Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I need help.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:56 pm

========== Files - Modified Within 30 Days ==========

[2015/04/25 16:08:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8bc71ad7a3b9.job
[2015/04/25 15:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/25 13:06:53 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/25 13:06:53 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/25 12:58:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/25 12:58:37 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2015/04/25 12:58:27 | 2133,676,031 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/25 12:57:20 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dat
[2015/04/25 11:52:22 | 000,000,020 | ---- | M] () -- C:\Users\MARK\AppData\Roaming\appdataFr3.bin
[2015/04/24 00:31:03 | 000,001,122 | ---- | M] () -- C:\Users\MARK\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2015/04/24 00:31:03 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2015/04/24 00:26:44 | 000,058,696 | ---- | M] (AOL Inc.) -- C:\Windows\SysWow64\AOLParconLink.exe
[2015/04/23 22:25:27 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/04/23 22:25:27 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/23 21:39:14 | 000,000,406 | ---- | M] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2015/04/23 19:36:56 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2015/04/23 18:46:18 | 005,009,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/04/23 17:39:10 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-MARK-PC-Windows-7-Home-Premium-(64-bit).dat
[2015/04/23 16:30:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2015/04/23 16:24:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2015/04/17 20:33:56 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/04/17 17:33:25 | 000,001,716 | ---- | M] () -- C:\Users\MARK\Desktop\SUPERAntiSpyware Alternate Start.lnk
[2015/04/16 18:17:33 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/10 12:46:32 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/09 12:16:35 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2015/04/04 18:02:36 | 000,000,900 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2015/04/04 12:59:20 | 000,001,000 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
[2015/04/04 12:59:18 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015/04/04 12:59:18 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Transfer Utility.lnk
[2015/04/04 12:59:17 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator NXT Pro.lnk
[2015/04/04 12:59:17 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\RealProducer Plus.lnk
[2015/04/04 12:59:17 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\SMPlayer.lnk
[2015/04/04 12:59:16 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Nero Blu-ray Player.lnk
[2015/04/04 12:59:16 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\Order Dell Inkjet Printer Supplies.lnk
[2015/04/04 12:59:16 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2015/04/04 12:59:14 | 000,002,154 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2015/04/04 12:59:13 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/04 12:59:13 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\LeapFrog Connect.lnk
[2015/04/04 11:28:41 | 000,000,898 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Transfer Utility Camera Monitor.lnk
[2015/04/04 11:27:09 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015/04/01 16:20:35 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/01 16:20:35 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/01 16:20:35 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/03/31 20:42:38 | 000,774,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/03/31 20:36:55 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015/03/31 20:36:55 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015/03/28 14:46:15 | 000,001,202 | ---- | M] () -- C:\Users\Public\Desktop\Golden Videos VHS to DVD Converter.lnk
[2015/03/28 13:16:53 | 000,005,013 | ---- | M] () -- C:\ProgramData\wmzddnmb.cix
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm
Advertisement
Register to Remove

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:57 pm

========== Files Created - No Company Name ==========

[2015/04/25 12:57:20 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2015/04/25 12:55:40 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2015/04/23 21:39:14 | 000,000,406 | ---- | C] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2015/04/23 19:44:38 | 000,001,122 | ---- | C] () -- C:\Users\MARK\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.7.lnk
[2015/04/23 19:44:38 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\AOL Desktop 9.7.lnk
[2015/04/23 19:44:26 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/23 19:36:56 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2015/04/23 17:39:10 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MARK-PC-Windows-7-Home-Premium-(64-bit).dat
[2015/04/23 16:30:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2015/04/23 16:24:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2015/04/17 17:33:25 | 000,001,716 | ---- | C] () -- C:\Users\MARK\Desktop\SUPERAntiSpyware Alternate Start.lnk
[2015/04/09 12:16:35 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Garmin Express.lnk
[2015/04/08 22:08:34 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/08 22:08:33 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/04/04 11:27:09 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015/03/28 14:46:15 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Golden Videos VHS to DVD Converter.lnk
[2015/03/28 14:46:15 | 000,001,202 | ---- | C] () -- C:\Users\Public\Desktop\Golden Videos VHS to DVD Converter.lnk
[2015/03/28 13:16:53 | 000,005,013 | ---- | C] () -- C:\ProgramData\wmzddnmb.cix
[2015/03/17 16:32:22 | 000,000,020 | ---- | C] () -- C:\Users\MARK\AppData\Roaming\appdataFr3.bin
[2014/01/21 21:41:52 | 000,057,344 | ---- | C] () -- C:\Windows\StkUnist.exe
[2013/11/22 13:41:04 | 000,394,272 | ---- | C] () -- C:\Windows\SysWow64\x64v05.dll
[2013/11/22 13:41:02 | 000,283,680 | ---- | C] () -- C:\Windows\SysWow64\prntjpg.dll
[2013/11/21 13:22:05 | 000,099,384 | ---- | C] () -- C:\Users\MARK\AppData\Roaming\inst.exe
[2013/11/21 13:22:05 | 000,007,859 | ---- | C] () -- C:\Users\MARK\AppData\Roaming\pcouffin.cat
[2013/11/21 13:22:05 | 000,001,167 | ---- | C] () -- C:\Users\MARK\AppData\Roaming\pcouffin.inf
[2013/08/07 11:57:50 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2013/06/05 13:25:28 | 000,000,405 | ---- | C] () -- C:\Windows\dellstat.ini
[2013/06/05 13:25:07 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbaserv.dll
[2013/06/05 13:25:07 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbausb1.dll
[2013/06/05 13:25:07 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbahbn3.dll
[2013/06/05 13:25:07 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbacomc.dll
[2013/06/05 13:25:07 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbapmui.dll
[2013/06/05 13:25:07 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbalmpm.dll
[2013/06/05 13:25:07 | 000,538,096 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbacoms.exe
[2013/06/05 13:25:07 | 000,479,232 | ---- | C] () -- C:\Windows\SysWow64\dlbajswr.dll
[2013/06/05 13:25:07 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbacomm.dll
[2013/06/05 13:25:07 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\dlbautil.dll
[2013/06/05 13:25:07 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbainpa.dll
[2013/06/05 13:25:07 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbaiesc.dll
[2013/06/05 13:25:07 | 000,386,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbaih.exe
[2013/06/05 13:25:07 | 000,382,448 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbacfg.exe
[2013/06/05 13:25:07 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\DLBAhcp.dll
[2013/06/05 13:25:07 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\DLBAinst.dll
[2013/06/05 13:25:07 | 000,181,744 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbappls.exe
[2013/06/05 13:25:07 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbaprox.dll
[2013/06/05 13:25:07 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\dlbainsb.dll
[2013/06/05 13:25:07 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\dlbains.dll
[2013/06/05 13:25:07 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbapplc.dll
[2013/06/05 13:25:07 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\dlbacur.dll
[2013/06/05 13:25:07 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dlbainsr.dll
[2013/06/05 13:25:07 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\dlbacu.dll
[2013/05/16 15:25:30 | 000,076,032 | ---- | C] () -- C:\Users\MARK\AppData\Local\rx_audio.Cache
[2013/05/11 14:35:19 | 000,000,900 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2013/05/05 13:22:02 | 000,005,067 | ---- | C] () -- C:\ProgramData\xgneqrwu.hrx
[2013/02/22 20:31:13 | 000,001,800 | ---- | C] () -- C:\Users\MARK\AppData\Local\rx_image32.Cache
[2012/07/30 22:10:28 | 000,002,462 | ---- | C] () -- C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag
[2012/03/14 22:50:38 | 000,103,784 | ---- | C] () -- C:\Users\MARK\GoToAssistDownloadHelper.exe
[2011/02/08 20:18:45 | 000,072,080 | ---- | C] () -- C:\Users\MARK\g2mdlhlpx.exe
[2009/11/06 19:46:29 | 000,000,397 | ---- | C] () -- C:\Users\MARK\T;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
[2008/03/14 19:47:01 | 000,000,014 | ---- | C] () -- C:\Users\MARK\USB
[2006/04/19 14:06:35 | 000,000,176 | ---- | C] () -- C:\Users\MARK\default.pls
[2006/02/19 19:46:51 | 000,000,633 | -H-- | C] () -- C:\Users\MARK\IPH.BAK
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:57 pm

========== ZeroAccess Check ==========

[2013/06/20 12:17:52 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/03/13 18:12:39 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/03/13 18:12:39 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/02/24 20:26:09 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Garmin
[2015/02/24 20:26:09 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Garmin
[2015/03/31 20:28:04 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\AnvSoft
[2013/07/18 22:16:20 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Apowersoft
[2015/03/15 18:43:05 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\asoftech
[2015/04/23 16:18:23 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Audacity
[2014/04/18 21:59:16 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Brorsoft
[2012/11/10 19:40:58 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/11/10 15:23:45 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2015/03/29 20:33:52 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Digiarty
[2014/11/05 12:24:45 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Dropbox
[2013/11/18 00:35:02 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\DVDVideoSoft
[2012/02/28 13:45:01 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Fingertapps
[2013/07/10 23:39:28 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Game-Cloner
[2014/09/26 22:19:39 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Garmin
[2015/03/06 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\HandBrake
[2015/04/23 21:46:09 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\iolo
[2015/03/28 13:21:52 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\MOVAVI
[2013/04/02 16:04:42 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\MPEG Streamclip
[2013/05/01 19:37:02 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Open Download Manager
[2012/12/09 20:27:59 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\OverDrive
[2012/11/10 19:27:37 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\PDAppFlex
[2013/08/17 01:30:34 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Publish Providers
[2014/09/26 17:23:51 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\ShopAtHome.com BrowserAppCore Service
[2013/11/18 17:14:39 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\SoftGrid Client
[2013/04/11 19:26:07 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Sony
[2012/11/10 19:31:13 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/03/14 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\StreamTorrent
[2013/08/11 13:18:06 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Systenance
[2012/02/05 20:01:24 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\TP
[2012/03/30 16:19:05 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Unity
[2013/08/26 18:31:22 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\uPlayer
[2015/03/11 17:46:01 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Vso
[2014/02/13 14:58:04 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\W Photo Studio Viewer
[2014/09/05 13:53:09 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Windows
[2012/03/12 20:55:10 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Windows Live Writer
[2014/01/25 14:14:42 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Wondershare Video Converter Ultimate
[2013/04/19 13:32:32 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Xilisoft
[2013/04/03 15:54:24 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:6DDED7D9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:367BF129

< End of report >
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:57 pm

OTL Extras logfile created on: 4/25/2015 4:09:43 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MARK\Desktop\MM
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.45 Gb Available Physical Memory | 68.33% Memory free
15.96 Gb Paging File | 13.39 Gb Available in Paging File | 83.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.47 Gb Total Space | 51.61 Gb Free Space | 11.41% Space Free | Partition Type: NTFS

Computer Name: MARK-PC | User Name: MARK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2130412082-872510349-2259372935-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:58 pm

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02AF2AB3-7153-4CB7-8DCC-D43188968CD9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0754C636-8B89-4060-8099-71F2A7AE55A4}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{1D872F7D-7184-472B-859E-C4A42A481FFF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21AA3C14-E278-4654-875D-EC12B41BDF4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2697CC0D-B007-4D90-9D3C-2619887DEB1D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{29D47772-BB23-44EB-BA4E-F6B109D19039}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3B1323A5-C8C7-47B1-AD7F-DED5CF6AA864}" = lport=138 | protocol=17 | dir=in | app=system |
"{3DB48790-8D0A-4E5F-B082-A4D5542AA370}" = lport=139 | protocol=6 | dir=in | app=system |
"{496181DC-2CF4-442F-B8A1-04DE69D8978F}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{5016B730-A4A7-40AF-B54E-5884BEDAA227}" = rport=138 | protocol=17 | dir=out | app=system |
"{76B3AE15-33D0-42F7-B685-091D7FBC35A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{808DA333-BA71-4C13-907C-A7C6B11AC693}" = rport=445 | protocol=6 | dir=out | app=system |
"{81E41F8C-74BF-43A3-AB34-4416EDDEA7AE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8807EE42-E68B-4ED2-97EF-2F6E31C9A27E}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{91153548-46CA-4BF1-AF6F-B53FDD4636A1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A1BDCD19-450B-4ADE-A9A6-0228983C48B3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A817E45C-168E-4F75-88C6-1858ADE97178}" = rport=139 | protocol=6 | dir=out | app=system |
"{AB09EF36-BF80-4488-A940-B48B3B6C2B82}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{B10E23E7-6D2C-445C-A061-97A43C22591C}" = lport=137 | protocol=17 | dir=in | app=system |
"{B44B6856-CAD7-407E-A1DC-E6730E1D1125}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFA54F74-3EB3-4453-B01E-4A3CD54ACCE2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C15992BE-72DB-4282-9C61-CE370B99DF01}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D4C19B12-DA08-4DD6-962B-6993287449AB}" = rport=137 | protocol=17 | dir=out | app=system |
"{D8D2685B-7430-4513-BCA9-AEE1FD91054F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E25F6DBD-60A0-4205-9B50-6D2C478BC0D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E8077E2B-7A09-46CE-BE81-0D23F41AE9B9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EE50A8D6-6A4F-4B73-90ED-98AECE3B31A2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{F2089707-4690-415D-B5B6-45A2C13E5C58}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016DD3AD-D6BE-420F-BA3D-135F59EB1347}" = protocol=6 | dir=out | app=system |
"{017016BC-B955-4DC7-B8C2-D06FBFFFC8E8}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{020A6345-A225-45DF-A465-59CE9BA3C1DC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1429832463\ee\aolsoftware.exe |
"{0E1AA5E0-46BF-4743-B573-2F93934D06DF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0FBB8A8E-59CC-45A8-A1B8-15AFA4EE3D70}" = protocol=17 | dir=in | app=c:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe |
"{1156D55C-0C48-4034-B005-0C8518F66DE7}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{14A036CA-5E8F-41E2-851D-E03C8E0FD488}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbapswx.exe |
"{1AF0A7D2-9761-49D9-87D0-78CCEB78D649}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbapswx.exe |
"{1C4BB83D-8C4A-4EC5-8B9D-E005DBEDD104}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{20CA6597-1802-4DA1-95D4-FB9CD0DD405D}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{23FBCDCD-C760-4B6B-8A43-70C4EE0F91D5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BBD9356-0DFA-483B-A346-5C87E32438B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C34C2FF-5453-4EF0-9185-E955B01EA231}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2D4C6527-9901-4101-A9DB-16B507AC9286}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{3079C378-5230-43A2-A980-ABC95799D968}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1429832463\ee\aolsoftware.exe |
"{30CE7B9D-D13E-4CBC-9749-075EF75542D3}" = protocol=6 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{3FB5BF84-86D6-40C1-A8F8-6E66137CFA10}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{41A38BDC-CDBB-468D-AD5D-67402236BC5B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{452967D4-A520-48E7-9614-153B20ADF4D0}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{48370483-FA69-4088-A6B5-8B1998797163}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{48478190-D0E5-4403-B6CF-7FF0A514000F}" = protocol=17 | dir=in | app=c:\windows\syswow64\dlbacoms.exe |
"{4D1AB598-AD1A-41B5-B665-899F7151FEA0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4D1CBC80-DF38-4710-870A-D0AE80AC2790}" = protocol=17 | dir=in | app=c:\program files (x86)\dell aio printer a940\dlbaaiox.exe |
"{50397EE7-8F41-4779-B2B5-7EAB9675EB4E}" = protocol=6 | dir=in | app=c:\windows\syswow64\dlbacoms.exe |
"{51F3D262-C7A8-4521-BF08-8389E1A63BF1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{58E02CF4-8281-4C01-8819-E7A7B26C92C3}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{5A0BEDEB-0919-49ED-BF9D-F6BDFFA5E1FC}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe |
"{5C22DDFA-4BD7-49BA-9A06-BA69D0F5BF18}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5F009615-A427-4878-89CE-9163A84E2017}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60DEE51D-3AAC-407F-853E-198871ECDBC7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6F71B772-77F9-442A-9580-27885EEFE5E3}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{700CDB56-961D-4577-AF1A-1538EBC5DE2A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{7B5F26CB-9AB6-49E6-947B-D621386EDAFA}" = protocol=6 | dir=in | app=c:\users\mark\appdata\roaming\dropbox\bin\dropbox.exe |
"{82A3D39E-6463-49E5-BCAC-A4ABD177DFA5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{861DAD6D-6FE2-4B04-BA86-B61138B5D8E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{89044ED6-688E-4710-A789-761A1719D5F5}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{89F7BD7B-26F8-4FDC-BD16-38B73717CB84}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{8E26B2A5-DA9F-4562-BBB6-CC82D3BD37B8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{8EDF948C-D99E-4B44-B91F-DE6C91594DD8}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{95F089FE-ECE6-4621-A031-184F7B668CD0}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe |
"{9B586E2C-3E1D-4BC9-B425-91065C89FF1A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9DDB8D13-B2A2-49D0-8CB3-99D2480C3A1E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{A499FC28-A7FF-4CE0-A8FA-3D9EA11740C4}" = protocol=17 | dir=in | app=c:\program files (x86)\dell aio printer a940\dlbamon.exe |
"{A6BDADEF-FB94-41B4-9E59-47CCAE2BA3BA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{AAFD8CE1-4DA1-41B9-BFD1-D52E7768108D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ACB42813-E1EE-4540-B91A-8F48C10852BE}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{ADE90081-FAC9-49F2-B763-7D28A8B02A90}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{B439A7C9-808D-4B3C-8953-2D162A362E8E}" = protocol=17 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{B6D8C269-6F5B-4BE1-9D6B-2152DB093A96}" = protocol=6 | dir=in | app=c:\program files (x86)\dell aio printer a940\dlbaaiox.exe |
"{BA166F8C-FCB8-40DD-85E8-7CB62D46AB99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C0B38D58-D514-4D30-9605-E35058722055}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C5374092-D569-446F-AF68-4A6BDE9F9647}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{CD1E61A8-17AF-40D9-A307-14FFD81F2944}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{CF1FFB96-2A00-41C9-BD35-31DC4623482F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1F9229E-88ED-4694-ACAA-4E2E3EC53E48}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D2FEA57F-FDE1-4210-8B25-1DC1E6D375AE}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe |
"{D3183B7A-5D68-40A5-8B9E-99FD0C547499}" = protocol=6 | dir=in | app=c:\program files (x86)\dell aio printer a940\dlbamon.exe |
"{D48AFF8E-D8E8-4F35-B3F6-3F87B3CBB54F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DA636939-D4A9-4331-A77F-E215C44CF718}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{DD4009E1-E38A-4958-A92F-2317EDDE9ED5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{E08BC185-E6D3-42DD-BA24-633A3A2D7503}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E0F1E95D-1D44-4B30-9011-047A46517505}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E3D17588-C70F-4B21-B1FD-890AC36F326A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E47725B1-793E-47F8-A51D-D47915077E97}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{E827E047-FA60-4340-8DBB-DA1D5AA5A4A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E92BE174-3350-4BBC-A925-A68085BD073B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ECCDE97F-8F93-4685-B27F-7A8EE59FEA1E}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F0A07444-B1C2-45A2-9032-6157E2A12785}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{F0B5DAF9-37B6-40C8-A8E7-C1A5F7C7F366}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCD9C88D-4190-4000-897A-3D29D054B6CC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FD323552-DB7B-482A-A79A-A1F356477766}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe |
"{FFBB9CDF-324A-42BF-A99E-8F3694366730}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{F795279E-2B88-48DE-9392-482B9D6155FF}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{2D9183FD-B926-4F34-83B7-37336ED21EE1}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:58 pm

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}" = WordPerfect Office IFilter 64-bit
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft Mouse and Keyboard Center
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{431CE782-4C51-4996-B36F-5D98D5527538}" = ANT Drivers Installer x64
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{632DCE79-2711-4B07-BB89-DA763E96840C}" = Roxio Virtual Drive x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E80CBF1-318E-4172-BC19-69AFAF613C5E}" = WordPerfect Office X7 - WPD format Props x64
"{70A381F1-C161-4D61-A20C-BE12FC6777DF}" = Garmin Communicator Plugin x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}" = MSVCRT Redists
"{B2913230-094D-4F41-9EEF-CE9571C450D8}" = SpyroPortalDriver
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"Dell AIO Printer A940" = Dell AIO Printer A940
"DW WLAN Card" = DW WLAN Card
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"PC-Doctor for Windows" = Dell Support Center

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{64A329FC-D1B2-4354-922D-21F7EC777E10}" = WordPerfect Office X7
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}" = RealNetworks - Microsoft Visual C++ 2005 Runtime
"{03CF7E84-3BA1-4AF3-9C0A-91651042301D}" = WordPerfect Office X7 - System Files
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0ECE15AC-CB68-40EC-B70D-1B220717844C}" = Transfer Utility
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F0E68E9-9463-4087-B211-E80FAC5F9BC6}" = Garmin City Navigator North America NT 2015.30
"{0FDA803E-FF58-47A0-BD3E-751E82C1E637}" = WordPerfect Office X7 - IPM Content TBYB
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12CCAA2D-3B13-49C1-A252-4A4C2A73BB6B}" = Roxio CinePlayer Decoder Pack
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1D91CBB5-4CB1-4757-B0FD-2122AF8AAB9E}" = Garmin Express Tray
"{1DF03ECE-6AF4-414E-B118-C316F151A9A2}" = WordPerfect Office IFilter 32-bit
"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2557C300-2B7E-4B18-9596-5FEE3B44A01C}_is1" = eLecta Live Virtual Room 8.0
"{25CD143B-C6D3-451A-9171-D10B79024DA3}" = WordPerfect Office X7 - Presentations Files
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CE76FE3-7450-4236-8BFC-F0C54776C278}" = WordPerfect Office X7 - Common Files English
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3231B80A-455C-497a-8425-3E44C006D76C}_is1" = Brorsoft Video Converter Ver 1.4.0.5345
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C873221-12B9-475D-8DCB-62D0B2179AF9}" = USB2.0 ATV
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40D356C5-3A12-488B-86BD-74E7ED15DC9C}" = LeapFrog Tag Plugin
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4CD51492-D68C-49AC-9692-29FCC19FBC26}" = Triple Scoop Music
"{50755d67-ae60-4e47-b3d6-ce44d01b5a95}" = Garmin Express
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5592E1D8-4120-4382-A33B-851F9D8555F8}" = WordPerfect Office X7 - Lightning Files
"{56E50D72-9986-4AFF-80B2-6C3DAEB0A17D}" = WordPerfect Office X7 - WT
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{613E0552-0ED4-4C0C-A490-97874945B03B}" = WordPerfect Office X7 - Presentations Files English
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64A329FC-D1B2-4354-922D-21F7EC777E10}" = WordPerfect Office X7 - Setup Files
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6935C750-2D8C-4705-B4F9-052F550D225D}" = RealDownloader
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}" = Graboid Video 3.89 Setup
"{6CDCEC53-AB50-4C02-A4BA-D158B773775D}" = WordPerfect Office X7 - Common Files
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F671CD6-781C-4B81-92AA-62A723CDFCF8}" = WordPerfect Office X7 - WordPerfect Files
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71DBFBF2-F7EB-4268-8485-9471D83C4E66}" = Garmin Communicator Plugin
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E73C9A3-24D9-4D7F-B4C7-7E4AFE0ADCCB}" = Elevated Installer
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E38D688-E74E-4FEB-8038-A8AB586315A0}" = Garmin BaseCamp
"{9FB8EC5B-03EE-463E-8F4F-84B525B986B7}" = Garmin Express
"{A05A9AA4-47FC-4129-A136-943392F9CF24}" = WordPerfect Office X7 - Oxford
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A40DE737-F83F-420D-8538-67503B3D6FAF}" = WordPerfect Office X7 - Lightning Files English
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{ABCFB24D-9DAE-4131-B7DC-F3CF98CA08EF}" = WordPerfect Office X7 - Quattro Pro Files English
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10)
"{AE1EC58E-B2AC-4959-A4C2-C38202A25239}" = Garmin WebUpdater
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B3054341-08CA-4E7E-88D5-D48660AC2F90}" = Roxio Central
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C6BD6E08-E687-4D63-BBF1-ADFD1B9A2CC8}" = WordPerfect Office X7 - WordPerfect Files English
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC915001-1639-4D1B-B0A1-A7AC70C99179}" = Roxio Creator NXT Pro
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D31FAB7F-451F-4F6E-B268-69DD38434663}" = WordPerfect Office X7
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DC9446F7-A459-48E0-A392-7CA1F6DDB445}" = WordPerfect Office X7 - Quattro Pro Files
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE008D2E-2747-413A-A4B1-1CA4078E1E7D}" = Roxio VHS Capture Driver
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F9233F02-5617-4BDC-8EC6-4B798EDFE6F4}" = LeapFrog Connect
"{FB394C2D-1059-4F94-B57F-B118D53CD134}" = WordPerfect Office X7 - IPM TBYB
"{FBC1AA91-28E4-4577-8057-3CA7D7D7677F}" = Roxio Creator NXT Pro
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCDB42FC-A70B-4041-877F-D73E16DE4345}" = Garmin City Navigator North America NT 2015.10
"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"Any Video Converter Ultimate_is1" = Any Video Converter Ultimate 5.5.8
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Disketch" = Disketch Disc Label Software
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 25th, 2015, 4:59 pm

"Excel" = Microsoft Excel 97
"GoldenVideos" = Golden Videos VHS to DVD Converter
"Google Chrome" = Google Chrome
"Graboid Video" = Graboid Video 3.89
"HandBrake" = HandBrake 0.10.0
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"LAME_is1" = LAME v3.99.3 (for Windows)
"McAfee Virtual Technician" = McAfee Virtual Technician
"Mozilla Firefox 37.0.2 (x86 en-US)" = Mozilla Firefox 37.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPlayer" = MPlayer (remove only)
"MSC" = McAfee Total Protection
"Outlook" = Microsoft Outlook 97
"RealPlayer 16.0" = RealPlayer
"RealProducer 8.5" = RealProducer Plus 8.5
"SMPlayer" = SMPlayer 0.6.9
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"USB2.0 ATV" = USB2.0 ATV
"VideoPad" = VideoPad Video Editor
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite" = Windows Live Essentials
"Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 2.0.2.3)
"ZinioReader4" = Zinio Reader 4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2130412082-872510349-2259372935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/24/2015 10:53:11 PM | Computer Name = MARK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 4/24/2015 11:52:11 PM | Computer Name = MARK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 4/25/2015 11:48:06 AM | Computer Name = MARK-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/25/2015 11:51:36 AM | Computer Name = MARK-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/25/2015 12:11:10 PM | Computer Name = MARK-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/25/2015 12:59:02 PM | Computer Name = MARK-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053

Error - 4/25/2015 12:59:02 PM | Computer Name = MARK-PC | Source = Bonjour Service | ID = 100
Description = 504: ERROR: read_msg errno 0 (The operation completed successfully.)

Error - 4/25/2015 12:59:47 PM | Computer Name = MARK-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/25/2015 3:51:07 PM | Computer Name = MARK-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/25/2015 4:08:56 PM | Computer Name = MARK-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 2f30 Start Time:
01d07f8aeba4f975 Termination Time: 0 Application Path: C:\Users\MARK\Desktop\MM\OTL.exe

Report
Id: e43c1dad-eb86-11e4-a7a4-00038a000015

[ Media Center Events ]
Error - 1/6/2013 12:34:29 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 11:34:29 AM - Error connecting to the internet. 11:34:29 AM - Unable
to contact server..

Error - 1/6/2013 12:34:46 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 11:34:35 AM - Error connecting to the internet. 11:34:35 AM - Unable
to contact server..

Error - 1/8/2013 12:18:58 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 11:18:57 AM - Error connecting to the internet. 11:18:58 AM - Unable
to contact server..

Error - 1/8/2013 12:19:11 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 11:19:03 AM - Error connecting to the internet. 11:19:03 AM - Unable
to contact server..

Error - 1/10/2013 7:22:50 AM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 6:22:50 AM - Error connecting to the internet. 6:22:50 AM - Unable
to contact server..

Error - 1/10/2013 7:23:20 AM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 6:22:58 AM - Error connecting to the internet. 6:22:58 AM - Unable
to contact server..

Error - 1/12/2013 7:20:34 AM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 6:20:34 AM - Error connecting to the internet. 6:20:34 AM - Unable
to contact server..

Error - 1/12/2013 12:46:33 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 6:20:39 AM - Error connecting to the internet. 6:20:39 AM - Unable
to contact server..

Error - 2/4/2014 1:47:43 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 12:47:43 PM - Error connecting to the internet. 12:47:43 PM - Unable
to contact server..

Error - 2/4/2014 1:48:18 PM | Computer Name = MARK-PC | Source = MCUpdate | ID = 0
Description = 12:48:13 PM - Error connecting to the internet. 12:48:13 PM - Unable
to contact server..

[ Spybot - Search and Destroy Events ]
Error - 9/28/2012 9:10:38 PM | Computer Name = MARK-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 12/6/2012 2:46:14 PM | Computer Name = MARK-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 4/25/2015 12:59:23 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Updating Service service failed to start due to the
following error: %%1053

Error - 4/25/2015 1:00:00 PM | Computer Name = MARK-PC | Source = PNRPSvc | ID = 102
Description =

Error - 4/25/2015 1:00:00 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535

Error - 4/25/2015 1:00:00 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 4/25/2015 1:00:15 PM | Computer Name = MARK-PC | Source = PNRPSvc | ID = 102
Description =

Error - 4/25/2015 1:00:15 PM | Computer Name = MARK-PC | Source = PNRPSvc | ID = 102
Description =

Error - 4/25/2015 1:00:15 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535

Error - 4/25/2015 1:00:15 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 4/25/2015 1:00:15 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 4/25/2015 1:00:15 PM | Computer Name = MARK-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535


< End of report >
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby pgmigg » April 26th, 2015, 12:10 am

Hello mkdsk101,

When I did the TDSSKiller there were no threats found even after I checked the box named "Verify file digital signatures" so I stopped at that point to come here and ask should I move on to step 4 OTL download?
It is not necessary that TDSSKiller will find threats - I need to see the whole report because there are a lot of useful information for future decisions and actions. You posted less than 5% of it. Please find the file which name looks like the following on your disk C:\ "TDSSKiller.3.0.0.44_25.04.2015_23.26.56_log.txt" and post the contents of it in the next reply.

A quick question:
FF - prefs.js..network.proxy.backup.ftp: "202.188.222.2:8080"
Are you aware of this proxy (and other as well), did you set them yourself?

Step 1.
ComboFix Image
Please download ComboFix.exe... © Copyrighted to sUBs. Save it to your desktop. <<--- IMPORTANT!! .
If you previously downloaded ComboFix, please delete that version and download it again. This tool is frequently updated.

The first thing you need to do is print out How-To-Use-ComboFix. Read these instructions thoroughly.
You will not have Internet access when you execute ComboFix.
Please disable any Antivirus or Firewall you have active, as shown in this topic. Close all open application windows.

  1. Double click the ComboFix.exe icon on your desktop to begin execution. If you receive the "Open File - Security Warning"... press Run.
  2. Press I Agree to the Disclaimer prompt.
    ComboFix screen appears... preparing to run. ComboFix will now begin creating a System Restore Point and then backup your registry.
    Do Not use your keyboard or mouse click anywhere in the [b]ComboFix window, as this may cause the program to stall or crash![/b]
    ComboFix may reboot your computer allow this and follow all directions given.
    When finished... Notepad will open ... ComboFix will produce a log file called "ComboFix.txt".
  3. Please copy/paste the contents of ComboFix.txt... in your next reply.
Do NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, NOT for general public or personal use. Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again. This site, sUBs and myself will not be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read Combofix's Disclaimer.


** Enable your Antivirus and Firewall, before connecting to the Internet again! **

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  3. Answer for my question about proxy.
  4. Contents of the ComboFix.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » April 26th, 2015, 5:49 pm

15:55:35.0767 0x1e68 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:55:39.0776 0x1e68 ============================================================
15:55:39.0776 0x1e68 Current date / time: 2015/04/26 15:55:39.0776
15:55:39.0776 0x1e68 SystemInfo:
15:55:39.0776 0x1e68
15:55:39.0776 0x1e68 OS Version: 6.1.7601 ServicePack: 1.0
15:55:39.0776 0x1e68 Product type: Workstation
15:55:39.0776 0x1e68 ComputerName: MARK-PC
15:55:39.0776 0x1e68 UserName: MARK
15:55:39.0776 0x1e68 Windows directory: C:\Windows
15:55:39.0776 0x1e68 System windows directory: C:\Windows
15:55:39.0776 0x1e68 Running under WOW64
15:55:39.0776 0x1e68 Processor architecture: Intel x64
15:55:39.0776 0x1e68 Number of processors: 8
15:55:39.0776 0x1e68 Page size: 0x1000
15:55:39.0776 0x1e68 Boot type: Normal boot
15:55:39.0776 0x1e68 ============================================================
15:55:40.0447 0x1e68 KLMD registered as C:\Windows\system32\drivers\17251249.sys
15:55:40.0837 0x1e68 System UUID: {2C98094B-AB1D-3F4F-341E-8E93A041C78E}
15:55:41.0632 0x1e68 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:55:41.0664 0x1e68 ============================================================
15:55:41.0664 0x1e68 \Device\Harddisk0\DR0:
15:55:41.0664 0x1e68 MBR partitions:
15:55:41.0664 0x1e68 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000
15:55:41.0664 0x1e68 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0x388F2800
15:55:41.0664 0x1e68 ============================================================
15:55:41.0710 0x1e68 C: <-> \Device\Harddisk0\DR0\Partition2
15:55:41.0757 0x1e68 ============================================================
15:55:41.0757 0x1e68 Initialize success
15:55:41.0757 0x1e68 ============================================================
15:56:26.0030 0x1b10 ============================================================
15:56:26.0030 0x1b10 Scan started
15:56:26.0030 0x1b10 Mode: Manual; SigCheck;
15:56:26.0030 0x1b10 ============================================================
15:56:26.0030 0x1b10 KSN ping started
15:56:39.0899 0x1b10 KSN ping finished: true
15:56:41.0443 0x1b10 ================ Scan system memory ========================
15:56:41.0443 0x1b10 System memory - ok
15:56:41.0443 0x1b10 ================ Scan services =============================
15:56:41.0630 0x1b10 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:56:41.0849 0x1b10 1394ohci - ok
15:56:42.0005 0x1b10 [ 8A46F63FA9E6BE67C4E062E173B45B29, 5F17B228D93C93396798E673E1F8ADB0091681585A44F286980106ABA59EA93A ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
15:56:42.0067 0x1b10 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
15:56:42.0145 0x1b10 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:56:42.0161 0x1b10 ACPI - ok
15:56:42.0223 0x1b10 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:56:42.0285 0x1b10 AcpiPmi - ok
15:56:42.0457 0x1b10 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:56:42.0473 0x1b10 AdobeARMservice - ok
15:56:42.0644 0x1b10 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:56:42.0675 0x1b10 AdobeFlashPlayerUpdateSvc - ok
15:56:43.0050 0x1b10 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:56:43.0081 0x1b10 adp94xx - ok
15:56:43.0112 0x1b10 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:56:43.0128 0x1b10 adpahci - ok
15:56:43.0143 0x1b10 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:56:43.0159 0x1b10 adpu320 - ok
15:56:43.0221 0x1b10 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:56:43.0268 0x1b10 AeLookupSvc - ok
15:56:43.0393 0x1b10 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:56:43.0455 0x1b10 AFD - ok
15:56:43.0502 0x1b10 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:56:43.0518 0x1b10 agp440 - ok
15:56:43.0580 0x1b10 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:56:43.0643 0x1b10 ALG - ok
15:56:43.0705 0x1b10 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:56:43.0721 0x1b10 aliide - ok
15:56:43.0736 0x1b10 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:56:43.0752 0x1b10 amdide - ok
15:56:43.0767 0x1b10 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:56:43.0799 0x1b10 AmdK8 - ok
15:56:43.0830 0x1b10 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:56:43.0877 0x1b10 AmdPPM - ok
15:56:43.0908 0x1b10 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:56:43.0923 0x1b10 amdsata - ok
15:56:43.0939 0x1b10 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:56:43.0955 0x1b10 amdsbs - ok
15:56:43.0955 0x1b10 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:56:43.0970 0x1b10 amdxata - ok
15:56:44.0079 0x1b10 [ B445F09CBF8A0B9482806E179A7C7590, E86FEFA85CC9F36E0F33D35572874C85DA93C81319A2D0D01388096423CEEE26 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
15:56:44.0095 0x1b10 AOL ACS - ok
15:56:44.0157 0x1b10 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
15:56:44.0173 0x1b10 AppID - ok
15:56:44.0251 0x1b10 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:56:44.0313 0x1b10 AppIDSvc - ok
15:56:44.0376 0x1b10 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:56:44.0423 0x1b10 Appinfo - ok
15:56:44.0532 0x1b10 [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:56:44.0563 0x1b10 Apple Mobile Device - ok
15:56:44.0625 0x1b10 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:56:44.0641 0x1b10 arc - ok
15:56:44.0657 0x1b10 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:56:44.0688 0x1b10 arcsas - ok
15:56:44.0750 0x1b10 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:56:44.0797 0x1b10 aspnet_state - ok
15:56:44.0844 0x1b10 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:56:44.0891 0x1b10 AsyncMac - ok
15:56:44.0922 0x1b10 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:56:44.0937 0x1b10 atapi - ok
15:56:45.0015 0x1b10 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:56:45.0047 0x1b10 AudioEndpointBuilder - ok
15:56:45.0062 0x1b10 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:56:45.0078 0x1b10 AudioSrv - ok
15:56:45.0093 0x1b10 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:56:45.0109 0x1b10 AxInstSV - ok
15:56:45.0171 0x1b10 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:56:45.0234 0x1b10 b06bdrv - ok
15:56:45.0296 0x1b10 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:56:45.0327 0x1b10 b57nd60a - ok
15:56:45.0499 0x1b10 [ 8B5D16D20774FC3727F44E161BE2C0AC, 0EF2489E1ACC86403B1D6931140C5DF082127B327143ECB6EF28A4FF57D3C371 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
15:56:45.0577 0x1b10 BCM43XX - ok
15:56:45.0624 0x1b10 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:56:45.0686 0x1b10 BDESVC - ok
15:56:45.0749 0x1b10 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:56:45.0827 0x1b10 Beep - ok
15:56:45.0889 0x1b10 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:56:45.0936 0x1b10 BFE - ok
15:56:46.0029 0x1b10 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:56:46.0092 0x1b10 BITS - ok
15:56:46.0154 0x1b10 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:56:46.0201 0x1b10 blbdrive - ok
15:56:46.0341 0x1b10 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:56:46.0373 0x1b10 Bonjour Service - ok
15:56:46.0466 0x1b10 [ A1C6893D5AA52F79B97443720EEEA0F2, 66C51BA17AE0F069279A32FFDA6D44D98C747976CF04B343815D2032BDF263B0 ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
15:56:46.0482 0x1b10 BOT4Service - ok
15:56:46.0544 0x1b10 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:56:46.0575 0x1b10 bowser - ok
15:56:46.0607 0x1b10 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:56:46.0653 0x1b10 BrFiltLo - ok
15:56:46.0653 0x1b10 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:56:46.0685 0x1b10 BrFiltUp - ok
15:56:46.0716 0x1b10 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:56:46.0747 0x1b10 Browser - ok
15:56:46.0763 0x1b10 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:56:46.0872 0x1b10 Brserid - ok
15:56:46.0887 0x1b10 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:56:46.0919 0x1b10 BrSerWdm - ok
15:56:46.0934 0x1b10 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:56:46.0981 0x1b10 BrUsbMdm - ok
15:56:46.0997 0x1b10 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:56:47.0012 0x1b10 BrUsbSer - ok
15:56:47.0059 0x1b10 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:56:47.0106 0x1b10 BTHMODEM - ok
15:56:47.0137 0x1b10 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:56:47.0215 0x1b10 bthserv - ok
15:56:47.0246 0x1b10 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:56:47.0309 0x1b10 cdfs - ok
15:56:47.0371 0x1b10 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:56:47.0387 0x1b10 cdrom - ok
15:56:47.0433 0x1b10 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:56:47.0480 0x1b10 CertPropSvc - ok
15:56:47.0574 0x1b10 [ 71BC80BF1B93EB7C8B58E706A9B486F4, 7C1B67A2E71EB4016015F70CC0A2EE0802EED2B7337FBC1C9140626210D84A9F ] cfwids C:\Windows\system32\drivers\cfwids.sys
15:56:47.0589 0x1b10 cfwids - ok
15:56:47.0636 0x1b10 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:56:47.0667 0x1b10 circlass - ok
15:56:47.0745 0x1b10 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:56:47.0777 0x1b10 CLFS - ok
15:56:47.0839 0x1b10 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:56:47.0855 0x1b10 clr_optimization_v2.0.50727_32 - ok
15:56:47.0886 0x1b10 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:56:47.0901 0x1b10 clr_optimization_v2.0.50727_64 - ok
15:56:48.0011 0x1b10 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:56:48.0089 0x1b10 clr_optimization_v4.0.30319_32 - ok
15:56:48.0120 0x1b10 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:56:48.0198 0x1b10 clr_optimization_v4.0.30319_64 - ok
15:56:48.0291 0x1b10 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:56:48.0307 0x1b10 CmBatt - ok
15:56:48.0354 0x1b10 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:56:48.0369 0x1b10 cmdide - ok
15:56:48.0463 0x1b10 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:56:48.0510 0x1b10 CNG - ok
15:56:48.0525 0x1b10 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:56:48.0541 0x1b10 Compbatt - ok
15:56:48.0557 0x1b10 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:56:48.0588 0x1b10 CompositeBus - ok
15:56:48.0588 0x1b10 COMSysApp - ok
15:56:48.0603 0x1b10 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:56:48.0619 0x1b10 crcdisk - ok
15:56:48.0635 0x1b10 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:56:48.0681 0x1b10 CryptSvc - ok
15:56:48.0744 0x1b10 [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:56:48.0759 0x1b10 dc3d - ok
15:56:48.0822 0x1b10 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:56:48.0884 0x1b10 DcomLaunch - ok
15:56:48.0931 0x1b10 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:56:48.0962 0x1b10 defragsvc - ok
15:56:49.0009 0x1b10 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:56:49.0040 0x1b10 DfsC - ok
15:56:49.0087 0x1b10 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:56:49.0103 0x1b10 Dhcp - ok
15:56:49.0134 0x1b10 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:56:49.0212 0x1b10 discache - ok
15:56:49.0243 0x1b10 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:56:49.0259 0x1b10 Disk - ok
15:56:49.0290 0x1b10 dlba_device - ok
15:56:49.0305 0x1b10 dlea_device - ok
15:56:49.0337 0x1b10 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:56:49.0383 0x1b10 Dnscache - ok
15:56:49.0415 0x1b10 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:56:49.0477 0x1b10 dot3svc - ok
15:56:49.0508 0x1b10 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:56:49.0539 0x1b10 DPS - ok
15:56:49.0602 0x1b10 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:56:49.0633 0x1b10 drmkaud - ok
15:56:49.0680 0x1b10 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:56:49.0711 0x1b10 DXGKrnl - ok
15:56:49.0758 0x1b10 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:56:49.0773 0x1b10 EapHost - ok
15:56:49.0867 0x1b10 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:56:49.0976 0x1b10 ebdrv - ok
15:56:50.0023 0x1b10 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
15:56:50.0039 0x1b10 EFS - ok
15:56:50.0117 0x1b10 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:56:50.0179 0x1b10 ehRecvr - ok
15:56:50.0226 0x1b10 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:56:50.0257 0x1b10 ehSched - ok
15:56:50.0319 0x1b10 [ 4778EEECB75C6FB419745BEED3530B9D, 8683639FF5CC4DB9955C61C28922637D10BB9CDAA20AD260292F8E90DE198205 ] ElRawDisk C:\Windows\system32\drivers\rsdrvx64.sys
15:56:50.0351 0x1b10 ElRawDisk - ok
15:56:50.0413 0x1b10 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:56:50.0444 0x1b10 elxstor - ok
15:56:50.0460 0x1b10 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:56:50.0507 0x1b10 ErrDev - ok
15:56:50.0569 0x1b10 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:56:50.0631 0x1b10 EventSystem - ok
15:56:50.0647 0x1b10 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:56:50.0694 0x1b10 exfat - ok
15:56:50.0741 0x1b10 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:56:50.0803 0x1b10 fastfat - ok
15:56:50.0850 0x1b10 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:56:50.0912 0x1b10 Fax - ok
15:56:50.0928 0x1b10 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:56:50.0975 0x1b10 fdc - ok
15:56:50.0990 0x1b10 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:56:51.0053 0x1b10 fdPHost - ok
15:56:51.0068 0x1b10 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:56:51.0084 0x1b10 FDResPub - ok
15:56:51.0131 0x1b10 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:56:51.0146 0x1b10 FileInfo - ok
15:56:51.0162 0x1b10 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:56:51.0193 0x1b10 Filetrace - ok
15:56:51.0349 0x1b10 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:56:51.0380 0x1b10 FLEXnet Licensing Service - ok
15:56:51.0380 0x1b10 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:56:51.0396 0x1b10 flpydisk - ok
15:56:51.0411 0x1b10 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:56:51.0427 0x1b10 FltMgr - ok
15:56:51.0505 0x1b10 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1, 939630A1EEAB79DD5AA3D9272B9EDC0550BC06D40C9B398815FCFF4AC12A7F2C ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
15:56:51.0567 0x1b10 FlyUsb - ok
15:56:51.0677 0x1b10 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:56:51.0755 0x1b10 FontCache - ok
15:56:51.0942 0x1b10 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:56:51.0957 0x1b10 FontCache3.0.0.0 - ok
15:56:52.0004 0x1b10 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:56:52.0020 0x1b10 FsDepends - ok
15:56:52.0082 0x1b10 [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:56:52.0113 0x1b10 fssfltr - ok
15:56:52.0285 0x1b10 [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:56:52.0347 0x1b10 fsssvc - ok
15:56:52.0347 0x1b10 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:56:52.0363 0x1b10 Fs_Rec - ok
15:56:52.0379 0x1b10 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:56:52.0394 0x1b10 fvevol - ok
15:56:52.0394 0x1b10 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:56:52.0410 0x1b10 gagp30kx - ok
15:56:52.0535 0x1b10 [ 805DAC448BEBDA900BF5520AB27D9616, C0A2935C75EC4B3D860E68ABAE6756D6D4B31BA9AFD742FF9C0B6ED11BEFD163 ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
15:56:52.0566 0x1b10 Garmin Device Interaction Service - ok
15:56:52.0628 0x1b10 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:56:52.0644 0x1b10 GEARAspiWDM - ok
15:56:52.0722 0x1b10 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:56:52.0800 0x1b10 gpsvc - ok
15:56:52.0847 0x1b10 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
15:56:52.0862 0x1b10 grmnusb - ok
15:56:52.0956 0x1b10 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:56:52.0971 0x1b10 gupdate - ok
15:56:52.0971 0x1b10 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:56:52.0987 0x1b10 gupdatem - ok
15:56:53.0034 0x1b10 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:56:53.0081 0x1b10 hcw85cir - ok
15:56:53.0096 0x1b10 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:56:53.0127 0x1b10 HDAudBus - ok
15:56:53.0143 0x1b10 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:56:53.0190 0x1b10 HidBatt - ok
15:56:53.0221 0x1b10 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:56:53.0252 0x1b10 HidBth - ok
15:56:53.0268 0x1b10 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:56:53.0315 0x1b10 HidIr - ok
15:56:53.0346 0x1b10 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:56:53.0393 0x1b10 hidserv - ok
15:56:53.0455 0x1b10 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:56:53.0517 0x1b10 HidUsb - ok
15:56:53.0611 0x1b10 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
15:56:53.0627 0x1b10 HipShieldK - ok
15:56:53.0673 0x1b10 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:56:53.0720 0x1b10 hkmsvc - ok
15:56:53.0783 0x1b10 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:56:53.0829 0x1b10 HomeGroupListener - ok
15:56:53.0876 0x1b10 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:56:53.0907 0x1b10 HomeGroupProvider - ok
15:56:54.0126 0x1b10 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:56:54.0141 0x1b10 HomeNetSvc - ok
15:56:54.0204 0x1b10 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:56:54.0219 0x1b10 HpSAMD - ok
15:56:54.0297 0x1b10 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:56:54.0375 0x1b10 HTTP - ok
15:56:54.0375 0x1b10 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:56:54.0391 0x1b10 hwpolicy - ok
15:56:54.0407 0x1b10 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:56:54.0407 0x1b10 i8042prt - ok
15:56:54.0438 0x1b10 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:56:54.0453 0x1b10 iaStor - ok
15:56:54.0531 0x1b10 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:56:54.0547 0x1b10 IAStorDataMgrSvc - ok
15:56:54.0578 0x1b10 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:56:54.0609 0x1b10 iaStorV - ok
15:56:54.0703 0x1b10 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:56:54.0750 0x1b10 idsvc - ok
15:56:54.0797 0x1b10 IEEtwCollectorService - ok
15:56:54.0828 0x1b10 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:56:54.0859 0x1b10 iirsp - ok
15:56:54.0953 0x1b10 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:56:54.0999 0x1b10 IKEEXT - ok
15:56:55.0155 0x1b10 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:56:55.0218 0x1b10 IntcAzAudAddService - ok
15:56:55.0233 0x1b10 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:56:55.0249 0x1b10 IntcDAud - ok
15:56:55.0311 0x1b10 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:56:55.0327 0x1b10 intelide - ok
15:56:55.0343 0x1b10 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:56:55.0389 0x1b10 intelppm - ok
15:56:55.0436 0x1b10 ioloSystemService - ok
15:56:55.0467 0x1b10 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:56:55.0545 0x1b10 IPBusEnum - ok
15:56:55.0577 0x1b10 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:56:55.0608 0x1b10 IpFilterDriver - ok
15:56:55.0639 0x1b10 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:56:55.0686 0x1b10 iphlpsvc - ok
15:56:55.0686 0x1b10 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:56:55.0733 0x1b10 IPMIDRV - ok
15:56:55.0764 0x1b10 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:56:55.0811 0x1b10 IPNAT - ok
15:56:55.0904 0x1b10 [ EE4C2A137C7088911A8919EFFC9812E7, B93DE083B872FAA44D37C1EBC5C7F408FC6105F4324240796BF4F42951868117 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:56:55.0935 0x1b10 iPod Service - ok
15:56:55.0951 0x1b10 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:56:55.0967 0x1b10 IRENUM - ok
15:56:55.0982 0x1b10 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:56:55.0982 0x1b10 isapnp - ok
15:56:56.0013 0x1b10 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:56:56.0029 0x1b10 iScsiPrt - ok
15:56:56.0123 0x1b10 [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:56:56.0154 0x1b10 IviRegMgr - ok
15:56:56.0232 0x1b10 [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:56:56.0263 0x1b10 k57nd60a - ok
15:56:56.0294 0x1b10 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:56:56.0310 0x1b10 kbdclass - ok
15:56:56.0310 0x1b10 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:56:56.0357 0x1b10 kbdhid - ok
15:56:56.0419 0x1b10 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
15:56:56.0435 0x1b10 KeyIso - ok
15:56:56.0450 0x1b10 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:56:56.0481 0x1b10 KSecDD - ok
15:56:56.0544 0x1b10 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:56:56.0575 0x1b10 KSecPkg - ok
15:56:56.0637 0x1b10 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:56:56.0731 0x1b10 ksthunk - ok
15:56:56.0778 0x1b10 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:56:56.0840 0x1b10 KtmRm - ok
15:56:56.0903 0x1b10 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:56:56.0949 0x1b10 LanmanServer - ok
15:56:56.0996 0x1b10 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:56:57.0043 0x1b10 LanmanWorkstation - ok
15:56:57.0355 0x1b10 [ 32F1B95C60042F3D95FC8AB43559B3B1, 52652B1CE93C6B9DC12E56B5D4C44F45042901D89D21974BFE1D7116BFADEE74 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
15:56:57.0589 0x1b10 LeapFrog Connect Device Service - ok
15:56:57.0667 0x1b10 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:56:57.0714 0x1b10 lltdio - ok
15:56:57.0761 0x1b10 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:56:57.0792 0x1b10 lltdsvc - ok
15:56:57.0823 0x1b10 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:56:57.0885 0x1b10 lmhosts - ok
15:56:57.0917 0x1b10 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:56:57.0932 0x1b10 LSI_FC - ok
15:56:57.0948 0x1b10 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:56:57.0948 0x1b10 LSI_SAS - ok
15:56:57.0963 0x1b10 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:56:57.0995 0x1b10 LSI_SAS2 - ok
15:56:58.0010 0x1b10 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:56:58.0026 0x1b10 LSI_SCSI - ok
15:56:58.0088 0x1b10 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:56:58.0151 0x1b10 luafv - ok
15:56:58.0291 0x1b10 [ B3589AAC13E1E23FF95E5ECF1EE0B838, E2DD023C24AC24C7FC956A37775AA38EF3E86367F261D79EBF102EBB91A8501C ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
15:56:58.0307 0x1b10 McAfee SiteAdvisor Service - ok
15:56:58.0509 0x1b10 [ 143D3F28E4709E6345F286D4A5A76B75, 3BEC8256902F324DF9C2D5F1BA63A7C14E34DCDB54A03008ACCB6FB50656EF26 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
15:56:58.0556 0x1b10 McAPExe - ok
15:56:58.0712 0x1b10 [ BF9EB1361EF8D456AB15D5AC2765D860, 5A622F26203438BAF768EFAFCAFD78971E90EE6A0A9FC954FE8A68D5B4C9E9C9 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
15:56:58.0743 0x1b10 mccspsvc - ok
15:56:58.0868 0x1b10 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:56:58.0899 0x1b10 McMPFSvc - ok
15:56:58.0915 0x1b10 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:56:58.0931 0x1b10 McNaiAnn - ok
15:56:58.0977 0x1b10 [ 60ADF1B097B0D20BF9AE1E3F5D79870C, 04530480F95EB2745DF2D61DC95F1404A78874CB81D37348BD0AB145A7970C42 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
15:56:59.0024 0x1b10 McODS - ok
15:56:59.0071 0x1b10 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:56:59.0102 0x1b10 mcpltsvc - ok
15:56:59.0118 0x1b10 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:56:59.0133 0x1b10 McProxy - ok
15:56:59.0180 0x1b10 [ 2822B2CA0A86850D3F2B851D154C8B3A, 138C4B8E21B1C77061173F3AD2358374928F8D6AABB7909F623EC72DF0600D1D ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
15:56:59.0196 0x1b10 McPvDrv - ok
15:56:59.0227 0x1b10 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:56:59.0258 0x1b10 Mcx2Svc - ok
15:56:59.0289 0x1b10 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:56:59.0305 0x1b10 megasas - ok
15:56:59.0336 0x1b10 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:56:59.0367 0x1b10 MegaSR - ok
15:56:59.0414 0x1b10 [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:56:59.0430 0x1b10 MEIx64 - ok
15:56:59.0523 0x1b10 [ B069A1B8072AC23CA31638CAF6E1CC90, 726E3B744F39E265C9B8FDDCD7EBD1B87327A92719EEB1924820BC90FE67B277 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
15:56:59.0555 0x1b10 mfeaack - ok
15:56:59.0633 0x1b10 [ B540EED782123308F865ACAF0F1C2E64, D1F163AA2E37A72958E78B5F96D1E087AF3B9AA33ABB89ADCEBF6CA5A44C8DFA ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
15:56:59.0664 0x1b10 mfeavfk - ok
15:56:59.0726 0x1b10 [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk C:\Windows\system32\DRIVERS\mfedisk.sys
15:56:59.0757 0x1b10 mfedisk - ok
15:56:59.0851 0x1b10 [ B080F4161DFC8B4555ADE5AEF8BEA10C, AEB88FACB90981BF5A9B532D83A0792F78D30F6CCCA107FBDC4EECD6D29AD124 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:56:59.0867 0x1b10 mfefire - ok
15:56:59.0913 0x1b10 [ 7E44DEBA7851496841C7D4849668B4E9, 6B5E42BB81B3F841D7C1B312A309542969D6FECEAD9379BD88213809AA2DEC5B ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
15:56:59.0929 0x1b10 mfefirek - ok
15:57:00.0038 0x1b10 [ E66C388028FC6D4B837504BB350FF368, 517B03CC0F622EE7027923051696326472924F43513C1E6201FBB3F29D7F6DD1 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
15:57:00.0085 0x1b10 mfehidk - ok
15:57:00.0163 0x1b10 [ FC873B1EC3BBC20E7067B433C79A3BE4, CCFABEF196C38683368282FAC27F0BCA81191001B59A08DD21B93BEF9095184A ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
15:57:00.0194 0x1b10 mfemms - ok
15:57:00.0288 0x1b10 [ D870D25906294B259D81894009A596E9, 8E259BA5356F82546E264A7F6BCAEBBA2A9A0D0335EAB0FE420BCA684B9EB31E ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
15:57:00.0319 0x1b10 mfencbdc - ok
15:57:00.0335 0x1b10 [ 51E636C4F93CC48F9B4B6C774C41B2C8, 97FB15DFA04EE4CCC6AA0C556AA84EC813D4362AC9906D3D932132C737F27B4A ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
15:57:00.0350 0x1b10 mfencrk - ok
15:57:00.0428 0x1b10 [ F9881B099DD511A9A53B0B9DB668EA9D, 3E57AC8137F893760C7C3DD06D47CCAE9F3EA419E698E5A08925120F3186E11F ] mfevtp C:\Windows\system32\mfevtps.exe
15:57:00.0444 0x1b10 mfevtp - ok
15:57:00.0491 0x1b10 [ 06E22CD1696D37862CFB154E008C7921, 3994F3749716CC956E35AE699027FC2BEFA5F5402E0774323C9C9EA4FBBBC5BD ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
15:57:00.0522 0x1b10 mfewfpk - ok
15:57:00.0569 0x1b10 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:57:00.0615 0x1b10 MMCSS - ok
15:57:00.0662 0x1b10 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:57:00.0709 0x1b10 Modem - ok
15:57:00.0771 0x1b10 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:57:00.0818 0x1b10 monitor - ok
15:57:00.0865 0x1b10 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:57:00.0865 0x1b10 mouclass - ok
15:57:00.0927 0x1b10 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:57:00.0974 0x1b10 mouhid - ok
15:57:01.0021 0x1b10 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:57:01.0021 0x1b10 mountmgr - ok
15:57:01.0130 0x1b10 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:57:01.0146 0x1b10 MozillaMaintenance - ok
15:57:01.0193 0x1b10 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:57:01.0208 0x1b10 mpio - ok
15:57:01.0224 0x1b10 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:57:01.0271 0x1b10 mpsdrv - ok
15:57:01.0317 0x1b10 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:57:01.0411 0x1b10 MpsSvc - ok
15:57:01.0458 0x1b10 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:57:01.0489 0x1b10 MRxDAV - ok
15:57:01.0551 0x1b10 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:01.0598 0x1b10 mrxsmb - ok
15:57:01.0661 0x1b10 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:01.0692 0x1b10 mrxsmb10 - ok
15:57:01.0707 0x1b10 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:01.0723 0x1b10 mrxsmb20 - ok
15:57:01.0754 0x1b10 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:57:01.0785 0x1b10 msahci - ok
15:57:01.0801 0x1b10 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:57:01.0817 0x1b10 msdsm - ok
15:57:01.0879 0x1b10 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:57:01.0926 0x1b10 MSDTC - ok
15:57:01.0973 0x1b10 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:57:02.0051 0x1b10 Msfs - ok
15:57:02.0082 0x1b10 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:57:02.0144 0x1b10 mshidkmdf - ok
15:57:02.0175 0x1b10 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:57:02.0191 0x1b10 msisadrv - ok
15:57:02.0238 0x1b10 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:57:02.0316 0x1b10 MSiSCSI - ok
15:57:02.0316 0x1b10 msiserver - ok
15:57:02.0378 0x1b10 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:57:02.0409 0x1b10 MSK80Service - ok
15:57:02.0425 0x1b10 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:57:02.0472 0x1b10 MSKSSRV - ok
15:57:02.0472 0x1b10 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:02.0487 0x1b10 MSPCLOCK - ok
15:57:02.0503 0x1b10 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:57:02.0519 0x1b10 MSPQM - ok
15:57:02.0534 0x1b10 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:57:02.0550 0x1b10 MsRPC - ok
15:57:02.0597 0x1b10 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:57:02.0612 0x1b10 mssmbios - ok
15:57:02.0675 0x1b10 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:57:02.0768 0x1b10 MSTEE - ok
15:57:02.0784 0x1b10 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:57:02.0799 0x1b10 MTConfig - ok
15:57:02.0815 0x1b10 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:57:02.0831 0x1b10 Mup - ok
15:57:02.0893 0x1b10 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:57:02.0955 0x1b10 napagent - ok
15:57:03.0018 0x1b10 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:57:03.0049 0x1b10 NativeWifiP - ok
15:57:03.0189 0x1b10 [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:57:03.0221 0x1b10 NAUpdate - ok
15:57:03.0252 0x1b10 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:57:03.0283 0x1b10 NDIS - ok
15:57:03.0283 0x1b10 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:57:03.0314 0x1b10 NdisCap - ok
15:57:03.0330 0x1b10 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:03.0345 0x1b10 NdisTapi - ok
15:57:03.0392 0x1b10 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:03.0423 0x1b10 Ndisuio - ok
15:57:03.0439 0x1b10 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:03.0486 0x1b10 NdisWan - ok
15:57:03.0486 0x1b10 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:57:03.0517 0x1b10 NDProxy - ok
15:57:03.0564 0x1b10 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:57:03.0579 0x1b10 NetBIOS - ok
15:57:03.0595 0x1b10 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:57:03.0642 0x1b10 NetBT - ok
15:57:03.0689 0x1b10 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
15:57:03.0704 0x1b10 Netlogon - ok
15:57:03.0767 0x1b10 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:57:03.0829 0x1b10 Netman - ok
15:57:03.0891 0x1b10 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:03.0923 0x1b10 NetMsmqActivator - ok
15:57:03.0938 0x1b10 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:03.0969 0x1b10 NetPipeActivator - ok
15:57:04.0047 0x1b10 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:57:04.0094 0x1b10 netprofm - ok
15:57:04.0094 0x1b10 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:04.0110 0x1b10 NetTcpActivator - ok
15:57:04.0110 0x1b10 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:04.0125 0x1b10 NetTcpPortSharing - ok
15:57:04.0188 0x1b10 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:57:04.0203 0x1b10 nfrd960 - ok
15:57:04.0250 0x1b10 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:57:04.0328 0x1b10 NlaSvc - ok
15:57:04.0515 0x1b10 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:57:04.0593 0x1b10 NOBU - ok
15:57:04.0609 0x1b10 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:57:04.0625 0x1b10 Npfs - ok
15:57:04.0656 0x1b10 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:57:04.0734 0x1b10 nsi - ok
15:57:04.0765 0x1b10 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:57:04.0781 0x1b10 nsiproxy - ok
15:57:04.0859 0x1b10 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:57:04.0968 0x1b10 Ntfs - ok
15:57:04.0983 0x1b10 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 26th, 2015, 5:50 pm

15:57:05.0046 0x1b10 Null - ok
15:57:05.0077 0x1b10 [ 857FB74754EBFF94EE3AD40788740916, FE4099D8F2E7967289BBC0802548C48D453A0BD0C44AAACCDB4C282ADBCC7BFE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:57:05.0093 0x1b10 NVHDA - ok
15:57:05.0483 0x1b10 [ 64B046CA14B8EE7ED6D21CFA326B3363, A2AF844654D59047F925513E99B75085D5D3AAC4C1EB197A6DA296BFF5BE0187 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:57:05.0795 0x1b10 nvlddmkm - ok
15:57:05.0826 0x1b10 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:57:05.0841 0x1b10 nvraid - ok
15:57:05.0857 0x1b10 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:57:05.0857 0x1b10 nvstor - ok
15:57:05.0919 0x1b10 [ 77B013AE58952C6E9DC982D7803311C5, D929352DCBBDFDF11853370C4F865792B12C2C11910FF5285F0A9836F566F5FD ] NVSvc C:\Windows\system32\nvvsvc.exe
15:57:05.0935 0x1b10 NVSvc - ok
15:57:05.0951 0x1b10 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:57:05.0966 0x1b10 nv_agp - ok
15:57:05.0982 0x1b10 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:57:05.0997 0x1b10 ohci1394 - ok
15:57:06.0044 0x1b10 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:57:06.0075 0x1b10 p2pimsvc - ok
15:57:06.0091 0x1b10 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:57:06.0138 0x1b10 p2psvc - ok
15:57:06.0169 0x1b10 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:57:06.0216 0x1b10 Parport - ok
15:57:06.0247 0x1b10 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:57:06.0263 0x1b10 partmgr - ok
15:57:06.0309 0x1b10 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:57:06.0356 0x1b10 PcaSvc - ok
15:57:06.0403 0x1b10 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:57:06.0434 0x1b10 pci - ok
15:57:06.0481 0x1b10 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:57:06.0497 0x1b10 pciide - ok
15:57:06.0543 0x1b10 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:57:06.0559 0x1b10 pcmcia - ok
15:57:06.0637 0x1b10 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:57:06.0653 0x1b10 pcw - ok
15:57:06.0699 0x1b10 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:57:06.0746 0x1b10 PEAUTH - ok
15:57:06.0824 0x1b10 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:57:06.0871 0x1b10 PerfHost - ok
15:57:07.0011 0x1b10 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:57:07.0105 0x1b10 pla - ok
15:57:07.0183 0x1b10 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:57:07.0261 0x1b10 PlugPlay - ok
15:57:07.0386 0x1b10 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E, 2E51A0E9A5AE8F017D0AC22D46036FFFAF917CBC6A7C7297B63C1154DFC7FCC6 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
15:57:07.0433 0x1b10 PMBDeviceInfoProvider - ok
15:57:07.0464 0x1b10 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:57:07.0479 0x1b10 PNRPAutoReg - ok
15:57:07.0495 0x1b10 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:57:07.0511 0x1b10 PNRPsvc - ok
15:57:07.0620 0x1b10 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:57:07.0635 0x1b10 Point64 - ok
15:57:07.0682 0x1b10 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:57:07.0745 0x1b10 PolicyAgent - ok
15:57:07.0807 0x1b10 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
15:57:07.0854 0x1b10 Power - ok
15:57:07.0916 0x1b10 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:57:07.0979 0x1b10 PptpMiniport - ok
15:57:08.0010 0x1b10 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:57:08.0025 0x1b10 Processor - ok
15:57:08.0057 0x1b10 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:57:08.0119 0x1b10 ProfSvc - ok
15:57:08.0166 0x1b10 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:57:08.0181 0x1b10 ProtectedStorage - ok
15:57:08.0244 0x1b10 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:57:08.0291 0x1b10 Psched - ok
15:57:08.0400 0x1b10 [ 066C6CCCF670D9BBCAECC781FB8D7EB9, D2AB9EBE9F7A724FB685EA7F7624763F26D243F4174570D18355705D25DE1589 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:57:08.0431 0x1b10 PSI_SVC_2 - ok
15:57:08.0478 0x1b10 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:57:08.0493 0x1b10 PxHlpa64 - ok
15:57:08.0587 0x1b10 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:57:08.0618 0x1b10 ql2300 - ok
15:57:08.0634 0x1b10 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:57:08.0649 0x1b10 ql40xx - ok
15:57:08.0696 0x1b10 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:57:08.0712 0x1b10 QWAVE - ok
15:57:08.0727 0x1b10 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:57:08.0774 0x1b10 QWAVEdrv - ok
15:57:08.0805 0x1b10 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:57:08.0837 0x1b10 RasAcd - ok
15:57:08.0899 0x1b10 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:57:08.0961 0x1b10 RasAgileVpn - ok
15:57:08.0993 0x1b10 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:57:09.0024 0x1b10 RasAuto - ok
15:57:09.0039 0x1b10 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:09.0055 0x1b10 Rasl2tp - ok
15:57:09.0071 0x1b10 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:57:09.0102 0x1b10 RasMan - ok
15:57:09.0117 0x1b10 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:09.0133 0x1b10 RasPppoe - ok
15:57:09.0133 0x1b10 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:57:09.0164 0x1b10 RasSstp - ok
15:57:09.0227 0x1b10 [ 0F102A495B04EC2C6F77C07FFAD79D09, 11D8B56694C3B494687118A002832995D0557CE2E4FF6965828ADAB18D5F5917 ] RawDisk3 C:\Windows\system32\drivers\rawdsk3.sys
15:57:09.0242 0x1b10 RawDisk3 - ok
15:57:09.0305 0x1b10 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:57:09.0367 0x1b10 rdbss - ok
15:57:09.0383 0x1b10 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:57:09.0383 0x1b10 rdpbus - ok
15:57:09.0398 0x1b10 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:09.0414 0x1b10 RDPCDD - ok
15:57:09.0429 0x1b10 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:57:09.0445 0x1b10 RDPENCDD - ok
15:57:09.0492 0x1b10 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:57:09.0570 0x1b10 RDPREFMP - ok
15:57:09.0617 0x1b10 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:57:09.0632 0x1b10 RDPWD - ok
15:57:09.0663 0x1b10 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:57:09.0679 0x1b10 rdyboost - ok
15:57:09.0773 0x1b10 [ 20C2F1613EBCF66D0395C59076EE472E, E72DA9D55E3FDFA0D9B3F367B0E08D2E291A8D45C70B49EB8BF2C13F824AB933 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
15:57:09.0788 0x1b10 RealNetworks Downloader Resolver Service - ok
15:57:09.0866 0x1b10 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:57:09.0913 0x1b10 RemoteAccess - ok
15:57:09.0960 0x1b10 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:57:10.0007 0x1b10 RemoteRegistry - ok
15:57:10.0147 0x1b10 [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:57:10.0209 0x1b10 RoxMediaDB12OEM - ok
15:57:10.0334 0x1b10 [ 2D54FEB510021638F8768F8A215E7CEA, D685156786827F55C3CC3649219D51D6A28D73F975FB9923C02351570AA4D5F4 ] RoxMediaDB14 C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe
15:57:10.0381 0x1b10 RoxMediaDB14 - ok
15:57:10.0397 0x1b10 [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:57:10.0412 0x1b10 RoxWatch12 - ok
15:57:10.0428 0x1b10 [ C933066B7DF500BFC5797BEE25E4F309, 7C7575FC3D5FC6346DB66D3654DFDDE6403E22529B7135088EA30191E7922DEE ] RoxWatch14 C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe
15:57:10.0459 0x1b10 RoxWatch14 - ok
15:57:10.0490 0x1b10 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:57:10.0553 0x1b10 RpcEptMapper - ok
15:57:10.0584 0x1b10 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:57:10.0599 0x1b10 RpcLocator - ok
15:57:10.0631 0x1b10 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:57:10.0693 0x1b10 RpcSs - ok
15:57:10.0755 0x1b10 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:57:10.0802 0x1b10 rspndr - ok
15:57:10.0818 0x1b10 [ CC8BE8C0D2B549193E1B0E430F4C1717, D1E67C1D3C8EDFB7C1C601F9056C9249FFA07A7F2F48CE2F7E33CAF61656D974 ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
15:57:10.0818 0x1b10 Sahdad64 - ok
15:57:10.0818 0x1b10 [ 8DF9EE8B6DEE33A77CCF03047B1B002C, DB54B4D2C9D842D1D52CECFED91DBFAFB6E12A4121AA97116F4977A5FA68DB65 ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
15:57:10.0833 0x1b10 Saibad64 - ok
15:57:10.0833 0x1b10 [ E193BA11DF7D9383A1B2848088DDEE35, 4DCADD56958BF3BC31571EB08277AD0474898528E7D5232901898FD354DC0BE8 ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
15:57:10.0849 0x1b10 SaibVdAd64 - ok
15:57:10.0849 0x1b10 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
15:57:10.0865 0x1b10 SamSs - ok
15:57:10.0880 0x1b10 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:57:10.0896 0x1b10 sbp2port - ok
15:57:10.0911 0x1b10 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:57:10.0943 0x1b10 SCardSvr - ok
15:57:10.0958 0x1b10 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:57:10.0974 0x1b10 scfilter - ok
15:57:11.0052 0x1b10 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:57:11.0145 0x1b10 Schedule - ok
15:57:11.0192 0x1b10 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:57:11.0223 0x1b10 SCPolicySvc - ok
15:57:11.0270 0x1b10 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:57:11.0333 0x1b10 SDRSVC - ok
15:57:11.0442 0x1b10 [ D98E936BDD4A6CFE39535F3696D0EC6F, 78F4D7A1AACCCC5F77C7FFDA9E51D3BDCC454DD7D0FBB27260E6C7D56956C98E ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:57:11.0489 0x1b10 SDScannerService - ok
15:57:11.0520 0x1b10 [ 2D5088524613D1ED55D20195AF42DDC7, DD31882890524D237AA3A58D15C7EBB2CC181C56E17FA62671CFC14BD275D3A0 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:57:11.0551 0x1b10 SDUpdateService - ok
15:57:11.0598 0x1b10 [ 59DCE6783F9ED27EB72C81466E363BF8, E216D80F8947386E852AEB421EA3EC8B599AD9A547DEE11DCD463071A4940358 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:57:11.0598 0x1b10 SDWSCService - ok
15:57:11.0613 0x1b10 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:57:11.0691 0x1b10 secdrv - ok
15:57:11.0723 0x1b10 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:57:11.0801 0x1b10 seclogon - ok
15:57:11.0832 0x1b10 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:57:11.0894 0x1b10 SENS - ok
15:57:11.0925 0x1b10 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:57:11.0988 0x1b10 SensrSvc - ok
15:57:12.0019 0x1b10 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:57:12.0066 0x1b10 Serenum - ok
15:57:12.0097 0x1b10 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
15:57:12.0128 0x1b10 Serial - ok
15:57:12.0144 0x1b10 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:57:12.0159 0x1b10 sermouse - ok
15:57:12.0191 0x1b10 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:57:12.0253 0x1b10 SessionEnv - ok
15:57:12.0253 0x1b10 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:57:12.0269 0x1b10 sffdisk - ok
15:57:12.0284 0x1b10 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:57:12.0300 0x1b10 sffp_mmc - ok
15:57:12.0300 0x1b10 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:57:12.0315 0x1b10 sffp_sd - ok
15:57:12.0315 0x1b10 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:57:12.0331 0x1b10 sfloppy - ok
15:57:12.0456 0x1b10 [ 29DDEA72C5BDF61D62F4D438DC0E497C, 6A125EBC8B1377C1F5DFC441B843B0D6933C57678248CE1D23BF8D7A862F93FB ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:57:12.0503 0x1b10 SftService - ok
15:57:12.0581 0x1b10 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:57:12.0612 0x1b10 SharedAccess - ok
15:57:12.0690 0x1b10 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:57:12.0752 0x1b10 ShellHWDetection - ok
15:57:12.0799 0x1b10 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:57:12.0815 0x1b10 SiSRaid2 - ok
15:57:12.0877 0x1b10 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:57:12.0893 0x1b10 SiSRaid4 - ok
15:57:12.0971 0x1b10 SliceDisk5 - ok
15:57:13.0002 0x1b10 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:57:13.0049 0x1b10 Smb - ok
15:57:13.0080 0x1b10 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:57:13.0111 0x1b10 SNMPTRAP - ok
15:57:13.0111 0x1b10 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:57:13.0127 0x1b10 spldr - ok
15:57:13.0173 0x1b10 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:57:13.0205 0x1b10 Spooler - ok
15:57:13.0345 0x1b10 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:57:13.0485 0x1b10 sppsvc - ok
15:57:13.0548 0x1b10 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:57:13.0595 0x1b10 sppuinotify - ok
15:57:13.0673 0x1b10 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:57:13.0766 0x1b10 srv - ok
15:57:13.0797 0x1b10 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:57:13.0829 0x1b10 srv2 - ok
15:57:13.0891 0x1b10 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:57:13.0922 0x1b10 srvnet - ok
15:57:13.0953 0x1b10 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:57:14.0016 0x1b10 SSDPSRV - ok
15:57:14.0031 0x1b10 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:57:14.0063 0x1b10 SstpSvc - ok
15:57:14.0109 0x1b10 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:57:14.0125 0x1b10 stexstor - ok
15:57:14.0203 0x1b10 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:57:14.0265 0x1b10 stisvc - ok
15:57:14.0359 0x1b10 [ B6BAF8151060F07386C72BC5641290B3, CD9125D3EACFD3A9C2B10837584557B0F41851AA8019BE8A8215D2D29F651114 ] StkTMini C:\Windows\system32\Drivers\StkTMini.sys
15:57:14.0390 0x1b10 StkTMini - detected UnsignedFile.Multi.Generic ( 1 )
15:57:17.0573 0x1b10 Detect skipped due to KSN trusted
15:57:17.0573 0x1b10 StkTMini - ok
15:57:17.0635 0x1b10 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:57:17.0651 0x1b10 stllssvr - ok
15:57:17.0697 0x1b10 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:57:17.0713 0x1b10 swenum - ok
15:57:17.0775 0x1b10 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:57:17.0822 0x1b10 swprv - ok
15:57:17.0931 0x1b10 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:57:17.0978 0x1b10 SysMain - ok
15:57:17.0994 0x1b10 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:57:17.0994 0x1b10 TabletInputService - ok
15:57:18.0009 0x1b10 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:57:18.0072 0x1b10 TapiSrv - ok
15:57:18.0103 0x1b10 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:57:18.0150 0x1b10 TBS - ok
15:57:18.0259 0x1b10 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:57:18.0368 0x1b10 Tcpip - ok
15:57:18.0415 0x1b10 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:57:18.0462 0x1b10 TCPIP6 - ok
15:57:18.0524 0x1b10 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:57:18.0571 0x1b10 tcpipreg - ok
15:57:18.0618 0x1b10 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:57:18.0649 0x1b10 TDPIPE - ok
15:57:18.0649 0x1b10 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:57:18.0680 0x1b10 TDTCP - ok
15:57:18.0711 0x1b10 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:57:18.0774 0x1b10 tdx - ok
15:57:18.0821 0x1b10 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:57:18.0852 0x1b10 TermDD - ok
15:57:18.0930 0x1b10 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:57:18.0992 0x1b10 TermService - ok
15:57:19.0039 0x1b10 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:57:19.0055 0x1b10 Themes - ok
15:57:19.0101 0x1b10 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:57:19.0148 0x1b10 THREADORDER - ok
15:57:19.0164 0x1b10 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:57:19.0211 0x1b10 TrkWks - ok
15:57:19.0257 0x1b10 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:57:19.0335 0x1b10 TrustedInstaller - ok
15:57:19.0367 0x1b10 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:19.0398 0x1b10 tssecsrv - ok
15:57:19.0413 0x1b10 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:57:19.0491 0x1b10 TsUsbFlt - ok
15:57:19.0538 0x1b10 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:57:19.0554 0x1b10 TsUsbGD - ok
15:57:19.0616 0x1b10 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:57:19.0663 0x1b10 tunnel - ok
15:57:19.0694 0x1b10 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:57:19.0694 0x1b10 uagp35 - ok
15:57:19.0741 0x1b10 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:57:19.0803 0x1b10 udfs - ok
15:57:19.0835 0x1b10 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:57:19.0881 0x1b10 UI0Detect - ok
15:57:19.0913 0x1b10 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:57:19.0928 0x1b10 uliagpkx - ok
15:57:19.0928 0x1b10 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:57:19.0959 0x1b10 umbus - ok
15:57:19.0991 0x1b10 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:57:20.0037 0x1b10 UmPass - ok
15:57:20.0069 0x1b10 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:57:20.0131 0x1b10 upnphost - ok
15:57:20.0178 0x1b10 upzocdbr - ok
15:57:20.0225 0x1b10 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:57:20.0303 0x1b10 USBAAPL64 - ok
15:57:20.0365 0x1b10 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:57:20.0412 0x1b10 usbaudio - ok
15:57:20.0427 0x1b10 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:20.0505 0x1b10 usbccgp - ok
15:57:20.0537 0x1b10 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:57:20.0615 0x1b10 usbcir - ok
15:57:20.0677 0x1b10 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:57:20.0724 0x1b10 usbehci - ok
15:57:20.0771 0x1b10 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:57:20.0786 0x1b10 usbhub - ok
15:57:20.0802 0x1b10 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:57:20.0802 0x1b10 usbohci - ok
15:57:20.0849 0x1b10 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:57:20.0864 0x1b10 usbprint - ok
15:57:20.0942 0x1b10 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
15:57:21.0036 0x1b10 usbscan - ok
15:57:21.0114 0x1b10 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:21.0239 0x1b10 USBSTOR - ok
15:57:21.0270 0x1b10 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:57:21.0301 0x1b10 usbuhci - ok
15:57:21.0332 0x1b10 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:57:21.0395 0x1b10 UxSms - ok
15:57:21.0441 0x1b10 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
15:57:21.0441 0x1b10 VaultSvc - ok
15:57:21.0473 0x1b10 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:57:21.0488 0x1b10 vdrvroot - ok
15:57:21.0519 0x1b10 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:57:21.0566 0x1b10 vds - ok
15:57:21.0566 0x1b10 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:21.0582 0x1b10 vga - ok
15:57:21.0644 0x1b10 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:57:21.0707 0x1b10 VgaSave - ok
15:57:21.0753 0x1b10 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:57:21.0753 0x1b10 vhdmp - ok
15:57:21.0800 0x1b10 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:57:21.0816 0x1b10 viaide - ok
15:57:21.0831 0x1b10 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:57:21.0847 0x1b10 volmgr - ok
15:57:21.0878 0x1b10 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:57:21.0909 0x1b10 volmgrx - ok
15:57:21.0909 0x1b10 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:57:21.0925 0x1b10 volsnap - ok
15:57:21.0941 0x1b10 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:57:21.0956 0x1b10 vsmraid - ok
15:57:22.0050 0x1b10 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:57:22.0143 0x1b10 VSS - ok
15:57:22.0190 0x1b10 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:57:22.0206 0x1b10 vwifibus - ok
15:57:22.0253 0x1b10 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:57:22.0284 0x1b10 vwififlt - ok
15:57:22.0346 0x1b10 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:57:22.0393 0x1b10 vwifimp - ok
15:57:22.0440 0x1b10 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:57:22.0502 0x1b10 W32Time - ok
15:57:22.0518 0x1b10 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:57:22.0518 0x1b10 WacomPen - ok
15:57:22.0533 0x1b10 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:57:22.0549 0x1b10 WANARP - ok
15:57:22.0580 0x1b10 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:57:22.0596 0x1b10 Wanarpv6 - ok
15:57:22.0658 0x1b10 [ ECEB715BECE47E101DDEC06B11126066, 6BD577D6EABD48B1BA31955DB3DEEE68528EA54375CA64D233B723D161B45CBA ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
15:57:22.0674 0x1b10 wanatw - ok
15:57:22.0783 0x1b10 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:57:22.0861 0x1b10 WatAdminSvc - ok
15:57:22.0892 0x1b10 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:57:23.0017 0x1b10 wbengine - ok
15:57:23.0033 0x1b10 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:57:23.0064 0x1b10 WbioSrvc - ok
15:57:23.0095 0x1b10 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:57:23.0126 0x1b10 wcncsvc - ok
15:57:23.0126 0x1b10 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:57:23.0173 0x1b10 WcsPlugInService - ok
15:57:23.0251 0x1b10 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:57:23.0267 0x1b10 Wd - ok
15:57:23.0376 0x1b10 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:57:23.0407 0x1b10 Wdf01000 - ok
15:57:23.0454 0x1b10 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:57:23.0501 0x1b10 WdiServiceHost - ok
15:57:23.0501 0x1b10 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:57:23.0532 0x1b10 WdiSystemHost - ok
15:57:23.0579 0x1b10 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:57:23.0625 0x1b10 WebClient - ok
15:57:23.0688 0x1b10 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:57:23.0766 0x1b10 Wecsvc - ok
15:57:23.0781 0x1b10 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:57:23.0813 0x1b10 wercplsupport - ok
15:57:23.0828 0x1b10 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:57:23.0844 0x1b10 WerSvc - ok
15:57:23.0891 0x1b10 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:57:23.0969 0x1b10 WfpLwf - ok
15:57:24.0031 0x1b10 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:57:24.0047 0x1b10 WimFltr - ok
15:57:24.0062 0x1b10 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:57:24.0078 0x1b10 WIMMount - ok
15:57:24.0109 0x1b10 WinHttpAutoProxySvc - ok
15:57:24.0171 0x1b10 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:57:24.0234 0x1b10 Winmgmt - ok
15:57:24.0312 0x1b10 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:57:24.0452 0x1b10 WinRM - ok
15:57:24.0515 0x1b10 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:57:24.0546 0x1b10 WinUsb - ok
15:57:24.0593 0x1b10 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:57:24.0671 0x1b10 Wlansvc - ok
15:57:24.0842 0x1b10 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:57:24.0905 0x1b10 wlidsvc - ok
15:57:24.0920 0x1b10 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:57:24.0936 0x1b10 WmiAcpi - ok
15:57:24.0967 0x1b10 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:57:24.0998 0x1b10 wmiApSrv - ok
15:57:25.0061 0x1b10 WMPNetworkSvc - ok
15:57:25.0092 0x1b10 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:57:25.0185 0x1b10 WPCSvc - ok
15:57:25.0201 0x1b10 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:57:25.0217 0x1b10 WPDBusEnum - ok
15:57:25.0263 0x1b10 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:57:25.0310 0x1b10 ws2ifsl - ok
15:57:25.0357 0x1b10 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys
15:57:25.0357 0x1b10 WsAudioDevice_383S(1) - ok
15:57:25.0373 0x1b10 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:57:25.0404 0x1b10 wscsvc - ok
15:57:25.0419 0x1b10 WSearch - ok
15:57:25.0529 0x1b10 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
15:57:25.0622 0x1b10 wuauserv - ok
15:57:25.0685 0x1b10 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:57:25.0731 0x1b10 WudfPf - ok
15:57:25.0778 0x1b10 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:25.0841 0x1b10 WUDFRd - ok
15:57:25.0887 0x1b10 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:57:25.0934 0x1b10 wudfsvc - ok
15:57:25.0981 0x1b10 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:57:26.0028 0x1b10 WwanSvc - ok
15:57:26.0028 0x1b10 ================ Scan global ===============================
15:57:26.0090 0x1b10 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:57:26.0121 0x1b10 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:57:26.0137 0x1b10 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:57:26.0184 0x1b10 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:57:26.0246 0x1b10 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:57:26.0246 0x1b10 [ Global ] - ok
15:57:26.0246 0x1b10 ================ Scan MBR ==================================
15:57:26.0262 0x1b10 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:57:26.0402 0x1b10 \Device\Harddisk0\DR0 - ok
15:57:26.0402 0x1b10 ================ Scan VBR ==================================
15:57:26.0402 0x1b10 [ DD66C607942CDE7EC9B65FDA2C489E2D ] \Device\Harddisk0\DR0\Partition1
15:57:26.0418 0x1b10 \Device\Harddisk0\DR0\Partition1 - ok
15:57:26.0418 0x1b10 [ 36D66044D1E8CF648EC21092835DDA98 ] \Device\Harddisk0\DR0\Partition2
15:57:26.0418 0x1b10 \Device\Harddisk0\DR0\Partition2 - ok
15:57:26.0418 0x1b10 ================ Scan generic autorun ======================
15:57:26.0543 0x1b10 [ BFA217744409A55182B6D15BD848246B, CC241D967FF7CD0B417E99DDEB11ACE011615AF6A2637246131E4C1E20A63222 ] c:\Program Files (x86)\Corel\WordPerfect Office X7\Programs\QFSCHD170.EXE
15:57:26.0574 0x1b10 QuickFinder Scheduler - ok
15:57:26.0667 0x1b10 [ D28FEFED05E0AC2D9A55300E9E9499AD, 4882B7A08039BF8E4D76DF5CCF7E9C077BAB8CF202F49BD7C76AA42CE6542714 ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
15:57:26.0714 0x1b10 mcpltui_exe - ok
15:57:26.0823 0x1b10 [ ED00E26A63133795647449445CF896CC, B731EB5D04CA81C3855E17251192E59F9B7C2EC5B937E6C09F4351A6DC56CA9D ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
15:57:26.0839 0x1b10 TkBellExe - ok
15:57:26.0901 0x1b10 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:57:26.0917 0x1b10 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:57:29.0787 0x1b10 Detect skipped due to KSN trusted
15:57:29.0787 0x1b10 QuickTime Task - ok
15:57:29.0943 0x1b10 [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
15:57:29.0990 0x1b10 Wondershare Helper Compact.exe - ok
15:57:30.0053 0x1b10 [ 3F654601A593A96BC4A47035B0829E69, 236ED57BFF34F6A67D9A7765D218F1D525CC56B98F8200FFCDDA00F5EBF3AD97 ] C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
15:57:30.0053 0x1b10 HostManager - ok
15:57:30.0146 0x1b10 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:57:30.0271 0x1b10 Sidebar - ok
15:57:30.0318 0x1b10 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:57:30.0349 0x1b10 mctadmin - ok
15:57:30.0380 0x1b10 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:57:30.0427 0x1b10 Sidebar - ok
15:57:30.0427 0x1b10 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:57:30.0443 0x1b10 mctadmin - ok
15:57:30.0443 0x1b10 Waiting for KSN requests completion. In queue: 90
15:57:31.0457 0x1b10 Waiting for KSN requests completion. In queue: 90
15:57:32.0471 0x1b10 Waiting for KSN requests completion. In queue: 90
15:57:33.0485 0x1b10 Waiting for KSN requests completion. In queue: 90
15:57:34.0514 0x1b10 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
15:57:34.0514 0x1b10 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
15:57:37.0431 0x1b10 ============================================================
15:57:37.0431 0x1b10 Scan finished
15:57:37.0431 0x1b10 ============================================================
15:57:37.0431 0x0674 Detected object count: 0
15:57:37.0431 0x0674 Actual detected object count: 0
16:40:25.0180 0x2234 Deinitialize success

When I go to download ComboFix.exe it tells me it will cause a trojan called Artemis 3223BECC431E. So what do I do.

I am not aware of any proxys so how do I delete them?
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 26th, 2015, 7:28 pm

ComboFix 15-04-19.01 - MARK 04/26/2015 19:00:47.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8174.6042 [GMT -4:00]
Running from: c:\users\MARK\Desktop\MM\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
SP: Spybot - Search and Destroy *Disabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\11369079136435768840
c:\programdata\11369079136435768840\4775d99c57b1799edf08e06d4a165b83.ini
c:\programdata\11369079136435768840\844ec49e407831a9df08e06d4a165b83.ini
c:\programdata\11369079136435768840\954accd1ef18255bdf08e06d4a165b83.ini
c:\programdata\11369079136435768840\c5dda88116364677df08e06d4a165b83.ini
c:\programdata\11369079136435768840\cd5b15e575e1c3d0df08e06d4a165b83.ini
c:\programdata\11369079136435768840\d1b823d8a4cc4149df08e06d4a165b83.ini
c:\users\MARK\AppData\Roaming\inst.exe
c:\users\MARK\AppData\Roaming\Microsoft\Windows\Recent\Transfer Utility Homepage.url
c:\users\MARK\AppData\Roaming\windows
c:\users\MARK\AppData\Roaming\windows\Start Menu\Programs\ShopAtHome.com BrowserAppCore Service\ShopAtHome.com Homepage.url
c:\users\MARK\g2mdlhlpx.exe
c:\users\MARK\GoToAssistDownloadHelper.exe
c:\users\MARK\WINDOWS
c:\windows\SysWow64\X86
.
.
((((((((((((((((((((((((( Files Created from 2015-03-26 to 2015-04-26 )))))))))))))))))))))))))))))))
.
.
2015-04-26 23:09 . 2015-04-26 23:09 -------- dc----w- c:\users\Default\AppData\Local\temp
2015-04-25 16:57 . 2015-04-25 16:57 74703 -c--a-w- c:\windows\SysWow64\mfc45.dat
2015-04-24 19:07 . 2015-04-24 19:07 -------- dc----w- c:\programdata\PCDr
2015-04-24 17:08 . 2015-04-24 19:46 -------- dc----w- C:\MGADiagToolOutput
2015-04-24 17:05 . 2015-04-24 17:05 -------- dc----w- c:\programdata\Office Genuine Advantage
2015-04-24 01:37 . 2015-03-25 13:53 32912 -c--a-w- c:\windows\system32\drivers\rawdsk3.sys
2015-04-24 01:37 . 2015-04-24 01:37 -------- dc----w- C:\logs
2015-04-24 01:31 . 2015-04-24 01:46 -------- dc----w- c:\users\MARK\AppData\Roaming\iolo
2015-04-23 23:49 . 2015-04-24 02:32 -------- dc----w- c:\program files (x86)\iolo
2015-04-23 23:44 . 2015-04-24 04:31 -------- dc----w- c:\users\MARK\AppData\Roaming\AOL
2015-04-23 23:44 . 2015-04-24 02:25 778416 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-23 23:44 . 2015-04-24 02:25 142512 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-23 23:43 . 2015-04-23 23:43 -------- dc----w- c:\programdata\Viewpoint
2015-04-23 23:43 . 2015-04-23 23:43 -------- dc----w- c:\program files (x86)\Viewpoint
2015-04-23 23:43 . 2015-04-24 04:26 58696 -c--a-w- c:\windows\SysWow64\AOLParconLink.exe
2015-04-23 23:41 . 2006-11-29 22:24 24064 -c--a-w- c:\windows\system32\drivers\wanatw64.sys
2015-04-23 23:41 . 2015-04-23 23:41 -------- dc----w- c:\programdata\AOL OCP
2015-04-23 23:41 . 2015-04-24 04:31 -------- dc----w- c:\users\MARK\AppData\Local\AOL
2015-04-23 23:40 . 2015-04-24 04:30 -------- dc----w- c:\program files (x86)\Common Files\AOL
2015-04-23 23:40 . 2015-04-24 03:18 -------- dc----w- c:\program files (x86)\AOL Desktop 9.7
2015-04-23 23:40 . 2015-04-24 04:28 -------- dc----w- c:\program files (x86)\Common Files\aolshare
2015-04-23 23:40 . 2015-04-24 04:28 -------- dc----w- c:\programdata\AOL
2015-04-23 23:36 . 2015-04-23 23:36 -------- dc----w- c:\programdata\AOL Downloads
2015-04-23 21:38 . 2015-04-23 21:38 -------- dc----w- C:\RegBackup
2015-04-23 20:09 . 2015-04-23 20:09 -------- dc----w- c:\windows\SysWow64\AMD64
2015-04-23 20:08 . 2015-04-23 20:18 -------- dc----w- c:\programdata\gdapmmldhdjnllepkpoijmfhieepocmn
2015-04-23 20:06 . 2015-04-23 20:18 -------- dc----w- c:\programdata\{b081a1c8-60fd-7c32-b081-1a1c860f8721}
2015-04-18 23:03 . 2015-04-23 20:30 -------- dc----w- c:\program files\Microsoft Mouse and Keyboard Center
2015-04-18 00:35 . 2015-04-18 00:35 -------- dc----w- c:\program files (x86)\Common Files\Java
2015-04-10 16:46 . 2015-04-25 16:58 -------- dc----w- c:\program files (x86)\Mozilla Maintenance Service
2015-04-10 00:00 . 2015-04-23 21:36 -------- dc----w- C:\AdwCleaner
2015-04-09 16:17 . 2015-04-09 16:17 -------- dc----w- c:\users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-04 14:36 . 2015-04-26 16:21 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-03 18:54 . 2015-04-03 18:54 -------- dc----w- c:\programdata\Malwarebytes
2015-04-02 01:33 . 2013-09-23 17:49 197704 -c--a-w- c:\windows\system32\drivers\HipShieldK.sys
2015-04-02 01:33 . 2015-02-28 05:10 76064 -c--a-w- c:\windows\system32\drivers\McPvDrv.sys
2015-04-01 00:36 . 2015-04-01 00:36 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-04-01 00:36 . 2015-04-01 00:36 91136 ----a-w- c:\windows\system32\wdi.dll
2015-04-01 00:36 . 2015-04-01 00:36 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-04-01 00:36 . 2015-04-01 00:36 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-30 21:56 . 2015-04-01 00:28 -------- dc----w- c:\users\MARK\AppData\Roaming\dvdcss
2015-03-30 00:20 . 2015-03-30 00:20 -------- dc----w- C:\MediaServer_Temp
2015-03-30 00:14 . 2015-03-30 00:28 -------- dc----w- c:\programdata\Wondershare
2015-03-28 17:22 . 2015-03-28 17:22 -------- dc----w- c:\users\MARK\AppData\Local\Deshaker
2015-03-28 17:21 . 2015-04-01 00:28 -------- dc----w- c:\users\MARK\AppData\Local\videoeditor
2015-03-28 17:16 . 2015-03-28 17:36 -------- dc----w- c:\programdata\Movavi
2015-03-28 01:21 . 2007-10-06 21:03 53248 -c--a-w- c:\windows\SysWow64\StkTProp.ax
2015-03-28 01:21 . 2007-11-16 00:33 528256 -c--a-w- c:\windows\system32\drivers\StkTMini.sys
2015-03-28 01:20 . 2015-03-28 01:20 -------- dc----w- c:\users\MARK\AppData\Roaming\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-25 15:52 . 2015-03-17 20:32 20 -c--a-w- c:\users\MARK\AppData\Roaming\appdataFr3.bin
2015-04-18 00:33 . 2015-01-26 01:01 98216 -c--a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-04 22:02 . 2013-05-11 18:35 900 -csha-w- c:\programdata\KGyGaAvL.sys
2015-04-01 15:16 . 2012-01-21 08:00 128913832 -c--a-w- c:\windows\system32\MRT.exe
2015-03-18 19:49 . 2015-03-18 19:49 499712 -c--a-w- c:\windows\SysWow64\msvcp71.dll
2015-03-18 19:49 . 2015-03-18 19:49 348160 -c--a-w- c:\windows\SysWow64\msvcr71.dll
2015-03-14 15:22 . 2015-03-14 15:18 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-03-14 15:22 . 2015-03-14 15:17 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-03-14 15:22 . 2015-03-14 15:17 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-14 15:22 . 2015-03-14 15:17 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-03-14 15:22 . 2015-03-14 15:17 762368 ----a-w- c:\windows\system32\invagent.dll
2015-03-14 15:22 . 2015-03-14 15:17 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-03-14 15:22 . 2015-03-14 15:17 414720 ----a-w- c:\windows\system32\devinv.dll
2015-03-14 15:22 . 2015-03-14 15:17 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-14 15:21 . 2015-03-14 15:18 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-03-14 15:21 . 2015-03-14 15:17 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-03-14 15:21 . 2015-03-14 15:17 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-03-14 15:21 . 2015-03-14 15:18 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-03-14 15:21 . 2015-03-14 15:18 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-03-14 15:21 . 2015-03-14 15:18 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-03-14 15:21 . 2015-03-14 15:17 165888 ----a-w- c:\windows\system32\charmap.exe
2015-03-14 15:21 . 2015-03-14 15:17 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2015-03-14 15:21 . 2015-03-14 15:17 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2015-03-14 15:21 . 2015-03-14 15:17 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2015-03-14 15:21 . 2015-03-14 15:17 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2015-03-14 15:21 . 2015-03-14 15:17 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2015-03-14 15:21 . 2015-03-14 15:17 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2015-03-14 15:21 . 2015-03-14 15:17 2020352 ----a-w- c:\windows\system32\WsmSvc.dll
2015-03-14 15:21 . 2015-03-14 15:17 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2015-03-14 15:21 . 2015-03-14 15:17 181248 ----a-w- c:\windows\system32\WsmAuto.dll
2015-03-14 15:21 . 2015-03-14 15:17 145920 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2015-03-14 15:21 . 2015-03-14 15:17 1177088 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2015-03-14 15:20 . 2015-03-14 15:17 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-03-14 15:20 . 2015-03-14 15:17 2048 ----a-w- c:\windows\system32\tzres.dll
2015-03-13 22:30 . 2015-03-13 22:04 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-13 22:30 . 2015-03-13 22:04 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-13 22:30 . 2015-03-13 22:04 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-03-13 22:30 . 2015-03-13 22:04 686080 ----a-w- c:\windows\SysWow64\adtschema.dll
2015-03-13 22:30 . 2015-03-13 22:04 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-03-13 22:30 . 2015-03-13 22:04 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-13 22:30 . 2015-03-13 22:04 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-03-13 22:30 . 2015-03-13 22:04 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-03-13 22:30 . 2015-03-13 22:04 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-13 22:30 . 2015-03-13 22:04 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-03-13 22:30 . 2015-03-13 22:04 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-03-13 22:30 . 2015-03-13 22:04 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-13 22:30 . 2015-03-13 22:04 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-03-13 22:30 . 2015-03-13 22:04 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2015-03-13 22:30 . 2015-03-13 22:04 22016 ----a-w- c:\windows\system32\credssp.dll
2015-03-13 22:30 . 2015-03-13 22:04 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-13 22:30 . 2015-03-13 22:04 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-03-13 22:30 . 2015-03-13 22:04 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-03-13 22:30 . 2015-03-13 22:04 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-03-13 22:30 . 2015-03-13 22:04 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-03-13 22:30 . 2015-03-13 22:04 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-03-13 22:30 . 2015-03-13 22:04 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-13 22:30 . 2015-03-13 22:04 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-03-13 22:30 . 2015-03-13 22:04 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-03-13 22:30 . 2015-03-13 22:04 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-03-13 22:30 . 2015-03-13 22:04 31232 ----a-w- c:\windows\system32\lsass.exe
2015-03-13 22:30 . 2015-03-13 22:04 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-03-13 22:30 . 2015-03-13 22:04 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-13 22:30 . 2015-03-13 22:04 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-03-13 22:30 . 2015-03-13 22:04 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-03-13 22:30 . 2015-03-13 22:04 28160 ----a-w- c:\windows\system32\secur32.dll
2015-03-13 22:24 . 2015-03-13 22:04 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-13 22:24 . 2015-03-13 22:04 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-13 22:15 . 2015-03-13 22:04 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-03-13 22:15 . 2015-03-13 22:04 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-03-13 22:14 . 2015-03-13 22:02 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-13 22:14 . 2015-03-13 22:02 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-03-13 22:13 . 2015-03-13 22:02 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-03-13 22:13 . 2015-03-13 22:02 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-13 22:13 . 2015-03-13 22:02 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-13 22:13 . 2015-03-13 22:02 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-13 22:13 . 2015-03-13 22:02 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-13 22:13 . 2015-03-13 22:02 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-13 22:13 . 2015-03-13 22:02 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-13 22:13 . 2015-03-13 22:02 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-13 22:13 . 2015-03-13 22:02 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-13 22:13 . 2015-03-13 22:02 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-13 22:13 . 2015-03-13 22:02 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-13 22:12 . 2015-03-13 22:02 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-13 22:12 . 2015-03-13 22:02 1067520 ----a-w- c:\windows\system32\msctf.dll
2015-03-13 22:12 . 2015-03-13 22:02 828928 ----a-w- c:\windows\SysWow64\msctf.dll
2015-03-13 22:11 . 2015-03-13 22:02 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-03-13 22:11 . 2015-03-13 22:02 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-03-13 22:11 . 2015-03-13 22:02 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-03-13 22:11 . 2015-03-13 22:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-03-13 22:11 . 2015-03-13 22:02 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-03-13 22:11 . 2015-03-13 22:02 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 22:11 . 2015-03-13 22:02 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2015-03-13 22:11 . 2015-03-13 22:02 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 22:11 . 2015-03-13 22:02 34304 ----a-w- c:\windows\system32\iernonce.dll
2015-03-13 22:11 . 2015-03-13 22:02 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-03-13 22:11 . 2015-03-13 22:02 801280 ----a-w- c:\windows\system32\msfeeds.dll
2015-03-13 22:11 . 2015-03-13 22:02 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-03-13 22:11 . 2015-03-13 22:02 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-03-13 22:11 . 2015-03-13 22:02 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2015-03-13 22:11 . 2015-03-13 22:02 389800 ----a-w- c:\windows\system32\iedkcs32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 26th, 2015, 7:29 pm

*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-07 23:01 220632 ----a-w- c:\users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-07 23:01 220632 ----a-w- c:\users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-07 23:01 220632 ----a-w- c:\users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickFinder Scheduler"="c:\program files (x86)\Corel\WordPerfect Office X7\Programs\QFSCHD170.EXE" [2014-03-15 166240]
"mcpltui_exe"="c:\program files\Common~1\McAfee\Platform\mcuicnt.exe" [2015-02-11 718248]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2014-10-10 295512]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2014-10-31 2072928]
"HostManager"="c:\program files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe" [2010-03-08 41800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\tray.exe" [2015-04-08 1010008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Transfer Utility Camera Monitor.lnk - c:\program files (x86)\PIXELA\Transfer Utility\CameraMonitor.exe [2014-8-5 537968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R1 upzocdbr;upzocdbr;c:\windows\system32\drivers\upzocdbr.sys;c:\windows\SYSNATIVE\drivers\upzocdbr.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 RoxWatch14;Roxio Hard Drive Watcher 14;c:\program files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe;c:\program files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys;c:\windows\SYSNATIVE\DRIVERS\FlyUsb.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RoxMediaDB14;RoxMediaDB14;c:\program files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe;c:\program files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [x]
R3 SliceDisk5;SliceDisk5;c:\program files\A-FF Find and Mount\slicedisk-x64.sys;c:\program files\A-FF Find and Mount\slicedisk-x64.sys [x]
R3 StkTMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkTMini.sys;c:\windows\SYSNATIVE\Drivers\StkTMini.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mfedisk;McAfee AAC Disk Filter Driver;c:\windows\system32\DRIVERS\mfedisk.sys;c:\windows\SYSNATIVE\DRIVERS\mfedisk.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys;c:\windows\SYSNATIVE\Drivers\Sahdad64.sys [x]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys;c:\windows\SYSNATIVE\Drivers\Saibad64.sys [x]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrvx64.sys;c:\windows\SYSNATIVE\drivers\rsdrvx64.sys [x]
S1 RawDisk3;RawDisk3;c:\windows\system32\drivers\rawdsk3.sys;c:\windows\SYSNATIVE\drivers\rawdsk3.sys [x]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys;c:\windows\SYSNATIVE\Drivers\SaibVdAd64.sys [x]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [x]
S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [x]
S2 dlba_device;dlba_device;c:\windows\system32\dlbacoms.exe;c:\windows\SYSNATIVE\dlbacoms.exe [x]
S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe;c:\windows\SYSNATIVE\dleacoms.exe [x]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x]
S2 mfemms;McAfee Service Controller;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys;c:\windows\SYSNATIVE\drivers\mfeaack.sys [x]
S3 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys;c:\windows\SYSNATIVE\drivers\WsAudioDevice_383S(1).sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 71911237
*Deregistered* - 71911237
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-16 22:15 988488 -c--a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-23 02:25]
.
2015-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 22:49]
.
2015-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bc71ad7a3b9.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 22:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-07 23:01 244696 ----a-w- c:\users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-07 23:01 244696 ----a-w- c:\users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-07 23:01 244696 ----a-w- c:\users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Copy to &Lightning Note - c:\program files (x86)\Corel\WordPerfect Office X7\Programs\WPLightningCopyToNote.hta
IE: Open with WordPerfect - c:\program files (x86)\Corel\WordPerfect Office X7\Programs\WPLauncher.hta
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\12m4v1fj.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=mcaf ... 0140927&p=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{3e5ace07-d3b1-401e-848c-500240d770a0} - (no file)
BHO-{9dce7230-adf7-4ff0-aca3-eaa813430be6} - (no file)
BHO-{af837aac-9262-4c2b-bfcd-35bf0d924342} - (no file)
BHO-{eb006223-12e3-4c68-b963-ff253eb8a6dc} - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-04-26 19:13:38
ComboFix-quarantined-files.txt 2015-04-26 23:13
.
Pre-Run: 54,112,952,320 bytes free
Post-Run: 54,109,507,584 bytes free
.
- - End Of File - - 54E6E05133B29835EECBADA62D3B1F59
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 26th, 2015, 7:30 pm

I did the Combofix anyway and posted it above. I still am getting the ad popups though.
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby pgmigg » April 27th, 2015, 1:07 am

Hello mkdsk101,

I am not aware of any proxys so how do I delete them?
Please do the following:

Step 1.
Firefox Proxy settings
  1. Open Firefox, click Tools > Options > Advanced and click the Network Tab.
  2. Under the Connection section click on the Settings... button.
  3. Under Configure Proxies to Access the Internet, check No proxy. This is the default option if you don't use a proxy.
  4. Click OK... then click OK again.
  5. Close Firefox and -restart- the computer.

I still am getting the ad popups though.
Please don't worry - we are not finished yet. Let continue our treatment...

Step 2.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button.
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 3.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 4.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :OTL
    FF - prefs.js..browser.search.defaultenginename: "Secure Search"
    FF - prefs.js..browser.search.defaultenginename.US: "Secure Search"
    FF - prefs.js..browser.search.order.1: "Secure Search"
    FF - prefs.js..browser.search.selectedEngine: "Secure Search"
    FF - prefs.js..network.proxy.backup.ftp: "202.188.222.2:8080"
    FF - prefs.js..network.proxy.backup.ftp_port: 1
    FF - prefs.js..network.proxy.backup.socks: "202.188.222.2:8080"
    FF - prefs.js..network.proxy.backup.socks_port: 1
    FF - prefs.js..network.proxy.backup.ssl: "202.188.222.2:8080"
    FF - prefs.js..network.proxy.backup.ssl_port: 1
    FF - prefs.js..network.proxy.ftp: "202.102.12.123"
    FF - prefs.js..network.proxy.ftp_port: 3
    FF - prefs.js..network.proxy.http: "202.102.12.123"
    FF - prefs.js..network.proxy.http_port: 3
    FF - prefs.js..network.proxy.share_proxy_settings: true
    FF - prefs.js..network.proxy.socks: "202.102.12.123"
    FF - prefs.js..network.proxy.socks_port: 3
    FF - prefs.js..network.proxy.ssl: "202.102.12.123"
    FF - prefs.js..network.proxy.ssl_port: 3
    [2015/03/24 17:55:31 | 000,573,683 | ---- | M] () (No name found) -- C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\12m4v1fj.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}.xpi
    [2015/04/24 21:47:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2015/04/24 21:47:20 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files (x86)\Mozilla Firefox\extensions\wyzlmrij@zekkpxc.com
    [2015/04/24 21:47:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2015/04/25 11:46:19 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
    [2013/06/25 18:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MARK\AppData\Roaming\Mozilla\Extensions
    [2015/04/23 17:41:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\12m4v1fj.default\extensions
    O2:64bit: - BHO: (no name) - {3e5ace07-d3b1-401e-848c-500240d770a0} - No CLSID value found.
    O2:64bit: - BHO: (no name) - {9dce7230-adf7-4ff0-aca3-eaa813430be6} - No CLSID value found.
    O2:64bit: - BHO: (no name) - {af837aac-9262-4c2b-bfcd-35bf0d924342} - No CLSID value found.
    O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    O2:64bit: - BHO: (no name) - {eb006223-12e3-4c68-b963-ff253eb8a6dc} - No CLSID value found.
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
    O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
    O15 - HKU\S-1-5-21-2130412082-872510349-2259372935-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
    O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    [2012/11/10 19:40:58 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2012/02/28 13:45:01 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Fingertapps
    [2013/07/10 23:39:28 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Game-Cloner
    [2015/03/06 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\HandBrake
    [2015/04/23 21:46:09 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\iolo
    [2013/05/01 19:37:02 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Open Download Manager
    [2013/08/17 01:30:34 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Publish Providers
    [2014/09/26 17:23:51 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\ShopAtHome.com BrowserAppCore Service
    [2012/03/14 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\StreamTorrent
    [2013/08/11 13:18:06 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Systenance
    [2012/02/05 20:01:24 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\TP
    [2012/03/30 16:19:05 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\Unity
    [2013/04/03 15:54:24 | 000,000,000 | ---D | M] -- C:\Users\MARK\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" =-
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" =-
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "TCP Query User{F795279E-2B88-48DE-9392-482B9D6155FF}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" =-|
    "UDP Query User{2D9183FD-B926-4F34-83B7-37336ED21EE1}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" =-
    
    :Files
    C:\Windows\SysNative\*.tmp
    @C:\ProgramData\Temp:6DDED7D9
    @C:\ProgramData\Temp:367BF129
    ipconfig /flushdns /c
    
    :Commands
    [emptyflash]
    [emptyjava]
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 5.
Malwarebytes' Anti-Malware
  1. Please download Malwarebytes' Anti-Malware and save to your desktop.
  2. Right-click on mbam-setup.exe and select "Run as administrator... ", then follow the prompts to install the program.
  3. At the end, Uncheck enable free trial of Malwarebytes' Anti-Malware, (You can activate this when we've finished, if you wish)
  4. Then click Finish.
  5. You'll see an alert that "Databases out of date" Click the "Update Now" button.
  6. Press the Scan Settings icon on the top bar of the MBAM interface, make sure Threat Scan is checked.
  7. Press the Scan Now >> button.
  8. When the scan is finished:
  9. If clean, a message will be displayed "The scan completed successfully! No malicious items were detected!"
  10. If infections were found, click the Quarantine all button.
  11. Press the View detailed log >> link to display the results log.
  12. Press the Copy to Clipboard button.
  13. Copy and paste the scan results in your next reply and exit MBAM.

Step 6.
Fresh OTL Scan
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, one Notepad file OTL.txt <-- Will be opened, maximized
  6. Please post the content of OTL.txt file ONLY in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the AdwCleaner[Sn].txt log file
  3. Contents of the JRT.txt log file
  4. Contents of the most recent C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2014-06-... file
  5. Contents of a OTL.txt log file after OTL fresh scan
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » April 27th, 2015, 3:28 pm

# AdwCleaner v4.202 - Logfile created 27/04/2015 at 12:35:59
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : MARK - MARK-PC
# Running from : C:\Users\MARK\Desktop\MM\adwcleaner_4.202.exe
# Option : Cleaning

***** [ Services ] *****

[x] Not Deleted : 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\ProgramData\{5f4930bd-6134-76ce-5f49-930bd613c2f5}
Folder Deleted : C:\ProgramData\{a4865541-8880-0d66-a486-655418885506}
Folder Deleted : C:\ProgramData\{b081a1c8-60fd-7c32-b081-1a1c860f8721}
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\ProgramData\jejajompnjgpmjffpakfhhpakdkjdmmc
File Deleted : C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\chdboodilddefglllfoimeceomkpmkbi

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 27);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DNSCatch", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 27);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1429924999367");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "chrome%3A//branding/locale/browserconfig.properties");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Yahoo");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.comp.affiliate.2810218.disabled", true);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.forceSave", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "84119490");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "a042efd37b9f1b9cb5bd1f24e2995de6ec7e7ff2");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.xml_service_url", "a1011e548fc1503f4f3b170866f60d3a");
[12m4v1fj.default\prefs.js] - Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", false);

-\\ Google Chrome v42.0.2311.90


*************************

AdwCleaner[R0].txt - [12527 bytes] - [09/04/2015 20:01:20]
AdwCleaner[R1].txt - [1109 bytes] - [10/04/2015 14:56:52]
AdwCleaner[R2].txt - [5664 bytes] - [23/04/2015 17:35:03]
AdwCleaner[R3].txt - [6187 bytes] - [27/04/2015 12:28:18]
AdwCleaner[S0].txt - [12743 bytes] - [09/04/2015 20:05:28]
AdwCleaner[S1].txt - [6493 bytes] - [27/04/2015 12:35:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6552 bytes] ##########
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware