335 0x173c [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
10:28:30.0336 0x173c storflt - ok
10:28:30.0349 0x173c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
10:28:30.0350 0x173c stornvme - ok
10:28:30.0357 0x173c [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
10:28:30.0359 0x173c StorSvc - ok
10:28:30.0366 0x173c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
10:28:30.0367 0x173c storvsc - ok
10:28:30.0378 0x173c [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
10:28:30.0380 0x173c svsvc - ok
10:28:30.0409 0x173c [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
10:28:30.0410 0x173c swenum - ok
10:28:30.0452 0x173c [ E3C92D60F6AD7763961D1E7628002844, A33EED7CB3EE0EF4890AAD095F989FCA7F44CA1055E03D3892AB543DEE74C9B6 ] swprv C:\WINDOWS\System32\swprv.dll
10:28:30.0464 0x173c swprv - ok
10:28:30.0528 0x173c [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
10:28:30.0564 0x173c SysMain - ok
10:28:30.0636 0x173c [ 90EF46C5E48B21087B6B4D07EDFDF6E3, EA3475774DB9269BBC7AE6E88984B0506EFEC8BCB30E5164FFEC6B2B95E2FB19 ] System Update kb70007 C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe
10:28:30.0637 0x173c System Update kb70007 - ok
10:28:30.0675 0x173c [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:28:30.0681 0x173c SystemEventsBroker - ok
10:28:30.0688 0x173c [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:28:30.0692 0x173c TabletInputService - ok
10:28:30.0708 0x173c [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:28:30.0714 0x173c TapiSrv - ok
10:28:30.0778 0x173c [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
10:28:30.0818 0x173c Tcpip - ok
10:28:30.0886 0x173c [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:28:30.0928 0x173c TCPIP6 - ok
10:28:30.0954 0x173c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
10:28:30.0955 0x173c tcpipreg - ok
10:28:30.0970 0x173c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
10:28:30.0972 0x173c tdx - ok
10:28:30.0980 0x173c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
10:28:30.0981 0x173c terminpt - ok
10:28:31.0012 0x173c [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\WINDOWS\System32\termsrv.dll
10:28:31.0030 0x173c TermService - ok
10:28:31.0043 0x173c [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
10:28:31.0046 0x173c Themes - ok
10:28:31.0072 0x173c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
10:28:31.0074 0x173c THREADORDER - ok
10:28:31.0085 0x173c [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
10:28:31.0090 0x173c TimeBroker - ok
10:28:31.0102 0x173c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
10:28:31.0105 0x173c TPM - ok
10:28:31.0119 0x173c [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
10:28:31.0123 0x173c TrkWks - ok
10:28:31.0168 0x173c [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:28:31.0169 0x173c TrustedInstaller - ok
10:28:31.0178 0x173c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
10:28:31.0180 0x173c TsUsbFlt - ok
10:28:31.0186 0x173c [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:28:31.0186 0x173c TsUsbGD - ok
10:28:31.0203 0x173c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
10:28:31.0206 0x173c tunnel - ok
10:28:31.0218 0x173c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
10:28:31.0219 0x173c uagp35 - ok
10:28:31.0228 0x173c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
10:28:31.0229 0x173c UASPStor - ok
10:28:31.0237 0x173c [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
10:28:31.0240 0x173c UCX01000 - ok
10:28:31.0259 0x173c [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
10:28:31.0264 0x173c udfs - ok
10:28:31.0278 0x173c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
10:28:31.0278 0x173c UEFI - ok
10:28:31.0313 0x173c [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
10:28:31.0315 0x173c UI0Detect - ok
10:28:31.0322 0x173c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
10:28:31.0323 0x173c uliagpkx - ok
10:28:31.0332 0x173c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
10:28:31.0333 0x173c umbus - ok
10:28:31.0343 0x173c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
10:28:31.0343 0x173c UmPass - ok
10:28:31.0355 0x173c [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
10:28:31.0361 0x173c UmRdpService - ok
10:28:31.0383 0x173c [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:28:31.0391 0x173c upnphost - ok
10:28:31.0408 0x173c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
10:28:31.0410 0x173c USBAAPL64 - ok
10:28:31.0439 0x173c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
10:28:31.0441 0x173c usbaudio - ok
10:28:31.0458 0x173c [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
10:28:31.0460 0x173c usbccgp - ok
10:28:31.0469 0x173c [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
10:28:31.0471 0x173c usbcir - ok
10:28:31.0476 0x173c [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
10:28:31.0478 0x173c usbehci - ok
10:28:31.0491 0x173c [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
10:28:31.0498 0x173c usbhub - ok
10:28:31.0518 0x173c [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
10:28:31.0526 0x173c USBHUB3 - ok
10:28:31.0535 0x173c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
10:28:31.0536 0x173c usbohci - ok
10:28:31.0548 0x173c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
10:28:31.0549 0x173c usbprint - ok
10:28:31.0583 0x173c [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:28:31.0585 0x173c USBSTOR - ok
10:28:31.0598 0x173c [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
10:28:31.0599 0x173c usbuhci - ok
10:28:31.0619 0x173c [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:28:31.0624 0x173c USBXHCI - ok
10:28:31.0636 0x173c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
10:28:31.0638 0x173c VaultSvc - ok
10:28:31.0648 0x173c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
10:28:31.0649 0x173c vdrvroot - ok
10:28:31.0688 0x173c [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
10:28:31.0711 0x173c vds - ok
10:28:31.0750 0x173c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
10:28:31.0753 0x173c VerifierExt - ok
10:28:31.0792 0x173c [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
10:28:31.0802 0x173c vhdmp - ok
10:28:31.0812 0x173c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
10:28:31.0812 0x173c viaide - ok
10:28:31.0818 0x173c [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
10:28:31.0820 0x173c vmbus - ok
10:28:31.0826 0x173c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
10:28:31.0826 0x173c VMBusHID - ok
10:28:31.0869 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
10:28:31.0879 0x173c vmicguestinterface - ok
10:28:31.0892 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
10:28:31.0900 0x173c vmicheartbeat - ok
10:28:31.0914 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
10:28:31.0924 0x173c vmickvpexchange - ok
10:28:31.0938 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
10:28:31.0948 0x173c vmicrdv - ok
10:28:31.0969 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
10:28:31.0979 0x173c vmicshutdown - ok
10:28:31.0992 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
10:28:32.0002 0x173c vmictimesync - ok
10:28:32.0015 0x173c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
10:28:32.0024 0x173c vmicvss - ok
10:28:32.0030 0x173c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
10:28:32.0032 0x173c volmgr - ok
10:28:32.0046 0x173c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
10:28:32.0051 0x173c volmgrx - ok
10:28:32.0092 0x173c [ 3595FBDF25F8BA6256072D103937D7D6, 547AA103804790E31F6E5658923627945948B48F36354EEA2FC0FE09098F9FD5 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
10:28:32.0097 0x173c volsnap - ok
10:28:32.0105 0x173c [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
10:28:32.0107 0x173c vpci - ok
10:28:32.0113 0x173c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
10:28:32.0115 0x173c vsmraid - ok
10:28:32.0150 0x173c [ 4957B27219515B93A508B91068B87BF5, 5B6B37A57FC8F4FC8B119C013338292550C63AB5295A596D382D8DCF26D751A2 ] VSS C:\WINDOWS\system32\vssvc.exe
10:28:32.0173 0x173c VSS - ok
10:28:32.0184 0x173c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
10:28:32.0189 0x173c VSTXRAID - ok
10:28:32.0204 0x173c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
10:28:32.0205 0x173c vwifibus - ok
10:28:32.0216 0x173c [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
10:28:32.0218 0x173c vwififlt - ok
10:28:32.0225 0x173c [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
10:28:32.0226 0x173c vwifimp - ok
10:28:32.0263 0x173c [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
10:28:32.0272 0x173c W32Time - ok
10:28:32.0283 0x173c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
10:28:32.0284 0x173c WacomPen - ok
10:28:32.0321 0x173c [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
10:28:32.0345 0x173c wbengine - ok
10:28:32.0392 0x173c [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
10:28:32.0401 0x173c WbioSrvc - ok
10:28:32.0420 0x173c [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
10:28:32.0427 0x173c Wcmsvc - ok
10:28:32.0468 0x173c [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
10:28:32.0477 0x173c wcncsvc - ok
10:28:32.0492 0x173c [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
10:28:32.0494 0x173c WcsPlugInService - ok
10:28:32.0526 0x173c [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
10:28:32.0527 0x173c WdBoot - ok
10:28:32.0547 0x173c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
10:28:32.0559 0x173c Wdf01000 - ok
10:28:32.0572 0x173c [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
10:28:32.0576 0x173c WdFilter - ok
10:28:32.0587 0x173c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
10:28:32.0590 0x173c WdiServiceHost - ok
10:28:32.0594 0x173c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
10:28:32.0597 0x173c WdiSystemHost - ok
10:28:32.0612 0x173c [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:28:32.0614 0x173c WdNisDrv - ok
10:28:32.0625 0x173c WdNisSvc - ok
10:28:32.0646 0x173c [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:28:32.0650 0x173c WebClient - ok
10:28:32.0666 0x173c [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
10:28:32.0671 0x173c Wecsvc - ok
10:28:32.0675 0x173c [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
10:28:32.0676 0x173c WEPHOSTSVC - ok
10:28:32.0706 0x173c [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
10:28:32.0710 0x173c wercplsupport - ok
10:28:32.0721 0x173c [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
10:28:32.0725 0x173c WerSvc - ok
10:28:32.0744 0x173c [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
10:28:32.0747 0x173c WFPLWFS - ok
10:28:32.0755 0x173c [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
10:28:32.0757 0x173c WiaRpc - ok
10:28:32.0767 0x173c [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
10:28:32.0767 0x173c WIMMount - ok
10:28:32.0769 0x173c WinDefend - ok
10:28:32.0797 0x173c [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:28:32.0810 0x173c WinHttpAutoProxySvc - ok
10:28:32.0846 0x173c [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:28:32.0850 0x173c Winmgmt - ok
10:28:32.0913 0x173c [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:28:32.0956 0x173c WinRM - ok
10:28:32.0979 0x173c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
10:28:32.0981 0x173c WinUsb - ok
10:28:33.0018 0x173c [ 5A917027826D759CC3238C7D3CEC3438, A8FFA28B6D8A314692AA08788FC9E2E0F03D8AD1FCD662826ABA71DB39C3605A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
10:28:33.0043 0x173c WlanSvc - ok
10:28:33.0087 0x173c [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
10:28:33.0113 0x173c wlidsvc - ok
10:28:33.0126 0x173c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
10:28:33.0127 0x173c WmiAcpi - ok
10:28:33.0150 0x173c [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:28:33.0153 0x173c wmiApSrv - ok
10:28:33.0169 0x173c WMPNetworkSvc - ok
10:28:33.0184 0x173c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
10:28:33.0187 0x173c Wof - ok
10:28:33.0228 0x173c [ 65C65F3BD784158C456E721DDC9F0EA2, CBD3ADFD960456BD4B9557BF691E12D31153499549F5D3D08258BD62013952ED ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
10:28:33.0254 0x173c workfolderssvc - ok
10:28:33.0261 0x173c [ C1F564F324685C088ECAB1933576CF91, 022F0EC160352AB73AF7DA557D1A5798964231B82C556F22F4163E8B3E4088B2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
10:28:33.0262 0x173c wpcfltr - ok
10:28:33.0271 0x173c [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
10:28:33.0273 0x173c WPCSvc - ok
10:28:33.0301 0x173c [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
10:28:33.0304 0x173c WPDBusEnum - ok
10:28:33.0308 0x173c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:28:33.0308 0x173c WpdUpFltr - ok
10:28:33.0320 0x173c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:28:33.0320 0x173c ws2ifsl - ok
10:28:33.0358 0x173c [ 515583507D3828E827FF6352C9ACCEFA, D0C42020FA787804DA26FE07D67C8880FE027A230BD9EB6A706862D89181F2BE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
10:28:33.0362 0x173c wscsvc - ok
10:28:33.0364 0x173c WSearch - ok
10:28:33.0443 0x173c [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
10:28:33.0496 0x173c WSService - ok
10:28:33.0535 0x173c [ E7C84A8A763C460FE182F4DCBC17B9DC, 5DDBBC88E34056ED8BD6E6C6B05B02593AB780C4FCC53D8A4AB919C226F23376 ] WSWNA3100 C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
10:28:33.0539 0x173c WSWNA3100 - ok
10:28:33.0618 0x173c [ 779FB2F26E4339A4DD3EEF57E4E593FA, 8B0369FDF52280EE9E03EE9FF9560FD7A404C14A95930C6AB5EC0FAAC3D57924 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
10:28:33.0671 0x173c wuauserv - ok
10:28:33.0682 0x173c [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
10:28:33.0684 0x173c WudfPf - ok
10:28:33.0692 0x173c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
10:28:33.0696 0x173c WUDFRd - ok
10:28:33.0724 0x173c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:28:33.0728 0x173c WUDFSensorLP - ok
10:28:33.0744 0x173c [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
10:28:33.0748 0x173c wudfsvc - ok
10:28:33.0755 0x173c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:28:33.0759 0x173c WUDFWpdFs - ok
10:28:33.0765 0x173c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:28:33.0769 0x173c WUDFWpdMtp - ok
10:28:33.0793 0x173c [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
10:28:33.0803 0x173c WwanSvc - ok
10:28:33.0810 0x173c ================ Scan global ===============================
10:28:33.0843 0x173c [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
10:28:33.0858 0x173c [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
10:28:33.0872 0x173c [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
10:28:33.0909 0x173c [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
10:28:33.0916 0x173c [ Global ] - ok
10:28:33.0916 0x173c ================ Scan MBR ==================================
10:28:33.0925 0x173c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:28:34.0163 0x173c \Device\Harddisk0\DR0 - ok
10:28:34.0163 0x173c ================ Scan VBR ==================================
10:28:34.0165 0x173c [ 1AF6D3BE25BCC83B0C82F4A585AC2E97 ] \Device\Harddisk0\DR0\Partition1
10:28:34.0213 0x173c \Device\Harddisk0\DR0\Partition1 - ok
10:28:34.0214 0x173c [ 624B6C6E5DBA87BAC25FBB1BC2BB54B2 ] \Device\Harddisk0\DR0\Partition2
10:28:34.0258 0x173c \Device\Harddisk0\DR0\Partition2 - ok
10:28:34.0258 0x173c Waiting for KSN requests completion. In queue: 115
10:28:35.0266 0x173c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x61100 ( enabled : updated )
10:28:35.0268 0x173c Win FW state via NFP2: enabled
10:28:37.0698 0x173c ============================================================
10:28:37.0698 0x173c Scan finished
10:28:37.0698 0x173c ============================================================
10:28:37.0703 0x12fc Detected object count: 0
10:28:37.0703 0x12fc Actual detected object count: 0
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby c_rodes76 » May 2nd, 2014, 11:33 am

Acciedentally posted the second half of the report twice, so this post is just an edit of the accidental post. Disregard.
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am

Re: So much adware

Unread postby nunped » May 3rd, 2014, 8:54 am

Hi c_rodes76,

Are you experiencing the pop-ups in all your browsers? Internet explorer, Chrome or Firefox?

Please run this Fix with FRST:
  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, Do not include the words Code: select all
    • (Click the select all button next to code to select the entire script).
    Code: Select all
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CMD: ipconfig /flushdns
    
  • Save it next to FRST.exe as filename fixlist.txt.
  • NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are saved in the same location or the fix will not work.
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • Press the Fix button just once. Then wait.
  • When finished, it will create a Fixlog.txt log on your Desktop.
  • Please post the content of the Fixlog.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: So much adware

Unread postby c_rodes76 » May 3rd, 2014, 9:42 am

Hi nunped -

The pop-ups show up on all my browsers. I checked the extensions on each browser and found that there are 4 extensions on IE (Adobe PDF Link Helper, Shockwave Flash Object, Java(tm) Plug-In 2 SSV Helper, and Java(tm) Plug-in SSV Helper). Firefox has 9 extensions (Adobe Acrobat, Google Update, iTunes Application Detector, Java Deployment Toolkit, Java(TM) Platform SE 7 U55, NVIDIA 3D Vision, NVIDIA 3D VISION, QuickTime Plug-in, and Shockwave Flash). Google Chrome has 0 extensions listed. I can choose to "not activate" the add-ons, but "remove" is not an option. These extensions weren't in here when I originally posted this topic, but they could very well be the cause of my problems.


Here is the Fixlog.txt report:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2014
Ran by c.rodes76 at 2014-05-03 08:37:08 Run:1
Running from C:\Users\c.rodes76\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CMD: ipconfig /flushdns
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog ====



After the fix, browsers still run the same.
c_rodes76
Regular Member
 
Posts: 28
Joined: April 28th, 2014, 9:35 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 18 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware