Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91518 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Popups and Runs Very Slow [Closed]


  • This topic is locked This topic is locked
14 replies to this topic

#1 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 31 March 2014 - 09:34 PM

My Asus laptop/chromebook is having trouble pulling up websites and having problems with multiple popups. I would be very grateful if you could help me. Here is the log file from the HiJackThis scan: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:30:20 PM, on 3/31/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16843) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files (x86)\Jump Flip\bin\XTLSApp.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Owner\Downloads\HiJackThis.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....inkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...20859745&ir= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Update Jump Flip - Unknown owner - C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe O23 - Service: Util Jump Flip - Unknown owner - C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9973 bytes

    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 01 April 2014 - 05:38 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 

#3 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 01 April 2014 - 08:02 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Owner (administrator) on PC on 01-04-2014 08:40:05 Running from C:\Users\Owner\Downloads Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo...=============== Processes (Whitelisted) ================= (ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe () C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe () C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe () C:\Program Files (x86)\Jump Flip\bin\FilterApp_C64.exe () C:\Program Files (x86)\Jump Flip\bin\XTLSApp.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Intel Corporation) C:\Windows\system32\hkcmd.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\system32\igfxtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (Intel Corporation) C:\Windows\system32\igfxpers.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-13] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-577688620-2837512403-3304191142-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-577688620-2837512403-3304191142-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com ...rosoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.co...rosoft\Internet Explorer\Main,Search Bar = http://www.bing.com ...rosoft\Internet Explorer\Main,Start Page = http://start.mysearc...rosoft\Internet Explorer\Main,Start Page = http://start.mysearc...= SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...= SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://www.bing.com/...S SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...S SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...S SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...= SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...= SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Extension: (Online Games - Play Now The Settlers Online) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aanfdcmafkoojbioniodccniihhgpjdh [2013-12-27] CHR Extension: (Spades Card Game) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\adfkbbnjpnmlfinmfampbcfgjhbaekdh [2013-12-15] CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-12] CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12] CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-12] CHR Extension: (Freecell Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabpjbpfakfhcfidnjahmdophhihafkh [2013-12-15] CHR Extension: (Yahtzee multiplayer) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeolalmogcfajemkjlppinlopholnoc [2013-12-15] CHR Extension: (Pyramid Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibdpgohpfkaadcpnhhfgodfmicbnen [2013-12-15] CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-12] CHR Extension: (Christmas Solitiare) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcbjomfajlnldboplncbdhmdaagcpln [2013-12-15] CHR Extension: (Christmas Time Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dijbepjhnbemlkankfdenhghjikmhhfk [2013-12-15] CHR Extension: (Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjlbfnkpgakglnagaagohffmeomnllai [2013-12-15] CHR Extension: (iCloud Bookmarks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2013-12-28] CHR Extension: (Christmas Mahjong) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm [2013-12-15] CHR Extension: (RadioRage) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk [2014-01-18] CHR Extension: (Fairway Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkpbdfapchjogkmfpcmnfjdimgijhdho [2013-12-15] CHR Extension: (avast! Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-13] CHR Extension: (World of Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn [2013-12-15] CHR Extension: (The Weather Channel for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-12-15] CHR Extension: (Blocks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdnglanfhhkanekkdmakmbegnojgpmnm [2013-12-15] CHR Extension: (Mahjong) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimcabmfjaeoldnchodmelflfjmgaojh [2013-12-15] CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-12] CHR Extension: (3D Bomb Destroyer) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom [2013-12-15] CHR Extension: (Bubble Popper) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaibhlkcnggjafmfnpikoiaeahpojbf [2013-12-15] CHR Extension: (Egypt Hidden Objects) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcldnhngfkenomdhakiemadjocffjajj [2013-12-15] CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-12] CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Owner\AppData\Local\mysearchdial-speeddial.crx [2014-01-03] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-13] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-13] (AVAST Software) R3 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-22] (WildTangent) R3 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R3 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [348448 2014-03-29] () R2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [348448 2014-03-29] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [38984 2013-12-13] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [84328 2013-12-13] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-12-13] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-13] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1032416 2013-12-13] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [409832 2013-12-13] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-13] () R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [67864 2013-04-16] (ASUS Corporation) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( ) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-14] (Ralink Technology, Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33744 2013-04-16] (Synaptics Incorporated) R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-20] (StdLib) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.) U0 msahci; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-01 08:40 - 2014-04-01 08:40 - 00017731 _____ () C:\Users\Owner\Downloads\FRST.txt 2014-04-01 08:39 - 2014-04-01 08:40 - 00000000 ____D () C:\FRST 2014-04-01 08:39 - 2014-04-01 08:39 - 02157056 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe 2014-04-01 08:38 - 2014-04-01 08:38 - 01145856 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe 2014-03-31 22:30 - 2014-03-31 22:30 - 00009974 _____ () C:\Users\Owner\Downloads\hijackthis.log 2014-03-31 22:26 - 2014-03-31 22:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HiJackThis.exe 2014-03-29 15:26 - 2014-03-29 15:26 - 00307584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-20 21:29 - 2013-10-25 02:34 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-03-20 21:29 - 2013-10-24 17:34 - 00248240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-03-20 21:17 - 2014-01-30 19:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2014-03-20 21:17 - 2014-01-30 19:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2014-03-20 18:39 - 2014-03-20 18:39 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLib64.sys 2014-03-20 18:20 - 2014-02-23 03:12 - 19273216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-20 18:20 - 2014-02-23 01:53 - 14358016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-20 18:19 - 2014-02-23 03:13 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-20 18:19 - 2014-02-23 03:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-20 18:19 - 2014-02-23 03:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2014-03-20 18:19 - 2014-02-23 03:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-03-20 18:19 - 2014-02-23 03:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-20 18:19 - 2014-02-23 03:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-20 18:19 - 2014-02-23 03:12 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-03-20 18:19 - 2014-02-23 03:11 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-03-20 18:19 - 2014-02-23 01:54 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-20 18:19 - 2014-02-23 01:54 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-20 18:19 - 2014-02-23 01:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-03-20 18:19 - 2014-02-23 01:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-03-20 18:19 - 2014-02-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-03-20 18:19 - 2014-02-23 01:31 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-03-20 18:19 - 2014-02-22 23:06 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2014-03-20 18:19 - 2014-02-07 23:34 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-20 18:19 - 2014-02-05 18:41 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-03-20 18:19 - 2014-02-05 18:37 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-03-20 18:19 - 2013-12-07 01:36 - 19751936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-03-20 18:19 - 2013-12-07 00:15 - 17560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll ==================== One Month Modified Files and Folders ======= 2014-04-01 08:40 - 2014-04-01 08:40 - 00017731 _____ () C:\Users\Owner\Downloads\FRST.txt 2014-04-01 08:40 - 2014-04-01 08:39 - 00000000 ____D () C:\FRST 2014-04-01 08:39 - 2014-04-01 08:39 - 02157056 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe 2014-04-01 08:38 - 2014-04-01 08:38 - 01145856 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe 2014-04-01 08:00 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-04-01 07:48 - 2013-12-12 16:53 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-31 22:48 - 2013-12-12 16:53 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-31 22:43 - 2013-12-12 16:53 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-31 22:43 - 2013-12-12 16:53 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-31 22:30 - 2014-03-31 22:30 - 00009974 _____ () C:\Users\Owner\Downloads\hijackthis.log 2014-03-31 22:30 - 2013-12-12 15:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore 2014-03-31 22:26 - 2014-03-31 22:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HiJackThis.exe 2014-03-31 22:13 - 2012-08-15 19:46 - 00000739 _____ () C:\WINDOWS\SysWOW64\bscs.ini 2014-03-31 22:11 - 2012-07-26 02:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-31 22:10 - 2013-12-12 15:52 - 00000062 _____ () C:\Users\Owner\AppData\Roaming\sp_data.sys 2014-03-31 22:10 - 2013-08-20 01:58 - 00003056 _____ () C:\WINDOWS\System32\Tasks\ASUS P4G 2014-03-31 22:10 - 2013-08-20 01:58 - 00003028 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus 2014-03-31 22:10 - 2013-08-20 01:57 - 00003004 _____ () C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU 2014-03-31 22:10 - 2013-08-20 01:57 - 00002988 _____ () C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON 2014-03-31 22:10 - 2013-08-20 01:55 - 00004268 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI 2014-03-31 22:10 - 2013-08-20 01:55 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI 2014-03-31 22:10 - 2013-08-20 01:49 - 00003542 _____ () C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64) 2014-03-31 22:09 - 2013-12-13 21:24 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2014-03-31 22:07 - 2012-07-26 00:26 - 00000324 _____ () C:\WINDOWS\win.ini 2014-03-31 22:06 - 2012-07-26 02:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-30 15:44 - 2013-08-20 01:58 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1 2014-03-30 15:44 - 2013-08-20 01:58 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2 2014-03-29 19:46 - 2013-12-12 21:52 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-577688620-2837512403-3304191142-1001 2014-03-29 18:27 - 2014-01-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup 2014-03-29 18:27 - 2014-01-02 23:57 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Systweak 2014-03-29 18:27 - 2013-12-12 15:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-29 15:26 - 2014-03-29 15:26 - 00307584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-29 14:29 - 2014-01-02 23:57 - 00000000 ____D () C:\Program Files (x86)\Mobogenie 2014-03-29 14:16 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-29 14:15 - 2014-01-03 00:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\genienext 2014-03-29 14:15 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\rescache 2014-03-29 14:05 - 2013-12-12 15:48 - 01239389 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-29 14:00 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-03-29 13:38 - 2013-12-12 15:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-29 13:36 - 2013-12-18 21:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-29 13:36 - 2013-12-18 21:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-27 20:31 - 2014-01-03 00:05 - 00003406 _____ () C:\Users\Owner\daemonprocess.txt 2014-03-25 16:02 - 2013-12-12 19:09 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-03-25 15:57 - 2013-12-12 19:09 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-03-25 15:57 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-03-20 18:39 - 2014-03-20 18:39 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLib64.sys 2014-03-20 18:12 - 2014-01-23 13:51 - 00036864 ___SH () C:\Users\Owner\Desktop\Thumbs.db 2014-03-15 22:02 - 2013-12-12 16:53 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-10 13:57 - 2014-01-03 00:00 - 00000000 ____D () C:\Program Files (x86)\Jump Flip 2014-03-04 17:52 - 2013-12-12 21:43 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-03-04 17:52 - 2013-12-12 21:43 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-03 23:57 - 2013-04-26 07:44 - 00000000 ____D () C:\ProgramData\McAfee 2014-03-03 23:56 - 2012-08-01 20:20 - 00015844 _____ () C:\WINDOWS\PFRO.log 2014-03-03 23:43 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-03-03 15:54 - 2013-12-13 21:30 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.minecraft Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\Owner\AppData\Local\Temp\BackupSetup.exe C:\Users\Owner\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-30 15:51 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by Owner at 2014-04-01 08:41:15 Running from C:\Users\Owner\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2008 - Avast Software) Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Jump Flip (HKLM\...\Jump Flip) (Version: 2013.12.27.213125 - Jump Flip) <==== ATTENTION Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION Monopoly® (x32 Version: 3.0.2.51 - WildTangent) Hidden Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden PlayCatan Access Software (HKLM-x32\...\PlayCatan Client) (Version: 3.1086 - Catan GmbH) Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6878 - Realtek Semiconductor Corp.) Settlers of the West (HKLM-x32\...\BFG-Settlers of the West) (Version: - ) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Solitaire Egypt (x32 Version: 3.0.2.59 - WildTangent) Hidden Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Update for Zip Opener (HKCU\...\Digital Sites) (Version: - Update for Zip Opener) <==== ATTENTION Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden Windows Driver Package - ASUS (ATP) Mouse (04/03/2013 2.0.0.16) (HKLM\...\ABFE641926C15116CB09A41A6F65DE6F260D04E3) (Version: 04/03/2013 2.0.0.16 - ASUS) Windows Driver Package - Synaptics (SmbDrv) System (12/20/2012 16.3.7.0) (HKLM\...\8D889180E2A10B494B566FD27B7483E5AA652B51) (Version: 12/20/2012 16.3.7.0 - Synaptics) Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) Zip Opener Packages (HKCU\...\Zip Opener Packages) (Version: - ) <==== ATTENTION ==================== Restore Points ========================= 03-03-2014 21:55:13 Windows Update 25-03-2014 00:04:32 Windows Update ==================== Hosts content: ========================== 2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0EE750B4-E2D0-4955-832D-07A6182A2924} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {585169F2-26BE-4698-B818-3ACEC2FD22CE} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.) Task: {5FAC0757-A469-4179-A1DD-4D23D7A80740} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.) Task: {60CD7921-93B5-461A-A126-DF2CFF05D5B0} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: {79274D30-A024-479D-B505-B9090FB2AAF7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {869DEB34-66B3-4D17-8EC3-9370E26AE41E} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek) Task: {9466648A-30AE-4266-9223-1B302F7F750E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-13] (AVAST Software) Task: {950C399F-DF0C-4946-9677-527B12D3ACF7} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\WINDOWS\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: {967C28BE-0008-4687-BBD1-8451C9B5FF7B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS) Task: {9ABA3E4C-C4AF-419D-95A1-16C6DF7FA521} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {CBB9AFC3-EB9B-4996-9B40-92149B961145} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS) Task: {D29A9F3F-9BE4-4D71-901A-CBAEC42B182B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {F659F9FE-F778-43D8-B492-677F0562A362} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: {FEC853D1-13F8-49BB-9CC9-0660184D6AAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-27 16:31 - 2014-03-29 14:11 - 00348448 _____ () C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe 2012-08-14 16:13 - 2012-08-14 16:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll 2012-08-14 16:13 - 2012-08-14 16:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll 2014-03-04 00:00 - 2014-03-29 13:38 - 00348448 _____ () C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe 2013-04-26 09:04 - 2013-01-02 01:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2014-03-20 18:39 - 2014-03-20 18:39 - 00287008 _____ () C:\Program Files (x86)\Jump Flip\bin\FilterApp_C64.exe 2014-03-20 19:23 - 2014-03-28 19:12 - 00078624 _____ () C:\Program Files (x86)\Jump Flip\bin\XTLSApp.exe 2012-12-19 01:10 - 2012-12-19 01:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2013-04-23 22:15 - 2012-10-14 23:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2014-04-01 06:09 - 2014-04-01 02:18 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14040100\algo.dll 2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-13 21:24 - 2013-12-13 21:24 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2012-08-14 16:11 - 2012-08-14 16:11 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll 2012-08-14 16:16 - 2012-08-14 16:16 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll 2012-08-15 19:20 - 2012-08-15 19:20 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll 2012-08-14 16:13 - 2012-08-14 16:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2012-08-14 16:13 - 2012-08-14 16:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2012-08-14 12:24 - 2012-08-14 12:24 - 00323648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll 2012-05-02 19:28 - 2012-05-02 19:28 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll 2013-08-20 01:41 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll 2014-03-20 19:23 - 2014-03-28 19:12 - 00179488 _____ () C:\Program Files (x86)\Jump Flip\bin\xtlsapp.dll 2012-08-14 16:11 - 2012-08-14 16:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll 2014-03-15 22:01 - 2014-03-14 19:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:AA559E17 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (03/31/2014 05:14:06 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (03/31/2014 08:37:25 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1172 Error: (03/31/2014 08:37:25 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1172 Error: (03/31/2014 08:37:25 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/30/2014 05:14:35 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 599781 Error: (03/30/2014 05:14:35 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 599781 Error: (03/30/2014 05:14:35 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/30/2014 04:26:13 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (03/29/2014 01:32:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PC) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/29/2014 01:32:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PC) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (03/31/2014 10:05:36 PM) (Source: volmgr) (User: ) Description: Crash dump initialization failed! Error: (03/31/2014 10:05:36 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (03/31/2014 10:05:31 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT AUTHORITY) Description: 32212254731163184 Error: (03/29/2014 06:31:40 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (03/29/2014 03:27:32 PM) (Source: Service Control Manager) (User: ) Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: %%1053 Error: (03/29/2014 03:27:32 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect. Error: (03/29/2014 02:16:40 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (03/29/2014 01:37:44 PM) (Source: Service Control Manager) (User: ) Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: %%1053 Error: (03/29/2014 01:37:44 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect. Error: (03/29/2014 01:36:23 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Microsoft Office Sessions: ========================= Error: (03/31/2014 05:14:06 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (03/31/2014 08:37:25 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1172 Error: (03/31/2014 08:37:25 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1172 Error: (03/31/2014 08:37:25 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/30/2014 05:14:35 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 599781 Error: (03/30/2014 05:14:35 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 599781 Error: (03/30/2014 05:14:35 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/30/2014 04:26:13 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (03/29/2014 01:32:19 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PC) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927141 Error: (03/29/2014 01:32:18 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PC) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927141 ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 3981.71 MB Available physical RAM: 2323.11 MB Total Pagefile: 4941.71 MB Available Pagefile: 3018.34 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:444.11 GB) (Free:404.51 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 32FAA5A0) Partition: GPT Partition Type. ==================== End Of Log ============================ 09:00:57.0094 0x161c TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43 09:00:57.0094 0x161c UEFI system 09:01:04.0864 0x161c ============================================================ 09:01:04.0864 0x161c Current date / time: 2014/04/01 09:01:04.0864 09:01:04.0864 0x161c SystemInfo: 09:01:04.0864 0x161c 09:01:04.0864 0x161c OS Version: 6.2.9200 ServicePack: 0.0 09:01:04.0864 0x161c Product type: Workstation 09:01:04.0864 0x161c ComputerName: PC 09:01:04.0864 0x161c UserName: Owner 09:01:04.0864 0x161c Windows directory: C:\WINDOWS 09:01:04.0864 0x161c System windows directory: C:\WINDOWS 09:01:04.0864 0x161c Running under WOW64 09:01:04.0864 0x161c Processor architecture: Intel x64 09:01:04.0864 0x161c Number of processors: 2 09:01:04.0864 0x161c Page size: 0x1000 09:01:04.0864 0x161c Boot type: Normal boot 09:01:04.0864 0x161c ============================================================ 09:01:05.0766 0x161c KLMD registered as C:\WINDOWS\system32\drivers\10421901.sys 09:01:05.0965 0x161c System UUID: {8D0A7AAC-46B9-E8AD-ABBE-0CEBE0AE16B6} 09:01:06.0690 0x161c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 09:01:06.0694 0x161c Drive \Device\Harddisk1\DR1 - Size: 0xEF5FFE00 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 09:01:06.0695 0x161c ============================================================ 09:01:06.0695 0x161c \Device\Harddisk0\DR0: 09:01:06.0695 0x161c GPT partitions: 09:01:06.0696 0x161c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6CFA5FFD-0E06-4FDC-B7FB-128C2F484337}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000 09:01:06.0696 0x161c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {18E4C5E1-0D65-4B87-9FA8-2E9170DBFE6F}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000 09:01:06.0696 0x161c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4071251F-5C92-4840-A1D8-7F9442443023}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000 09:01:06.0696 0x161c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A3C1702D-0B32-4E69-8925-4BC528342DB9}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x37839800 09:01:06.0696 0x161c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B528300F-38FF-406B-9984-DE5935650CA5}, Name: , StartLBA 0x37AD2000, BlocksNum 0xAF000 09:01:06.0696 0x161c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F3620292-A897-46CA-B0AB-AD3FA6C797BA}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000 09:01:06.0696 0x161c MBR partitions: 09:01:06.0696 0x161c \Device\Harddisk1\DR1: 09:01:06.0697 0x161c MBR partitions: 09:01:06.0697 0x161c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2 09:01:06.0697 0x161c ============================================================ 09:01:06.0712 0x161c C: <-> \Device\Harddisk0\DR0\Partition4 09:01:06.0712 0x161c ============================================================ 09:01:06.0712 0x161c Initialize success 09:01:06.0712 0x161c ============================================================ 09:01:08.0468 0x16f8 ============================================================ 09:01:08.0468 0x16f8 Scan started 09:01:08.0468 0x16f8 Mode: Manual; 09:01:08.0468 0x16f8 ============================================================ 09:01:08.0468 0x16f8 KSN ping started 09:01:10.0910 0x16f8 KSN ping finished: true 09:01:12.0415 0x16f8 ================ Scan system memory ======================== 09:01:12.0415 0x16f8 System memory - ok 09:01:12.0416 0x16f8 ================ Scan services ============================= 09:01:12.0658 0x16f8 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 09:01:12.0664 0x16f8 1394ohci - ok 09:01:12.0692 0x16f8 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 09:01:12.0695 0x16f8 3ware - ok 09:01:12.0725 0x16f8 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 09:01:12.0736 0x16f8 ACPI - ok 09:01:12.0772 0x16f8 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 09:01:12.0774 0x16f8 acpiex - ok 09:01:12.0783 0x16f8 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 09:01:12.0784 0x16f8 acpipagr - ok 09:01:12.0790 0x16f8 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 09:01:12.0791 0x16f8 AcpiPmi - ok 09:01:12.0798 0x16f8 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 09:01:12.0798 0x16f8 acpitime - ok 09:01:12.0869 0x16f8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 09:01:12.0871 0x16f8 AdobeARMservice - ok 09:01:12.0919 0x16f8 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys 09:01:12.0939 0x16f8 adp94xx - ok 09:01:12.0954 0x16f8 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys 09:01:12.0963 0x16f8 adpahci - ok 09:01:12.0981 0x16f8 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys 09:01:12.0986 0x16f8 adpu320 - ok 09:01:13.0011 0x16f8 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 09:01:13.0016 0x16f8 AeLookupSvc - ok 09:01:13.0079 0x16f8 [ 62D8AF31A29F63B7F311F1FBC7EF20A8, E2173F19799EEAA6CCEB5BFE00885BCB7A55C7D361989A64C2D6A31024145D2F ] AFBAgent C:\Windows\system32\FBAgent.exe 09:01:13.0125 0x16f8 AFBAgent - ok 09:01:13.0172 0x16f8 [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\WINDOWS\system32\drivers\afd.sys 09:01:13.0194 0x16f8 AFD - ok 09:01:13.0261 0x16f8 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\agrsm64.sys 09:01:13.0306 0x16f8 AgereSoftModem - ok 09:01:13.0320 0x16f8 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 09:01:13.0322 0x16f8 agp440 - ok 09:01:13.0355 0x16f8 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys 09:01:13.0356 0x16f8 AiCharger - ok 09:01:13.0374 0x16f8 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\WINDOWS\System32\alg.exe 09:01:13.0378 0x16f8 ALG - ok 09:01:13.0394 0x16f8 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll 09:01:13.0398 0x16f8 AllUserInstallAgent - ok 09:01:13.0423 0x16f8 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 09:01:13.0426 0x16f8 AmdK8 - ok 09:01:13.0444 0x16f8 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 09:01:13.0447 0x16f8 AmdPPM - ok 09:01:13.0461 0x16f8 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 09:01:13.0463 0x16f8 amdsata - ok 09:01:13.0493 0x16f8 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 09:01:13.0500 0x16f8 amdsbs - ok 09:01:13.0511 0x16f8 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 09:01:13.0513 0x16f8 amdxata - ok 09:01:13.0525 0x16f8 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\WINDOWS\system32\drivers\appid.sys 09:01:13.0528 0x16f8 AppID - ok 09:01:13.0551 0x16f8 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 09:01:13.0554 0x16f8 AppIDSvc - ok 09:01:13.0582 0x16f8 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\WINDOWS\System32\appinfo.dll 09:01:13.0585 0x16f8 Appinfo - ok 09:01:13.0632 0x16f8 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:01:13.0634 0x16f8 Apple Mobile Device - ok 09:01:13.0661 0x16f8 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\WINDOWS\system32\drivers\arc.sys 09:01:13.0665 0x16f8 arc - ok 09:01:13.0681 0x16f8 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 09:01:13.0684 0x16f8 arcsas - ok 09:01:13.0735 0x16f8 [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe 09:01:13.0738 0x16f8 ASLDRService - ok 09:01:13.0749 0x16f8 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 09:01:13.0750 0x16f8 ASMMAP64 - ok 09:01:13.0788 0x16f8 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe 09:01:13.0795 0x16f8 ASUS InstantOn - ok 09:01:13.0830 0x16f8 [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 09:01:13.0833 0x16f8 Asus WebStorage Windows Service - ok 09:01:13.0864 0x16f8 [ 9F34AA1124EEA112E49E48258B1D6394, F8648E5EDD7DDFE8D0F5F410E90D0713381A5DB0980D4F0D13D6A5B1F9F4E9A6 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys 09:01:13.0866 0x16f8 aswFsBlk - ok 09:01:13.0876 0x16f8 [ 5C49AB607897C94E123EC8364FF4BF61, 77F69B00DDE1433C115AA617E0063CB93EE29B3E8D168EF2497E31DD573D5A13 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys 09:01:13.0880 0x16f8 aswMonFlt - ok 09:01:13.0893 0x16f8 [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys 09:01:13.0896 0x16f8 aswRdr - ok 09:01:13.0907 0x16f8 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys 09:01:13.0910 0x16f8 aswRvrt - ok 09:01:13.0954 0x16f8 [ 1BA60C77EB3CDB6129DAD25BAF675F43, 1D5BB6B427E065494C8A363996974048C890F9DBBEEF305B7034873696DFD969 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 09:01:14.0011 0x16f8 aswSnx - ok 09:01:14.0090 0x16f8 [ 79ADA401A6E2054F110E7FBDFAC71942, 0E551FB9E5FE598900036E872E16EB407F7F63FD7A8A0AFAB5094D9DFA75CFCF ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 09:01:14.0107 0x16f8 aswSP - ok 09:01:14.0136 0x16f8 [ 59787B95DD9CA44CB139D96863438587, C36E1A812931BBEACE38BF1E621C950439144979E31961C016AD1AE323579058 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys 09:01:14.0142 0x16f8 aswVmm - ok 09:01:14.0156 0x16f8 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:01:14.0157 0x16f8 AsyncMac - ok 09:01:14.0170 0x16f8 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 09:01:14.0172 0x16f8 atapi - ok 09:01:14.0381 0x16f8 [ DECE3E2832F125A41A02FB59F4C54EEA, 2994024E5C295E9FDF4C6C0A8F2B17C07C158AD1567BEDA46A482C6C08F460BC ] athr C:\WINDOWS\system32\DRIVERS\athrx.sys 09:01:14.0471 0x16f8 athr - ok 09:01:14.0493 0x16f8 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 09:01:14.0496 0x16f8 ATKGFNEXSrv - ok 09:01:14.0525 0x16f8 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 09:01:14.0526 0x16f8 ATKWMIACPIIO - ok 09:01:14.0537 0x16f8 [ C6D054B63657CE624EDA7814776059D4, BD80F114AA087E113759793BD7AD1F23345916B91EE1DB8841D885B32D838FBA ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys 09:01:14.0539 0x16f8 ATP - ok 09:01:14.0572 0x16f8 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 09:01:14.0578 0x16f8 AudioEndpointBuilder - ok 09:01:14.0624 0x16f8 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 09:01:14.0658 0x16f8 Audiosrv - ok 09:01:14.0732 0x16f8 [ 4D41D30E2FAB3307967C7A0B045DC874, 620482D08544478862C78285E17DEE9BC3466DF8B62BD502B0C17AE6501D2B5E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 09:01:14.0734 0x16f8 avast! Antivirus - ok 09:01:14.0767 0x16f8 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 09:01:14.0771 0x16f8 AxInstSV - ok 09:01:14.0818 0x16f8 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 09:01:14.0833 0x16f8 b06bdrv - ok 09:01:14.0844 0x16f8 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 09:01:14.0846 0x16f8 BasicDisplay - ok 09:01:14.0864 0x16f8 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 09:01:14.0865 0x16f8 BasicRender - ok 09:01:14.0901 0x16f8 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\WINDOWS\System32\bdesvc.dll 09:01:14.0907 0x16f8 BDESVC - ok 09:01:14.0917 0x16f8 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys 09:01:14.0918 0x16f8 Beep - ok 09:01:14.0963 0x16f8 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\WINDOWS\System32\bfe.dll 09:01:14.0997 0x16f8 BFE - ok 09:01:15.0052 0x16f8 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\WINDOWS\System32\qmgr.dll 09:01:15.0086 0x16f8 BITS - ok 09:01:15.0192 0x16f8 [ A0F4DA23FEFA45664B3A6235C7FDB1DD, B41A7EAB5B29CBCE9DB6F67BE1BAC69B4AFBB75EBD8A55204735C296468A56C7 ] BlueSoleilCS C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe 09:01:15.0231 0x16f8 BlueSoleilCS - ok 09:01:15.0271 0x16f8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 09:01:15.0283 0x16f8 Bonjour Service - ok 09:01:15.0295 0x16f8 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 09:01:15.0298 0x16f8 bowser - ok 09:01:15.0329 0x16f8 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 09:01:15.0335 0x16f8 BrokerInfrastructure - ok 09:01:15.0367 0x16f8 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\WINDOWS\System32\browser.dll 09:01:15.0371 0x16f8 Browser - ok 09:01:15.0394 0x16f8 [ 9DC2CC8FFEF7A2FB58C0578792FCF325, DAF5C150C91CE61BFE08083180957902DA127A0D79A619E8946340AE4B55BF0C ] BsHelpCS C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe 09:01:15.0398 0x16f8 BsHelpCS - ok 09:01:15.0414 0x16f8 [ 34AAF6FD68B8403E76F0D08A8C1C1DA3, 2255F88C04E89AA80231B67287D81271DC226007F01CFCB55EB1EBF640C6FCF5 ] BtAudioBusSrv C:\WINDOWS\System32\Drivers\BtAudioBus.sys 09:01:15.0415 0x16f8 BtAudioBusSrv - ok 09:01:15.0447 0x16f8 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 09:01:15.0449 0x16f8 BthAvrcpTg - ok 09:01:15.0472 0x16f8 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 09:01:15.0474 0x16f8 BthEnum - ok 09:01:15.0498 0x16f8 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 09:01:15.0500 0x16f8 BthHFEnum - ok 09:01:15.0506 0x16f8 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 09:01:15.0507 0x16f8 bthhfhid - ok 09:01:15.0534 0x16f8 [ 9C09D5F1257F1748A4EAB0E8584FAF61, 2BD1109682AD5DC2AA6BABFB4759162BD160CDB2D6632FD28B4D942798936631 ] BthL2caScoIfSrv C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys 09:01:15.0536 0x16f8 BthL2caScoIfSrv - ok 09:01:15.0561 0x16f8 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys 09:01:15.0566 0x16f8 BthLEEnum - ok 09:01:15.0580 0x16f8 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 09:01:15.0582 0x16f8 BTHMODEM - ok 09:01:15.0604 0x16f8 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys 09:01:15.0607 0x16f8 BthPan - ok 09:01:15.0659 0x16f8 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 09:01:15.0704 0x16f8 BTHPORT - ok 09:01:15.0731 0x16f8 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\WINDOWS\system32\bthserv.dll 09:01:15.0735 0x16f8 bthserv - ok 09:01:15.0755 0x16f8 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 09:01:15.0757 0x16f8 BTHUSB - ok 09:01:15.0780 0x16f8 [ 606B38EEB6E484481AE6113AA5473CB7, CC08EC27E2C65CC937692960D9DF9747285013B9BEDF244EAD373233AB9817D9 ] btUrbFilterDrv C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys 09:01:15.0783 0x16f8 btUrbFilterDrv - ok 09:01:15.0798 0x16f8 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 09:01:15.0803 0x16f8 cdfs - ok 09:01:15.0830 0x16f8 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 09:01:15.0836 0x16f8 cdrom - ok 09:01:15.0867 0x16f8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 09:01:15.0873 0x16f8 CertPropSvc - ok 09:01:15.0885 0x16f8 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\WINDOWS\System32\drivers\circlass.sys 09:01:15.0887 0x16f8 circlass - ok 09:01:15.0914 0x16f8 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 09:01:15.0924 0x16f8 CLFS - ok 09:01:15.0945 0x16f8 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 09:01:15.0946 0x16f8 CmBatt - ok 09:01:15.0967 0x16f8 [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 09:01:15.0982 0x16f8 CNG - ok 09:01:15.0997 0x16f8 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 09:01:15.0999 0x16f8 CompositeBus - ok 09:01:16.0004 0x16f8 COMSysApp - ok 09:01:16.0020 0x16f8 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 09:01:16.0021 0x16f8 condrv - ok 09:01:16.0088 0x16f8 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 09:01:16.0097 0x16f8 cphs - ok 09:01:16.0128 0x16f8 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 09:01:16.0131 0x16f8 CryptSvc - ok 09:01:16.0153 0x16f8 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\WINDOWS\system32\drivers\dam.sys 09:01:16.0155 0x16f8 dam - ok 09:01:16.0203 0x16f8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 09:01:16.0225 0x16f8 DcomLaunch - ok 09:01:16.0297 0x16f8 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\WINDOWS\System32\defragsvc.dll 09:01:16.0326 0x16f8 defragsvc - ok 09:01:16.0386 0x16f8 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll 09:01:16.0396 0x16f8 DeviceAssociationService - ok 09:01:16.0406 0x16f8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 09:01:16.0414 0x16f8 DeviceInstall - ok 09:01:16.0439 0x16f8 [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 09:01:16.0442 0x16f8 Dfsc - ok 09:01:16.0476 0x16f8 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 09:01:16.0486 0x16f8 Dhcp - ok 09:01:16.0502 0x16f8 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\WINDOWS\system32\drivers\discache.sys 09:01:16.0503 0x16f8 discache - ok 09:01:16.0523 0x16f8 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\WINDOWS\system32\drivers\disk.sys 09:01:16.0527 0x16f8 disk - ok 09:01:16.0545 0x16f8 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 09:01:16.0547 0x16f8 dmvsc - ok 09:01:16.0557 0x16f8 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 09:01:16.0563 0x16f8 Dnscache - ok 09:01:16.0606 0x16f8 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\WINDOWS\System32\dot3svc.dll 09:01:16.0614 0x16f8 dot3svc - ok 09:01:16.0635 0x16f8 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\WINDOWS\system32\dps.dll 09:01:16.0642 0x16f8 DPS - ok 09:01:16.0667 0x16f8 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 09:01:16.0668 0x16f8 drmkaud - ok 09:01:16.0697 0x16f8 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 09:01:16.0704 0x16f8 DsmSvc - ok 09:01:16.0842 0x16f8 [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 09:01:16.0894 0x16f8 DXGKrnl - ok 09:01:16.0931 0x16f8 [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys 09:01:16.0940 0x16f8 e1iexpress - ok 09:01:16.0975 0x16f8 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\WINDOWS\System32\eapsvc.dll 09:01:16.0980 0x16f8 Eaphost - ok 09:01:17.0101 0x16f8 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 09:01:17.0214 0x16f8 ebdrv - ok 09:01:17.0254 0x16f8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\WINDOWS\System32\lsass.exe 09:01:17.0282 0x16f8 EFS - ok 09:01:17.0322 0x16f8 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 09:01:17.0350 0x16f8 EhStorClass - ok 09:01:17.0369 0x16f8 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 09:01:17.0372 0x16f8 EhStorTcgDrv - ok 09:01:17.0391 0x16f8 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 09:01:17.0392 0x16f8 ErrDev - ok 09:01:17.0434 0x16f8 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\WINDOWS\system32\es.dll 09:01:17.0456 0x16f8 EventSystem - ok 09:01:17.0491 0x16f8 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\WINDOWS\system32\drivers\exfat.sys 09:01:17.0496 0x16f8 exfat - ok 09:01:17.0514 0x16f8 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 09:01:17.0521 0x16f8 fastfat - ok 09:01:17.0551 0x16f8 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\WINDOWS\system32\fxssvc.exe 09:01:17.0584 0x16f8 Fax - ok 09:01:17.0596 0x16f8 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 09:01:17.0598 0x16f8 fdc - ok 09:01:17.0615 0x16f8 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 09:01:17.0618 0x16f8 fdPHost - ok 09:01:17.0629 0x16f8 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 09:01:17.0632 0x16f8 FDResPub - ok 09:01:17.0652 0x16f8 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\WINDOWS\system32\fhsvc.dll 09:01:17.0657 0x16f8 fhsvc - ok 09:01:17.0689 0x16f8 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 09:01:17.0692 0x16f8 FileInfo - ok 09:01:17.0709 0x16f8 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 09:01:17.0710 0x16f8 Filetrace - ok 09:01:17.0722 0x16f8 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 09:01:17.0724 0x16f8 flpydisk - ok 09:01:17.0754 0x16f8 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 09:01:17.0765 0x16f8 FltMgr - ok 09:01:17.0828 0x16f8 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\WINDOWS\system32\FntCache.dll 09:01:17.0859 0x16f8 FontCache - ok 09:01:17.0906 0x16f8 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 09:01:17.0908 0x16f8 FontCache3.0.0.0 - ok 09:01:17.0937 0x16f8 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 09:01:17.0939 0x16f8 FsDepends - ok 09:01:17.0950 0x16f8 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:01:17.0951 0x16f8 Fs_Rec - ok 09:01:17.0993 0x16f8 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 09:01:18.0012 0x16f8 fvevol - ok 09:01:18.0056 0x16f8 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 09:01:18.0057 0x16f8 FxPPM - ok 09:01:18.0071 0x16f8 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 09:01:18.0073 0x16f8 gagp30kx - ok 09:01:18.0119 0x16f8 [ DD9E0FC518089F6F6980A91519DF7909, 10ADE70CA084B0243EC8FB0E29E2046E968834B67E09776115243E353A142445 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe 09:01:18.0125 0x16f8 GamesAppIntegrationService - ok 09:01:18.0151 0x16f8 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 09:01:18.0157 0x16f8 GamesAppService - ok 09:01:18.0172 0x16f8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 09:01:18.0189 0x16f8 GEARAspiWDM - ok 09:01:18.0214 0x16f8 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 09:01:18.0243 0x16f8 gencounter - ok 09:01:18.0315 0x16f8 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 09:01:18.0339 0x16f8 GPIOClx0101 - ok 09:01:18.0428 0x16f8 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 09:01:18.0486 0x16f8 gpsvc - ok 09:01:18.0536 0x16f8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:01:18.0540 0x16f8 gupdate - ok 09:01:18.0546 0x16f8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:01:18.0549 0x16f8 gupdatem - ok 09:01:18.0580 0x16f8 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 09:01:18.0590 0x16f8 HdAudAddService - ok 09:01:18.0609 0x16f8 [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 09:01:18.0612 0x16f8 HDAudBus - ok 09:01:18.0626 0x16f8 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 09:01:18.0627 0x16f8 HidBatt - ok 09:01:18.0651 0x16f8 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 09:01:18.0655 0x16f8 HidBth - ok 09:01:18.0667 0x16f8 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 09:01:18.0669 0x16f8 hidi2c - ok 09:01:18.0675 0x16f8 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 09:01:18.0677 0x16f8 HidIr - ok 09:01:18.0699 0x16f8 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\WINDOWS\system32\hidserv.dll 09:01:18.0703 0x16f8 hidserv - ok 09:01:18.0735 0x16f8 [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys 09:01:18.0737 0x16f8 HIDSwitch - ok 09:01:18.0756 0x16f8 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 09:01:18.0758 0x16f8 HidUsb - ok 09:01:18.0768 0x16f8 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 09:01:18.0773 0x16f8 hkmsvc - ok 09:01:18.0792 0x16f8 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 09:01:18.0803 0x16f8 HomeGroupListener - ok 09:01:18.0831 0x16f8 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 09:01:18.0853 0x16f8 HomeGroupProvider - ok 09:01:18.0881 0x16f8 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 09:01:18.0884 0x16f8 HpSAMD - ok 09:01:18.0942 0x16f8 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 09:01:18.0976 0x16f8 HTTP - ok 09:01:18.0990 0x16f8 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 09:01:18.0992 0x16f8 hwpolicy - ok 09:01:19.0012 0x16f8 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 09:01:19.0013 0x16f8 hyperkbd - ok 09:01:19.0031 0x16f8 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 09:01:19.0032 0x16f8 HyperVideo - ok 09:01:19.0054 0x16f8 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 09:01:19.0057 0x16f8 i8042prt - ok 09:01:19.0219 0x16f8 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 09:01:19.0236 0x16f8 iaStorA - ok 09:01:19.0271 0x16f8 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 09:01:19.0283 0x16f8 iaStorV - ok 09:01:19.0484 0x16f8 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 09:01:19.0662 0x16f8 igfx - ok 09:01:19.0687 0x16f8 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys 09:01:19.0689 0x16f8 iirsp - ok 09:01:19.0746 0x16f8 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 09:01:19.0791 0x16f8 IKEEXT - ok 09:01:19.0932 0x16f8 [ 8A3427C364CABBCB508D417A27693845, D519D2CAA6C6CB92B1F3D1E8450417B41718C57636FD5C5A813F76396D45091A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 09:01:20.0048 0x16f8 IntcAzAudAddService - ok 09:01:20.0090 0x16f8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 09:01:20.0100 0x16f8 IntcDAud - ok 09:01:20.0169 0x16f8 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 09:01:20.0187 0x16f8 Intel® Capability Licensing Service Interface - ok 09:01:20.0262 0x16f8 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe 09:01:20.0289 0x16f8 Intel® ME Service - ok 09:01:20.0316 0x16f8 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 09:01:20.0317 0x16f8 intelide - ok 09:01:20.0360 0x16f8 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 09:01:20.0363 0x16f8 intelppm - ok 09:01:20.0378 0x16f8 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:01:20.0381 0x16f8 IpFilterDriver - ok 09:01:20.0437 0x16f8 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 09:01:20.0472 0x16f8 iphlpsvc - ok 09:01:20.0488 0x16f8 [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 09:01:20.0490 0x16f8 IPMIDRV - ok 09:01:20.0507 0x16f8 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 09:01:20.0511 0x16f8 IPNAT - ok 09:01:20.0564 0x16f8 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:01:20.0588 0x16f8 iPod Service - ok 09:01:20.0608 0x16f8 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 09:01:20.0609 0x16f8 IRENUM - ok 09:01:20.0628 0x16f8 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 09:01:20.0630 0x16f8 isapnp - ok 09:01:20.0650 0x16f8 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 09:01:20.0659 0x16f8 iScsiPrt - ok 09:01:20.0692 0x16f8 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe 09:01:20.0698 0x16f8 jhi_service - ok 09:01:20.0715 0x16f8 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 09:01:20.0718 0x16f8 kbdclass - ok 09:01:20.0740 0x16f8 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 09:01:20.0741 0x16f8 kbdhid - ok 09:01:20.0769 0x16f8 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys 09:01:20.0771 0x16f8 kbfiltr - ok 09:01:20.0789 0x16f8 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 09:01:20.0790 0x16f8 kdnic - ok 09:01:20.0808 0x16f8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\WINDOWS\system32\lsass.exe 09:01:20.0812 0x16f8 KeyIso - ok 09:01:20.0828 0x16f8 [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 09:01:20.0832 0x16f8 KSecDD - ok 09:01:20.0855 0x16f8 [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 09:01:20.0860 0x16f8 KSecPkg - ok 09:01:20.0880 0x16f8 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 09:01:20.0881 0x16f8 ksthunk - ok 09:01:20.0924 0x16f8 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 09:01:20.0945 0x16f8 KtmRm - ok 09:01:20.0982 0x16f8 [ CBD16721541EE334F6D623CE0B4003BF, DE2C6345B2051AD4C3A3F3AB89AB63AE58A0BA6AB0BCB6B0DFCE6BCD0E8E9519 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys 09:01:20.0986 0x16f8 L1C - ok 09:01:21.0025 0x16f8 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 09:01:21.0044 0x16f8 LanmanServer - ok 09:01:21.0066 0x16f8 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 09:01:21.0076 0x16f8 LanmanWorkstation - ok 09:01:21.0108 0x16f8 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 09:01:21.0110 0x16f8 lltdio - ok 09:01:21.0162 0x16f8 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 09:01:21.0172 0x16f8 lltdsvc - ok 09:01:21.0196 0x16f8 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 09:01:21.0201 0x16f8 lmhosts - ok 09:01:21.0245 0x16f8 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 09:01:21.0253 0x16f8 LMS - ok 09:01:21.0278 0x16f8 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 09:01:21.0281 0x16f8 LSI_SAS - ok 09:01:21.0322 0x16f8 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 09:01:21.0325 0x16f8 LSI_SAS2 - ok 09:01:21.0344 0x16f8 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys 09:01:21.0348 0x16f8 LSI_SCSI - ok 09:01:21.0357 0x16f8 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 09:01:21.0360 0x16f8 LSI_SSS - ok 09:01:21.0397 0x16f8 [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\WINDOWS\System32\lsm.dll 09:01:21.0422 0x16f8 LSM - ok 09:01:21.0439 0x16f8 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 09:01:21.0443 0x16f8 luafv - ok 09:01:21.0462 0x16f8 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\WINDOWS\system32\drivers\megasas.sys 09:01:21.0464 0x16f8 megasas - ok 09:01:21.0487 0x16f8 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys 09:01:21.0497 0x16f8 MegaSR - ok 09:01:21.0540 0x16f8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 09:01:21.0543 0x16f8 MEIx64 - ok 09:01:21.0567 0x16f8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\WINDOWS\system32\mmcss.dll 09:01:21.0573 0x16f8 MMCSS - ok 09:01:21.0594 0x16f8 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\WINDOWS\system32\drivers\modem.sys 09:01:21.0596 0x16f8 Modem - ok 09:01:21.0619 0x16f8 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 09:01:21.0620 0x16f8 monitor - ok 09:01:21.0636 0x16f8 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 09:01:21.0638 0x16f8 mouclass - ok 09:01:21.0658 0x16f8 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 09:01:21.0660 0x16f8 mouhid - ok 09:01:21.0684 0x16f8 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 09:01:21.0688 0x16f8 mountmgr - ok 09:01:21.0717 0x16f8 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 09:01:21.0719 0x16f8 mpsdrv - ok 09:01:21.0770 0x16f8 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 09:01:21.0814 0x16f8 MpsSvc - ok 09:01:21.0852 0x16f8 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 09:01:21.0856 0x16f8 MRxDAV - ok 09:01:21.0898 0x16f8 [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:01:21.0910 0x16f8 mrxsmb - ok 09:01:21.0948 0x16f8 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 09:01:21.0956 0x16f8 mrxsmb10 - ok 09:01:21.0987 0x16f8 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 09:01:21.0994 0x16f8 mrxsmb20 - ok 09:01:22.0032 0x16f8 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 09:01:22.0035 0x16f8 MsBridge - ok 09:01:22.0057 0x16f8 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\WINDOWS\System32\msdtc.exe 09:01:22.0064 0x16f8 MSDTC - ok 09:01:22.0106 0x16f8 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 09:01:22.0109 0x16f8 Msfs - ok 09:01:22.0138 0x16f8 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 09:01:22.0142 0x16f8 msgpiowin32 - ok 09:01:22.0173 0x16f8 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 09:01:22.0174 0x16f8 mshidkmdf - ok 09:01:22.0191 0x16f8 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 09:01:22.0192 0x16f8 mshidumdf - ok 09:01:22.0201 0x16f8 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 09:01:22.0204 0x16f8 msisadrv - ok 09:01:22.0234 0x16f8 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 09:01:22.0280 0x16f8 MSiSCSI - ok 09:01:22.0286 0x16f8 msiserver - ok 09:01:22.0316 0x16f8 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:01:22.0317 0x16f8 MSKSSRV - ok 09:01:22.0350 0x16f8 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 09:01:22.0352 0x16f8 MsLldp - ok 09:01:22.0391 0x16f8 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:01:22.0392 0x16f8 MSPCLOCK - ok 09:01:22.0397 0x16f8 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 09:01:22.0398 0x16f8 MSPQM - ok 09:01:22.0424 0x16f8 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 09:01:22.0436 0x16f8 MsRPC - ok 09:01:22.0452 0x16f8 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 09:01:22.0454 0x16f8 mssmbios - ok 09:01:22.0459 0x16f8 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 09:01:22.0460 0x16f8 MSTEE - ok 09:01:22.0479 0x16f8 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 09:01:22.0480 0x16f8 MTConfig - ok 09:01:22.0503 0x16f8 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\WINDOWS\system32\Drivers\mup.sys 09:01:22.0506 0x16f8 Mup - ok 09:01:22.0530 0x16f8 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 09:01:22.0532 0x16f8 mvumis - ok 09:01:22.0575 0x16f8 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\WINDOWS\system32\qagentRT.dll 09:01:22.0598 0x16f8 napagent - ok 09:01:22.0639 0x16f8 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 09:01:22.0670 0x16f8 NativeWifiP - ok 09:01:22.0700 0x16f8 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 09:01:22.0710 0x16f8 NcaSvc - ok 09:01:22.0724 0x16f8 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 09:01:22.0731 0x16f8 NcdAutoSetup - ok 09:01:22.0790 0x16f8 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 09:01:22.0837 0x16f8 NDIS - ok 09:01:22.0868 0x16f8 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 09:01:22.0871 0x16f8 NdisCap - ok 09:01:22.0883 0x16f8 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 09:01:22.0888 0x16f8 NdisImPlatform - ok 09:01:22.0896 0x16f8 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:01:22.0898 0x16f8 NdisTapi - ok 09:01:22.0916 0x16f8 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:01:22.0919 0x16f8 Ndisuio - ok 09:01:22.0934 0x16f8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:01:22.0939 0x16f8 NdisWan - ok 09:01:22.0947 0x16f8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:01:22.0954 0x16f8 NDISWANLEGACY - ok 09:01:22.0982 0x16f8 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 09:01:22.0984 0x16f8 NDProxy - ok 09:01:23.0002 0x16f8 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 09:01:23.0006 0x16f8 Ndu - ok 09:01:23.0017 0x16f8 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 09:01:23.0019 0x16f8 NetBIOS - ok 09:01:23.0047 0x16f8 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 09:01:23.0057 0x16f8 NetBT - ok 09:01:23.0088 0x16f8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\WINDOWS\system32\lsass.exe 09:01:23.0092 0x16f8 Netlogon - ok 09:01:23.0129 0x16f8 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\WINDOWS\System32\netman.dll 09:01:23.0141 0x16f8 Netman - ok 09:01:23.0206 0x16f8 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 09:01:23.0228 0x16f8 netprofm - ok 09:01:23.0338 0x16f8 [ 080417AC9E51B2B29656EC26B62E87F1, F85B0F301396913427CA410AEA302119BBDC625AFDB560D9B7A08E9E622AEB8E ] netr28x C:\WINDOWS\system32\DRIVERS\netr28x.sys 09:01:23.0439 0x16f8 netr28x - ok 09:01:23.0502 0x16f8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:01:23.0580 0x16f8 NetTcpPortSharing - ok 09:01:23.0891 0x16f8 [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys 09:01:24.0189 0x16f8 NETwNs64 - ok 09:01:24.0217 0x16f8 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys 09:01:24.0219 0x16f8 nfrd960 - ok 09:01:24.0288 0x16f8 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 09:01:24.0302 0x16f8 NlaSvc - ok 09:01:24.0319 0x16f8 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 09:01:24.0322 0x16f8 Npfs - ok 09:01:24.0350 0x16f8 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 09:01:24.0351 0x16f8 npsvctrig - ok 09:01:24.0392 0x16f8 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\WINDOWS\system32\nsisvc.dll 09:01:24.0414 0x16f8 nsi - ok 09:01:24.0426 0x16f8 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 09:01:24.0428 0x16f8 nsiproxy - ok 09:01:24.0503 0x16f8 [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 09:01:24.0573 0x16f8 Ntfs - ok 09:01:24.0586 0x16f8 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\WINDOWS\system32\drivers\Null.sys 09:01:24.0587 0x16f8 Null - ok 09:01:24.0603 0x16f8 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 09:01:24.0608 0x16f8 nvraid - ok 09:01:24.0620 0x16f8 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 09:01:24.0625 0x16f8 nvstor - ok 09:01:24.0637 0x16f8 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 09:01:24.0641 0x16f8 nv_agp - ok 09:01:24.0674 0x16f8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 09:01:24.0686 0x16f8 p2pimsvc - ok 09:01:24.0725 0x16f8 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\WINDOWS\system32\p2psvc.dll 09:01:24.0747 0x16f8 p2psvc - ok 09:01:24.0773 0x16f8 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\WINDOWS\System32\drivers\parport.sys 09:01:24.0776 0x16f8 Parport - ok 09:01:24.0800 0x16f8 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 09:01:24.0804 0x16f8 partmgr - ok 09:01:24.0831 0x16f8 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 09:01:24.0845 0x16f8 PcaSvc - ok 09:01:24.0880 0x16f8 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\WINDOWS\system32\drivers\pci.sys 09:01:24.0887 0x16f8 pci - ok 09:01:24.0899 0x16f8 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\WINDOWS\system32\drivers\pciide.sys 09:01:24.0900 0x16f8 pciide - ok 09:01:24.0925 0x16f8 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 09:01:24.0931 0x16f8 pcmcia - ok 09:01:24.0947 0x16f8 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\WINDOWS\system32\drivers\pcw.sys 09:01:24.0949 0x16f8 pcw - ok 09:01:24.0976 0x16f8 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\WINDOWS\system32\drivers\pdc.sys 09:01:24.0979 0x16f8 pdc - ok 09:01:25.0036 0x16f8 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 09:01:25.0081 0x16f8 PEAUTH - ok 09:01:25.0169 0x16f8 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 09:01:25.0173 0x16f8 PerfHost - ok 09:01:25.0251 0x16f8 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\WINDOWS\system32\pla.dll 09:01:25.0307 0x16f8 pla - ok 09:01:25.0328 0x16f8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 09:01:25.0335 0x16f8 PlugPlay - ok 09:01:25.0345 0x16f8 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 09:01:25.0350 0x16f8 PNRPAutoReg - ok 09:01:25.0372 0x16f8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 09:01:25.0383 0x16f8 PNRPsvc - ok 09:01:25.0425 0x16f8 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 09:01:25.0447 0x16f8 PolicyAgent - ok 09:01:25.0475 0x16f8 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\WINDOWS\system32\umpo.dll 09:01:25.0482 0x16f8 Power - ok 09:01:25.0512 0x16f8 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:01:25.0516 0x16f8 PptpMiniport - ok 09:01:25.0666 0x16f8 [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll 09:01:25.0758 0x16f8 PrintNotify - ok 09:01:25.0788 0x16f8 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\WINDOWS\System32\drivers\processr.sys 09:01:25.0791 0x16f8 Processor - ok 09:01:25.0819 0x16f8 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\WINDOWS\system32\profsvc.dll 09:01:25.0829 0x16f8 ProfSvc - ok 09:01:25.0861 0x16f8 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 09:01:25.0865 0x16f8 Psched - ok 09:01:25.0892 0x16f8 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\WINDOWS\system32\qwave.dll 09:01:25.0904 0x16f8 QWAVE - ok 09:01:25.0914 0x16f8 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 09:01:25.0916 0x16f8 QWAVEdrv - ok 09:01:25.0933 0x16f8 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:01:25.0934 0x16f8 RasAcd - ok 09:01:25.0960 0x16f8 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 09:01:25.0962 0x16f8 RasAgileVpn - ok 09:01:25.0980 0x16f8 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\WINDOWS\System32\rasauto.dll 09:01:25.0987 0x16f8 RasAuto - ok 09:01:26.0007 0x16f8 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:01:26.0011 0x16f8 Rasl2tp - ok 09:01:26.0033 0x16f8 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\WINDOWS\System32\rasmans.dll 09:01:26.0054 0x16f8 RasMan - ok 09:01:26.0075 0x16f8 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:01:26.0077 0x16f8 RasPppoe - ok 09:01:26.0100 0x16f8 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 09:01:26.0103 0x16f8 RasSstp - ok 09:01:26.0142 0x16f8 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:01:26.0153 0x16f8 rdbss - ok 09:01:26.0187 0x16f8 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 09:01:26.0189 0x16f8 rdpbus - ok 09:01:26.0205 0x16f8 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 09:01:26.0228 0x16f8 RDPDR - ok 09:01:26.0265 0x16f8 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 09:01:26.0267 0x16f8 RdpVideoMiniport - ok 09:01:26.0311 0x16f8 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 09:01:26.0334 0x16f8 RDPWD - ok 09:01:26.0360 0x16f8 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 09:01:26.0366 0x16f8 rdyboost - ok 09:01:26.0396 0x16f8 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 09:01:26.0402 0x16f8 RemoteAccess - ok 09:01:26.0426 0x16f8 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 09:01:26.0435 0x16f8 RemoteRegistry - ok 09:01:26.0464 0x16f8 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 09:01:26.0469 0x16f8 RFCOMM - ok 09:01:26.0483 0x16f8 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 09:01:26.0490 0x16f8 RpcEptMapper - ok 09:01:26.0519 0x16f8 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\WINDOWS\system32\locator.exe 09:01:26.0523 0x16f8 RpcLocator - ok 09:01:26.0586 0x16f8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 09:01:26.0609 0x16f8 RpcSs - ok 09:01:26.0647 0x16f8 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 09:01:26.0650 0x16f8 rspndr - ok 09:01:26.0695 0x16f8 [ D1FE32FA7892AE94E4B464490BE62C0F, 5CEDB196D04ADA881DF60A4B7DEAD25CCE85E34FC9A71DA69612D4BA65720498 ] rtbth C:\WINDOWS\System32\drivers\rtbth.sys 09:01:26.0718 0x16f8 rtbth - ok 09:01:26.0757 0x16f8 [ 15923AA360F7675D3D43C9669316A0BA, AD1852732082140C62CC44A01914162E44BF412B4A852DF27DC0E0765E64288F ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 09:01:26.0780 0x16f8 RTL8168 - ok 09:01:26.0804 0x16f8 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 09:01:26.0805 0x16f8 s3cap - ok 09:01:26.0830 0x16f8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\WINDOWS\system32\lsass.exe 09:01:26.0834 0x16f8 SamSs - ok 09:01:26.0854 0x16f8 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 09:01:26.0858 0x16f8 sbp2port - ok 09:01:26.0890 0x16f8 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 09:01:26.0900 0x16f8 SCardSvr - ok 09:01:26.0930 0x16f8 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 09:01:26.0932 0x16f8 scfilter - ok 09:01:27.0019 0x16f8 [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\WINDOWS\system32\schedsvc.dll 09:01:27.0075 0x16f8 Schedule - ok 09:01:27.0113 0x16f8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 09:01:27.0118 0x16f8 SCPolicySvc - ok 09:01:27.0160 0x16f8 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 09:01:27.0165 0x16f8 sdbus - ok 09:01:27.0198 0x16f8 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 09:01:27.0207 0x16f8 SDRSVC - ok 09:01:27.0224 0x16f8 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 09:01:27.0227 0x16f8 sdstor - ok 09:01:27.0246 0x16f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 09:01:27.0247 0x16f8 secdrv - ok 09:01:27.0266 0x16f8 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\WINDOWS\system32\seclogon.dll 09:01:27.0272 0x16f8 seclogon - ok 09:01:27.0291 0x16f8 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\WINDOWS\System32\sens.dll 09:01:27.0297 0x16f8 SENS - ok 09:01:27.0319 0x16f8 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 09:01:27.0328 0x16f8 SensrSvc - ok 09:01:27.0343 0x16f8 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 09:01:27.0345 0x16f8 SerCx - ok 09:01:27.0356 0x16f8 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 09:01:27.0358 0x16f8 Serenum - ok 09:01:27.0378 0x16f8 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\WINDOWS\System32\drivers\serial.sys 09:01:27.0381 0x16f8 Serial - ok 09:01:27.0397 0x16f8 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 09:01:27.0399 0x16f8 sermouse - ok 09:01:27.0432 0x16f8 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\WINDOWS\system32\sessenv.dll 09:01:27.0444 0x16f8 SessionEnv - ok 09:01:27.0499 0x16f8 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 09:01:27.0500 0x16f8 sfloppy - ok 09:01:27.0550 0x16f8 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 09:01:27.0571 0x16f8 SharedAccess - ok 09:01:27.0621 0x16f8 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 09:01:27.0656 0x16f8 ShellHWDetection - ok 09:01:27.0672 0x16f8 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 09:01:27.0674 0x16f8 SiSRaid2 - ok 09:01:27.0707 0x16f8 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 09:01:27.0710 0x16f8 SiSRaid4 - ok 09:01:27.0740 0x16f8 [ DE9F4F583537162D3DE882A22589EE17, 24C9FD258BAC25471D95E3E8455588EFC66F19BB21E3BC0A4DBA8576AF8D143B ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 09:01:27.0744 0x16f8 SmbDrvI - ok 09:01:27.0778 0x16f8 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 09:01:27.0785 0x16f8 SNMPTRAP - ok 09:01:27.0826 0x16f8 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 09:01:27.0847 0x16f8 spaceport - ok 09:01:27.0867 0x16f8 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 09:01:27.0870 0x16f8 SpbCx - ok 09:01:27.0914 0x16f8 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\WINDOWS\System32\spoolsv.exe 09:01:27.0948 0x16f8 Spooler - ok 09:01:28.0174 0x16f8 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\WINDOWS\system32\sppsvc.exe 09:01:28.0347 0x16f8 sppsvc - ok 09:01:28.0384 0x16f8 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 09:01:28.0396 0x16f8 srv - ok 09:01:28.0442 0x16f8 [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 09:01:28.0465 0x16f8 srv2 - ok 09:01:28.0489 0x16f8 [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 09:01:28.0497 0x16f8 srvnet - ok 09:01:28.0526 0x16f8 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 09:01:28.0538 0x16f8 SSDPSRV - ok 09:01:28.0553 0x16f8 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 09:01:28.0561 0x16f8 SstpSvc - ok 09:01:28.0586 0x16f8 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 09:01:28.0587 0x16f8 stexstor - ok 09:01:28.0627 0x16f8 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\WINDOWS\System32\wiaservc.dll 09:01:28.0662 0x16f8 stisvc - ok 09:01:28.0689 0x16f8 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 09:01:28.0692 0x16f8 storahci - ok 09:01:28.0725 0x16f8 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys 09:01:28.0727 0x16f8 storflt - ok 09:01:28.0754 0x16f8 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\WINDOWS\system32\storsvc.dll 09:01:28.0760 0x16f8 StorSvc - ok 09:01:28.0792 0x16f8 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 09:01:28.0795 0x16f8 storvsc - ok 09:01:28.0815 0x16f8 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\WINDOWS\system32\svsvc.dll 09:01:28.0821 0x16f8 svsvc - ok 09:01:28.0829 0x16f8 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\WINDOWS\System32\drivers\swenum.sys 09:01:28.0830 0x16f8 swenum - ok 09:01:28.0865 0x16f8 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\WINDOWS\System32\swprv.dll 09:01:28.0910 0x16f8 swprv - ok 09:01:28.0972 0x16f8 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\WINDOWS\system32\sysmain.dll 09:01:29.0032 0x16f8 SysMain - ok 09:01:29.0073 0x16f8 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 09:01:29.0083 0x16f8 SystemEventsBroker - ok 09:01:29.0111 0x16f8 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 09:01:29.0118 0x16f8 TabletInputService - ok 09:01:29.0141 0x16f8 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 09:01:29.0155 0x16f8 TapiSrv - ok 09:01:29.0265 0x16f8 [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 09:01:29.0354 0x16f8 Tcpip - ok 09:01:29.0452 0x16f8 [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:01:29.0555 0x16f8 TCPIP6 - ok 09:01:29.0585 0x16f8 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 09:01:29.0587 0x16f8 tcpipreg - ok 09:01:29.0605 0x16f8 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 09:01:29.0609 0x16f8 tdx - ok 09:01:29.0664 0x16f8 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 09:01:29.0666 0x16f8 terminpt - ok 09:01:29.0713 0x16f8 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\WINDOWS\System32\termsrv.dll 09:01:29.0782 0x16f8 TermService - ok 09:01:29.0806 0x16f8 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\WINDOWS\system32\themeservice.dll 09:01:29.0815 0x16f8 Themes - ok 09:01:29.0870 0x16f8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 09:01:29.0875 0x16f8 THREADORDER - ok 09:01:29.0900 0x16f8 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 09:01:29.0910 0x16f8 TimeBroker - ok 09:01:29.0944 0x16f8 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\WINDOWS\system32\drivers\tpm.sys 09:01:29.0949 0x16f8 TPM - ok 09:01:29.0973 0x16f8 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\WINDOWS\System32\trkwks.dll 09:01:29.0982 0x16f8 TrkWks - ok 09:01:30.0030 0x16f8 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 09:01:30.0033 0x16f8 TrustedInstaller - ok 09:01:30.0059 0x16f8 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 09:01:30.0062 0x16f8 TsUsbFlt - ok 09:01:30.0070 0x16f8 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 09:01:30.0072 0x16f8 TsUsbGD - ok 09:01:30.0090 0x16f8 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 09:01:30.0095 0x16f8 tunnel - ok 09:01:30.0110 0x16f8 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 09:01:30.0113 0x16f8 uagp35 - ok 09:01:30.0131 0x16f8 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 09:01:30.0134 0x16f8 UASPStor - ok 09:01:30.0173 0x16f8 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 09:01:30.0179 0x16f8 UCX01000 - ok 09:01:30.0214 0x16f8 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 09:01:30.0264 0x16f8 udfs - ok 09:01:30.0301 0x16f8 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 09:01:30.0324 0x16f8 UI0Detect - ok 09:01:30.0370 0x16f8 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 09:01:30.0372 0x16f8 uliagpkx - ok 09:01:30.0388 0x16f8 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 09:01:30.0391 0x16f8 umbus - ok 09:01:30.0400 0x16f8 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 09:01:30.0402 0x16f8 UmPass - ok 09:01:30.0425 0x16f8 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 09:01:30.0447 0x16f8 UmRdpService - ok 09:01:30.0524 0x16f8 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 09:01:30.0534 0x16f8 UNS - ok 09:01:30.0586 0x16f8 [ 7A6ABC4711896E1AC112E85F22303DE2, 5398C0C1A12F7E54A498FDC322C4E22DBA64E4F5523AFE3FE806C5257715E2CE ] Update Jump Flip C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe 09:01:30.0594 0x16f8 Update Jump Flip - ok 09:01:30.0633 0x16f8 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\WINDOWS\System32\upnphost.dll 09:01:30.0656 0x16f8 upnphost - ok 09:01:30.0690 0x16f8 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 09:01:30.0693 0x16f8 usbccgp - ok 09:01:30.0716 0x16f8 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 09:01:30.0722 0x16f8 usbcir - ok 09:01:30.0744 0x16f8 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 09:01:30.0749 0x16f8 usbehci - ok 09:01:30.0788 0x16f8 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 09:01:30.0811 0x16f8 usbhub - ok 09:01:30.0847 0x16f8 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 09:01:30.0859 0x16f8 USBHUB3 - ok 09:01:30.0882 0x16f8 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 09:01:30.0883 0x16f8 usbohci - ok 09:01:30.0909 0x16f8 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 09:01:30.0911 0x16f8 usbprint - ok 09:01:30.0932 0x16f8 [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 09:01:30.0934 0x16f8 usbscan - ok 09:01:30.0956 0x16f8 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 09:01:30.0961 0x16f8 USBSTOR - ok 09:01:30.0975 0x16f8 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 09:01:30.0977 0x16f8 usbuhci - ok 09:01:31.0000 0x16f8 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 09:01:31.0007 0x16f8 usbvideo - ok 09:01:31.0031 0x16f8 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 09:01:31.0041 0x16f8 USBXHCI - ok 09:01:31.0088 0x16f8 [ 7A6ABC4711896E1AC112E85F22303DE2, 5398C0C1A12F7E54A498FDC322C4E22DBA64E4F5523AFE3FE806C5257715E2CE ] Util Jump Flip C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe 09:01:31.0098 0x16f8 Util Jump Flip - ok 09:01:31.0114 0x16f8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\WINDOWS\system32\lsass.exe 09:01:31.0119 0x16f8 VaultSvc - ok 09:01:31.0147 0x16f8 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 09:01:31.0149 0x16f8 vdrvroot - ok 09:01:31.0200 0x16f8 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\WINDOWS\System32\vds.exe 09:01:31.0237 0x16f8 vds - ok 09:01:31.0257 0x16f8 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 09:01:31.0262 0x16f8 VerifierExt - ok 09:01:31.0292 0x16f8 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 09:01:31.0313 0x16f8 vhdmp - ok 09:01:31.0350 0x16f8 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 09:01:31.0351 0x16f8 viaide - ok 09:01:31.0377 0x16f8 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 09:01:31.0382 0x16f8 vmbus - ok 09:01:31.0399 0x16f8 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 09:01:31.0400 0x16f8 VMBusHID - ok 09:01:31.0441 0x16f8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 09:01:31.0453 0x16f8 vmicheartbeat - ok 09:01:31.0468 0x16f8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 09:01:31.0479 0x16f8 vmickvpexchange - ok 09:01:31.0498 0x16f8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 09:01:31.0508 0x16f8 vmicrdv - ok 09:01:31.0521 0x16f8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 09:01:31.0532 0x16f8 vmicshutdown - ok 09:01:31.0545 0x16f8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 09:01:31.0557 0x16f8 vmictimesync - ok 09:01:31.0573 0x16f8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\WINDOWS\System32\ICSvc.dll 09:01:31.0583 0x16f8 vmicvss - ok 09:01:31.0614 0x16f8 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 09:01:31.0618 0x16f8 volmgr - ok 09:01:31.0641 0x16f8 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 09:01:31.0652 0x16f8 volmgrx - ok 09:01:31.0694 0x16f8 [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 09:01:31.0703 0x16f8 volsnap - ok 09:01:31.0748 0x16f8 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 09:01:31.0750 0x16f8 vpci - ok 09:01:31.0770 0x16f8 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 09:01:31.0775 0x16f8 vsmraid - ok 09:01:31.0872 0x16f8 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\WINDOWS\system32\vssvc.exe 09:01:31.0946 0x16f8 VSS - ok 09:01:31.0988 0x16f8 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 09:01:31.0997 0x16f8 VSTXRAID - ok 09:01:32.0015 0x16f8 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 09:01:32.0016 0x16f8 vwifibus - ok 09:01:32.0032 0x16f8 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 09:01:32.0034 0x16f8 vwififlt - ok 09:01:32.0047 0x16f8 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 09:01:32.0049 0x16f8 vwifimp - ok 09:01:32.0086 0x16f8 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\WINDOWS\system32\w32time.dll 09:01:32.0108 0x16f8 W32Time - ok 09:01:32.0134 0x16f8 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 09:01:32.0136 0x16f8 WacomPen - ok 09:01:32.0157 0x16f8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:01:32.0160 0x16f8 Wanarp - ok 09:01:32.0165 0x16f8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:01:32.0168 0x16f8 Wanarpv6 - ok 09:01:32.0421 0x16f8 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\WINDOWS\system32\wbengine.exe 09:01:32.0467 0x16f8 wbengine - ok 09:01:32.0499 0x16f8 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 09:01:32.0525 0x16f8 WbioSrvc - ok 09:01:32.0558 0x16f8 [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 09:01:32.0570 0x16f8 Wcmsvc - ok 09:01:32.0598 0x16f8 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 09:01:32.0623 0x16f8 wcncsvc - ok 09:01:32.0634 0x16f8 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 09:01:32.0641 0x16f8 WcsPlugInService - ok 09:01:32.0668 0x16f8 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\WINDOWS\system32\drivers\wd.sys 09:01:32.0670 0x16f8 Wd - ok 09:01:32.0698 0x16f8 [ 07D19A55CD27B330534D2DDEA60D5FC6, 9C9441EA6943481838F61FD929F88FE25DC60BB8513A2C01CB4712918A883E3F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 09:01:32.0701 0x16f8 WdBoot - ok 09:01:32.0755 0x16f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 09:01:32.0801 0x16f8 Wdf01000 - ok 09:01:32.0834 0x16f8 [ CEBD9CDAADA11FAECCA82E4C06BCDD8E, 6D6E4BF0EB97004F9C07327923C9BD2B451FDDA567FAF39556595302EE5A1A54 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 09:01:32.0855 0x16f8 WdFilter - ok 09:01:32.0877 0x16f8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 09:01:32.0951 0x16f8 WdiServiceHost - ok 09:01:32.0980 0x16f8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 09:01:32.0987 0x16f8 WdiSystemHost - ok 09:01:33.0047 0x16f8 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\WINDOWS\System32\webclnt.dll 09:01:33.0110 0x16f8 WebClient - ok 09:01:33.0141 0x16f8 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 09:01:33.0152 0x16f8 Wecsvc - ok 09:01:33.0174 0x16f8 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 09:01:33.0181 0x16f8 wercplsupport - ok 09:01:33.0197 0x16f8 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 09:01:33.0204 0x16f8 WerSvc - ok 09:01:33.0235 0x16f8 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 09:01:33.0238 0x16f8 WFPLWFS - ok 09:01:33.0251 0x16f8 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 09:01:33.0258 0x16f8 WiaRpc - ok 09:01:33.0281 0x16f8 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 09:01:33.0283 0x16f8 WIMMount - ok 09:01:33.0308 0x16f8 WinDefend - ok 09:01:33.0361 0x16f8 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 09:01:33.0419 0x16f8 WinHttpAutoProxySvc - ok 09:01:33.0484 0x16f8 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 09:01:33.0491 0x16f8 Winmgmt - ok 09:01:33.0599 0x16f8 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 09:01:33.0722 0x16f8 WinRM - ok 09:01:33.0750 0x16f8 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUSB.sys 09:01:33.0753 0x16f8 WinUsb - ok 09:01:33.0813 0x16f8 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 09:01:33.0869 0x16f8 WlanSvc - ok 09:01:33.0940 0x16f8 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 09:01:34.0008 0x16f8 wlidsvc - ok 09:01:34.0019 0x16f8 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 09:01:34.0020 0x16f8 WmiAcpi - ok 09:01:34.0055 0x16f8 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 09:01:34.0061 0x16f8 wmiApSrv - ok 09:01:34.0075 0x16f8 WMPNetworkSvc - ok 09:01:34.0100 0x16f8 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 09:01:34.0102 0x16f8 wpcfltr - ok 09:01:34.0125 0x16f8 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 09:01:34.0131 0x16f8 WPCSvc - ok 09:01:34.0156 0x16f8 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 09:01:34.0164 0x16f8 WPDBusEnum - ok 09:01:34.0183 0x16f8 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 09:01:34.0185 0x16f8 WpdUpFltr - ok 09:01:34.0191 0x16f8 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 09:01:34.0192 0x16f8 ws2ifsl - ok 09:01:34.0221 0x16f8 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 09:01:34.0229 0x16f8 wscsvc - ok 09:01:34.0255 0x16f8 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 09:01:34.0256 0x16f8 WSDPrintDevice - ok 09:01:34.0260 0x16f8 WSearch - ok 09:01:34.0359 0x16f8 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\WINDOWS\System32\WSService.dll 09:01:34.0449 0x16f8 WSService - ok 09:01:34.0485 0x16f8 [ D487F57B9E1A7C4C8EC9C53785064E8D, DE9F87DB5F99CDD300AB81FD067C54CD728885D79BF7282EB8CA70AB191278D6 ] wStLib64 C:\WINDOWS\system32\drivers\wStLib64.sys 09:01:34.0488 0x16f8 wStLib64 - ok 09:01:34.0608 0x16f8 [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 09:01:34.0720 0x16f8 wuauserv - ok 09:01:34.0740 0x16f8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 09:01:34.0743 0x16f8 WudfPf - ok 09:01:34.0773 0x16f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 09:01:34.0780 0x16f8 WUDFRd - ok 09:01:34.0796 0x16f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 09:01:34.0801 0x16f8 WUDFSensorLP - ok 09:01:34.0837 0x16f8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 09:01:34.0845 0x16f8 wudfsvc - ok 09:01:34.0855 0x16f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 09:01:34.0861 0x16f8 WUDFWpdFs - ok 09:01:34.0896 0x16f8 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 09:01:34.0920 0x16f8 WwanSvc - ok 09:01:34.0936 0x16f8 ================ Scan global =============================== 09:01:34.0970 0x16f8 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\WINDOWS\system32\basesrv.dll 09:01:35.0015 0x16f8 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll 09:01:35.0058 0x16f8 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll 09:01:35.0094 0x16f8 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\WINDOWS\system32\services.exe 09:01:35.0108 0x16f8 [ Global ] - ok 09:01:35.0109 0x16f8 ================ Scan MBR ================================== 09:01:35.0118 0x16f8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 09:01:35.0124 0x16f8 \Device\Harddisk0\DR0 - ok 09:01:35.0128 0x16f8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 09:01:35.0132 0x16f8 \Device\Harddisk1\DR1 - ok 09:01:35.0132 0x16f8 ================ Scan VBR ================================== 09:01:35.0135 0x16f8 [ 3D09EB7535341E1E12A3C0E6A950EA11 ] \Device\Harddisk0\DR0\Partition1 09:01:35.0143 0x16f8 \Device\Harddisk0\DR0\Partition1 - ok 09:01:35.0154 0x16f8 [ 27687AD731BCB2337FA9957D1C72BD31 ] \Device\Harddisk0\DR0\Partition2 09:01:35.0172 0x16f8 \Device\Harddisk0\DR0\Partition2 - ok 09:01:35.0190 0x16f8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 09:01:35.0190 0x16f8 \Device\Harddisk0\DR0\Partition3 - ok 09:01:35.0206 0x16f8 [ 940919504BDBA55C67238217A12AE7F4 ] \Device\Harddisk0\DR0\Partition4 09:01:35.0224 0x16f8 \Device\Harddisk0\DR0\Partition4 - ok 09:01:35.0256 0x16f8 [ 77C81AD1A97276DEEB0D4DFE6B00A45E ] \Device\Harddisk0\DR0\Partition5 09:01:35.0285 0x16f8 \Device\Harddisk0\DR0\Partition5 - ok 09:01:35.0306 0x16f8 [ 44591B12289934D05671111EBDFEE01B ] \Device\Harddisk0\DR0\Partition6 09:01:35.0335 0x16f8 \Device\Harddisk0\DR0\Partition6 - ok 09:01:35.0338 0x16f8 [ 5127D417FCD60E95E41ADC2A2E04D34B ] \Device\Harddisk1\DR1\Partition1 09:01:35.0340 0x16f8 \Device\Harddisk1\DR1\Partition1 - ok 09:01:35.0341 0x16f8 Waiting for KSN requests completion. In queue: 76 09:01:36.0341 0x16f8 Waiting for KSN requests completion. In queue: 76 09:01:37.0342 0x16f8 Waiting for KSN requests completion. In queue: 76 09:01:38.0404 0x16f8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated ) 09:01:38.0417 0x16f8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2008.177 ), 0x41000 ( enabled : updated ) 09:01:38.0429 0x16f8 Win FW state via NFP2: enabled 09:01:40.0960 0x16f8 ============================================================ 09:01:40.0960 0x16f8 Scan finished 09:01:40.0960 0x16f8 ============================================================ 09:01:40.0968 0x141c Detected object count: 0 09:01:40.0968 0x141c Actual detected object count: 0

#4 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 01 April 2014 - 08:04 AM

Please attach the log files to your next reply. I cannot read them this way.


Proud Member of UNITE & TB
 

#5 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 02 April 2014 - 07:20 AM

Sorry about that. The files are attached, and thank you.

Attached Files


Edited by lastofsix, 02 April 2014 - 07:26 AM.


#6 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 02 April 2014 - 07:22 AM

here is the other

Edited by lastofsix, 02 April 2014 - 07:37 AM.


#7 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 02 April 2014 - 07:29 AM

Let's try that again. It keeps fighting me.

Attached Files



#8 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 02 April 2014 - 07:39 AM

trying

#9 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 02 April 2014 - 07:52 AM

So frustrating, It fought me every step of the way, had to copy to a drive and upload from another computer.  Thank you for your patience.

Attached Files



#10 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 03 April 2014 - 03:51 AM

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Jump Flip
Mobogenie
Mysearchdial
Update for Zip Opener
Zip Opener Packages


Close the window.

 

 

When finished, run FRST again.

Place a checkmark next to addition.txt and hit scan.

 

It will create two log files.

 

Select the whole content of FRST.txt and select "copy" from the menu of notepad.

 

click "Reply" in your topic here and click the <>-symbol on the menu bar, right click into the lower text box and select "paste".

 

The content of FRST.txt should be inserted. Hit OK now - You´ll see a box within your reply containing the FRST.txt content.

 

Repeat this procedure with the addition.txt.

 

It should look like below:

Content of FRST.txt
Content of addition.txt

Hit "Post".


Proud Member of UNITE & TB
 

#11 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 03 April 2014 - 07:21 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Owner (administrator) on PC on 03-04-2014 08:16:14
Running from C:\Users\Owner\Desktop
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-13] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-577688620-2837512403-3304191142-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-577688620-2837512403-3304191142-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-577688620-2837512403-3304191142-1001\...\MountPoints2: {7c458217-b94a-11e3-be86-0c84dc53c904} - "D:\LaunchU3.exe" -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Online Games - Play Now The Settlers Online) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aanfdcmafkoojbioniodccniihhgpjdh [2013-12-27]
CHR Extension: (Spades Card Game) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\adfkbbnjpnmlfinmfampbcfgjhbaekdh [2013-12-15]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-12]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-12]
CHR Extension: (Freecell Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabpjbpfakfhcfidnjahmdophhihafkh [2013-12-15]
CHR Extension: (Yahtzee multiplayer) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeolalmogcfajemkjlppinlopholnoc [2013-12-15]
CHR Extension: (Pyramid Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibdpgohpfkaadcpnhhfgodfmicbnen [2013-12-15]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-12]
CHR Extension: (Christmas Solitiare) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcbjomfajlnldboplncbdhmdaagcpln [2013-12-15]
CHR Extension: (Christmas Time Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dijbepjhnbemlkankfdenhghjikmhhfk [2013-12-15]
CHR Extension: (Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjlbfnkpgakglnagaagohffmeomnllai [2013-12-15]
CHR Extension: (iCloud Bookmarks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2013-12-28]
CHR Extension: (Christmas Mahjong) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm [2013-12-15]
CHR Extension: (RadioRage) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk [2014-01-18]
CHR Extension: (Fairway Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkpbdfapchjogkmfpcmnfjdimgijhdho [2013-12-15]
CHR Extension: (avast! Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-13]
CHR Extension: (World of Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn [2013-12-15]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-12-15]
CHR Extension: (Blocks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdnglanfhhkanekkdmakmbegnojgpmnm [2013-12-15]
CHR Extension: (Mahjong) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimcabmfjaeoldnchodmelflfjmgaojh [2013-12-15]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-12]
CHR Extension: (3D Bomb Destroyer) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom [2013-12-15]
CHR Extension: (Bubble Popper) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaibhlkcnggjafmfnpikoiaeahpojbf [2013-12-15]
CHR Extension: (Egypt Hidden Objects) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcldnhngfkenomdhakiemadjocffjajj [2013-12-15]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-12]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Owner\AppData\Local\mysearchdial-speeddial.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-13]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-13] (AVAST Software)
S3 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation)
S3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-22] (WildTangent)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [38984 2013-12-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [84328 2013-12-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-12-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-13] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1032416 2013-12-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [409832 2013-12-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-13] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [67864 2013-04-16] (ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; 
U4 BthHFEnum; 
U4 bthhfhid; 
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-14] (Ralink Technology, Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33744 2013-04-16] (Synaptics Incorporated)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-20] (StdLib)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 08:16 - 2014-04-03 08:16 - 00014733 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-04-03 08:13 - 2014-04-01 08:39 - 02157056 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-04-02 08:17 - 2014-04-02 08:17 - 00024920 _____ () C:\Users\Owner\Downloads\FRST Addition.txt
2014-04-01 09:00 - 2014-04-01 08:59 - 04113320 _____ () C:\Users\Owner\Desktop\tdsskiller.zip
2014-04-01 08:41 - 2014-04-02 08:17 - 00024920 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-04-01 08:40 - 2014-04-02 08:18 - 00030986 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-04-01 08:39 - 2014-04-03 08:16 - 00000000 ____D () C:\FRST
2014-04-01 08:39 - 2014-04-01 08:39 - 02157056 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-04-01 08:38 - 2014-04-01 08:38 - 01145856 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-03-31 22:30 - 2014-03-31 22:30 - 00009974 _____ () C:\Users\Owner\Downloads\hijackthis.log
2014-03-31 22:26 - 2014-03-31 22:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HiJackThis.exe
2014-03-29 15:26 - 2014-03-29 15:26 - 00307584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-24 07:30 - 2014-03-24 07:30 - 04134240 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\TDSSKiller.exe
2014-03-20 21:29 - 2013-10-25 02:34 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-20 21:29 - 2013-10-24 17:34 - 00248240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-20 21:17 - 2014-01-30 19:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-03-20 21:17 - 2014-01-30 19:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-03-20 18:39 - 2014-03-20 18:39 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLib64.sys
2014-03-20 18:20 - 2014-02-23 03:12 - 19273216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-20 18:20 - 2014-02-23 01:53 - 14358016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-20 18:19 - 2014-02-23 03:13 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-20 18:19 - 2014-02-23 03:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-20 18:19 - 2014-02-23 03:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-03-20 18:19 - 2014-02-23 03:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-03-20 18:19 - 2014-02-23 03:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-20 18:19 - 2014-02-23 03:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-20 18:19 - 2014-02-23 03:12 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 03960320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-20 18:19 - 2014-02-23 03:11 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-20 18:19 - 2014-02-23 01:54 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-20 18:19 - 2014-02-23 01:54 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-20 18:19 - 2014-02-23 01:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-20 18:19 - 2014-02-23 01:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-20 18:19 - 2014-02-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-20 18:19 - 2014-02-23 01:31 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-20 18:19 - 2014-02-22 23:06 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-03-20 18:19 - 2014-02-07 23:34 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-20 18:19 - 2014-02-05 18:41 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-20 18:19 - 2014-02-05 18:37 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-20 18:19 - 2013-12-07 01:36 - 19751936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-20 18:19 - 2013-12-07 00:15 - 17560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

==================== One Month Modified Files and Folders =======

2014-04-03 08:16 - 2014-04-03 08:16 - 00014733 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-04-03 08:16 - 2014-04-01 08:39 - 00000000 ____D () C:\FRST
2014-04-03 08:15 - 2013-12-12 16:53 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 08:15 - 2012-07-26 02:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-03 08:14 - 2014-01-03 00:00 - 00000000 ____D () C:\Program Files (x86)\Jump Flip
2014-04-03 08:14 - 2012-08-01 20:20 - 00016156 _____ () C:\WINDOWS\PFRO.log
2014-04-03 08:13 - 2013-08-20 01:55 - 00004268 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-04-03 08:12 - 2012-08-15 19:46 - 00000739 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-04-03 08:08 - 2013-08-20 01:55 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-04-03 08:08 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-02 12:48 - 2013-12-12 16:53 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-02 11:57 - 2012-07-26 00:26 - 00000324 _____ () C:\WINDOWS\win.ini
2014-04-02 08:18 - 2014-04-01 08:40 - 00030986 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-04-02 08:17 - 2014-04-02 08:17 - 00024920 _____ () C:\Users\Owner\Downloads\FRST Addition.txt
2014-04-02 08:17 - 2014-04-01 08:41 - 00024920 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-04-02 08:03 - 2013-08-20 01:58 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-04-02 08:03 - 2013-08-20 01:58 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-04-01 09:01 - 2012-07-26 02:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-01 09:00 - 2012-07-26 02:21 - 00034054 _____ () C:\WINDOWS\setupact.log
2014-04-01 08:59 - 2014-04-01 09:00 - 04113320 _____ () C:\Users\Owner\Desktop\tdsskiller.zip
2014-04-01 08:39 - 2014-04-03 08:13 - 02157056 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-04-01 08:39 - 2014-04-01 08:39 - 02157056 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-04-01 08:38 - 2014-04-01 08:38 - 01145856 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-03-31 22:43 - 2013-12-12 16:53 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 22:43 - 2013-12-12 16:53 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 22:30 - 2014-03-31 22:30 - 00009974 _____ () C:\Users\Owner\Downloads\hijackthis.log
2014-03-31 22:30 - 2013-12-12 15:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-03-31 22:26 - 2014-03-31 22:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HiJackThis.exe
2014-03-31 22:10 - 2013-12-12 15:52 - 00000062 _____ () C:\Users\Owner\AppData\Roaming\sp_data.sys
2014-03-31 22:10 - 2013-08-20 01:58 - 00003056 _____ () C:\WINDOWS\System32\Tasks\ASUS P4G
2014-03-31 22:10 - 2013-08-20 01:58 - 00003028 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2014-03-31 22:10 - 2013-08-20 01:57 - 00003004 _____ () C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2014-03-31 22:10 - 2013-08-20 01:57 - 00002988 _____ () C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2014-03-31 22:10 - 2013-08-20 01:49 - 00003542 _____ () C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2014-03-31 22:09 - 2013-12-13 21:24 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-29 19:46 - 2013-12-12 21:52 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-577688620-2837512403-3304191142-1001
2014-03-29 18:27 - 2014-01-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-29 18:27 - 2014-01-02 23:57 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Systweak
2014-03-29 18:27 - 2013-12-12 15:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 15:26 - 2014-03-29 15:26 - 00307584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-29 14:29 - 2014-01-02 23:57 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-29 14:16 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-29 14:15 - 2014-01-03 00:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\genienext
2014-03-29 14:15 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-29 14:05 - 2013-12-12 15:48 - 01239389 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-29 14:00 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-03-29 13:38 - 2013-12-12 15:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 13:36 - 2013-12-18 21:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-29 13:36 - 2013-12-18 21:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 13:33 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-27 20:31 - 2014-01-03 00:05 - 00003406 _____ () C:\Users\Owner\daemonprocess.txt
2014-03-25 16:02 - 2013-12-12 19:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-25 15:57 - 2013-12-12 19:09 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-25 15:57 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-24 07:30 - 2014-03-24 07:30 - 04134240 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\TDSSKiller.exe
2014-03-20 18:39 - 2014-03-20 18:39 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLib64.sys
2014-03-20 18:12 - 2014-01-23 13:51 - 00036864 ___SH () C:\Users\Owner\Desktop\Thumbs.db
2014-03-15 22:02 - 2013-12-12 16:53 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 17:52 - 2013-12-12 21:43 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 17:52 - 2013-12-12 21:43 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\67582uninstall.exe
C:\Users\Owner\AppData\Local\Temp\BackupSetup.exe
C:\Users\Owner\AppData\Local\Temp\Sqlite3.dll
C:\Users\Owner\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 15:51

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Owner at 2014-04-03 08:17:10
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2008 - Avast Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Monopoly® (x32 Version: 3.0.2.51 - WildTangent) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayCatan Access Software (HKLM-x32\...\PlayCatan Client) (Version: 3.1086 - Catan GmbH)
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Settlers of the West (HKLM-x32\...\BFG-Settlers of the West) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Solitaire Egypt (x32 Version: 3.0.2.59 - WildTangent) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (04/03/2013 2.0.0.16) (HKLM\...\ABFE641926C15116CB09A41A6F65DE6F260D04E3) (Version: 04/03/2013 2.0.0.16 - ASUS)
Windows Driver Package - Synaptics (SmbDrv) System  (12/20/2012 16.3.7.0) (HKLM\...\8D889180E2A10B494B566FD27B7483E5AA652B51) (Version: 12/20/2012 16.3.7.0 - Synaptics)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)

==================== Restore Points  =========================

03-03-2014 21:55:13 Windows Update
25-03-2014 00:04:32 Windows Update

==================== Hosts content: ==========================

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0EE750B4-E2D0-4955-832D-07A6182A2924} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {1AA69DF1-85AF-4382-A4C2-0061864F88D1} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {233A470D-CD79-42FF-8251-DAAE725DC36E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {60CD7921-93B5-461A-A126-DF2CFF05D5B0} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {79274D30-A024-479D-B505-B9090FB2AAF7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {869DEB34-66B3-4D17-8EC3-9370E26AE41E} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {9466648A-30AE-4266-9223-1B302F7F750E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-13] (AVAST Software)
Task: {950C399F-DF0C-4946-9677-527B12D3ACF7} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\WINDOWS\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {967C28BE-0008-4687-BBD1-8451C9B5FF7B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {9ABA3E4C-C4AF-419D-95A1-16C6DF7FA521} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CBB9AFC3-EB9B-4996-9B40-92149B961145} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {D29A9F3F-9BE4-4D71-901A-CBAEC42B182B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F659F9FE-F778-43D8-B492-677F0562A362} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {FEC853D1-13F8-49BB-9CC9-0660184D6AAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-26 09:04 - 2013-01-02 01:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-04-03 08:15 - 2014-04-03 02:47 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14040300\algo.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-12-13 21:24 - 2013-12-13 21:24 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:AA559E17

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/02/2014 08:15:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1235

Error: (04/02/2014 08:15:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1235

Error: (04/02/2014 08:15:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 00:56:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1344

Error: (04/02/2014 00:56:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1344

Error: (04/02/2014 00:56:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 11:37:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1344

Error: (04/02/2014 11:37:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1344

Error: (04/02/2014 11:37:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 10:47:42 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005


System errors:
=============
Error: (04/03/2014 08:14:35 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (04/03/2014 08:10:10 AM) (Source: Service Control Manager) (User: )
Description: The Update Jump Flip service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/03/2014 08:10:10 AM) (Source: Service Control Manager) (User: )
Description: The Util Jump Flip service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (03/31/2014 10:05:36 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (03/31/2014 10:05:36 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (03/31/2014 10:05:31 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT AUTHORITY)
Description: 32212254731163184

Error: (03/29/2014 06:31:40 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (03/29/2014 03:27:32 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053

Error: (03/29/2014 03:27:32 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

Error: (03/29/2014 02:16:40 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0


Microsoft Office Sessions:
=========================
Error: (04/02/2014 08:15:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1235

Error: (04/02/2014 08:15:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1235

Error: (04/02/2014 08:15:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 00:56:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1344

Error: (04/02/2014 00:56:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1344

Error: (04/02/2014 00:56:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 11:37:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1344

Error: (04/02/2014 11:37:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1344

Error: (04/02/2014 11:37:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/02/2014 10:47:42 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 3981.71 MB
Available physical RAM: 2969 MB
Total Pagefile: 4749.71 MB
Available Pagefile: 3742.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.11 GB) (Free:404.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 32FAA5A0)

Partition: GPT Partition Type.

==================== End Of Log ============================

Thank you very much for your help. Already starting to get better. Will wait for your next instructions.



#12 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 04 April 2014 - 03:07 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 

#13 lastofsix

lastofsix

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 05 April 2014 - 12:21 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Owner at 2014-04-05 00:48:01 Run:1
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
CHR Extension: (RadioRage) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk [2014-01-18]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Owner\AppData\Local\mysearchdial-speeddial.crx [2014-01-03]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-20] (StdLib)

C:\Windows\System32\drivers\wStLib64.sys
2014-04-03 08:14 - 2014-01-03 00:00 - 00000000 ____D () C:\Program Files (x86)\Jump Flip
2014-03-29 18:27 - 2014-01-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-29 18:27 - 2014-01-02 23:57 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Systweak
2014-03-29 18:27 - 2013-12-12 15:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 14:29 - 2014-01-02 23:57 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-29 14:16 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-29 14:15 - 2014-01-03 00:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\genienext
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully.
C:\Users\Owner\AppData\Local\mysearchdial-speeddial.crx => Moved successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
wStLib64 => Unable to stop service
wStLib64 => Service deleted successfully.
C:\Windows\System32\drivers\wStLib64.sys => Moved successfully.
C:\Program Files (x86)\Jump Flip => Moved successfully.
C:\Program Files (x86)\MyPC Backup => Moved successfully.
C:\Users\Owner\AppData\Roaming\Systweak => Moved successfully.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup => Moved successfully.
C:\Program Files (x86)\Mobogenie => Moved successfully.
Could not move "C:\WINDOWS\system32\config\BBI" => Scheduled to move on reboot.
C:\Users\Owner\AppData\Local\genienext => Moved successfully.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-05 00:51:35)<=

"C:\WINDOWS\system32\config\BBI" => File could not move.

==== End of Fixlog ====
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/5/2014
Scan Time: 1:07:05 AM
Logfile: 
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.05.01
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 245678
Time Elapsed: 9 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, Quarantined, [664f53d3c2b9f1458603ec5547bb33cd], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, Quarantined, [664f53d3c2b9f1458603ec5547bb33cd], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, Quarantined, [664f53d3c2b9f1458603ec5547bb33cd], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-577688620-2837512403-3304191142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [348183a39cdf59dd03df5f0eee14e719], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-577688620-2837512403-3304191142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [0fa67fa7aecdf73fe73997ed4ab92ed2], 

Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-577688620-2837512403-3304191142-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X2O1C0R2R1R, Quarantined, [0fa67fa7aecdf73fe73997ed4ab92ed2]

Registry Data: 1
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://start.mysearchdial.com/?f=2&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=, Good: (www.google.com), Bad: (http://start.mysearchdial.com/?f=2&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=),Replaced,[298c9393f883c2743a7ebb4fd331e41c]

Folders: 2
PUP.Optional.NextLive.A, C:\Users\Owner\AppData\Roaming\newnext.me, Quarantined, [1d9866c0a5d687af15cda3b227db7d83], 
PUP.Optional.NextLive.A, C:\Users\Owner\AppData\Roaming\newnext.me\cache, Quarantined, [1d9866c0a5d687af15cda3b227db7d83], 

Files: 10
PUP.Optional.Installcore, C:\Users\Owner\AppData\Local\Temp\is357113909\469260757_stp\HomePageDLL.dll, Quarantined, [5461d94de79496a0f4b84da54db67c84], 
PUP.Optional.JumpFlip.A, C:\Users\Owner\AppData\Local\Temp\is357113909\469261122_stp\JumpFlipSetup.exe, Quarantined, [50658e987efdb4821ed24c5be32047b9], 
PUP.Optional.RegCleanPro, C:\Users\Owner\AppData\Local\Temp\is357113909\469261955_stp\rcpsetup_adppi4_adppi4.exe, Quarantined, [3580ae78fa81989e99f0082c55abf40c], 
PUP.Optional.Outbrowse, C:\Users\Owner\Downloads\Setup.exe, Quarantined, [2d88ec3a5f1c65d12725b9efd42fde22], 
PUP.Optional.InstallCore, C:\Users\Owner\Downloads\ZipOpenerSetup.exe, Quarantined, [4f667babd1aa7eb88e05d46aec15fb05], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, Quarantined, [338248de6a1182b4ecae70f7fa0819e7], 
PUP.Optional.FunMoods.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage, Quarantined, [a90c889ecdaefc3a5dfb7d10887b728e], 
PUP.Optional.NextLive.A, C:\Users\Owner\AppData\Roaming\newnext.me\nengine.cookie, Quarantined, [1d9866c0a5d687af15cda3b227db7d83], 
PUP.Optional.NextLive.A, C:\Users\Owner\AppData\Roaming\newnext.me\cache\spark.bin, Quarantined, [1d9866c0a5d687af15cda3b227db7d83], 
PUP.Optional.MySearchDial.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://www.google.com/", "http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtDtCtA0Czz0D0C0ByB0FtN0D0Tzu0CyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1320859745&ir=" ],), Replaced,[1c9981a58fec8ea88a4aa59a41c317e9]

Physical Sectors: 0
(No malicious items detected)


(end)

Thanks TB. I will wait for your next instructions.



#14 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 07 April 2014 - 05:15 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 

#15 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 22 April 2014 - 06:38 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic
Proud Member of UNITE & TB
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users