WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Notebook not running right [Solved]

Started by EricWoods , Jan 12 2014 11:27 PM

This topic is locked

31 replies to this topic

#1 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 12 January 2014 - 11:27 PM

OTL logfile created on: 1/12/2014 10:49:18 PM - Run 6

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SRE Lab\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.33 Gb Available Physical Memory | 68.37% Memory free

15.60 Gb Paging File | 12.38 Gb Available in Paging File | 79.35% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 573.97 Gb Total Space | 355.98 Gb Free Space | 62.02% Space Free | Partition Type: NTFS

Drive D: | 21.91 Gb Total Space | 3.19 Gb Free Space | 14.58% Space Free | Partition Type: NTFS

Computer Name: SRELAB-HP | User Name: SRE Lab | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\SRE Lab\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Users\SRE Lab\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\lmi_rescue.exe (LogMeIn, Inc.)

PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()

PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe (AVG Secure Search)

PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe ()

PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Users\SRE Lab\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)

PRC - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

PRC - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()

PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)

PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()

PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()

MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\ppgooglenaclpluginchrome.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\pdf.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\libglesv2.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\libegl.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\libcef.dll ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\libglesv2.dll ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\libegl.dll ()

MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()

MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)

SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)

SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()

SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()

SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)

SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)

SRV:64bit: - (DpHost) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)

SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)

SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)

SRV - (vToolbarUpdater17.3.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe (AVG Secure Search)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (CLKMSVC10_C6F09094) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe (CyberLink)

SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()

SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)

SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)

DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)

DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)

DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)

DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)

DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)

DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)

DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)

DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {727E7E3A-8776-4AA3-A8AA-9F3BB13834CC}

IE:64bit: - HKLM\..\SearchScopes\{727E7E3A-8776-4AA3-A8AA-9F3BB13834CC}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{7AEF202B-80EF-45E0-A6F7-48EB97CA3957}: "URL" = http://en.wikipedia....h={searchTerms}

IE:64bit: - HKLM\..\SearchScopes\{CD2A1234-3A8D-4B8D-8F12-93C46896C555}: "URL" = http://search.yahoo....psg&type=HPNTDF

IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{727E7E3A-8776-4AA3-A8AA-9F3BB13834CC}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKLM\..\SearchScopes\{7AEF202B-80EF-45E0-A6F7-48EB97CA3957}: "URL" = http://en.wikipedia....h={searchTerms}

IE - HKLM\..\SearchScopes\{CD2A1234-3A8D-4B8D-8F12-93C46896C555}: "URL" = http://search.yahoo....psg&type=HPNTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.com/https://ww [Binary data over 200 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

IE - HKCU\..\SearchScopes,DefaultScope = {727E7E3A-8776-4AA3-A8AA-9F3BB13834CC}

IE - HKCU\..\SearchScopes\{727E7E3A-8776-4AA3-A8AA-9F3BB13834CC}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\..\SearchScopes\{7AEF202B-80EF-45E0-A6F7-48EB97CA3957}: "URL" = http://en.wikipedia....h={searchTerms}

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={2446510E-C5B8-42FD-91AF-89BEDCF4031D}&mid=4bc2095d2db547d3bf3ab578168607ec-d21eed6ec61c9bc33447ae47f874e241dbcc406b&lang=en&ds=sf011&pr=sa&d=2013-11-25 22:56:40&v=17.1.3.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{CD2A1234-3A8D-4B8D-8F12-93C46896C555}: "URL" = http://search.yahoo....psg&type=HPNTDF

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/09/16 03:18:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.2.113 [2014/01/12 21:33:11 | 000,000,000 | ---D | M]

[2013/08/02 14:12:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SRE Lab\AppData\Roaming\mozilla\Extensions

[2013/08/02 14:11:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)

CHR - default_search_provider: search_url = http://mysearch.avg.com/search?cid={2446510E-C5B8-42FD-91AF-89BEDCF4031D}&mid=4bc2095d2db547d3bf3ab578168607ec-d21eed6ec61c9bc33447ae47f874e241dbcc406b&lang=en&ds=sf011&pr=sa&d=2013-11-25 22:56:40&v=17.1.3.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}

CHR - default_search_provider: suggest_url = http://toolbar.avg.c...archTerms}&o=1,

CHR - Extension: Skype Click to Call = C:\Users\SRE Lab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1\

CHR - Extension: AVG SafeGuard = C:\Users\SRE Lab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.2.113_0\

CHR - Extension: Google Wallet = C:\Users\SRE Lab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2013/09/08 13:50:40 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found

O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.2.113\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.2.113\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()

O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)

O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found

O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

O4 - HKCU..\RunOnce: [*LogMeInRescue_35770014] C:\Users\SRE Lab\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\lmi_rescue.exe (LogMeIn, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83B1974F-FA01-48E8-BCBA-ED025FD0DFA8}: DhcpNameServer = 10.4.40.11 10.4.40.17

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}: DhcpNameServer = 8.8.8.8

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\ms-help - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/01/12 22:46:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\SRE Lab\Desktop\OTL.exe

[2014/01/12 20:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2014/01/07 17:55:59 | 000,000,000 | -HSD | C] -- C:\found.000

[2014/01/06 11:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2014/01/06 11:59:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2014/01/05 20:02:35 | 000,000,000 | ---D | C] -- C:\Users\SRE Lab\Documents\My PSP Files

[2014/01/05 20:02:35 | 000,000,000 | ---D | C] -- C:\Users\SRE Lab\AppData\Roaming\Corel

[2014/01/03 19:54:02 | 000,000,000 | ---D | C] -- C:\Users\SRE Lab\AppData\Local\ElevatedDiagnostics

[6 C:\Users\SRE Lab\Documents\*.tmp files -> C:\Users\SRE Lab\Documents\*.tmp -> ]

[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/12 22:58:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/01/12 22:46:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SRE Lab\Desktop\OTL.exe

[2014/01/12 22:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/01/12 20:02:12 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk

[2014/01/12 19:31:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/01/11 23:58:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/01/08 16:31:53 | 000,023,248 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/01/08 16:31:53 | 000,023,248 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/01/07 18:03:15 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014/01/07 18:03:15 | 000,627,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014/01/07 18:03:15 | 000,107,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014/01/07 17:58:33 | 1988,513,791 | -HS- | M] () -- C:\hiberfil.sys

[2014/01/07 17:17:53 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/01/06 11:59:36 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2013/12/17 21:23:44 | 000,000,722 | ---- | M] () -- C:\Users\SRE Lab\Desktop\IMG_0017 - Shortcut.lnk

[2013/12/17 21:23:37 | 000,000,722 | ---- | M] () -- C:\Users\SRE Lab\Desktop\IMG_0013 - Shortcut.lnk

[2013/12/15 16:31:00 | 006,464,705 | ---- | M] () -- C:\Users\SRE Lab\Documents\youdontsay.mov

[2013/12/15 16:30:00 | 000,068,955 | ---- | M] () -- C:\Users\SRE Lab\Documents\punymichael.jpg

[2013/12/15 16:20:05 | 000,386,549 | ---- | M] () -- C:\Users\SRE Lab\Documents\BUOnlineCourseApplication.pdf

[6 C:\Users\SRE Lab\Documents\*.tmp files -> C:\Users\SRE Lab\Documents\*.tmp -> ]

[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/06 11:59:36 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2013/12/17 21:23:44 | 000,000,722 | ---- | C] () -- C:\Users\SRE Lab\Desktop\IMG_0017 - Shortcut.lnk

[2013/12/17 21:23:37 | 000,000,722 | ---- | C] () -- C:\Users\SRE Lab\Desktop\IMG_0013 - Shortcut.lnk

[2013/12/15 16:31:00 | 006,464,705 | ---- | C] () -- C:\Users\SRE Lab\Documents\youdontsay.mov

[2013/12/15 16:30:00 | 000,068,955 | ---- | C] () -- C:\Users\SRE Lab\Documents\punymichael.jpg

[2013/12/15 16:20:05 | 000,386,549 | ---- | C] () -- C:\Users\SRE Lab\Documents\BUOnlineCourseApplication.pdf

[2013/09/18 22:03:07 | 000,591,296 | ---- | C] () -- C:\Users\SRE Lab\image.jpeg

[2013/09/18 22:03:07 | 000,516,365 | ---- | C] () -- C:\Users\SRE Lab\imo.jpeg

[2013/09/08 13:48:13 | 000,730,320 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013/09/08 13:27:35 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-SRELAB-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat

[2013/08/07 17:26:58 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat

[2013/08/07 17:26:58 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat

[2013/08/07 17:26:58 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat

[2013/08/07 17:26:58 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat

[2013/08/07 17:26:58 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat

[2013/08/07 17:26:58 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat

[2013/08/07 17:26:58 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat

[2013/08/07 17:26:58 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat

[2013/08/07 17:26:58 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat

[2013/08/07 17:26:58 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat

[2013/08/07 17:26:58 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat

[2013/08/07 17:26:58 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat

[2013/08/07 17:26:58 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat

[2013/08/07 17:26:58 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat

[2013/08/07 17:26:58 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat

[2013/08/07 17:26:58 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat

[2013/08/07 17:26:58 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat

[2013/08/07 17:26:58 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat

[2013/08/07 17:26:58 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini

[2013/07/29 17:05:13 | 000,000,333 | ---- | C] () -- C:\Windows\BRCALIB.INI

[2013/07/29 16:59:03 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2012/12/03 07:42:50 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL

[2012/12/03 07:42:50 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/21 11:13:29 | 000,000,000 | ---D | M] -- C:\Users\SRE Lab\AppData\Roaming\Audacity

[2012/03/28 10:35:37 | 000,000,000 | ---D | M] -- C:\Users\SRE Lab\AppData\Roaming\DigitalPersona

[2013/08/22 11:14:41 | 000,000,000 | ---D | M] -- C:\Users\SRE Lab\AppData\Roaming\Movdap

[2014/01/12 20:47:42 | 000,000,000 | ---D | M] -- C:\Users\SRE Lab\AppData\Roaming\Spotify

[2013/08/04 18:08:30 | 000,000,000 | ---D | M] -- C:\Users\SRE Lab\AppData\Roaming\Ulead Systems

[2013/07/20 15:56:32 | 000,000,000 | ---D | M] -- C:\Users\SRE Lab\AppData\Roaming\WildTangent

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.ADML >

[2009/07/13 20:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml

< MD5 for: EXPLORER.ADMX >

[2009/06/10 14:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx

< MD5 for: EXPLORER.EXE >

[2011/02/26 00:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe

[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2011/02/25 23:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe

[2010/07/20 00:37:07 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2011/02/25 23:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe

[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe

[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011/02/26 00:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2010/07/20 00:33:51 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe

[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2010/07/20 00:37:07 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2010/07/20 00:33:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2010/11/20 07:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[2010/07/20 00:37:07 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2010/07/20 00:33:51 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/13 19:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2010/07/20 00:37:07 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2011/02/26 00:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

[2010/07/20 00:33:51 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >

[2009/07/13 20:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui

[2009/07/13 20:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui

[2009/07/13 20:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui

[2009/07/13 20:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui

< MD5 for: EXPLORER.EXE-A80E4F97.PF >

[2014/01/07 18:00:02 | 000,107,658 | ---- | M] () MD5=C0F5F0AE025CB708FD1810D72973F2EC -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf

< MD5 for: EXPLORER.ZIP >

[2009/06/03 22:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip

< MD5 for: IEXPLORE.EXE >

[2013/03/03 22:49:09 | 000,672,928 | ---- | M] (Microsoft Corporation) MD5=050A612C1CE0C7095CAD64EA32C570DB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21484_none_1a42c5438bf82907\iexplore.exe

[2013/11/27 12:58:15 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Program Files\Internet Explorer\iexplore.exe

[2013/11/27 12:58:15 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe

[2013/07/31 04:18:24 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=10C1F2EC48D524AE10229AACD37B172A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20617_none_1843b546cdda6584\iexplore.exe

[2013/07/24 20:48:45 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=139C8953AC56A9E559C7DEF07BC45ED7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20613_none_183fb41ecdde0028\iexplore.exe

[2009/07/13 19:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe

[2013/09/18 11:34:51 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=351657C79B62B91E16A95AD23EA3710D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_168ab5d61e3c99b7\iexplore.exe

[2013/09/18 11:34:52 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_20df6028529d5bb2\iexplore.exe

[2013/10/12 15:42:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=39D0074C59F6D1A62731942C7FA8B60B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_167ae4781e4936f5\iexplore.exe

[2013/10/12 03:49:48 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=3C8C00380462B1023C9F8EA2A9A7A137 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_ffa340aa37f7ff34\iexplore.exe

[2013/07/24 22:00:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=536B5973A34DDAA6E16AC8248B726BD0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20613_none_0deb09cc997d3e2d\iexplore.exe

[2013/07/24 20:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16502_none_17bfe6f5b4b92b16\iexplore.exe

[2013/03/01 23:06:58 | 000,672,912 | ---- | M] (Microsoft Corporation) MD5=58D926F3B2113BF849162C9C26FE21DC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17267_none_19d1c74872c7a039\iexplore.exe

[2010/11/20 07:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe

[2013/10/12 01:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_09f7eafc6c58c12f\iexplore.exe

[2013/07/31 08:22:10 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A818D637533302BA58C685F332388FC0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16506_none_0d6f3dcb8054ce77\iexplore.exe

[2013/07/31 04:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=AA9CBDCD4675A48755DDA3A73BE3E283 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16506_none_17c3e81db4b59072\iexplore.exe

[2013/03/01 23:50:08 | 000,696,480 | ---- | M] (Microsoft Corporation) MD5=AFB0FE34A9B7F1B7A70276B9C1A78114 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17267_none_0f7d1cf63e66de3e\iexplore.exe

[2013/07/16 15:25:20 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=AFF2C99AD2C599108B6BD9E77C24B463 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16496_none_0d0dec99809dccc9\iexplore.exe

[2013/03/03 23:42:51 | 000,696,464 | ---- | M] (Microsoft Corporation) MD5=B1B17B56E0F9AE84A1F75E757217154E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21484_none_0fee1af15797670c\iexplore.exe

[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe

[2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe

[2013/11/27 12:58:15 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

[2013/11/27 12:58:15 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe

[2013/09/22 17:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe

[2013/10/12 01:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_20cf8eca52a9f8f0\iexplore.exe

[2013/09/22 18:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_09f78a2a6c58f471\iexplore.exe

[2013/07/31 07:01:01 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=E1D016741AA03A959586A7818595BF46 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20617_none_0def0af49979a389\iexplore.exe

[2013/09/22 19:55:58 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=E9F843E7E412AE9A507FD5ABBBD06462 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_ffa2dfd837f83276\iexplore.exe

[2013/07/16 15:25:22 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16496_none_176296ebb4fe8ec4\iexplore.exe

[2009/07/13 19:43:43 | 000,696,600 | ---- | M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe

[2013/09/22 19:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe

[2013/07/24 21:58:46 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=FA5B33E7BB143BCE846C303B528E8D62 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16502_none_0d6b3ca38058691b\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >

[2013/11/27 12:58:15 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui

[2013/11/27 12:58:15 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui

[2013/11/27 12:58:15 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui

[2013/11/27 12:58:15 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui

[2013/07/16 15:25:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui

[2013/07/16 15:25:22 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui

[2013/09/18 11:34:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui

[2013/09/18 11:34:52 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui

[2009/07/13 20:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_09122aaf762607df\iexplore.exe.mui

[2009/07/13 20:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_1366d501aa86c9da\iexplore.exe.mui

< MD5 for: SERVICES >

[2009/06/10 15:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >

[2012/09/23 19:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg

[2013/09/05 08:04:00 | 000,559,090 | ---- | M] () MD5=8ADD48E413D05BF2E7AEC00173DDFABC -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >

[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe

[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >

[2009/07/13 20:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui

[2009/07/13 20:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >

[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >

[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof

[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >

[2009/07/13 20:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc

[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc

[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc

[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc

[2009/07/13 20:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc

[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc

[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc

[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >

[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml

[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: WINLOGON.ADML >

[2009/07/13 20:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml

< MD5 for: WINLOGON.ADMX >

[2009/06/10 15:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx

< MD5 for: WINLOGON.EXE >

[2010/11/20 07:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010/11/20 07:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009/07/13 19:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2010/07/20 00:37:07 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2010/07/20 00:37:07 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >

[2010/11/20 07:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui

[2010/11/20 07:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui

[2009/07/13 20:29:52 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=56D03B64B8C483C1D12A8E4577B3B332 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_26ed83321dc778e1\winlogon.exe.mui

< MD5 for: WINLOGON.MFL >

[2009/07/13 20:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl

[2009/07/13 20:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl

< MD5 for: WINLOGON.MOF >

[2009/07/13 14:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof

[2009/07/13 14:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof

< %SYSTEMDRIVE%\*.* >

[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr

[2014/01/07 17:58:33 | 1988,513,791 | -HS- | M] () -- C:\hiberfil.sys

[2014/01/07 17:58:35 | 4083,007,487 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >

[2009/07/13 23:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2009/07/13 23:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2009/07/13 23:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/07/13 23:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2009/06/10 14:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

[2013/02/05 23:56:16 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

[2009/07/13 22:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >

Volume in drive C has no label.

Volume Serial Number is CA5D-3C54

Directory of C:\

07/13/2009 11:08 PM <JUNCTION> Documents and Settings [..]

0 File(s) 0 bytes

Directory of C:\ProgramData

07/13/2009 11:08 PM <JUNCTION> Application Data [..]

07/13/2009 11:08 PM <JUNCTION> Desktop [..]

07/13/2009 11:08 PM <JUNCTION> Documents [..]

07/13/2009 11:08 PM <JUNCTION> Favorites [..]

07/13/2009 11:08 PM <JUNCTION> Start Menu [..]

07/13/2009 11:08 PM <JUNCTION> Templates [..]

0 File(s) 0 bytes

Directory of C:\Users

07/13/2009 11:08 PM <SYMLINKD> All Users [C:\ProgramData]

07/13/2009 11:08 PM <JUNCTION> Default User [..]

0 File(s) 0 bytes

Directory of C:\Users\All Users

07/13/2009 11:08 PM <JUNCTION> Application Data [..]

07/13/2009 11:08 PM <JUNCTION> Desktop [..]

07/13/2009 11:08 PM <JUNCTION> Documents [..]

07/13/2009 11:08 PM <JUNCTION> Favorites [..]

07/13/2009 11:08 PM <JUNCTION> Start Menu [..]

07/13/2009 11:08 PM <JUNCTION> Templates [..]

0 File(s) 0 bytes

Directory of C:\Users\Default

07/13/2009 11:08 PM <JUNCTION> Application Data [..]

07/13/2009 11:08 PM <JUNCTION> Cookies [..]

07/13/2009 11:08 PM <JUNCTION> Local Settings [..]

07/13/2009 11:08 PM <JUNCTION> My Documents [..]

07/13/2009 11:08 PM <JUNCTION> NetHood [..]

07/13/2009 11:08 PM <JUNCTION> PrintHood [..]

07/13/2009 11:08 PM <JUNCTION> Recent [..]

07/13/2009 11:08 PM <JUNCTION> SendTo [..]

07/13/2009 11:08 PM <JUNCTION> Start Menu [..]

07/13/2009 11:08 PM <JUNCTION> Templates [..]

0 File(s) 0 bytes

Directory of C:\Users\Default\AppData\Local

07/13/2009 11:08 PM <JUNCTION> Application Data [..]

07/13/2009 11:08 PM <JUNCTION> History [..]

07/13/2009 11:08 PM <JUNCTION> Temporary Internet Files [..]

0 File(s) 0 bytes

Directory of C:\Users\Default\Documents

07/13/2009 11:08 PM <JUNCTION> My Music [..]

07/13/2009 11:08 PM <JUNCTION> My Pictures [..]

07/13/2009 11:08 PM <JUNCTION> My Videos [..]

0 File(s) 0 bytes

Directory of C:\Users\Public\Documents

07/13/2009 11:08 PM <JUNCTION> My Music [C:\Users\Public\Music]

07/13/2009 11:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]

07/13/2009 11:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]

0 File(s) 0 bytes

Directory of C:\Users\SRE Lab

03/28/2012 10:35 AM <JUNCTION> Application Data [C:\Users\SRE Lab\AppData\Roaming]

03/28/2012 10:35 AM <JUNCTION> Cookies [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\Cookies]

03/28/2012 10:35 AM <JUNCTION> Local Settings [C:\Users\SRE Lab\AppData\Local]

03/28/2012 10:35 AM <JUNCTION> My Documents [C:\Users\SRE Lab\Documents]

03/28/2012 10:35 AM <JUNCTION> NetHood [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\Network Shortcuts]

03/28/2012 10:35 AM <JUNCTION> PrintHood [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

03/28/2012 10:35 AM <JUNCTION> Recent [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\Recent]

03/28/2012 10:35 AM <JUNCTION> SendTo [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\SendTo]

03/28/2012 10:35 AM <JUNCTION> Start Menu [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\Start Menu]

03/28/2012 10:35 AM <JUNCTION> Templates [C:\Users\SRE Lab\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\SRE Lab\AppData\Local

03/28/2012 10:35 AM <JUNCTION> Application Data [C:\Users\SRE Lab\AppData\Local]

03/28/2012 10:35 AM <JUNCTION> History [C:\Users\SRE Lab\AppData\Local\Microsoft\Windows\History]

03/28/2012 10:35 AM <JUNCTION> Temporary Internet Files [C:\Users\SRE Lab\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\SRE Lab\Documents

03/28/2012 10:35 AM <JUNCTION> My Music [C:\Users\SRE Lab\Music]

03/28/2012 10:35 AM <JUNCTION> My Pictures [C:\Users\SRE Lab\Pictures]

03/28/2012 10:35 AM <JUNCTION> My Videos [C:\Users\SRE Lab\Videos]

0 File(s) 0 bytes

Directory of C:\Windows\System32\config\systemprofile

09/16/2010 03:18 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]

09/16/2010 03:18 AM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]

09/16/2010 03:18 AM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]

0 File(s) 0 bytes

Directory of C:\Windows\System32\config\systemprofile\AppData\Local

09/16/2010 03:18 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]

09/16/2010 03:18 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]

09/16/2010 03:18 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Windows\SysWOW64\config\systemprofile

09/16/2010 03:18 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]

09/16/2010 03:18 AM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]

09/16/2010 03:18 AM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]

0 File(s) 0 bytes

Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local

09/16/2010 03:18 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]

09/16/2010 03:18 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]

09/16/2010 03:18 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Total Files Listed:

0 File(s) 0 bytes

62 Dir(s) 381,695,504,384 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2013/07/17 08:41:58 | 000,000,221 | -HS- | M] () -- C:\Users\SRE Lab\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

[2013/08/21 17:41:32 | 000,975,858 | ---- | M] () -- C:\Users\SRE Lab\Desktop\AdwCleaner.exe

[2013/08/20 13:14:51 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\SRE Lab\Desktop\aswMBR.exe

[2013/11/25 22:30:20 | 000,979,928 | ---- | M] (CyberLink) -- C:\Users\SRE Lab\Desktop\CyberLink_YouCam_Downloader.exe

[2013/08/18 23:12:08 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\SRE Lab\Desktop\HiJackThis.exe

[2013/08/22 11:01:45 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\SRE Lab\Desktop\mbam-setup-1.75.0.1300.exe

[2013/08/21 18:09:14 | 012,081,912 | ---- | M] (Malwarebytes Corp.) -- C:\Users\SRE Lab\Desktop\mbar-1.06.1.1005.exe

[2014/01/12 22:46:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SRE Lab\Desktop\OTL.exe

[2013/08/20 11:49:30 | 000,891,115 | ---- | M] () -- C:\Users\SRE Lab\Desktop\SecurityCheck.exe

[2013/08/29 11:52:17 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\SRE Lab\Desktop\TFC.exe

[2013/08/02 14:18:00 | 001,239,536 | ---- | M] (Microsoft Corporation) -- C:\Users\SRE Lab\Desktop\wlsetup-web(1).exe

[2013/08/02 14:11:30 | 001,239,536 | ---- | M] (Microsoft Corporation) -- C:\Users\SRE Lab\Desktop\wlsetup-web.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========

[2013/10/21 22:47:55 | 000,000,098 | ---- | M] ()(C:\Users\SRE Lab\Desktop\? Faint Reflections - YouTube.url) -- C:\Users\SRE Lab\Desktop\▶ Faint Reflections - YouTube.url

[2013/10/21 22:47:55 | 000,000,098 | ---- | C] ()(C:\Users\SRE Lab\Desktop\? Faint Reflections - YouTube.url) -- C:\Users\SRE Lab\Desktop\▶ Faint Reflections - YouTube.url

[2013/08/12 11:48:45 | 000,000,068 | ---- | M] ()(C:\Users\SRE Lab\Desktop\? Filter dance summer intensive - YouTube.url) -- C:\Users\SRE Lab\Desktop\▶ Filter dance summer intensive - YouTube.url

[2013/08/12 11:48:45 | 000,000,068 | ---- | C] ()(C:\Users\SRE Lab\Desktop\? Filter dance summer intensive - YouTube.url) -- C:\Users\SRE Lab\Desktop\▶ Filter dance summer intensive - YouTube.url

< End of report >

Advertisements

Register to Remove

#2 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 14 January 2014 - 10:48 AM

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

Having said that.... Let's get going!!
----------

Could you elaborate on what is going on with your system that makes you think it may be infected?
-------------

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
Double click dds to run the tool.
When done, two DDS.txt's will open.
Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

Please download TDSSKiller

Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

#3 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 14 January 2014 - 01:15 PM

McAfee Virusscan keeps being turned off; update won't work either. Can't change browser page to Google. All media players uninstalled.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.16428

Run by SRE Lab at 12:48:39 on 2014-01-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7990.5757 [GMT -6:00]

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

============== Running Processes ===============

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\vcsFPService.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\DigitalPersona\Bin\DpHostW.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\mfevtps.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files\DigitalPersona\Bin\DPAgent.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Users\SRE Lab\AppData\Roaming\Spotify\spotify.exe

C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\Windows\system32\taskeng.exe

C:\Users\SRE Lab\AppData\Local\LogMeIn Rescue Applet\LMIR0005.tmp\lmi_rescue.exe

C:\Program Files\McAfee.com\Agent\mcupdate.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\System32\cscript.exe

============== Pseudo HJT Report ===============

uStart Page = hxxps://www.google.com/

mWinlogon: Userinit = userinit.exe,

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

uRun: [Spotify Web Helper] "C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

uRunOnce: [113_850994793524] "C:\Users\SRE Lab\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp_r.bat"

uRunOnce: [*LogMeInRescue_479370226] "C:\Users\SRE Lab\AppData\Local\LogMeIn Rescue Applet\LMIR0005.tmp\lmi_rescue.exe" -runonce reboot

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 8.8.8.8

TCP: Interfaces\{83B1974F-FA01-48E8-BCBA-ED025FD0DFA8} : DHCPNameServer = 10.4.40.11 10.4.40.17

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22} : DHCPNameServer = 8.8.8.8

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}\055616368647275656 : DHCPNameServer = 10.0.0.1

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}\2456C605F607 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}\3636D667F57657563747 : DHCPNameServer = 8.8.8.8 8.8.4.4 208.67.222.222

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}\9333930284F6573756 : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}\A4D41414027596D26496 : DHCPNameServer = 10.2.0.1

TCP: Interfaces\{AFD09DC9-BBB7-4ECF-B449-DE3B7FCEDD22}\A65637573727569676E637 : DHCPNameServer = 192.168.150.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

LSA: Notification Packages = DPPassFilter scecli

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-2-19 771536]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-2-19 340216]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-9-16 89600]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-16 203264]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-6-25 92216]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-6-29 27192]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-7-19 201304]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-7-19 201304]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2013-7-19 241456]

R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-11-5 1017016]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-7-19 218760]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-7-19 182752]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-9-16 2533400]

R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 2192176]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-7-19 70112]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2013-11-25 40896]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-30 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-7-19 309840]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-7-19 515968]

R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-9-20 390552]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/09/16 01:59:19;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-9-16 245232]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-7-19 201304]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-8-9 245760]

S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-7-19 196440]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]

S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-9-20 95984]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2013-7-19 106552]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-17 19456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-16 232992]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-17 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-16 1255736]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

=============== Created Last 30 ================

2014-01-07 23:55:59 -------- d-sh--w- C:\found.000

2014-01-06 17:59:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin7.dll

2014-01-06 17:59:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin6.dll

2014-01-06 17:59:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll

2014-01-06 17:59:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll

2014-01-06 17:59:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll

2014-01-06 17:59:45 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll

2014-01-06 17:59:45 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll

2014-01-04 01:54:02 -------- d-----w- C:\Users\SRE Lab\AppData\Local\ElevatedDiagnostics

==================== Find3M ====================

2013-12-12 19:22:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-12-12 19:22:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll

2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll

2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

============= FINISH: 12:49:04.07 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_2012-11-20.01)

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/28/2012 11:35:22 AM

System Uptime: 1/7/2014 8:48:37 PM (160 hours ago)

Motherboard: Hewlett-Packard | | 144B

Processor: Intel® Core™ i5 CPU M 460 @ 2.53GHz | CPU | 2534/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 574 GiB total, 355.363 GiB free.

D: is FIXED (NTFS) - 22 GiB total, 3.193 GiB free.

E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP87: 1/12/2014 10:54:17 PM - OTL Restore Point - 1/12/2014 10:54:16 PM

==== Installed Programs ======================

Acrobat.com

Adobe AIR

Adobe Digital Editions 2.0

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.05)

Adobe Shockwave Player 11.5

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

Audacity 2.0.3

Bejeweled 2 Deluxe

Blackhawk Striker 2

Bonjour

Broadcom 802.11 Wireless LAN Adapter

Build-a-lot 2

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

CinemaNow Media Manager

Contents

Corel PaintShop Photo Pro X3

Corel VideoStudio Pro X3

CyberLink DVD Suite

CyberLink YouCam 5

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

DeviceIO

Diner Dash 2 Restaurant Rescue

Dora's Carnival Adventure

DVD Menu Pack for HP MediaSmart Video

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

FATE

Final Drive Nitro

Google Chrome

Google Update Helper

Heroes of Hellas 2 - Olympia

HL-2270DW

HP 3D DriveGuard

HP Advisor

HP Customer Experience Enhancements

HP Documentation

HP DVB-T TV Tuner 8.0.64.43

HP Game Console

HP Games

HP MediaSmart CinemaNow 2.0

HP MediaSmart DVD

HP MediaSmart Movies and TV

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart SmartMenu

HP MediaSmart Video

HP MediaSmart/TouchSmart Netflix

HP Photo Creations

HP Power Manager

HP Quick Launch

HP Setup

HP SimplePass Identity Protection

HP Software Framework

HP Wireless Assistant

Hulu Desktop

ICA

IDT Audio

Intel® Management Engine Components

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Driver

IPM_PSP_Pro

IPM_VS_Pro

ISCOM

iTunes

Jewel Quest 3

Jewel Quest Solitaire 2

Junk Mail filter update

LabelPrint

LightScribe System Software

McAfee SecurityCenter

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP1 English

Microsoft SQL Server Compact 3.5 SP1 x64 English

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

Movie Maker

Movie Theme Pack for HP MediaSmart Video

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Penguins!

Photo Common

Photo Gallery

PhotoNow!

Plants vs. Zombies

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

PSPPContent

PSPPRO_DCRAW

PureHD

PX Profile Update

QuickTime

Realtek Ethernet Controller Driver For Windows 7

Realtek USB 2.0 Card Reader

Recovery Manager

Roxio CinemaNow 2.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition

Setup

Share64

Shared C Run-time for x64

Skype Click to Call

Skype™ 6.11

Spotify

Synaptics Pointing Device Driver

Times Reader

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition

Validity Sensors DDK

VIO

Virtual Families

Virtual Villagers - The Secret City

VSClassic

VSPro

Wheel of Fortune 2

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

Zuma Deluxe

==== Event Viewer Messages From Past Week ========

1/13/2014 10:13:14 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 252.

1/11/2014 10:02:08 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.

==== End Of File ===========================

12:53:20.0536 0x0af4 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

12:53:30.0781 0x0af4 ============================================================

12:53:30.0781 0x0af4 Current date / time: 2014/01/14 12:53:30.0781

12:53:30.0781 0x0af4 SystemInfo:

12:53:30.0781 0x0af4

12:53:30.0781 0x0af4 OS Version: 6.1.7601 ServicePack: 1.0

12:53:30.0781 0x0af4 Product type: Workstation

12:53:30.0781 0x0af4 ComputerName: SRELAB-HP

12:53:30.0782 0x0af4 UserName: SRE Lab

12:53:30.0782 0x0af4 Windows directory: C:\Windows

12:53:30.0782 0x0af4 System windows directory: C:\Windows

12:53:30.0782 0x0af4 Running under WOW64

12:53:30.0782 0x0af4 Processor architecture: Intel x64

12:53:30.0782 0x0af4 Number of processors: 4

12:53:30.0782 0x0af4 Page size: 0x1000

12:53:30.0782 0x0af4 Boot type: Normal boot

12:53:30.0782 0x0af4 ============================================================

12:53:31.0241 0x0af4 KLMD registered as C:\Windows\system32\drivers\45706941.sys

12:53:31.0387 0x0af4 System UUID: {9FEE2BF9-454C-9960-6021-7B2BB7845C4C}

12:53:32.0273 0x0af4 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:53:32.0281 0x0af4 ============================================================

12:53:32.0281 0x0af4 \Device\Harddisk0\DR0:

12:53:32.0281 0x0af4 MBR partitions:

12:53:32.0281 0x0af4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

12:53:32.0281 0x0af4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x47BF0800

12:53:32.0281 0x0af4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x47C54800, BlocksNum 0x2BCF800

12:53:32.0281 0x0af4 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0

12:53:32.0281 0x0af4 ============================================================

12:53:32.0323 0x0af4 C: <-> \Device\Harddisk0\DR0\Partition2

12:53:32.0364 0x0af4 D: <-> \Device\Harddisk0\DR0\Partition3

12:53:32.0364 0x0af4 ============================================================

12:53:32.0364 0x0af4 Initialize success

12:53:32.0364 0x0af4 ============================================================

12:53:35.0226 0x23bc ============================================================

12:53:35.0226 0x23bc Scan started

12:53:35.0226 0x23bc Mode: Manual;

12:53:35.0226 0x23bc ============================================================

12:53:35.0226 0x23bc KSN ping started

12:53:37.0757 0x23bc KSN ping finished: true

12:53:38.0951 0x23bc ================ Scan system memory ========================

12:53:38.0951 0x23bc System memory - ok

12:53:38.0953 0x23bc ================ Scan services =============================

12:53:39.0180 0x23bc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

12:53:39.0189 0x23bc 1394ohci - ok

12:53:39.0247 0x23bc [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys

12:53:39.0249 0x23bc Accelerometer - ok

12:53:39.0301 0x23bc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys

12:53:39.0307 0x23bc ACPI - ok

12:53:39.0340 0x23bc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

12:53:39.0342 0x23bc AcpiPmi - ok

12:53:39.0435 0x23bc [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:53:39.0437 0x23bc AdobeARMservice - ok

12:53:39.0617 0x23bc [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

12:53:39.0627 0x23bc AdobeFlashPlayerUpdateSvc - ok

12:53:39.0693 0x23bc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

12:53:39.0703 0x23bc adp94xx - ok

12:53:39.0733 0x23bc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

12:53:39.0739 0x23bc adpahci - ok

12:53:39.0784 0x23bc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

12:53:39.0787 0x23bc adpu320 - ok

12:53:39.0824 0x23bc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

12:53:39.0826 0x23bc AeLookupSvc - ok

12:53:39.0915 0x23bc [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe

12:53:39.0917 0x23bc AESTFilters - ok

12:53:39.0969 0x23bc [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys

12:53:39.0982 0x23bc AFD - ok

12:53:40.0041 0x23bc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys

12:53:40.0043 0x23bc agp440 - ok

12:53:40.0085 0x23bc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe

12:53:40.0087 0x23bc ALG - ok

12:53:40.0129 0x23bc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys

12:53:40.0130 0x23bc aliide - ok

12:53:40.0170 0x23bc [ 48619A29F9C9C3CFEB66718DD03D8057, 64F2CD082253E664698868AEE544184E096EFF091E3CB97FB99C599B41A785BF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

12:53:40.0174 0x23bc AMD External Events Utility - ok

12:53:40.0197 0x23bc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys

12:53:40.0198 0x23bc amdide - ok

12:53:40.0241 0x23bc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

12:53:40.0243 0x23bc AmdK8 - ok

12:53:40.0679 0x23bc [ 06BF0785DE714637EBA9BB1084B28626, 34AA395DA7F68000C72861C65C4571FCCAEBFB6D95383E3CEBB3B156B2E8AB8C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

12:53:40.0917 0x23bc amdkmdag - ok

12:53:40.0967 0x23bc [ 2DEC3274589FF6889AB05ADCEEB0F642, 575505F49834318CA7C49F4AE9E5AFA339D351EA7753A8D9D27152E88AC03ADD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

12:53:40.0972 0x23bc amdkmdap - ok

12:53:41.0000 0x23bc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

12:53:41.0002 0x23bc AmdPPM - ok

12:53:41.0038 0x23bc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys

12:53:41.0041 0x23bc amdsata - ok

12:53:41.0086 0x23bc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

12:53:41.0089 0x23bc amdsbs - ok

12:53:41.0116 0x23bc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys

12:53:41.0118 0x23bc amdxata - ok

12:53:41.0160 0x23bc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys

12:53:41.0162 0x23bc AppID - ok

12:53:41.0204 0x23bc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll

12:53:41.0205 0x23bc AppIDSvc - ok

12:53:41.0245 0x23bc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll

12:53:41.0248 0x23bc Appinfo - ok

12:53:41.0301 0x23bc [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:53:41.0303 0x23bc Apple Mobile Device - ok

12:53:41.0347 0x23bc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys

12:53:41.0350 0x23bc arc - ok

12:53:41.0373 0x23bc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

12:53:41.0375 0x23bc arcsas - ok

12:53:41.0414 0x23bc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

12:53:41.0416 0x23bc AsyncMac - ok

12:53:41.0480 0x23bc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys

12:53:41.0481 0x23bc atapi - ok

12:53:41.0545 0x23bc [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

12:53:41.0548 0x23bc AtiHdmiService - ok

12:53:41.0604 0x23bc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:53:41.0616 0x23bc AudioEndpointBuilder - ok

12:53:41.0635 0x23bc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll

12:53:41.0647 0x23bc AudioSrv - ok

12:53:41.0687 0x23bc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll

12:53:41.0690 0x23bc AxInstSV - ok

12:53:41.0731 0x23bc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

12:53:41.0739 0x23bc b06bdrv - ok

12:53:41.0788 0x23bc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

12:53:41.0793 0x23bc b57nd60a - ok

12:53:41.0951 0x23bc [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

12:53:42.0005 0x23bc BCM43XX - ok

12:53:42.0037 0x23bc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll

12:53:42.0039 0x23bc BDESVC - ok

12:53:42.0069 0x23bc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys

12:53:42.0070 0x23bc Beep - ok

12:53:42.0137 0x23bc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll

12:53:42.0152 0x23bc BFE - ok

12:53:42.0205 0x23bc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll

12:53:42.0222 0x23bc BITS - ok

12:53:42.0256 0x23bc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

12:53:42.0258 0x23bc blbdrive - ok

12:53:42.0302 0x23bc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:53:42.0310 0x23bc Bonjour Service - ok

12:53:42.0340 0x23bc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

12:53:42.0342 0x23bc bowser - ok

12:53:42.0387 0x23bc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:53:42.0388 0x23bc BrFiltLo - ok

12:53:42.0407 0x23bc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:53:42.0408 0x23bc BrFiltUp - ok

12:53:42.0465 0x23bc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll

12:53:42.0468 0x23bc Browser - ok

12:53:42.0507 0x23bc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys

12:53:42.0515 0x23bc Brserid - ok

12:53:42.0557 0x23bc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

12:53:42.0559 0x23bc BrSerWdm - ok

12:53:42.0612 0x23bc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

12:53:42.0614 0x23bc BrUsbMdm - ok

12:53:42.0638 0x23bc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

12:53:42.0639 0x23bc BrUsbSer - ok

12:53:42.0681 0x23bc [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe

12:53:42.0686 0x23bc BrYNSvc - ok

12:53:42.0719 0x23bc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

12:53:42.0721 0x23bc BTHMODEM - ok

12:53:42.0772 0x23bc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll

12:53:42.0773 0x23bc bthserv - ok

12:53:42.0796 0x23bc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

12:53:42.0798 0x23bc cdfs - ok

12:53:42.0838 0x23bc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys

12:53:42.0842 0x23bc cdrom - ok

12:53:42.0881 0x23bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll

12:53:42.0884 0x23bc CertPropSvc - ok

12:53:42.0927 0x23bc [ D2B3252AD4EB499C935A56467997AA3C, BC65242406A7449E88969265AC67D35F7842C70D5483CBCFF7786F00C3EF896D ] cfwids C:\Windows\system32\drivers\cfwids.sys

12:53:42.0930 0x23bc cfwids - ok

12:53:42.0995 0x23bc [ EA3333DB9AB03106EEC0D6D9D487ED01, 4102A1D212221800CD83DCAFAF54BA55140AAB4A490F3779624F1EE832B04441 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

12:53:43.0002 0x23bc CinemaNow Service - ok

12:53:43.0038 0x23bc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

12:53:43.0040 0x23bc circlass - ok

12:53:43.0076 0x23bc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys

12:53:43.0084 0x23bc CLFS - ok

12:53:43.0214 0x23bc [ DEDE5EC7DC09D840D5D74E06FF4DE127, 3F292B370A5D539C381712679D0A08D649C9952E0B7892CF708ADD52815E2467 ] CLKMSVC10_C6F09094 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe

12:53:43.0227 0x23bc CLKMSVC10_C6F09094 - ok

12:53:43.0293 0x23bc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:53:43.0295 0x23bc clr_optimization_v2.0.50727_32 - ok

12:53:43.0342 0x23bc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:53:43.0344 0x23bc clr_optimization_v2.0.50727_64 - ok

12:53:43.0423 0x23bc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:53:43.0428 0x23bc clr_optimization_v4.0.30319_32 - ok

12:53:43.0499 0x23bc [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:53:43.0505 0x23bc clr_optimization_v4.0.30319_64 - ok

12:53:43.0554 0x23bc [ 4ACAB07CC8AE9B4BEFB4BA1A0879A584, D6F615302E9D697117B865A2EA0B4EF799751405B40736EC053E9C6FBEE8215C ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys

12:53:43.0556 0x23bc clwvd - ok

12:53:43.0576 0x23bc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

12:53:43.0577 0x23bc CmBatt - ok

12:53:43.0608 0x23bc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys

12:53:43.0609 0x23bc cmdide - ok

12:53:43.0649 0x23bc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys

12:53:43.0657 0x23bc CNG - ok

12:53:43.0702 0x23bc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

12:53:43.0703 0x23bc Compbatt - ok

12:53:43.0738 0x23bc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

12:53:43.0739 0x23bc CompositeBus - ok

12:53:43.0749 0x23bc COMSysApp - ok

12:53:43.0769 0x23bc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

12:53:43.0770 0x23bc crcdisk - ok

12:53:43.0806 0x23bc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll

12:53:43.0810 0x23bc CryptSvc - ok

12:53:43.0862 0x23bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll

12:53:43.0872 0x23bc DcomLaunch - ok

12:53:43.0908 0x23bc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll

12:53:43.0914 0x23bc defragsvc - ok

12:53:43.0955 0x23bc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys

12:53:43.0957 0x23bc DfsC - ok

12:53:44.0008 0x23bc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll

12:53:44.0017 0x23bc Dhcp - ok

12:53:44.0037 0x23bc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys

12:53:44.0039 0x23bc discache - ok

12:53:44.0086 0x23bc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys

12:53:44.0088 0x23bc Disk - ok

12:53:44.0135 0x23bc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll

12:53:44.0139 0x23bc Dnscache - ok

12:53:44.0179 0x23bc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll

12:53:44.0184 0x23bc dot3svc - ok

12:53:44.0245 0x23bc [ 3E6B2753A09D46958F5D0DF8E1B650CA, 7FB90692D434B0C83D97B9899DCEE8A58A20D8E73EB702AEB88AE8909630F2CF ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe

12:53:44.0253 0x23bc DpHost - ok

12:53:44.0285 0x23bc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll

12:53:44.0289 0x23bc DPS - ok

12:53:44.0326 0x23bc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

12:53:44.0327 0x23bc drmkaud - ok

12:53:44.0387 0x23bc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

12:53:44.0406 0x23bc DXGKrnl - ok

12:53:44.0451 0x23bc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll

12:53:44.0455 0x23bc EapHost - ok

12:53:44.0690 0x23bc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

12:53:44.0796 0x23bc ebdrv - ok

12:53:44.0835 0x23bc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe

12:53:44.0837 0x23bc EFS - ok

12:53:44.0901 0x23bc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

12:53:44.0914 0x23bc ehRecvr - ok

12:53:44.0944 0x23bc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe

12:53:44.0947 0x23bc ehSched - ok

12:53:44.0989 0x23bc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

12:53:44.0998 0x23bc elxstor - ok

12:53:45.0023 0x23bc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys

12:53:45.0024 0x23bc ErrDev - ok

12:53:45.0090 0x23bc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll

12:53:45.0098 0x23bc EventSystem - ok

12:53:45.0139 0x23bc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys

12:53:45.0143 0x23bc exfat - ok

12:53:45.0162 0x23bc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys

12:53:45.0166 0x23bc fastfat - ok

12:53:45.0219 0x23bc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe

12:53:45.0231 0x23bc Fax - ok

12:53:45.0270 0x23bc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys

12:53:45.0271 0x23bc fdc - ok

12:53:45.0309 0x23bc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll

12:53:45.0310 0x23bc fdPHost - ok

12:53:45.0327 0x23bc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll

12:53:45.0329 0x23bc FDResPub - ok

12:53:45.0347 0x23bc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

12:53:45.0349 0x23bc FileInfo - ok

12:53:45.0416 0x23bc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

12:53:45.0418 0x23bc Filetrace - ok

12:53:45.0448 0x23bc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

12:53:45.0449 0x23bc flpydisk - ok

12:53:45.0506 0x23bc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

12:53:45.0512 0x23bc FltMgr - ok

12:53:45.0567 0x23bc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll

12:53:45.0594 0x23bc FontCache - ok

12:53:45.0644 0x23bc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:53:45.0645 0x23bc FontCache3.0.0.0 - ok

12:53:45.0679 0x23bc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

12:53:45.0680 0x23bc FsDepends - ok

12:53:45.0704 0x23bc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

12:53:45.0705 0x23bc Fs_Rec - ok

12:53:45.0747 0x23bc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

12:53:45.0752 0x23bc fvevol - ok

12:53:45.0779 0x23bc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

12:53:45.0781 0x23bc gagp30kx - ok

12:53:45.0850 0x23bc [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

12:53:45.0855 0x23bc GameConsoleService - ok

12:53:45.0883 0x23bc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

12:53:45.0884 0x23bc GEARAspiWDM - ok

12:53:45.0926 0x23bc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll

12:53:45.0940 0x23bc gpsvc - ok

12:53:45.0995 0x23bc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:53:45.0998 0x23bc gupdate - ok

12:53:46.0005 0x23bc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:53:46.0008 0x23bc gupdatem - ok

12:53:46.0030 0x23bc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

12:53:46.0032 0x23bc hcw85cir - ok

12:53:46.0081 0x23bc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

12:53:46.0087 0x23bc HdAudAddService - ok

12:53:46.0106 0x23bc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

12:53:46.0109 0x23bc HDAudBus - ok

12:53:46.0137 0x23bc [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

12:53:46.0139 0x23bc HECIx64 - ok

12:53:46.0167 0x23bc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

12:53:46.0168 0x23bc HidBatt - ok

12:53:46.0204 0x23bc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

12:53:46.0206 0x23bc HidBth - ok

12:53:46.0225 0x23bc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

12:53:46.0227 0x23bc HidIr - ok

12:53:46.0261 0x23bc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll

12:53:46.0263 0x23bc hidserv - ok

12:53:46.0296 0x23bc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys

12:53:46.0298 0x23bc HidUsb - ok

12:53:46.0350 0x23bc [ A894FB2CAE6A29F5D9C8EDA47B074623, F39014379B6F546CF3D3F56A343A7173B600A350715638040AE93E03EAB81CAC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys

12:53:46.0354 0x23bc HipShieldK - ok

12:53:46.0394 0x23bc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll

12:53:46.0397 0x23bc hkmsvc - ok

12:53:46.0427 0x23bc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

12:53:46.0432 0x23bc HomeGroupListener - ok

12:53:46.0487 0x23bc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

12:53:46.0492 0x23bc HomeGroupProvider - ok

12:53:46.0574 0x23bc [ 3A09322A8AA8B0C79036686A0EBE7B4C, A110ECBBD9A0EDAA134B95F9FB3428F33F7629480ABCF36F58891837EE1B04C0 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

12:53:46.0579 0x23bc HP Wireless Assistant Service - ok

12:53:46.0673 0x23bc [ 881F74074963CDAD8C475D09DC3A0BB6, 946DE15BD45A76FF6386CE37CE3ADDDF242CF49A17753C914F9FA91A8C84FC02 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

12:53:46.0676 0x23bc HPDrvMntSvc.exe - ok

12:53:46.0741 0x23bc [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys

12:53:46.0743 0x23bc hpdskflt - ok

12:53:46.0784 0x23bc [ FE51B163A618B1CBF015485D21C1BC68, 16C85BAC5F6E97451DD781CE96DE10E6BF7B2A33001379FB63A08848B22B5CCD ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

12:53:46.0795 0x23bc hpqwmiex - ok

12:53:46.0881 0x23bc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

12:53:46.0885 0x23bc HpSAMD - ok

12:53:46.0928 0x23bc [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe

12:53:46.0930 0x23bc hpsrv - ok

12:53:47.0065 0x23bc [ 5AA89E152634954E15E9DB265C6A8557, 62ECC2B15AB920AD76FE3B8069F599C8354125BEECAF89B3475C37940760157F ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

12:53:47.0066 0x23bc HPWMISVC - ok

12:53:47.0115 0x23bc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys

12:53:47.0129 0x23bc HTTP - ok

12:53:47.0160 0x23bc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

12:53:47.0161 0x23bc hwpolicy - ok

12:53:47.0205 0x23bc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

12:53:47.0207 0x23bc i8042prt - ok

12:53:47.0249 0x23bc [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

12:53:47.0259 0x23bc iaStor - ok

12:53:47.0296 0x23bc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

12:53:47.0303 0x23bc iaStorV - ok

12:53:47.0362 0x23bc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:53:47.0377 0x23bc idsvc - ok

12:53:47.0404 0x23bc IEEtwCollectorService - ok

12:53:47.0762 0x23bc [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

12:53:48.0109 0x23bc igfx - ok

12:53:48.0147 0x23bc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

12:53:48.0149 0x23bc iirsp - ok

12:53:48.0192 0x23bc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll

12:53:48.0207 0x23bc IKEEXT - ok

12:53:48.0242 0x23bc [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys

12:53:48.0245 0x23bc Impcd - ok

12:53:48.0275 0x23bc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys

12:53:48.0277 0x23bc intelide - ok

12:53:48.0631 0x23bc [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys

12:53:48.0941 0x23bc intelkmd - ok

12:53:48.0984 0x23bc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

12:53:48.0986 0x23bc intelppm - ok

12:53:49.0011 0x23bc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

12:53:49.0014 0x23bc IPBusEnum - ok

12:53:49.0037 0x23bc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:53:49.0039 0x23bc IpFilterDriver - ok

12:53:49.0086 0x23bc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

12:53:49.0096 0x23bc iphlpsvc - ok

12:53:49.0124 0x23bc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

12:53:49.0127 0x23bc IPMIDRV - ok

12:53:49.0147 0x23bc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

12:53:49.0149 0x23bc IPNAT - ok

12:53:49.0200 0x23bc [ 0FF335D687C85097725A53458160E81E, BF8BB3C8AF1822BEB5FF5F8008614B982F277D862B16B6516CA91F73D336E9D4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

12:53:49.0211 0x23bc iPod Service - ok

12:53:49.0256 0x23bc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

12:53:49.0258 0x23bc IRENUM - ok

12:53:49.0277 0x23bc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys

12:53:49.0278 0x23bc isapnp - ok

12:53:49.0309 0x23bc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

12:53:49.0314 0x23bc iScsiPrt - ok

12:53:49.0344 0x23bc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

12:53:49.0346 0x23bc kbdclass - ok

12:53:49.0374 0x23bc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

12:53:49.0376 0x23bc kbdhid - ok

12:53:49.0390 0x23bc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe

12:53:49.0393 0x23bc KeyIso - ok

12:53:49.0423 0x23bc [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

12:53:49.0426 0x23bc KSecDD - ok

12:53:49.0444 0x23bc [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

12:53:49.0447 0x23bc KSecPkg - ok

12:53:49.0487 0x23bc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

12:53:49.0489 0x23bc ksthunk - ok

12:53:49.0528 0x23bc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

12:53:49.0538 0x23bc KtmRm - ok

12:53:49.0583 0x23bc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll

12:53:49.0589 0x23bc LanmanServer - ok

12:53:49.0609 0x23bc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:53:49.0613 0x23bc LanmanWorkstation - ok

12:53:49.0659 0x23bc [ 07B1888209C54B675FFCCBDE9F06D2C6, F80DA304CEFC062D4E604C0A7A2B60361161F259FBE8E94332F6BAD640630D23 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

12:53:49.0660 0x23bc LightScribeService - ok

12:53:49.0700 0x23bc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

12:53:49.0702 0x23bc lltdio - ok

12:53:49.0738 0x23bc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

12:53:49.0745 0x23bc lltdsvc - ok

12:53:49.0757 0x23bc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

12:53:49.0759 0x23bc lmhosts - ok

12:53:49.0878 0x23bc [ 6D515466AB8BFE61184092B635AE6EB4, 86CEF8700AF4D848DCF5DF217A7588C04F7F0BCEEB10B971E7C0368D8F8E1FAC ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:53:49.0884 0x23bc LMS - ok

12:53:49.0921 0x23bc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

12:53:49.0924 0x23bc LSI_FC - ok

12:53:49.0949 0x23bc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

12:53:49.0952 0x23bc LSI_SAS - ok

12:53:49.0970 0x23bc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:53:49.0972 0x23bc LSI_SAS2 - ok

12:53:50.0007 0x23bc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:53:50.0010 0x23bc LSI_SCSI - ok

12:53:50.0028 0x23bc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

12:53:50.0031 0x23bc luafv - ok

12:53:50.0116 0x23bc [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

12:53:50.0121 0x23bc McMPFSvc - ok

12:53:50.0130 0x23bc [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

12:53:50.0134 0x23bc mcmscsvc - ok

12:53:50.0145 0x23bc [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

12:53:50.0151 0x23bc McNaiAnn - ok

12:53:54.0006 0x23bc [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

12:53:54.0010 0x23bc McNASvc - ok

12:53:54.0051 0x23bc [ 5D57D4B57CCC07450F97C4E929D0483F, AD3FF338ED5BC48FA7BC7D469D8FAD93DE31E5C3A1C841689D1E1A2F5C8E8857 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe

12:53:54.0059 0x23bc McODS - ok

12:53:54.0069 0x23bc [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

12:53:54.0073 0x23bc McProxy - ok

12:53:54.0125 0x23bc [ 21F81090A00932C5E96700EDF2977582, 5687F4BF22BCA348020E46169A9677C9691DFB2656E481D38ABFA3C172A5993F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

12:53:54.0130 0x23bc McShield - ok

12:53:54.0160 0x23bc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

12:53:54.0163 0x23bc Mcx2Svc - ok

12:53:54.0204 0x23bc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

12:53:54.0206 0x23bc megasas - ok

12:53:54.0292 0x23bc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

12:53:54.0302 0x23bc MegaSR - ok

12:53:54.0360 0x23bc [ B1720E97FABBDF7D30B36DAF19C3DEE8, 93F82FDA8FFB801B823792F3BFAB587ECB1AECC06AE76B2007631A910F827C94 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys

12:53:54.0364 0x23bc mfeapfk - ok

12:53:54.0419 0x23bc [ 113F1534B80D65DFDCA660F19967A3B7, F63D297E128DFD7A3FF3C6446334671B41492EFFE67D7EF56B30D0F1696656BD ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

12:53:54.0425 0x23bc mfeavfk - ok

12:53:54.0456 0x23bc mfeavfk01 - ok

12:53:54.0553 0x23bc [ 8036004F016125C907FC9351141F95AA, 10DE20FCB2D33E25E443C10EED4551CBAE9C16CD6D08B69BF91868A2F27DAF53 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

12:53:54.0571 0x23bc mfecore - ok

12:53:54.0594 0x23bc [ C4F521310E40327BBC8E8E71DA344F48, C04C7CF39577010926A1C6EE589876EF40A59CA64FD1825544CED011DCFC844A ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

12:53:54.0650 0x23bc mfefire - ok

12:53:54.0693 0x23bc [ CECC9841D036EE008091825272D91331, 0D1576EB2EE99B62D35AB87CDDCD8BAC12AAC7E53DB9E0B46B99442C9831F8E0 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys

12:53:54.0702 0x23bc mfefirek - ok

12:53:54.0765 0x23bc [ EF0F85EDBDF6C0AB467E88E0CEE2B346, 2A7322D58DADF093D4BEBDE6DD6B85EEC70FC5F40CA786774200B917D5BE0CEA ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

12:53:54.0778 0x23bc mfehidk - ok

12:53:54.0859 0x23bc [ 73A92690FF5CFFE5A741912311AA1A6C, 52B6DACF023A704785D2F346F61D5896DF1E06C1ED37540741227333C4BE921A ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys

12:53:54.0866 0x23bc mfencbdc - ok

12:53:54.0911 0x23bc [ CB987596EE0964958AFA677360B6174B, 2852B8DC0F160ED6B2EE310FEC1BB19B93D619688C25C6296F7214959996FA6B ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys

12:53:54.0913 0x23bc mfencrk - ok

12:53:54.0948 0x23bc [ 6E3A46BF6CBB80450CC24F80FE03ED5A, 2B2DA9D5BDF6F0082BECFF48E19A5DC633458E7B47651E275A20645BBFAFBEFE ] mferkdet C:\Windows\system32\drivers\mferkdet.sys

12:53:54.0951 0x23bc mferkdet - ok

12:53:54.0979 0x23bc [ 341BFCAA3A55C08E8C9ECB1654ACA905, C81D87320192730EC6BDA932EEAC300793070FDF4FB7D1B9EE083F47A357690C ] mfevtp C:\Windows\system32\mfevtps.exe

12:53:54.0984 0x23bc mfevtp - ok

12:53:55.0008 0x23bc [ 2802D09F1B6ED502237539563F3C4992, C95C7C4880FB8435C828C85599035F00500BD85B363E0842B4719792125CB9FE ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys

12:53:55.0014 0x23bc mfewfpk - ok

12:53:55.0061 0x23bc Microsoft SharePoint Workspace Audit Service - ok

12:53:55.0091 0x23bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

12:53:55.0094 0x23bc MMCSS - ok

12:53:55.0124 0x23bc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

12:53:55.0126 0x23bc Modem - ok

12:53:55.0149 0x23bc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

12:53:55.0151 0x23bc monitor - ok

12:53:55.0168 0x23bc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

12:53:55.0170 0x23bc mouclass - ok

12:53:55.0184 0x23bc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

12:53:55.0186 0x23bc mouhid - ok

12:53:55.0212 0x23bc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

12:53:55.0214 0x23bc mountmgr - ok

12:53:55.0239 0x23bc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys

12:53:55.0242 0x23bc mpio - ok

12:53:55.0273 0x23bc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

12:53:55.0275 0x23bc mpsdrv - ok

12:53:55.0320 0x23bc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll

12:53:55.0335 0x23bc MpsSvc - ok

12:53:55.0360 0x23bc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

12:53:55.0363 0x23bc MRxDAV - ok

12:53:55.0390 0x23bc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

12:53:55.0393 0x23bc mrxsmb - ok

12:53:55.0419 0x23bc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:53:55.0425 0x23bc mrxsmb10 - ok

12:53:55.0440 0x23bc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:53:55.0443 0x23bc mrxsmb20 - ok

12:53:55.0465 0x23bc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys

12:53:55.0466 0x23bc msahci - ok

12:53:55.0491 0x23bc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys

12:53:55.0495 0x23bc msdsm - ok

12:53:55.0516 0x23bc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

12:53:55.0521 0x23bc MSDTC - ok

12:53:55.0562 0x23bc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

12:53:55.0563 0x23bc Msfs - ok

12:53:55.0574 0x23bc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

12:53:55.0575 0x23bc mshidkmdf - ok

12:53:55.0607 0x23bc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

12:53:55.0608 0x23bc msisadrv - ok

12:53:55.0651 0x23bc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

12:53:55.0655 0x23bc MSiSCSI - ok

12:53:55.0659 0x23bc msiserver - ok

12:53:55.0715 0x23bc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

12:53:55.0717 0x23bc MSKSSRV - ok

12:53:55.0741 0x23bc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

12:53:55.0742 0x23bc MSPCLOCK - ok

12:53:55.0756 0x23bc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

12:53:55.0757 0x23bc MSPQM - ok

12:53:55.0801 0x23bc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

12:53:55.0808 0x23bc MsRPC - ok

12:53:55.0838 0x23bc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

12:53:55.0839 0x23bc mssmbios - ok

12:53:55.0870 0x23bc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

12:53:55.0871 0x23bc MSTEE - ok

12:53:55.0890 0x23bc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

12:53:55.0891 0x23bc MTConfig - ok

12:53:55.0913 0x23bc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

12:53:55.0915 0x23bc Mup - ok

12:53:55.0956 0x23bc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll

12:53:55.0965 0x23bc napagent - ok

12:53:56.0005 0x23bc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

12:53:56.0011 0x23bc NativeWifiP - ok

12:53:56.0071 0x23bc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys

12:53:56.0089 0x23bc NDIS - ok

12:53:56.0133 0x23bc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

12:53:56.0135 0x23bc NdisCap - ok

12:53:56.0159 0x23bc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

12:53:56.0160 0x23bc NdisTapi - ok

12:53:56.0197 0x23bc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

12:53:56.0199 0x23bc Ndisuio - ok

12:53:56.0228 0x23bc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

12:53:56.0231 0x23bc NdisWan - ok

12:53:56.0252 0x23bc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

12:53:56.0256 0x23bc NDProxy - ok

12:53:56.0304 0x23bc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

12:53:56.0306 0x23bc NetBIOS - ok

12:53:56.0337 0x23bc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

12:53:56.0345 0x23bc NetBT - ok

12:53:56.0357 0x23bc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe

12:53:56.0359 0x23bc Netlogon - ok

12:53:56.0410 0x23bc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

12:53:56.0417 0x23bc Netman - ok

12:53:56.0434 0x23bc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

12:53:56.0443 0x23bc netprofm - ok

12:53:56.0474 0x23bc [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:53:56.0481 0x23bc NetTcpPortSharing - ok

12:53:56.0699 0x23bc [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

12:53:56.0916 0x23bc netw5v64 - ok

12:53:56.0958 0x23bc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

12:53:56.0960 0x23bc nfrd960 - ok

12:53:57.0002 0x23bc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll

12:53:57.0010 0x23bc NlaSvc - ok

12:53:57.0035 0x23bc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

12:53:57.0037 0x23bc Npfs - ok

12:53:57.0069 0x23bc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

12:53:57.0071 0x23bc nsi - ok

12:53:57.0089 0x23bc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

12:53:57.0091 0x23bc nsiproxy - ok

12:53:57.0163 0x23bc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

12:53:57.0197 0x23bc Ntfs - ok

12:53:57.0224 0x23bc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

12:53:57.0225 0x23bc Null - ok

12:53:57.0275 0x23bc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys

12:53:57.0278 0x23bc nvraid - ok

12:53:57.0299 0x23bc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys

12:53:57.0302 0x23bc nvstor - ok

12:53:57.0324 0x23bc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

12:53:57.0327 0x23bc nv_agp - ok

12:53:57.0354 0x23bc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

12:53:57.0357 0x23bc ohci1394 - ok

12:53:57.0428 0x23bc [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:53:57.0432 0x23bc ose64 - ok

12:53:57.0698 0x23bc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

12:53:57.0786 0x23bc osppsvc - ok

12:53:57.0828 0x23bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

12:53:57.0835 0x23bc p2pimsvc - ok

12:53:57.0864 0x23bc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

12:53:57.0874 0x23bc p2psvc - ok

12:53:57.0902 0x23bc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys

12:53:57.0904 0x23bc Parport - ok

12:53:57.0935 0x23bc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys

12:53:57.0937 0x23bc partmgr - ok

12:53:57.0971 0x23bc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

12:53:57.0977 0x23bc PcaSvc - ok

12:53:58.0011 0x23bc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

12:53:58.0015 0x23bc pci - ok

12:53:58.0036 0x23bc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys

12:53:58.0037 0x23bc pciide - ok

12:53:58.0068 0x23bc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

12:53:58.0073 0x23bc pcmcia - ok

12:53:58.0109 0x23bc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

12:53:58.0111 0x23bc pcw - ok

12:53:58.0142 0x23bc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

12:53:58.0154 0x23bc PEAUTH - ok

12:53:58.0222 0x23bc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

12:53:58.0224 0x23bc PerfHost - ok

12:53:58.0305 0x23bc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll

12:53:58.0332 0x23bc pla - ok

12:53:58.0371 0x23bc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

12:53:58.0380 0x23bc PlugPlay - ok

12:53:58.0401 0x23bc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

12:53:58.0403 0x23bc PNRPAutoReg - ok

12:53:58.0429 0x23bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

12:53:58.0436 0x23bc PNRPsvc - ok

12:53:58.0470 0x23bc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

12:53:58.0480 0x23bc PolicyAgent - ok

12:53:58.0513 0x23bc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll

12:53:58.0517 0x23bc Power - ok

12:53:58.0559 0x23bc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

12:53:58.0562 0x23bc PptpMiniport - ok

12:53:58.0590 0x23bc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys

12:53:58.0592 0x23bc Processor - ok

12:53:58.0635 0x23bc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll

12:53:58.0640 0x23bc ProfSvc - ok

12:53:58.0658 0x23bc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe

12:53:58.0660 0x23bc ProtectedStorage - ok

12:53:58.0704 0x23bc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

12:53:58.0708 0x23bc Psched - ok

12:53:58.0774 0x23bc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

12:53:58.0800 0x23bc ql2300 - ok

12:53:58.0833 0x23bc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

12:53:58.0837 0x23bc ql40xx - ok

12:53:58.0879 0x23bc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

12:53:58.0884 0x23bc QWAVE - ok

12:53:58.0909 0x23bc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

12:53:58.0910 0x23bc QWAVEdrv - ok

12:53:58.0920 0x23bc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

12:53:58.0922 0x23bc RasAcd - ok

12:53:58.0948 0x23bc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

12:53:58.0950 0x23bc RasAgileVpn - ok

12:53:58.0987 0x23bc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

12:53:58.0990 0x23bc RasAuto - ok

12:53:59.0032 0x23bc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

12:53:59.0036 0x23bc Rasl2tp - ok

12:53:59.0106 0x23bc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll

12:53:59.0113 0x23bc RasMan - ok

12:53:59.0189 0x23bc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

12:53:59.0191 0x23bc RasPppoe - ok

12:53:59.0208 0x23bc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

12:53:59.0211 0x23bc RasSstp - ok

12:53:59.0244 0x23bc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

12:53:59.0250 0x23bc rdbss - ok

12:53:59.0270 0x23bc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

12:53:59.0271 0x23bc rdpbus - ok

12:53:59.0295 0x23bc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

12:53:59.0296 0x23bc RDPCDD - ok

12:53:59.0402 0x23bc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

12:53:59.0403 0x23bc RDPENCDD - ok

12:53:59.0431 0x23bc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

12:53:59.0432 0x23bc RDPREFMP - ok

12:53:59.0488 0x23bc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

12:53:59.0489 0x23bc RdpVideoMiniport - ok

12:53:59.0519 0x23bc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

12:53:59.0524 0x23bc RDPWD - ok

12:53:59.0562 0x23bc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

12:53:59.0566 0x23bc rdyboost - ok

12:53:59.0597 0x23bc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

12:53:59.0600 0x23bc RemoteAccess - ok

12:53:59.0636 0x23bc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

12:53:59.0640 0x23bc RemoteRegistry - ok

12:53:59.0663 0x23bc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

12:53:59.0666 0x23bc RpcEptMapper - ok

12:53:59.0692 0x23bc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

12:53:59.0693 0x23bc RpcLocator - ok

12:53:59.0730 0x23bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll

12:53:59.0740 0x23bc RpcSs - ok

12:53:59.0777 0x23bc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

12:53:59.0779 0x23bc rspndr - ok

12:53:59.0813 0x23bc [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

12:53:59.0818 0x23bc RSUSBSTOR - ok

12:53:59.0855 0x23bc [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

12:53:59.0864 0x23bc RTL8167 - ok

12:53:59.0881 0x23bc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe

12:53:59.0883 0x23bc SamSs - ok

12:53:59.0928 0x23bc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

12:53:59.0930 0x23bc sbp2port - ok

12:53:59.0966 0x23bc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

12:53:59.0971 0x23bc SCardSvr - ok

12:54:00.0002 0x23bc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

12:54:00.0004 0x23bc scfilter - ok

12:54:00.0063 0x23bc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll

12:54:00.0085 0x23bc Schedule - ok

12:54:00.0116 0x23bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll

12:54:00.0119 0x23bc SCPolicySvc - ok

12:54:00.0164 0x23bc [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys

12:54:00.0167 0x23bc sdbus - ok

12:54:00.0197 0x23bc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

12:54:00.0201 0x23bc SDRSVC - ok

12:54:00.0233 0x23bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

12:54:00.0235 0x23bc secdrv - ok

12:54:00.0265 0x23bc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll

12:54:00.0267 0x23bc seclogon - ok

12:54:00.0301 0x23bc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll

12:54:00.0303 0x23bc SENS - ok

12:54:00.0347 0x23bc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

12:54:00.0350 0x23bc SensrSvc - ok

12:54:00.0409 0x23bc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

12:54:00.0411 0x23bc Serenum - ok

12:54:00.0442 0x23bc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys

12:54:00.0445 0x23bc Serial - ok

12:54:00.0477 0x23bc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

12:54:00.0479 0x23bc sermouse - ok

12:54:00.0513 0x23bc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll

12:54:00.0517 0x23bc SessionEnv - ok

12:54:00.0544 0x23bc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

12:54:00.0546 0x23bc sffdisk - ok

12:54:00.0557 0x23bc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

12:54:00.0558 0x23bc sffp_mmc - ok

12:54:00.0564 0x23bc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

12:54:00.0566 0x23bc sffp_sd - ok

12:54:00.0609 0x23bc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

12:54:00.0610 0x23bc sfloppy - ok

12:54:00.0657 0x23bc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

12:54:00.0665 0x23bc SharedAccess - ok

12:54:00.0694 0x23bc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

12:54:00.0702 0x23bc ShellHWDetection - ok

12:54:00.0762 0x23bc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

12:54:00.0764 0x23bc SiSRaid2 - ok

12:54:00.0789 0x23bc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

12:54:00.0791 0x23bc SiSRaid4 - ok

12:54:01.0005 0x23bc [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

12:54:01.0060 0x23bc Skype C2C Service - ok

12:54:01.0150 0x23bc [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

12:54:01.0157 0x23bc SkypeUpdate - ok

12:54:01.0205 0x23bc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

12:54:01.0208 0x23bc Smb - ok

12:54:01.0255 0x23bc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

12:54:01.0257 0x23bc SNMPTRAP - ok

12:54:01.0277 0x23bc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

12:54:01.0279 0x23bc spldr - ok

12:54:01.0327 0x23bc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe

12:54:01.0338 0x23bc Spooler - ok

12:54:01.0464 0x23bc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe

12:54:01.0526 0x23bc sppsvc - ok

12:54:01.0558 0x23bc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

12:54:01.0561 0x23bc sppuinotify - ok

12:54:01.0598 0x23bc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys

12:54:01.0606 0x23bc srv - ok

12:54:01.0627 0x23bc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

12:54:01.0635 0x23bc srv2 - ok

12:54:01.0695 0x23bc [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

12:54:01.0701 0x23bc SrvHsfHDA - ok

12:54:01.0773 0x23bc [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

12:54:01.0799 0x23bc SrvHsfV92 - ok

12:54:01.0832 0x23bc [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

12:54:01.0848 0x23bc SrvHsfWinac - ok

12:54:01.0881 0x23bc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

12:54:01.0884 0x23bc srvnet - ok

12:54:01.0914 0x23bc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

12:54:01.0919 0x23bc SSDPSRV - ok

12:54:01.0937 0x23bc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

12:54:01.0941 0x23bc SstpSvc - ok

12:54:02.0023 0x23bc [ 463E33B1EA7AF1E6EB87B66B831DB41A, E76654F8E301829C0F27775A5673A3BA929FE4FA6C1C214A98C2915C5EC189A4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

12:54:02.0034 0x23bc STacSV - ok

12:54:02.0065 0x23bc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

12:54:02.0066 0x23bc stexstor - ok

12:54:02.0118 0x23bc [ 4304B75094E106FB5423A290C95841E5, 55670F1DBC9B25A5E31FBEB3CB3C97E2B11CCD6359DA89FF1310C1BBCEC66A80 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

12:54:02.0127 0x23bc STHDA - ok

12:54:02.0195 0x23bc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll

12:54:02.0207 0x23bc stisvc - ok

12:54:02.0251 0x23bc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys

12:54:02.0253 0x23bc swenum - ok

12:54:02.0295 0x23bc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

12:54:02.0307 0x23bc swprv - ok

12:54:02.0370 0x23bc [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

12:54:02.0377 0x23bc SynTP - ok

12:54:02.0454 0x23bc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll

12:54:02.0492 0x23bc SysMain - ok

12:54:02.0522 0x23bc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

12:54:02.0527 0x23bc TabletInputService - ok

12:54:02.0556 0x23bc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll

12:54:02.0563 0x23bc TapiSrv - ok

12:54:02.0589 0x23bc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

12:54:02.0593 0x23bc TBS - ok

12:54:02.0680 0x23bc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys

12:54:02.0716 0x23bc Tcpip - ok

12:54:02.0802 0x23bc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

12:54:02.0834 0x23bc TCPIP6 - ok

12:54:02.0872 0x23bc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

12:54:02.0874 0x23bc tcpipreg - ok

12:54:02.0918 0x23bc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

12:54:02.0920 0x23bc TDPIPE - ok

12:54:02.0951 0x23bc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

12:54:02.0952 0x23bc TDTCP - ok

12:54:02.0987 0x23bc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

12:54:02.0991 0x23bc tdx - ok

12:54:03.0014 0x23bc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys

12:54:03.0016 0x23bc TermDD - ok

12:54:03.0052 0x23bc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll

12:54:03.0064 0x23bc TermService - ok

12:54:03.0082 0x23bc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

12:54:03.0085 0x23bc Themes - ok

12:54:03.0104 0x23bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

12:54:03.0108 0x23bc THREADORDER - ok

12:54:03.0130 0x23bc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

12:54:03.0134 0x23bc TrkWks - ok

12:54:03.0188 0x23bc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

12:54:03.0196 0x23bc TrustedInstaller - ok

12:54:03.0227 0x23bc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

12:54:03.0229 0x23bc tssecsrv - ok

12:54:03.0275 0x23bc [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

12:54:03.0278 0x23bc TsUsbFlt - ok

12:54:03.0342 0x23bc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

12:54:03.0345 0x23bc tunnel - ok

12:54:03.0376 0x23bc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

12:54:03.0378 0x23bc uagp35 - ok

12:54:03.0411 0x23bc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

12:54:03.0419 0x23bc udfs - ok

12:54:03.0453 0x23bc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

12:54:03.0456 0x23bc UI0Detect - ok

12:54:03.0481 0x23bc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

12:54:03.0483 0x23bc uliagpkx - ok

12:54:03.0511 0x23bc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys

12:54:03.0513 0x23bc umbus - ok

12:54:03.0541 0x23bc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

12:54:03.0542 0x23bc UmPass - ok

12:54:03.0661 0x23bc [ 0FADD949576A164B4E51E716F46B6C33, 34B33EC767FFCF58647090F5293DD1942BA9CDC5AB9976528DE3793EF327D48E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:54:03.0704 0x23bc UNS - ok

12:54:03.0742 0x23bc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

12:54:03.0749 0x23bc upnphost - ok

12:54:03.0789 0x23bc [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

12:54:03.0791 0x23bc USBAAPL64 - ok

12:54:03.0824 0x23bc [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

12:54:03.0827 0x23bc usbccgp - ok

12:54:03.0864 0x23bc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys

12:54:03.0867 0x23bc usbcir - ok

12:54:03.0890 0x23bc [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys

12:54:03.0892 0x23bc usbehci - ok

12:54:03.0937 0x23bc [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

12:54:03.0944 0x23bc usbhub - ok

12:54:03.0968 0x23bc [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys

12:54:03.0969 0x23bc usbohci - ok

12:54:04.0009 0x23bc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

12:54:04.0010 0x23bc usbprint - ok

12:54:04.0031 0x23bc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:54:04.0034 0x23bc USBSTOR - ok

12:54:04.0057 0x23bc [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

12:54:04.0059 0x23bc usbuhci - ok

12:54:04.0132 0x23bc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

12:54:04.0137 0x23bc usbvideo - ok

12:54:04.0169 0x23bc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

12:54:04.0172 0x23bc UxSms - ok

12:54:04.0236 0x23bc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe

12:54:04.0238 0x23bc VaultSvc - ok

12:54:04.0350 0x23bc [ 2662F24C7AEE2A32CEBDEC907A5366F1, B6A59DE0AA0E58F239D54DFEC902D1E5E8BAA19642EF1114101787A00272903D ] vcsFPService C:\Windows\system32\vcsFPService.exe

12:54:04.0388 0x23bc vcsFPService - ok

12:54:04.0403 0x23bc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

12:54:04.0406 0x23bc vdrvroot - ok

12:54:04.0443 0x23bc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe

12:54:04.0454 0x23bc vds - ok

12:54:04.0484 0x23bc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

12:54:04.0486 0x23bc vga - ok

12:54:04.0497 0x23bc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

12:54:04.0498 0x23bc VgaSave - ok

12:54:04.0536 0x23bc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

12:54:04.0541 0x23bc vhdmp - ok

12:54:04.0567 0x23bc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys

12:54:04.0569 0x23bc viaide - ok

12:54:04.0595 0x23bc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys

12:54:04.0597 0x23bc volmgr - ok

12:54:04.0641 0x23bc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

12:54:04.0650 0x23bc volmgrx - ok

12:54:04.0690 0x23bc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys

12:54:04.0697 0x23bc volsnap - ok

12:54:04.0740 0x23bc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

12:54:04.0744 0x23bc vsmraid - ok

12:54:04.0814 0x23bc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe

12:54:04.0844 0x23bc VSS - ok

12:54:04.0860 0x23bc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

12:54:04.0862 0x23bc vwifibus - ok

12:54:04.0911 0x23bc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

12:54:04.0915 0x23bc vwififlt - ok

12:54:04.0956 0x23bc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

12:54:04.0965 0x23bc W32Time - ok

12:54:05.0001 0x23bc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

12:54:05.0002 0x23bc WacomPen - ok

12:54:05.0044 0x23bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

12:54:05.0047 0x23bc WANARP - ok

12:54:05.0054 0x23bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

12:54:05.0057 0x23bc Wanarpv6 - ok

12:54:05.0132 0x23bc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

12:54:05.0159 0x23bc WatAdminSvc - ok

12:54:05.0220 0x23bc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe

12:54:05.0247 0x23bc wbengine - ok

12:54:05.0287 0x23bc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

12:54:05.0292 0x23bc WbioSrvc - ok

12:54:05.0330 0x23bc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll

12:54:05.0338 0x23bc wcncsvc - ok

12:54:05.0372 0x23bc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:54:05.0374 0x23bc WcsPlugInService - ok

12:54:05.0393 0x23bc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys

12:54:05.0394 0x23bc Wd - ok

12:54:05.0439 0x23bc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

12:54:05.0456 0x23bc Wdf01000 - ok

12:54:05.0497 0x23bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

12:54:05.0503 0x23bc WdiServiceHost - ok

12:54:05.0514 0x23bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

12:54:05.0521 0x23bc WdiSystemHost - ok

12:54:05.0555 0x23bc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll

12:54:05.0561 0x23bc WebClient - ok

12:54:05.0592 0x23bc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

12:54:05.0599 0x23bc Wecsvc - ok

12:54:05.0618 0x23bc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

12:54:05.0622 0x23bc wercplsupport - ok

12:54:05.0651 0x23bc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

12:54:05.0654 0x23bc WerSvc - ok

12:54:05.0686 0x23bc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

12:54:05.0688 0x23bc WfpLwf - ok

12:54:05.0702 0x23bc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

12:54:05.0703 0x23bc WIMMount - ok

12:54:05.0722 0x23bc WinDefend - ok

12:54:05.0742 0x23bc WinHttpAutoProxySvc - ok

12:54:05.0799 0x23bc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

12:54:05.0811 0x23bc Winmgmt - ok

12:54:05.0906 0x23bc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll

12:54:05.0949 0x23bc WinRM - ok

12:54:06.0007 0x23bc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys

12:54:06.0009 0x23bc WinUSB - ok

12:54:06.0063 0x23bc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

12:54:06.0080 0x23bc Wlansvc - ok

12:54:06.0216 0x23bc [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

12:54:06.0263 0x23bc wlidsvc - ok

12:54:06.0293 0x23bc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

12:54:06.0294 0x23bc WmiAcpi - ok

12:54:06.0326 0x23bc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

12:54:06.0330 0x23bc wmiApSrv - ok

12:54:06.0357 0x23bc WMPNetworkSvc - ok

12:54:06.0393 0x23bc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

12:54:06.0396 0x23bc WPCSvc - ok

12:54:06.0421 0x23bc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

12:54:06.0424 0x23bc WPDBusEnum - ok

12:54:06.0450 0x23bc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

12:54:06.0451 0x23bc ws2ifsl - ok

12:54:06.0478 0x23bc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll

12:54:06.0481 0x23bc wscsvc - ok

12:54:06.0487 0x23bc WSearch - ok

12:54:06.0587 0x23bc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll

12:54:06.0630 0x23bc wuauserv - ok

12:54:06.0667 0x23bc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

12:54:06.0670 0x23bc WudfPf - ok

12:54:06.0700 0x23bc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

12:54:06.0705 0x23bc WUDFRd - ok

12:54:06.0730 0x23bc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

12:54:06.0733 0x23bc wudfsvc - ok

12:54:06.0767 0x23bc [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll

12:54:06.0774 0x23bc WwanSvc - ok

12:54:06.0827 0x23bc [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

12:54:06.0836 0x23bc yukonw7 - ok

12:54:06.0866 0x23bc ================ Scan global ===============================

12:54:06.0923 0x23bc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

12:54:06.0957 0x23bc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

12:54:06.0969 0x23bc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

12:54:06.0998 0x23bc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

12:54:07.0035 0x23bc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

12:54:07.0042 0x23bc [ Global ] - ok

12:54:07.0043 0x23bc ================ Scan MBR ==================================

12:54:07.0054 0x23bc [ FD4FA460B86E4F6187EBF9B45DFB2BCE ] \Device\Harddisk0\DR0

12:54:07.0234 0x23bc \Device\Harddisk0\DR0 - ok

12:54:07.0235 0x23bc ================ Scan VBR ==================================

12:54:07.0238 0x23bc [ 46DF8215526B422CCF8D3869452F9EEC ] \Device\Harddisk0\DR0\Partition1

12:54:07.0240 0x23bc \Device\Harddisk0\DR0\Partition1 - ok

12:54:07.0255 0x23bc [ 7E5E27D5089321956415FC5A0DF5023D ] \Device\Harddisk0\DR0\Partition2

12:54:07.0257 0x23bc \Device\Harddisk0\DR0\Partition2 - ok

12:54:07.0284 0x23bc [ 0FE291D1C00110D676B463998F244223 ] \Device\Harddisk0\DR0\Partition3

12:54:07.0286 0x23bc \Device\Harddisk0\DR0\Partition3 - ok

12:54:07.0305 0x23bc [ B785E81AF2EC27C7A3E7ED8BAC702A92 ] \Device\Harddisk0\DR0\Partition4

12:54:07.0306 0x23bc \Device\Harddisk0\DR0\Partition4 - ok

12:54:07.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:08.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:09.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:10.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:11.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:12.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:13.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:14.0307 0x23bc Waiting for KSN requests completion. In queue: 251

12:54:15.0455 0x23bc AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 11.6.0.0 ), 0x52000 ( disabled : updated )

12:54:15.0457 0x23bc FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 11.6.0.0 ), 0x51010 ( enabled )

12:54:18.0057 0x23bc ============================================================

12:54:18.0057 0x23bc Scan finished

12:54:18.0057 0x23bc ============================================================

12:54:18.0080 0x18c8 Detected object count: 0

12:54:18.0080 0x18c8 Actual detected object count: 0

12:56:56.0623 0x20d0 Deinitialize success

# AdwCleaner v3.017 - Report created 14/01/2014 at 13:05:41

# Updated 12/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : SRE Lab - SRELAB-HP

# Running from : C:\Users\SRE Lab\Desktop\AdwCleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\SRELAB~1\AppData\Local\Temp\Uninstall.exe

Folder Found C:\Program Files (x86)\Movdap

Folder Found C:\Users\SRE Lab\AppData\Roaming\Movdap

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Softonic

Key Found : HKCU\Software\WEDLMNGR

Key Found : [x64] HKCU\Software\Softonic

Key Found : [x64] HKCU\Software\WEDLMNGR

Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v32.0.1700.72

[ File : C:\Users\SRE Lab\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5269 octets] - [21/08/2013 17:43:31]

AdwCleaner[R1].txt - [4777 octets] - [14/01/2014 13:00:03]

AdwCleaner[R2].txt - [4541 octets] - [14/01/2014 13:05:41]

AdwCleaner[S0].txt - [5146 octets] - [21/08/2013 17:48:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [4661 octets] ##########

#4 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 14 January 2014 - 01:29 PM

ComboFix

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for further review.

#5 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 15 January 2014 - 09:53 PM

ComboFix 14-01-04.03 - SRE Lab 01/15/2014 8:21.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7990.4926 [GMT -6:00]

Running from: c:\users\SRE Lab\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

* Created a new restore point

* Resident AV is active

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

c:\users\SRE Lab\Documents\~WRD2244.tmp

c:\users\SRE Lab\Documents\~WRL0748.tmp

c:\users\SRE Lab\Documents\~WRL1325.tmp

c:\users\SRE Lab\Documents\~WRL2279.tmp

c:\users\SRE Lab\Documents\~WRL2496.tmp

c:\users\SRE Lab\Documents\~WRL3385.tmp

((((((((((((((((((((((((( Files Created from 2013-12-15 to 2014-01-15 )))))))))))))))))))))))))))))))

2014-01-15 14:56 . 2014-01-15 14:56 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-01-07 23:55 . 2014-01-07 23:55 -------- d-----w- C:\found.000

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2014-01-06 17:59 . 2014-01-06 17:59 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2014-01-06 17:59 . 2014-01-06 17:59 -------- d-----w- c:\program files (x86)\QuickTime

2014-01-06 02:02 . 2014-01-06 02:02 -------- d-----w- c:\users\SRE Lab\AppData\Roaming\Corel

2014-01-04 01:54 . 2014-01-04 01:54 -------- d-----w- c:\users\SRE Lab\AppData\Local\ElevatedDiagnostics

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-12-12 19:22 . 2013-11-22 05:39 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-12-12 19:22 . 2013-11-22 05:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-05 21:09 . 2013-11-08 00:18 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2013-12-05 21:08 . 2013-11-08 00:17 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2013-12-05 21:08 . 2013-11-08 00:14 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2013-11-30 21:55 . 2013-11-08 00:14 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-11-27 18:58 . 2013-11-27 18:58 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-27 18:58 . 2013-11-27 18:58 194048 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-11-27 18:58 . 2013-11-27 18:58 942592 ----a-w- c:\windows\system32\jsIntl.dll

2013-11-27 18:58 . 2013-11-27 18:58 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-11-27 18:58 . 2013-11-27 18:58 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-11-27 18:58 . 2013-11-27 18:58 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-11-27 18:58 . 2013-11-27 18:58 84992 ----a-w- c:\windows\system32\mshtmled.dll

2013-11-27 18:58 . 2013-11-27 18:58 83968 ----a-w- c:\windows\system32\MshtmlDac.dll

2013-11-27 18:58 . 2013-11-27 18:58 81408 ----a-w- c:\windows\system32\icardie.dll

2013-11-27 18:58 . 2013-11-27 18:58 774144 ----a-w- c:\windows\system32\jscript.dll

2013-11-27 18:58 . 2013-11-27 18:58 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-11-27 18:58 . 2013-11-27 18:58 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-11-27 18:58 . 2013-11-27 18:58 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-11-27 18:58 . 2013-11-27 18:58 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll

2013-11-27 18:58 . 2013-11-27 18:58 626176 ----a-w- c:\windows\system32\msfeeds.dll

2013-11-27 18:58 . 2013-11-27 18:58 62464 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-11-27 18:58 . 2013-11-27 18:58 62464 ----a-w- c:\windows\system32\pngfilt.dll

2013-11-27 18:58 . 2013-11-27 18:58 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll

2013-11-27 18:58 . 2013-11-27 18:58 61952 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-11-27 18:58 . 2013-11-27 18:58 616104 ----a-w- c:\windows\system32\ieapfltr.dat

2013-11-27 18:58 . 2013-11-27 18:58 548352 ----a-w- c:\windows\system32\vbscript.dll

2013-11-27 18:58 . 2013-11-27 18:58 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-11-27 18:58 . 2013-11-27 18:58 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll

2013-11-27 18:58 . 2013-11-27 18:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-11-27 18:58 . 2013-11-27 18:58 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-11-27 18:58 . 2013-11-27 18:58 48128 ----a-w- c:\windows\system32\imgutil.dll

2013-11-27 18:58 . 2013-11-27 18:58 454656 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-11-27 18:58 . 2013-11-27 18:58 453120 ----a-w- c:\windows\system32\dxtmsft.dll

2013-11-27 18:58 . 2013-11-27 18:58 413696 ----a-w- c:\windows\system32\html.iec

2013-11-27 18:58 . 2013-11-27 18:58 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-27 18:58 . 2013-11-27 18:58 36352 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-11-27 18:58 . 2013-11-27 18:58 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-11-27 18:58 . 2013-11-27 18:58 337408 ----a-w- c:\windows\SysWow64\html.iec

2013-11-27 18:58 . 2013-11-27 18:58 30208 ----a-w- c:\windows\system32\licmgr10.dll

2013-11-27 18:58 . 2013-11-27 18:58 296960 ----a-w- c:\windows\system32\dxtrans.dll

2013-11-27 18:58 . 2013-11-27 18:58 263376 ----a-w- c:\windows\system32\iedkcs32.dll

2013-11-27 18:58 . 2013-11-27 18:58 247808 ----a-w- c:\windows\system32\msls31.dll

2013-11-27 18:58 . 2013-11-27 18:58 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-11-27 18:58 . 2013-11-27 18:58 243200 ----a-w- c:\windows\system32\webcheck.dll

2013-11-27 18:58 . 2013-11-27 18:58 235520 ----a-w- c:\windows\system32\url.dll

2013-11-27 18:58 . 2013-11-27 18:58 235008 ----a-w- c:\windows\system32\elshyph.dll

2013-11-27 18:58 . 2013-11-27 18:58 195584 ----a-w- c:\windows\system32\msrating.dll

2013-11-27 18:58 . 2013-11-27 18:58 182272 ----a-w- c:\windows\SysWow64\msls31.dll

2013-11-27 18:58 . 2013-11-27 18:58 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-11-27 18:58 . 2013-11-27 18:58 151552 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-11-27 18:58 . 2013-11-27 18:58 147968 ----a-w- c:\windows\system32\occache.dll

2013-11-27 18:58 . 2013-11-27 18:58 143872 ----a-w- c:\windows\system32\wextract.exe

2013-11-27 18:58 . 2013-11-27 18:58 139264 ----a-w- c:\windows\SysWow64\wextract.exe

2013-11-27 18:58 . 2013-11-27 18:58 13824 ----a-w- c:\windows\system32\mshta.exe

2013-11-27 18:58 . 2013-11-27 18:58 135680 ----a-w- c:\windows\system32\iepeers.dll

2013-11-27 18:58 . 2013-11-27 18:58 13312 ----a-w- c:\windows\SysWow64\mshta.exe

2013-11-27 18:58 . 2013-11-27 18:58 13312 ----a-w- c:\windows\system32\msfeedssync.exe

2013-11-27 18:58 . 2013-11-27 18:58 131072 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-11-27 18:58 . 2013-11-27 18:58 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-11-27 18:58 . 2013-11-27 18:58 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-11-27 18:58 . 2013-11-27 18:58 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-11-27 18:58 . 2013-11-27 18:58 105984 ----a-w- c:\windows\system32\iesysprep.dll

2013-11-27 18:58 . 2013-11-27 18:58 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-11-27 18:58 . 2013-11-27 18:58 101376 ----a-w- c:\windows\system32\inseng.dll

2013-11-26 11:54 . 2013-12-12 16:02 23183360 ----a-w- c:\windows\system32\mshtml.dll

2013-11-26 10:19 . 2013-12-12 16:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2013-11-26 10:18 . 2013-12-12 16:02 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2013-11-26 09:48 . 2013-12-12 16:02 66048 ----a-w- c:\windows\system32\iesetup.dll

2013-11-26 09:46 . 2013-12-12 16:02 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll

2013-11-26 09:41 . 2013-12-12 16:01 2764288 ----a-w- c:\windows\system32\iertutil.dll

2013-11-26 09:29 . 2013-12-12 16:02 53760 ----a-w- c:\windows\system32\jsproxy.dll

2013-11-26 09:27 . 2013-12-12 16:02 33792 ----a-w- c:\windows\system32\iernonce.dll

2013-11-26 09:23 . 2013-12-12 16:02 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2013-11-26 09:21 . 2013-12-12 16:02 574976 ----a-w- c:\windows\system32\ieui.dll

2013-11-26 09:18 . 2013-12-12 16:02 139264 ----a-w- c:\windows\system32\ieUnatt.exe

2013-11-26 09:18 . 2013-12-12 16:02 111616 ----a-w- c:\windows\system32\ieetwcollector.exe

2013-11-26 09:16 . 2013-12-12 16:02 708608 ----a-w- c:\windows\system32\jscript9diag.dll

2013-11-26 08:57 . 2013-12-12 16:02 218624 ----a-w- c:\windows\system32\ie4uinit.exe

2013-11-26 08:35 . 2013-12-12 16:01 5769216 ----a-w- c:\windows\system32\jscript9.dll

2013-11-26 08:28 . 2013-12-12 16:02 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll

2013-11-26 08:16 . 2013-12-12 16:01 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-11-26 08:02 . 2013-12-12 16:01 1995264 ----a-w- c:\windows\system32\inetcpl.cpl

2013-11-26 07:48 . 2013-12-12 16:01 12996608 ----a-w- c:\windows\system32\ieframe.dll

2013-11-26 07:32 . 2013-12-12 16:01 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-11-26 07:07 . 2013-12-12 16:01 2334208 ----a-w- c:\windows\system32\wininet.dll

2013-11-26 06:40 . 2013-12-12 16:01 1395200 ----a-w- c:\windows\system32\urlmon.dll

2013-11-26 06:34 . 2013-12-12 16:02 817664 ----a-w- c:\windows\system32\ieapfltr.dll

2013-11-26 06:33 . 2013-12-12 16:01 1820160 ----a-w- c:\windows\SysWow64\wininet.dll

2013-11-23 18:26 . 2013-12-11 18:31 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47 . 2013-12-11 18:31 465920 ----a-w- c:\windows\system32\WMPhoto.dll

2013-11-18 17:41 . 2013-11-18 17:41 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2013-11-16 06:05 . 2013-11-16 06:05 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-11-16 06:05 . 2013-11-16 06:05 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-11-16 06:05 . 2013-11-16 06:05 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2013-11-12 02:23 . 2013-12-11 18:31 2048 ----a-w- c:\windows\system32\tzres.dll

2013-11-12 02:07 . 2013-12-11 18:31 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2013-10-30 02:32 . 2013-12-11 18:32 335360 ----a-w- c:\windows\system32\msieftp.dll

2013-10-30 02:19 . 2013-12-11 18:32 301568 ----a-w- c:\windows\SysWow64\msieftp.dll

2013-10-30 01:24 . 2013-12-11 18:32 3155968 ----a-w- c:\windows\system32\win32k.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="c:\users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-06 1168896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-14 1532992]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]

"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2013-05-31 267224]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ DPPassFilter scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

R2 CLKMSVC10_C6F09094;CyberLink Product - 2010/09/16 01:59;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [x]

S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]

S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - 49452278

*Deregistered* - 49452278

*Deregistered* - avgtp

*Deregistered* - CLKMDRV10_C6F09094

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-06-16 20:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-01-07 23:17 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2014-01-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22 19:22]

2014-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-19 19:19]

2014-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-19 19:19]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]

------- Supplementary Scan -------

uStart Page = https://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 8.8.8.8

- - - - ORPHANS REMOVED - - - -

Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

Completion time: 2014-01-15 08:59:34

ComboFix-quarantined-files.txt 2014-01-15 14:59

Pre-Run: 382,118,760,448 bytes free

Post-Run: 382,221,967,360 bytes free

- - End Of File - - 0635FB7398D6EC49752D37C33C003430

#6 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 16 January 2014 - 06:12 PM

AdwCleaner

Double click on AdwCleaner.exe to run the tool again.

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.

------------

Post the new log and let me know how your system is running.

#7 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 16 January 2014 - 10:35 PM

Ran adwcleaner as directed but now waiting on Startup Repair after reboot. Not looking good.

#8 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 16 January 2014 - 10:50 PM

Okay back up. (Thank you, Lord!).

# AdwCleaner v3.017 - Report created 16/01/2014 at 22:11:12

# Updated 12/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : SRE Lab - SRELAB-HP

# Running from : C:\Users\SRE Lab\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Movdap

Folder Deleted : C:\Users\SRE Lab\AppData\Roaming\Movdap

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\WEDLMNGR

Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\SRE Lab\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5269 octets] - [21/08/2013 17:43:31]

AdwCleaner[R1].txt - [4777 octets] - [14/01/2014 13:00:03]

AdwCleaner[R2].txt - [4837 octets] - [14/01/2014 13:05:41]

AdwCleaner[R3].txt - [4832 octets] - [16/01/2014 22:09:40]

AdwCleaner[S0].txt - [5146 octets] - [21/08/2013 17:48:03]

AdwCleaner[S1].txt - [4675 octets] - [16/01/2014 22:11:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4735 octets] ##########

#9 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 16 January 2014 - 11:19 PM

Mcafee's virusscan keeps being turned off, with an appropriate warning from Mcafee. You can turn it back on, but something turns it back off again.

#10 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 17 January 2014 - 12:51 PM

Interesting.....run a new scan with OTL and post the new OTL.txt

Advertisements

Register to Remove

#11 EricWoods

Authentic Member

Authentic Member
147 posts

Posted 18 January 2014 - 04:33 PM

Also getting a Windows notice in the toolbar about the system's performance not being that great.

OTL logfile created on: 1/18/2014 4:02:49 PM - Run 6

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SRE Lab\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.06 Gb Available Physical Memory | 64.83% Memory free

15.60 Gb Paging File | 12.23 Gb Available in Paging File | 78.37% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 573.97 Gb Total Space | 356.60 Gb Free Space | 62.13% Space Free | Partition Type: NTFS

Drive D: | 21.91 Gb Total Space | 3.19 Gb Free Space | 14.58% Space Free | Partition Type: NTFS

Computer Name: SRELAB-HP | User Name: SRE Lab | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\SRE Lab\AppData\Local\LogMeIn Rescue Applet\LMIR0007.tmp\lmi_rescue.exe (LogMeIn, Inc.)

PRC - C:\Users\SRE Lab\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

PRC - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()

PRC - C:\Users\SRE Lab\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)

PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()

PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\libcef.dll ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\libglesv2.dll ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()

MOD - C:\Users\SRE Lab\AppData\Roaming\Spotify\Data\libegl.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll ()