Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91700 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Outfox.tv removal help [Solved]


  • This topic is locked This topic is locked
14 replies to this topic

#1 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 01 April 2014 - 07:23 AM

Hi, 

 

I've got something on my computer called Outfox.tv. Any help you can offer removing it would be greatly appreciated. It's changed the homepage on my browsers and creates lots of pop ups. Turns out Conduit was also installed along with it.

 

 

hijackthis:

 

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 13:44:36, on 01/04/2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

 

FIREFOX: 28.0 (en-US)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Nathaniel\AppData\Roaming\Search Protection\SearchProtection.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe

C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Nathaniel\Downloads\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=204900537&ir=

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: FindRight - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightbho.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll

O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4F6BA42AF0EA495F169444359A24FF26] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [SearchProtection] "C:\Users\Nathaniel\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe

O4 - Startup: Dropbox.lnk = C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe

O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: OutfoxTvService - Outfox Tv Productions Pty Ltd - C:\Program Files\OutfoxTV\OutfoxTvService.exe

O23 - Service: OutfoxTvUpdater - Outfox Tv Productions Pty Ltd - C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 11668 bytes

 

 

OTL

 

 

OTL logfile created on: 01/04/2014 14:08:45 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nathaniel\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
5.90 Gb Total Physical Memory | 4.42 Gb Available Physical Memory | 74.93% Memory free
6.84 Gb Paging File | 5.23 Gb Available in Paging File | 76.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.42 Gb Total Space | 415.06 Gb Free Space | 89.18% Space Free | Partition Type: NTFS
 
Computer Name: MA-LAPTOP | User Name: Nathaniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/01 13:51:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nathaniel\Downloads\OTL.exe
PRC - [2014/03/30 12:05:12 | 002,466,080 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2014/03/28 15:16:18 | 000,228,744 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
PRC - [2014/03/27 08:09:28 | 000,318,864 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
PRC - [2014/03/25 05:45:30 | 000,259,472 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe
PRC - [2014/03/25 05:45:22 | 000,610,192 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTvService.exe
PRC - [2014/03/19 13:24:28 | 000,842,088 | ---- | M] (Spigot, Inc.) -- C:\Users\Nathaniel\AppData\Roaming\Search Protection\SearchProtection.exe
PRC - [2014/03/15 01:50:42 | 000,859,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/02/01 00:16:26 | 032,179,440 | ---- | M] (Dropbox, Inc.) -- C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/01/21 03:57:40 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/21 03:57:07 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/15 22:06:36 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/08/22 03:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2012/07/18 13:02:42 | 000,313,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
PRC - [2012/05/02 22:02:16 | 000,164,864 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2012/01/25 16:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/04/01 13:57:08 | 000,027,136 | ---- | M] () -- C:\Users\NATHAN~1\AppData\Local\Temp\CertMon.dll
MOD - [2014/04/01 13:38:37 | 000,041,984 | ---- | M] () -- c:\users\nathan~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfnzoff.dll
MOD - [2014/03/15 01:50:40 | 013,637,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
MOD - [2014/03/15 01:50:40 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll
MOD - [2014/03/15 01:50:38 | 004,061,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
MOD - [2014/03/15 01:50:35 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
MOD - [2014/03/15 01:50:34 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
MOD - [2014/03/15 01:50:32 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
MOD - [2014/03/15 01:50:30 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
MOD - [2014/02/08 19:34:51 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2014/01/03 04:42:50 | 003,610,624 | ---- | M] () -- C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/11/13 02:13:53 | 005,287,936 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2013/10/24 05:38:44 | 004,554,752 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2013/10/19 00:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/08/17 01:06:32 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/08/17 01:06:31 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2013/08/17 01:06:31 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/08/17 01:06:31 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MOD - [2013/08/17 01:06:31 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013/08/17 01:06:30 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/08/17 01:06:30 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
MOD - [2013/08/17 01:06:30 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2013/08/17 01:06:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/08/17 01:06:23 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/03/25 05:45:30 | 000,259,472 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe -- (OutfoxTvUpdater)
SRV:64bit: - [2014/03/25 05:45:22 | 000,610,192 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvService.exe -- (OutfoxTvService)
SRV:64bit: - [2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/21 03:56:53 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/27 16:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 10:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/23 05:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/08 04:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/31 01:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/10/31 01:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/10/22 02:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/04 09:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/21 06:38:15 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/21 06:34:45 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/08/31 11:00:10 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 21:59:55 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/08/22 21:59:55 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/03/30 12:05:12 | 002,466,080 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/03/29 15:21:14 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/14 15:17:00 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/03/13 09:25:50 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/01/21 03:57:07 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/12/15 22:06:36 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/31 10:25:30 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/05/02 22:02:16 | 000,164,864 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2012/01/25 16:23:54 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/01/25 16:23:54 | 000,192,792 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe -- (HP DS Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/02/08 19:34:51 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2014/01/08 02:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/12/27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/12/21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/12/20 00:18:36 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/12/15 00:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/15 00:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/11/11 03:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 12:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/31 01:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/31 01:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/31 01:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/10/31 01:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/26 02:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/13 03:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 16:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/25 23:52:42 | 003,589,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwbw02.sys -- (NETwNb64)
DRV:64bit: - [2013/09/21 13:10:51 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/17 10:18:30 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/14 15:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 21:59:57 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/08/22 21:59:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 21:59:46 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/08/22 21:59:46 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/08/22 21:59:46 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/08/22 21:59:46 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/08/22 21:59:46 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 12:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 11:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 15:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/06/18 15:45:43 | 004,649,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew02.sys -- (NETwNe64)
DRV:64bit: - [2013/01/24 19:12:08 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=204900537&ir=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=204900537&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=204900537&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.conduit.com/?gd=&cti [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
IE - HKCU\..\SearchScopes,DefaultScope = {F3790D08-4135-48A5-9B70-05BEE3956152}
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=204900537&ir=
IE - HKCU\..\SearchScopes\{F3790D08-4135-48A5-9B70-05BEE3956152}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.outfox.tv....google.co.uk/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://uk.search.yah...type=599486&p="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Nathaniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 15:21:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 15:21:02 | 000,000,000 | ---D | M]
 
[2014/02/24 20:06:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathaniel\AppData\Roaming\mozilla\Extensions
[2014/03/20 22:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathaniel\AppData\Roaming\mozilla\Firefox\Profiles\rroi02vo.default\extensions
[2014/02/27 16:09:00 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Nathaniel\AppData\Roaming\mozilla\firefox\profiles\rroi02vo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/03/31 22:42:07 | 000,001,030 | ---- | M] () -- C:\Users\Nathaniel\AppData\Roaming\mozilla\firefox\profiles\rroi02vo.default\searchplugins\conduit-search.xml
[2014/02/28 00:12:57 | 000,000,922 | ---- | M] () -- C:\Users\Nathaniel\AppData\Roaming\mozilla\firefox\profiles\rroi02vo.default\searchplugins\yahoo_ff.xml
[2014/03/29 15:21:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/29 15:21:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/15 04:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.condui...rchTerms}&SSPV=
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: ZenMate for Google Chromeâ„¢ = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme\3.3_0\
CHR - Extension: AdBlock = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.23_0\
CHR - Extension: Google Wallet = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (FindRight) - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightBHO.dll (FindRight)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (Ironsource Israel (2011) LTD)
O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet 200 color MFP M276 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [StatusAlerts] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_4F6BA42AF0EA495F169444359A24FF26] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe (Outfox Tv Productions Pty Ltd)
O4 - HKCU..\Run: [SearchProtection] C:\Users\Nathaniel\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O4 - Startup: C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66070FB6-F290-47C0-84BD-E83204150AFC}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95B3F918-8C29-481F-B622-D862464C9667}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/01 14:02:47 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\Nathaniel\Desktop\dds (1).scr
[2014/03/31 22:43:05 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Roaming\Systweak
[2014/03/31 22:42:24 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Local\Programs
[2014/03/31 22:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\OutfoxTV
[2014/03/31 22:42:03 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Local\SearchProtect
[2014/03/31 22:41:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/03/31 22:41:34 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/03/31 22:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/03/31 21:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/03/31 21:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/03/31 21:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/03/31 21:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/03/31 21:29:39 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2014/03/31 21:29:39 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/03/31 21:29:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/03/31 21:29:38 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2014/03/31 21:29:38 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/03/31 21:29:38 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/03/31 21:11:46 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\Documents\My Kindle Content
[2014/03/31 21:11:42 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2014/03/31 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Local\Amazon
[2014/03/31 21:11:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2014/03/30 22:05:25 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Local\Facebook
[2014/03/29 15:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/22 21:26:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/03/22 21:26:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/03/22 21:26:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/03/18 13:40:36 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/03/18 13:40:35 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/03/17 19:15:04 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Local\Diagnostics
[2014/03/14 20:49:14 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/03/14 20:49:11 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/03/14 20:49:10 | 000,124,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2014/03/14 07:08:52 | 001,643,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/03/14 07:08:52 | 001,507,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/03/14 07:08:37 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/14 07:08:33 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/14 07:08:31 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/14 07:08:31 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/14 07:08:31 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/14 07:08:20 | 006,640,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/03/14 07:08:20 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/03/14 07:08:19 | 002,143,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2014/03/14 07:08:19 | 002,133,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2014/03/14 07:08:19 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/03/14 07:08:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/03/14 07:08:18 | 004,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2014/03/14 07:08:18 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\combase.dll
[2014/03/14 07:08:18 | 001,371,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\combase.dll
[2014/03/14 07:08:18 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/03/14 07:08:18 | 000,764,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmpeg2srcsnk.dll
[2014/03/14 07:08:18 | 000,669,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
[2014/03/14 07:08:17 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2014/03/14 07:08:17 | 001,486,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2014/03/14 07:08:17 | 001,238,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2014/03/14 07:08:17 | 000,458,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2014/03/14 07:08:17 | 000,408,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2014/03/14 07:08:17 | 000,407,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2014/03/14 07:08:17 | 000,369,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2014/03/14 07:08:17 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2014/03/14 07:08:17 | 000,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014/03/14 07:08:17 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2014/03/14 07:08:16 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2014/03/14 07:08:16 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWWIN.EXE
[2014/03/14 07:08:16 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWWIN.EXE
[2014/03/14 07:08:16 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/03/14 07:08:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/03/14 07:07:58 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/14 07:07:58 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/08 18:20:54 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\Desktop\Issue Boarding Pass_files
[2014/03/06 12:06:54 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Roaming\Hewlett-Packard Company
[2014/03/06 12:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2014/03/06 12:06:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
[2014/03/06 12:06:07 | 000,027,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppfaxprintermon5.dll
[2014/03/06 12:06:07 | 000,022,072 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppfaxprintermonui5.dll
[2014/03/06 12:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/03/06 12:05:37 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\AppData\Roaming\HpUpdate
[2014/03/06 12:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/03/06 12:05:09 | 000,000,000 | ---D | C] -- C:\Users\Nathaniel\Desktop\HP
[2014/03/06 12:01:06 | 000,511,488 | ---- | C] (HP) -- C:\Windows\SysWow64\hpcdmc32.DLL
[2014/03/06 12:01:06 | 000,311,808 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpcpn117.dll
[2014/03/06 12:00:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/03/06 12:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/03/06 12:00:00 | 000,947,104 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpptsplj276_x64.dll
[2014/03/06 12:00:00 | 000,776,096 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hpptsplj276.dll
[2014/03/06 12:00:00 | 000,638,008 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzjcd01.dll
[2014/03/06 12:00:00 | 000,522,128 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwia2_lj276.dll
[2014/03/06 12:00:00 | 000,217,656 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hppscancoins64.dll
[2014/03/06 11:59:57 | 000,311,296 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpbcoins64.dll
[2014/03/06 11:59:27 | 000,000,000 | ---D | C] -- C:\HP_LaserJet_200_color_MFP_M276
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/01 14:03:01 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\Nathaniel\Desktop\dds (1).scr
[2014/04/01 14:02:15 | 000,625,664 | ---- | M] () -- C:\Users\Nathaniel\Desktop\dds.scr
[2014/04/01 13:59:01 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
[2014/04/01 13:57:03 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\UpdaterEX.job
[2014/04/01 13:57:03 | 000,000,179 | ---- | M] () -- C:\Users\Nathaniel\AppData\Roaming\WB.CFG
[2014/04/01 13:41:53 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/01 13:41:53 | 000,735,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/01 13:41:53 | 000,139,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/01 13:39:14 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/01 13:39:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/01 13:38:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/01 07:24:41 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/01 07:23:31 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/04/01 07:23:26 | 773,910,527 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/01 07:21:07 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/01 07:10:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA.job
[2014/03/31 22:41:36 | 000,001,985 | ---- | M] () -- C:\Users\Nathaniel\Desktop\Sync Folder.lnk
[2014/03/31 22:41:34 | 000,001,113 | ---- | M] () -- C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/03/31 22:41:34 | 000,001,103 | ---- | M] () -- C:\Users\Nathaniel\Desktop\MyPC Backup.lnk
[2014/03/31 22:10:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core.job
[2014/03/31 21:11:42 | 000,002,014 | ---- | M] () -- C:\Users\Nathaniel\Desktop\Kindle.lnk
[2014/03/15 02:47:05 | 000,473,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/14 20:11:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_wpdcomp_01_11_00.Wdf
[2014/03/14 20:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/03/08 18:20:54 | 000,020,148 | ---- | M] () -- C:\Users\Nathaniel\Desktop\Issue Boarding Pass.htm
[2014/03/06 12:06:15 | 000,001,272 | ---- | M] () -- C:\Users\Public\Desktop\HP LJ200 M276 Scan.lnk
[2014/03/06 12:06:07 | 000,000,608 | -HS- | M] () -- C:\Windows\SysNative\winzvprt5.sys
[2014/03/06 12:06:07 | 000,000,242 | ---- | M] () -- C:\Windows\SysNative\hppfaxprinter5.ini
[2014/03/06 12:05:48 | 000,001,297 | ---- | M] () -- C:\Users\Public\Desktop\HP LaserJet 200 color MFP M276 - Help & Learn Center.lnk
[2014/03/06 12:05:09 | 000,000,168 | ---- | M] () -- C:\Windows\SysNative\AddPort.ini
[2014/03/04 23:53:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/04 23:53:04 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
 
========== Files Created - No Company Name ==========
 
[2014/04/01 14:02:07 | 000,625,664 | ---- | C] () -- C:\Users\Nathaniel\Desktop\dds.scr
[2014/03/31 22:41:36 | 000,001,985 | ---- | C] () -- C:\Users\Nathaniel\Desktop\Sync Folder.lnk
[2014/03/31 22:41:34 | 000,001,113 | ---- | C] () -- C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/03/31 22:41:34 | 000,001,103 | ---- | C] () -- C:\Users\Nathaniel\Desktop\MyPC Backup.lnk
[2014/03/31 21:11:42 | 000,002,014 | ---- | C] () -- C:\Users\Nathaniel\Desktop\Kindle.lnk
[2014/03/30 22:05:28 | 000,000,964 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA.job
[2014/03/30 22:05:27 | 000,000,942 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core.job
[2014/03/14 20:11:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_wpdcomp_01_11_00.Wdf
[2014/03/14 20:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/03/14 07:08:16 | 000,386,722 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/03/08 18:20:54 | 000,020,148 | ---- | C] () -- C:\Users\Nathaniel\Desktop\Issue Boarding Pass.htm
[2014/03/06 12:06:15 | 000,001,272 | ---- | C] () -- C:\Users\Public\Desktop\HP LJ200 M276 Scan.lnk
[2014/03/06 12:06:07 | 000,000,608 | -HS- | C] () -- C:\Windows\SysNative\winzvprt5.sys
[2014/03/06 12:06:07 | 000,000,242 | ---- | C] () -- C:\Windows\SysNative\hppfaxprinter5.ini
[2014/03/06 12:05:48 | 000,001,297 | ---- | C] () -- C:\Users\Public\Desktop\HP LaserJet 200 color MFP M276 - Help & Learn Center.lnk
[2014/03/06 12:05:09 | 000,000,168 | ---- | C] () -- C:\Windows\SysNative\AddPort.ini
[2014/03/06 12:01:06 | 000,316,928 | ---- | C] () -- C:\Windows\SysWow64\hpcc3117.DLL
[2014/02/24 19:57:24 | 000,000,179 | ---- | C] () -- C:\Users\Nathaniel\AppData\Roaming\WB.CFG
[2014/02/12 16:18:11 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/12/21 01:02:44 | 000,280,064 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/12/21 01:02:40 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/12/21 01:02:40 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2014/03/31 22:41:35 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/09 09:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/09 05:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2013/08/22 21:57:03 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2013/08/22 21:57:03 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2013/06/18 15:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2013/06/18 15:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2013/10/22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013/10/22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/03/06 00:42:45 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013/10/22 08:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013/10/22 08:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2014/03/06 00:42:42 | 000,274,077 | ---- | M] () MD5=95F49CF19E3CA220190E7927773EE5B1 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2014/03/08 13:14:08 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/03/08 13:14:03 | 000,200,020 | ---- | M] () MD5=FF997A1639CC22EC790E7AB05C8C0550 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
 
< MD5 for: EXPLORER.EXE.MUI  >
[2013/08/22 21:56:47 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\en-GB\explorer.exe.mui
[2013/08/22 21:56:47 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\en-GB\explorer.exe.mui
[2013/08/22 21:56:47 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-gb_ef282c0a4c701da3\explorer.exe.mui
[2013/08/22 21:56:47 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-gb_f97cd65c80d0df9e\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-A80E4F97.PF  >
[2014/03/31 07:54:14 | 000,300,596 | ---- | M] () MD5=6A204884AB39958AF1477A8A8CC4A0F7 -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
 
< MD5 for: IEXPLORE.EXE  >
[2014/02/06 14:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/02/06 14:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_9c60612a90cfaeb6\iexplore.exe
[2014/03/08 13:14:15 | 000,009,369 | ---- | M] () MD5=7B0FB14120A13191E63C458C64720489 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe
[2014/03/19 13:08:41 | 000,000,012 | ---- | M] () MD5=8F5B97C692CD84C0E5DF02F9142ECEB3 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16518_none_9c5ec16890d148c6\iexplore.exe
[2014/03/19 21:06:40 | 000,000,012 | ---- | M] () MD5=8F5B97C692CD84C0E5DF02F9142ECEB3 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16518_none_a6b36bbac5320ac1\iexplore.exe
[2014/02/06 12:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/02/06 12:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_a6b50b7cc53070b1\iexplore.exe
[2014/03/06 11:49:38 | 000,010,956 | ---- | M] () MD5=CB6B6941B52B10900DB2808854F70233 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2013/08/22 21:57:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C49F63C313FE47CCB08488A6A9107E42 -- C:\Program Files (x86)\Internet Explorer\en-GB\iexplore.exe.mui
[2013/08/22 21:57:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C49F63C313FE47CCB08488A6A9107E42 -- C:\Program Files\Internet Explorer\en-GB\iexplore.exe.mui
[2013/08/22 21:57:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C49F63C313FE47CCB08488A6A9107E42 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-gb_8e9f98bfcd3ee8e3\iexplore.exe.mui
[2013/08/22 21:57:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C49F63C313FE47CCB08488A6A9107E42 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-gb_98f44312019faade\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-4B6C9215.PF  >
[2014/02/12 13:11:24 | 000,255,656 | ---- | M] () MD5=270C3C7BC1BD9D49F6ED3C806F2466FE -- C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9215.pf
 
< MD5 for: IEXPLORE.EXE-908C99F8.PF  >
[2014/02/12 13:10:10 | 000,107,518 | ---- | M] () MD5=5C31E26C8D93ECB3338F2648D874548E -- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
 
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML  >
[2013/06/18 15:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 15:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
 
< MD5 for: SERVICES  >
[2013/08/22 16:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
 
< MD5 for: SERVICES.CFG  >
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/12/21 07:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.EXE  >
[2013/08/22 14:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\SysNative\services.exe
[2013/08/22 14:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2013/08/22 21:56:37 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\en-GB\services.exe.mui
[2013/08/22 21:56:37 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-gb_5332ec03fec38070\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/02/25 13:54:27 | 000,078,905 | ---- | M] () MD5=DE4B5FF45A106DA53CA566314EFE2E1F -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe\Common\js\services.js
 
< MD5 for: SERVICES.LNK  >
[2013/08/22 07:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 07:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 07:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2013/06/18 15:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2013/06/18 15:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
 
< MD5 for: SERVICES.MSC  >
[2013/08/22 21:56:40 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\en-US\services.msc
[2013/06/18 15:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\services.msc
[2013/08/22 21:56:40 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 13:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/08/22 21:56:40 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 15:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 13:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/08/22 21:56:40 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2013/08/22 07:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 07:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
 
< MD5 for: WINLOGON.ADML  >
[2013/08/22 21:57:02 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2013/08/22 21:57:02 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2013/08/22 21:59:51 | 000,005,790 | ---- | M] () MD5=940072E0DE8621F5AB0028A96309221E -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2013/08/22 21:59:51 | 000,005,790 | ---- | M] () MD5=940072E0DE8621F5AB0028A96309221E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\SysNative\winlogon.exe
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2013/08/22 21:56:54 | 000,024,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\en-GB\winlogon.exe.mui
[2013/08/22 21:56:54 | 000,024,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-gb_b42e3677dce4c4e9\winlogon.exe.mui
 
< MD5 for: WINLOGON.EXE-B020DC41.PF  >
[2014/03/31 22:47:30 | 000,028,936 | ---- | M] () MD5=D8EAA5C62FC20D70FD9CBD840CCE1AA9 -- C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf
 
< MD5 for: WINLOGON.MFL  >
[2013/08/22 21:56:54 | 000,001,080 | ---- | M] () MD5=0779A1504D28B9451EC8E32425EA473B -- C:\Windows\SysNative\wbem\en-GB\winlogon.mfl
[2013/08/22 21:56:54 | 000,001,080 | ---- | M] () MD5=0779A1504D28B9451EC8E32425EA473B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-gb_11f08842f81d1e7e\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2013/08/22 07:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2013/08/22 07:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2013/08/22 06:31:45 | 000,427,680 | RHS- | M] () -- C:\bootmgr
[2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014/04/01 07:23:26 | 773,910,527 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/01 07:23:31 | 1006,632,960 | -HS- | M] () -- C:\pagefile.sys
[2014/04/01 07:23:31 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
 
< %systemroot%\Fonts\*.com >
[2014/03/31 21:30:39 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2014/03/31 21:30:39 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2014/03/31 21:30:39 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2014/03/31 21:30:39 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2013/08/22 16:35:03 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2013/08/22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is 2CDE-7114
 Directory of C:\
22/08/2013  15:45    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
22/08/2013  15:45    <JUNCTION>     Application Data [C:\ProgramData]
22/08/2013  15:45    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
22/08/2013  15:45    <JUNCTION>     Documents [C:\Users\Public\Documents]
22/08/2013  15:45    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/08/2013  15:45    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
22/08/2013  15:45    <SYMLINKD>     All Users [C:\ProgramData]
22/08/2013  15:45    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
22/08/2013  15:45    <JUNCTION>     Application Data [C:\ProgramData]
22/08/2013  15:45    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
22/08/2013  15:45    <JUNCTION>     Documents [C:\Users\Public\Documents]
22/08/2013  15:45    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/08/2013  15:45    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
22/08/2013  15:45    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
22/08/2013  15:45    <JUNCTION>     Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
22/08/2013  15:45    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
22/08/2013  15:45    <JUNCTION>     My Documents [C:\Users\Default\Documents]
22/08/2013  15:45    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/08/2013  15:45    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
22/08/2013  15:45    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
22/08/2013  15:45    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
22/08/2013  15:45    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
22/08/2013  15:45    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
22/08/2013  15:45    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
22/08/2013  15:45    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
22/08/2013  15:45    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
22/08/2013  15:45    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
22/08/2013  15:45    <JUNCTION>     My Music [C:\Users\Default\Music]
22/08/2013  15:45    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
22/08/2013  15:45    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Nathaniel\AppData\Local\Microsoft\Windows
17/02/2014  13:03    <JUNCTION>     Temporary Internet Files [C:\Users\Nathaniel\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Nathaniel\AppData\Local\Microsoft\Windows\INetCache
17/02/2014  13:06    <JUNCTION>     Content.IE5 [C:\Users\Nathaniel\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
22/08/2013  15:45    <JUNCTION>     My Music [C:\Users\Public\Music]
22/08/2013  15:45    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
22/08/2013  15:45    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
13/03/2014  09:25    <JUNCTION>     Content.IE5 [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
 Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
13/03/2014  09:25    <JUNCTION>     Content.IE5 [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              37 Dir(s)  445,528,715,264 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/08/22 16:35:52 | 000,000,148 | -HS- | M] () -- C:\Users\Nathaniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Nathaniel\SkyDrive:ms-properties
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
 
< End of report >
 
 
 
---------------------------------------- Second report
 

OTL Extras logfile created on: 01/04/2014 14:08:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nathaniel\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
5.90 Gb Total Physical Memory | 4.42 Gb Available Physical Memory | 74.93% Memory free
6.84 Gb Paging File | 5.23 Gb Available in Paging File | 76.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.42 Gb Total Space | 415.06 Gb Free Space | 89.18% Space Free | Partition Type: NTFS
 
Computer Name: MA-LAPTOP | User Name: Nathaniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0802FF42-AFEE-4B53-9002-21507C5B138B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1DD49E78-E3EF-4B1A-AE94-C8254BDE01B9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{32467AFA-8EE3-41ED-8475-F07557303571}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{4AFE453F-E883-485F-B802-62CC13DC2707}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{611F1193-2B13-49CA-96E0-EDE36DFFB771}" = lport=137 | protocol=17 | dir=in | app=system | 
"{658E5CAA-EC43-4A95-AC28-E7FBF28C8454}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{6ABEBF77-B933-4F8A-8CA8-4D385E7623B1}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7F88D079-514E-4834-BDD2-5ED40FFD5159}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{90469564-1686-4531-875F-4CFE8B5F3CD3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A43B1F65-581B-4373-BDB9-899352691960}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{AD675150-7B63-4E76-AFCD-E70DCFB98593}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{B3265A00-52CE-416F-BD22-7F46C8346377}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B8BFF3C0-EE83-488A-91B4-24B26C6C1220}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C60CC6B4-2DEE-4C3D-91B8-A0021D2DEEBF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{DB5D78A5-9705-4FE8-B708-46C48338044D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{ECD2D4AB-AB62-4D45-AC9D-E5148B28C012}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F4739C79-9559-47E7-89E0-1D40380B2B5F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{F4BE8E87-206F-4094-88AA-36B810B2B32A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F8DD97B2-F934-4B2D-A5A1-942CD0726DC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03A23EB0-F178-4BAF-AA0B-97A8A785B6B7}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{0694F14F-6B5B-40F8-8E06-834DCBC00FF6}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{0874AAB4-270A-4667-88FA-7FCDF5D044CF}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{0C5F0C9C-9A88-4583-A032-EAC9F5055FEB}" = dir=in | name=skype | 
"{0FC44064-7C43-4A0D-890B-A6698570C07A}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{174FFFDB-6EF9-41EE-954F-5F075A98108D}" = protocol=6 | dir=in | app=c:\users\nathaniel\appdata\roaming\utorrent\utorrent.exe | 
"{18ACB5B1-0812-4D4C-AE7C-4DD1393F259F}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{1B033E4A-5241-4CEE-B51D-BBD3868CBE4C}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{1E3B4AEC-3F60-4450-B372-5A6A5CB3CD76}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{292E3481-7F9E-4503-99BA-E4908E2A1DAD}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{2BE19CBB-BA15-40FE-8198-415C73C3A38F}" = dir=out | name=skype | 
"{2F9CE3FD-4833-4C85-BCE8-5DE3DACE9EF9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{30DA1BFA-106F-4C8C-93E9-8F1267877A65}" = dir=out | name=hp all-in-one printer remote | 
"{346DD355-AEE0-459F-BF0F-DD77F09C91C2}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{37613D43-3772-4295-8F02-48AE7C133717}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{389D377C-8829-4C61-9838-3D6839C9DD0C}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{3C78F542-0C00-47D4-808F-DBC50D377C5F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{420999E0-3E35-475A-9CEE-225527F34850}" = dir=in | app=c:\program files (x86)\hp\hp laserjet 200 color mfp m276\bin\faxapplications.exe | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{4E80E86F-EF74-4347-905F-88407D89A4A3}" = dir=in | name=skype | 
"{4E8A1A8E-7424-4FD1-A40E-38AFDADF2952}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{59FFBE81-65F1-44A8-88B7-370BA3813CA5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{5DFD4BC2-A892-427D-846C-1AD92B7068B9}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{612F4DA4-A8A5-470B-B320-10DA5CA1C257}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{61E0D2F3-5034-4CE5-919C-12316A053E88}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{62CD7813-91B4-45D1-B481-DC9E09CA25E8}" = dir=in | name=hp all-in-one printer remote | 
"{6476DC55-F7BF-4773-B04F-54940BBC3108}" = dir=out | name=@{microsoft.zunemusic_2.2.800.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{6A7A8BB8-4975-4E48-AD76-0A76499CEB90}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7430C96A-5ED6-4A10-8C10-78A86A91A0BA}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{775B4766-C199-4B0A-9045-67FC6940D2BC}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{8BA1E3BC-4B69-4238-8B3C-DC76C8F5A4BF}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{96B2E5B4-2375-47D3-9342-63B166F9909E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{97D07F2D-1BAC-4F88-84BD-365ACCE5C573}" = protocol=6 | dir=in | app=c:\users\nathaniel\downloads\utorrent.exe | 
"{9A225593-8D9B-4E8B-82F3-2D61ADAF7A3D}" = protocol=17 | dir=in | app=c:\users\nathaniel\appdata\roaming\utorrent\utorrent.exe | 
"{9CDB493F-B786-4BD0-B2A8-B61A321F3166}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{A0DB0E6C-B962-4CFC-B4E0-B152125F7A28}" = protocol=17 | dir=in | app=c:\users\nathaniel\appdata\roaming\dropbox\bin\dropbox.exe | 
"{A1AF5402-9DE0-414D-B98B-333AF62A536E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{A38D53D7-91A5-467E-84A7-963BDE5711DD}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{AF9EF553-23D6-4B83-9A0F-32967CE9A4D9}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{B24BF179-573E-4941-B60A-FDCC6F428E95}" = dir=out | name=skype | 
"{B33BDA67-00BF-47EA-96D9-A486185D9CA4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B99B5D0B-CBA0-4D57-97F4-A687AD8DA944}" = dir=out | name=@{microsoft.zunevideo_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{BE6D3D26-BC61-4C22-928C-C56035C1B72C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{C2628EDD-FBCE-4D68-9A24-5FE5E9EE1D1D}" = protocol=6 | dir=in | app=c:\users\nathaniel\appdata\roaming\dropbox\bin\dropbox.exe | 
"{C5BAE86C-23BE-4582-BBFD-EE31F97414E0}" = dir=in | app=c:\program files (x86)\hp\hp laserjet 200 color mfp m276\bin\ewsproxy.exe | 
"{C8B920F6-068A-4532-86F5-4082981F4E7C}" = protocol=17 | dir=in | app=c:\users\nathaniel\downloads\utorrent.exe | 
"{C9928375-5D85-42D3-9834-9F766E7155F3}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{CBB985D0-98A0-432F-A50B-7472B22C078A}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{CC1F543E-5268-41AF-B8BA-1A2607887133}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{D04B3FD9-1544-4CF0-8911-372E5780150D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{D4167A9D-15B7-4A06-83C0-58A79820B2C6}" = dir=out | name=@{microsoft.zunevideo_2.2.550.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{D5CBE5C0-0FA0-4D7C-9E70-675C7493E02C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{D5E8C429-C7AA-4917-8F94-582A8EE46E3A}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D7C31EF7-5843-4101-9F90-D71623E98926}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DFCD8AA7-EE06-4FF3-852D-FE0AD4A1BC25}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{E3F254E5-5898-4CE0-89CB-2437EBCFA1E1}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{E8A8B7CB-5DEC-418C-9A4A-4AFBC4106913}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{E8BB3E0A-78E2-42D4-9B2D-A670C0AA8F4D}" = dir=in | app=c:\program files (x86)\hp\hp laserjet 200 color mfp m276\bin\hpnetworkcommunicator.exe | 
"{EBFE0671-F0D1-402A-8B34-02A4B6A00B60}" = dir=in | app=c:\users\nathaniel\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{EC7B7733-3C68-4ADF-9EF4-32D58BF1C5CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{EFA1D948-9237-40BE-9C6F-170D25E99EC9}" = dir=in | app=c:\program files (x86)\hp\hp laserjet 200 color mfp m276\bin\digitalwizards.exe | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F6639817-0A15-4AE0-A679-4053E9451033}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F864B1AC-8767-4F27-A074-AC0D143DC18F}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{F8F10F53-77F3-4961-A4DE-BA4B45F1FA19}" = dir=out | name=@{microsoft.zunemusic_2.2.550.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"TCP Query User{18531F5A-FE0D-470B-9EA3-72D969FB2586}C:\program files (x86)\tennis elbow 2013\tenniselbow.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tennis elbow 2013\tenniselbow.exe | 
"TCP Query User{24C2ED0A-9CD5-4C83-8C4B-52525B118D40}C:\users\nathaniel\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\nathaniel\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{2A19BA53-BAD0-42AA-82DA-BFB9AD03A25F}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{7177F07E-FA87-405E-B95E-562AC9413A14}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{9BD154FC-AD6C-487C-B8AA-88CF49C7B90F}C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe | 
"UDP Query User{2EC98154-5682-4162-8937-1830947F72A2}C:\program files (x86)\tennis elbow 2013\tenniselbow.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tennis elbow 2013\tenniselbow.exe | 
"UDP Query User{6D5A28F8-0171-461A-B86F-387E4FA8848A}C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe | 
"UDP Query User{714C2FAF-8283-4FF8-BA4D-33416D74EA92}C:\users\nathaniel\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\nathaniel\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{7D4290CF-DB1E-4F74-BF4A-8C9CF2BE854A}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{C43FC765-590F-46A1-9ADA-49820C987140}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00B4-0409-1000-0000000FF1CE}" = Microsoft Project MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{91150000-003B-0000-1000-0000000FF1CE}" = Microsoft Project Professional 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{BC741628-0AFC-405C-8946-DD46D1005A0A}" = 64 Bit HP CIO Components Installer
"{F4D304D9-7647-4253-957E-44286B8631F4}" = HP Unified IO
"FindRight" = FindRight
"MyPC Backup" = MyPC Backup 
"Office15.PRJPROR" = Microsoft Project Professional 2013
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 5.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}" = HPLJUTCore
"{0F044C7A-6EE1-4F03-90AC-329AAF2FCF12}" = HPLaserJet200color-MFPM276_HelpLearnCenter_SI
"{14CF9AF8-10A6-4FA7-9E57-D22DBD644C77}" = HP Unified IO
"{180D6813-95E0-415C-B58A-5B9493DE2DDA}" = hppLaserJetService
"{1D839376-74B6-452F-BBFF-845F102E8A3A}" = HPDXP
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{3611CA6C-5FCA-4900-A329-6A118123CCFC}" = Bing Bar
"{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}" = hpStatusAlerts
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B02D3CE-A011-4475-93A5-774E0DA4E27E}" = hpbM276DSService
"{54525107-4C4E-44AC-AC65-806084151057}" = hppSendFaxM276
"{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}" = HPLJDXPHelper
"{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}" = hpbDSService
"{6A136292-02AB-428E-8E9A-2628A52FA98E}" = HP LaserJet 200 color MFP M276 Fax
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{88B2E402-DE40-4422-9CCB-D285F8602C93}" = HP Product FWUpdater
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B361ED10-259E-4B76-B35E-E47BB6DDDD74}" = hppFaxDrvM276
"{C97E3F48-DE95-4E00-80AF-32D75C69302D}" = HPLJUTM276
"{CC38C23C-7824-4DBB-AC73-997CD0BBFEC7}" = HP LaserJet 200 color MFP M276
"{D0AA26A2-08B8-4858-BB69-E50A542DC6ED}" = HP LaserJet 200 color MFP M276 HP Device Toolbox
"{D6610387-8E8B-48ED-AB1C-0D38DFE31C55}" = hppM276LaserJetService
"{EA540E75-A545-4C9D-B42E-9C8FC09630C4}" = HP LJ200 M276 HP Scan
"{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}" = LJDXPHelperUI
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{FCB1666A-3488-4E43-A680-A111398C80E9}" = Perfect Photo Suite 8
"{FFD4184D-7EC6-476E-9A72-E83412AB9D3B}" = hpStatusAlertsM276
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Amazon Kindle" = Amazon Kindle
"Google Chrome" = Google Chrome
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mysearchdial" = Mysearchdial
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SearchProtect" = Search Protect
"Tennis Elbow 2013" = Tennis Elbow 2013 1.0c
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Search Protection" = Search Protection
"UpdaterEX" = Extended Update
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31/03/2014 17:42:52 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:42:52 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:42:52 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:42:53 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:42:54 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:42:54 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:43:03 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:43:04 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:43:56 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 31/03/2014 17:43:57 | Computer Name = MA-Laptop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\DLCleaner\mfc90u.dll".Error
 in manifest or policy file "C:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST"
 on line 4.  Component identity found in manifest does not match the identity of the
 component requested.  Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition
 is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please
 use sxstrace.exe for detailed diagnosis.
 
[ System Events ]
Error - 06/03/2014 07:01:02 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7034
Description = The HP DS Service service terminated unexpectedly. It has done this
 1 time(s).
 
Error - 06/03/2014 07:05:34 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7023
Description = The Interactive Services Detection service terminated with the following
 error:   %%1
 
Error - 06/03/2014 07:06:12 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7023
Description = The Interactive Services Detection service terminated with the following
 error:   %%1
 
Error - 08/03/2014 04:12:12 | Computer Name = MA-Laptop | Source = DCOM | ID = 10016
Description = 
 
Error - 27/03/2014 08:51:15 | Computer Name = MA-Laptop | Source = DCOM | ID = 10010
Description = 
 
Error - 29/03/2014 17:27:51 | Computer Name = MA-Laptop | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume D: encountered 
a non-retryable error and could not start.  The data contains the error code.
 
Error - 31/03/2014 17:42:11 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7030
Description = The OutfoxTvService service is marked as an interactive service. However,
 the system is configured to not allow interactive services. This service may not
 function properly.
 
Error - 31/03/2014 17:42:15 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7030
Description = The OutfoxTvService service is marked as an interactive service. However,
 the system is configured to not allow interactive services. This service may not
 function properly.
 
Error - 01/04/2014 02:06:45 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7030
Description = The OutfoxTvUpdater service is marked as an interactive service. However,
 the system is configured to not allow interactive services. This service may not
 function properly.
 
Error - 01/04/2014 02:24:04 | Computer Name = MA-Laptop | Source = Service Control Manager | ID = 7000
Description = The OutfoxTvService service failed to start due to the following error:
   %%2
 
 
< End of report >
 
 
 
 
DDS wouldn't work on my computer, neither link. I hope that is ok.
 
 
Thanks in advance.

Edited by Natfrangou, 01 April 2014 - 08:48 AM.

    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 02 April 2014 - 06:18 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.


Proud Member of UNITE & TB
 

#3 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 02 April 2014 - 07:31 AM

Hi Marius, thank you for your offer of assistance. Since I posted that first message I attempted to use a few programmes to try and clean my computer; HitmanPro, Adwcleaner and Malwarebyte Anti-Malware. Is it ok for me to still follow the steps you laid out above? Or should I provide new logs with hijackthis and OTL?



#4 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 03 April 2014 - 03:45 AM

No, that´s ok. Please run the scans I´ve explained and post up your malwarebytes log fiels as well:

 

 

You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.


  • The logs can be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Zip any and all of these logs and attach the file to your next reply.


Proud Member of UNITE & TB
 

#5 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 03 April 2014 - 06:28 AM

No, that´s ok. Please run the scans I´ve explained and post up your malwarebytes log fiels as well:

 

 

You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.

 

  • The logs can be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Zip any and all of these logs and attach the file to your next reply.

 

 

I can't  find the log from the Malwarebytes scan. There is not a folder called logs in the Malwarebytes folder. 

 

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Nathaniel (administrator) on MA-LAPTOP on 03-04-2014 13:19:39
Running from C:\Users\Nathaniel\Downloads
Windows 8.1 Pro (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Outfox Tv Productions Pty Ltd) C:\Program Files\OutfoxTV\OutfoxTvService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] - C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [StatusAlerts] - C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\...\Run: [SearchProtection] - "C:\Users\Nathaniel\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\...\Run: [Facebook Update] - C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-30] (Facebook Inc.)
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\...\Run: [OutfoxTV] - C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\...\Run: [GoogleChromeAutoLaunch_4F6BA42AF0EA495F169444359A24FF26] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)
Startup: C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
SearchScopes: HKCU - {F3790D08-4135-48A5-9B70-05BEE3956152} URL = http://uk.search.yah...p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.123 194.168.8.123
 
FireFox:
========
FF ProfilePath: C:\Users\Nathaniel\AppData\Roaming\Mozilla\Firefox\Profiles\it1tgkz2.default-1396376725351
FF Homepage: hxxp://www.outfox.tv/?referid=|
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Nathaniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Nathaniel\AppData\Roaming\Mozilla\Firefox\Profiles\it1tgkz2.default-1396376725351\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-01]
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-17]
CHR Extension: (Google Drive) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-17]
CHR Extension: (Google Search) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-17]
CHR Extension: (ZenMate for Google Chrome™) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-02-24]
CHR Extension: (AdBlock) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-24]
CHR Extension: (Google Wallet) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Gmail) - C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-17]
 
==================== Services (Whitelisted) =================
 
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [610192 2014-03-25] (Outfox Tv Productions Pty Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S2 OutfoxTvUpdater; C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-04-01] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-03 13:19 - 2014-04-03 13:19 - 00016163 _____ () C:\Users\Nathaniel\Downloads\FRST.txt
2014-04-03 13:19 - 2014-04-03 13:19 - 00000000 ____D () C:\FRST
2014-04-03 13:18 - 2014-04-03 13:18 - 02157056 _____ (Farbar) C:\Users\Nathaniel\Downloads\FRST64.exe
2014-04-01 15:50 - 2014-04-01 19:25 - 00000000 ____D () C:\Users\Nathaniel\Desktop\Old Firefox Data
2014-04-01 15:40 - 2014-04-01 15:40 - 00003146 _____ () C:\Windows\System32\Tasks\{015947C8-201C-4CAC-AC5C-7FB6170FD12D}
2014-04-01 15:37 - 2014-04-01 15:37 - 00583144 _____ () C:\Users\Nathaniel\Downloads\OutfoxTV.exe
2014-04-01 15:16 - 2014-04-03 08:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-01 15:16 - 2014-04-01 15:16 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-01 15:16 - 2014-04-01 15:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 15:16 - 2014-04-01 15:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-01 15:16 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-01 15:16 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-01 15:16 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 15:15 - 2014-04-01 15:15 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nathaniel\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-01 15:12 - 2014-04-01 15:12 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-04-01 15:09 - 2014-04-01 15:09 - 00006340 _____ () C:\Windows\system32\.crusader
2014-04-01 15:03 - 2014-04-01 15:03 - 10971424 _____ (SurfRight B.V.) C:\Users\Nathaniel\Downloads\HitmanPro_x64.exe
2014-04-01 15:03 - 2014-04-01 15:03 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-04-01 15:03 - 2014-04-01 15:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-01 15:02 - 2014-04-01 15:10 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-01 15:02 - 2014-04-01 15:02 - 10089256 _____ (SurfRight B.V.) C:\Users\Nathaniel\Downloads\HitmanPro.exe
2014-04-01 14:52 - 2014-04-01 14:54 - 00000000 ____D () C:\AdwCleaner
2014-04-01 14:49 - 2014-04-01 14:49 - 01426178 _____ () C:\Users\Nathaniel\Downloads\adwcleaner.exe
2014-04-01 14:44 - 2014-04-01 14:44 - 00000082 _____ () C:\Users\Nathaniel\AppData\Roaming\cert.dat
2014-04-01 14:18 - 2014-04-01 14:19 - 00187850 _____ () C:\Users\Nathaniel\Downloads\OTL.Txt
2014-04-01 14:18 - 2014-04-01 14:19 - 00077364 _____ () C:\Users\Nathaniel\Downloads\Extras.Txt
2014-04-01 13:51 - 2014-04-01 13:51 - 00602112 _____ (OldTimer Tools) C:\Users\Nathaniel\Downloads\OTL.exe
2014-04-01 13:44 - 2014-04-01 13:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nathaniel\Downloads\HijackThis.exe
2014-04-01 13:44 - 2014-04-01 13:44 - 00011670 _____ () C:\Users\Nathaniel\Downloads\hijackthis.log
2014-03-31 22:42 - 2014-04-01 15:44 - 00000000 ____D () C:\Program Files\OutfoxTV
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-31 21:29 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-03-31 21:29 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-31 21:29 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-03-31 21:29 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-03-31 21:29 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-31 21:29 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-03-31 21:11 - 2014-03-31 21:31 - 00000000 ____D () C:\Users\Nathaniel\Documents\My Kindle Content
2014-03-31 21:11 - 2014-03-31 21:11 - 00002014 _____ () C:\Users\Nathaniel\Desktop\Kindle.lnk
2014-03-31 21:11 - 2014-03-31 21:11 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-03-31 21:11 - 2014-03-31 21:11 - 00000000 ____D () C:\Users\Nathaniel\AppData\Local\Amazon
2014-03-31 21:11 - 2014-03-31 21:11 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-03-31 21:09 - 2014-03-31 21:09 - 00930952 _____ (CNET Download.com) C:\Users\Nathaniel\Downloads\cbsidlm-cbsi183-Kindle_for_PC-ORG-75185974.exe
2014-03-30 22:05 - 2014-04-03 13:10 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA.job
2014-03-30 22:05 - 2014-04-02 22:10 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core.job
2014-03-30 22:05 - 2014-03-30 22:05 - 00501248 _____ (Facebook Inc.) C:\Users\Nathaniel\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-03-30 22:05 - 2014-03-30 22:05 - 00003820 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA
2014-03-30 22:05 - 2014-03-30 22:05 - 00003470 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core
2014-03-30 22:05 - 2014-03-30 22:05 - 00000000 ____D () C:\Users\Nathaniel\AppData\Local\Facebook
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-22 21:26 - 2014-03-22 21:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-22 21:26 - 2014-03-22 21:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-22 21:25 - 2014-03-22 21:25 - 13084896 _____ (Microsoft Corporation) C:\Users\Nathaniel\Downloads\Silverlight_x64.exe
2014-03-22 21:25 - 2014-03-22 21:25 - 13084896 _____ (Microsoft Corporation) C:\Users\Nathaniel\Downloads\Silverlight_x64(1).exe
2014-03-18 13:40 - 2014-02-22 13:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-18 13:40 - 2014-02-22 12:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-18 13:29 - 2014-03-18 13:30 - 00004978 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MA-LAPTOP-Nathaniel MA-Laptop
2014-03-17 19:05 - 2014-03-17 19:05 - 00000000 ____D () C:\Users\Nathaniel\Downloads\The Hunger Games Catching Fire 2013 720p BluRay x264 AAC - Ozlem
2014-03-17 19:04 - 2014-03-17 19:04 - 00002326 _____ () C:\Users\Nathaniel\Downloads\[kickass.to]the.hunger.games.catching.fire.2013.720p.bluray.x264.aac.ozlem.torrent
2014-03-14 20:49 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-14 20:49 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-03-14 20:49 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-14 20:11 - 2014-03-14 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-14 20:11 - 2014-03-14 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf
2014-03-14 07:08 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 07:08 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 07:08 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 07:08 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 07:08 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 07:08 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 07:08 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 07:08 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 07:08 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 07:08 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 07:08 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 07:08 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 07:08 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 07:08 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 07:08 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 07:08 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 07:08 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 07:08 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-14 07:08 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-14 07:08 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-03-14 07:08 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-14 07:08 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-03-14 07:08 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-14 07:08 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-03-14 07:08 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-03-14 07:08 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-03-14 07:08 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-14 07:08 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-14 07:08 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-14 07:08 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-14 07:08 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-14 07:08 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-14 07:08 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-03-14 07:08 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-14 07:08 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-03-14 07:08 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-14 07:08 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-14 07:08 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-14 07:08 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-14 07:08 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-14 07:08 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-14 07:08 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-03-14 07:08 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-14 07:08 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-14 07:08 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-14 07:08 - 2014-01-27 12:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-14 07:08 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-14 07:08 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 07:08 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-14 07:08 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-03-14 07:08 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-14 07:08 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-14 07:07 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 07:07 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 07:07 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-10 09:05 - 2014-03-10 09:06 - 02385464 _____ () C:\Users\Nathaniel\Downloads\Cust_insight_Customers-v19.csv
2014-03-10 09:02 - 2014-03-10 09:02 - 02105296 _____ () C:\Users\Nathaniel\Downloads\Cust_insight_Customers-Product-Regression3.csv
2014-03-10 09:02 - 2014-03-10 09:02 - 01695067 _____ () C:\Users\Nathaniel\Downloads\Cust_insight_Customers-v21.csv
2014-03-08 18:20 - 2014-03-08 18:20 - 00020148 _____ () C:\Users\Nathaniel\Desktop\Issue Boarding Pass.htm
2014-03-08 18:20 - 2014-03-08 18:20 - 00000000 ____D () C:\Users\Nathaniel\Desktop\Issue Boarding Pass_files
2014-03-06 12:06 - 2014-03-06 12:06 - 00003496 _____ () C:\Windows\System32\Tasks\HPLJCustParticipation
2014-03-06 12:06 - 2014-03-06 12:06 - 00001272 _____ () C:\Users\Public\Desktop\HP LJ200 M276 Scan.lnk
2014-03-06 12:06 - 2014-03-06 12:06 - 00000608 ___SH () C:\Windows\system32\winzvprt5.sys
2014-03-06 12:06 - 2014-03-06 12:06 - 00000242 _____ () C:\Windows\system32\hppfaxprinter5.ini
2014-03-06 12:06 - 2014-03-06 12:06 - 00000000 ____D () C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
2014-03-06 12:06 - 2014-03-06 12:06 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Hewlett-Packard Company
2014-03-06 12:06 - 2011-10-10 00:55 - 00027704 ____N (Hewlett-Packard Company) C:\Windows\system32\hppfaxprintermon5.dll
2014-03-06 12:06 - 2011-10-10 00:55 - 00022072 ____N (Hewlett-Packard Company) C:\Windows\system32\hppfaxprintermonui5.dll
2014-03-06 12:05 - 2014-03-20 13:28 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\HpUpdate
2014-03-06 12:05 - 2014-03-06 12:06 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-06 12:05 - 2014-03-06 12:05 - 00001297 _____ () C:\Users\Public\Desktop\HP LaserJet 200 color MFP M276 - Help & Learn Center.lnk
2014-03-06 12:05 - 2014-03-06 12:05 - 00000199 _____ () C:\Windows\SysWOW64\msiexec.log
2014-03-06 12:05 - 2014-03-06 12:05 - 00000168 _____ () C:\Windows\system32\AddPort.ini
2014-03-06 12:05 - 2014-03-06 12:05 - 00000000 ____D () C:\Users\Nathaniel\Desktop\HP
2014-03-06 12:01 - 2011-09-28 10:44 - 00311808 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn117.dll
2014-03-06 12:01 - 2011-09-28 10:34 - 00316928 _____ () C:\Windows\SysWOW64\hpcc3117.DLL
2014-03-06 12:01 - 2011-04-19 21:57 - 00511488 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-03-06 12:00 - 2014-03-06 12:06 - 00000000 ____D () C:\ProgramData\HP
2014-03-06 12:00 - 2014-03-06 12:06 - 00000000 ____D () C:\Program Files (x86)\HP
2014-03-06 12:00 - 2012-06-01 16:52 - 00947104 _____ (Hewlett-Packard) C:\Windows\system32\hpptsplj276_x64.dll
2014-03-06 12:00 - 2012-06-01 16:52 - 00776096 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hpptsplj276.dll
2014-03-06 12:00 - 2012-06-01 15:35 - 00522128 _____ (Hewlett-Packard) C:\Windows\system32\hpwia2_lj276.dll
2014-03-06 12:00 - 2011-09-29 20:59 - 00638008 _____ (Hewlett-Packard) C:\Windows\system32\hpzjcd01.dll
2014-03-06 12:00 - 2011-05-13 21:23 - 00217656 _____ (Hewlett Packard) C:\Windows\system32\hppscancoins64.dll
2014-03-06 11:59 - 2014-03-06 12:00 - 00000000 ____D () C:\HP_LaserJet_200_color_MFP_M276
2014-03-06 11:59 - 2011-09-26 20:06 - 00311296 _____ (Hewlett-Packard) C:\Windows\system32\hpbcoins64.dll
2014-03-06 11:56 - 2014-03-06 11:58 - 115599616 _____ () C:\Users\Nathaniel\Downloads\LJ-Pro-200-color-MFP-M276-full-solution-12201.exe
 
==================== One Month Modified Files and Folders =======
 
2014-04-03 13:19 - 2014-04-03 13:19 - 00016163 _____ () C:\Users\Nathaniel\Downloads\FRST.txt
2014-04-03 13:19 - 2014-04-03 13:19 - 00000000 ____D () C:\FRST
2014-04-03 13:18 - 2014-04-03 13:18 - 02157056 _____ (Farbar) C:\Users\Nathaniel\Downloads\FRST64.exe
2014-04-03 13:10 - 2014-03-30 22:05 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA.job
2014-04-03 13:09 - 2014-02-19 12:20 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Dropbox
2014-04-03 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-04-03 12:47 - 2014-02-12 12:59 - 02047705 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 11:24 - 2014-02-24 21:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 11:21 - 2014-02-12 13:11 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 10:17 - 2014-02-17 13:12 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4197190699-2502681883-4131900191-1003
2014-04-03 10:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-04-03 09:43 - 2014-02-18 21:12 - 00000000 ____D () C:\Users\Nathaniel\Documents\Massive Analytic
2014-04-03 08:27 - 2014-04-01 15:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-03 08:27 - 2014-02-19 12:25 - 00000000 ___RD () C:\Users\Nathaniel\Dropbox
2014-04-03 08:26 - 2014-02-17 13:08 - 00000000 __RDO () C:\Users\Nathaniel\SkyDrive
2014-04-03 08:26 - 2014-02-12 13:12 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-03 08:26 - 2014-02-12 13:11 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-02 23:46 - 2014-02-18 20:55 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Skype
2014-04-02 22:10 - 2014-03-30 22:05 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core.job
2014-04-02 22:01 - 2014-02-26 20:04 - 00000000 ____D () C:\Program Files (x86)\Tennis Elbow 2013
2014-04-01 19:25 - 2014-04-01 15:50 - 00000000 ____D () C:\Users\Nathaniel\Desktop\Old Firefox Data
2014-04-01 16:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-04-01 16:08 - 2014-02-12 12:58 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 16:04 - 2014-02-12 13:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-01 16:04 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 16:03 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-04-01 15:44 - 2014-03-31 22:42 - 00000000 ____D () C:\Program Files\OutfoxTV
2014-04-01 15:44 - 2014-02-12 12:49 - 00013848 _____ () C:\Windows\PFRO.log
2014-04-01 15:40 - 2014-04-01 15:40 - 00003146 _____ () C:\Windows\System32\Tasks\{015947C8-201C-4CAC-AC5C-7FB6170FD12D}
2014-04-01 15:37 - 2014-04-01 15:37 - 00583144 _____ () C:\Users\Nathaniel\Downloads\OutfoxTV.exe
2014-04-01 15:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2014-04-01 15:16 - 2014-04-01 15:16 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-01 15:16 - 2014-04-01 15:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 15:16 - 2014-04-01 15:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-01 15:15 - 2014-04-01 15:15 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nathaniel\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-01 15:12 - 2014-04-01 15:12 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-04-01 15:10 - 2014-04-01 15:02 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-01 15:09 - 2014-04-01 15:09 - 00006340 _____ () C:\Windows\system32\.crusader
2014-04-01 15:03 - 2014-04-01 15:03 - 10971424 _____ (SurfRight B.V.) C:\Users\Nathaniel\Downloads\HitmanPro_x64.exe
2014-04-01 15:03 - 2014-04-01 15:03 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-04-01 15:03 - 2014-04-01 15:03 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-01 15:02 - 2014-04-01 15:02 - 10089256 _____ (SurfRight B.V.) C:\Users\Nathaniel\Downloads\HitmanPro.exe
2014-04-01 14:54 - 2014-04-01 14:52 - 00000000 ____D () C:\AdwCleaner
2014-04-01 14:49 - 2014-04-01 14:49 - 01426178 _____ () C:\Users\Nathaniel\Downloads\adwcleaner.exe
2014-04-01 14:45 - 2014-02-17 13:06 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-01 14:44 - 2014-04-01 14:44 - 00000082 _____ () C:\Users\Nathaniel\AppData\Roaming\cert.dat
2014-04-01 14:19 - 2014-04-01 14:18 - 00187850 _____ () C:\Users\Nathaniel\Downloads\OTL.Txt
2014-04-01 14:19 - 2014-04-01 14:18 - 00077364 _____ () C:\Users\Nathaniel\Downloads\Extras.Txt
2014-04-01 13:57 - 2014-02-24 19:57 - 00000179 _____ () C:\Users\Nathaniel\AppData\Roaming\WB.CFG
2014-04-01 13:51 - 2014-04-01 13:51 - 00602112 _____ (OldTimer Tools) C:\Users\Nathaniel\Downloads\OTL.exe
2014-04-01 13:44 - 2014-04-01 13:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nathaniel\Downloads\HijackThis.exe
2014-04-01 13:44 - 2014-04-01 13:44 - 00011670 _____ () C:\Users\Nathaniel\Downloads\hijackthis.log
2014-04-01 13:44 - 2014-02-17 13:06 - 00000000 ____D () C:\Users\Nathaniel\AppData\Local\VirtualStore
2014-04-01 07:23 - 2014-02-24 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 07:23 - 2014-02-19 12:04 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-04-01 07:23 - 2014-02-19 12:04 - 00000000 ____D () C:\Windows\system32\NV
2014-03-31 21:31 - 2014-03-31 21:11 - 00000000 ____D () C:\Users\Nathaniel\Documents\My Kindle Content
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-31 21:30 - 2014-03-31 21:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-31 21:11 - 2014-03-31 21:11 - 00002014 _____ () C:\Users\Nathaniel\Desktop\Kindle.lnk
2014-03-31 21:11 - 2014-03-31 21:11 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-03-31 21:11 - 2014-03-31 21:11 - 00000000 ____D () C:\Users\Nathaniel\AppData\Local\Amazon
2014-03-31 21:11 - 2014-03-31 21:11 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-03-31 21:09 - 2014-03-31 21:09 - 00930952 _____ (CNET Download.com) C:\Users\Nathaniel\Downloads\cbsidlm-cbsi183-Kindle_for_PC-ORG-75185974.exe
2014-03-30 22:05 - 2014-03-30 22:05 - 00501248 _____ (Facebook Inc.) C:\Users\Nathaniel\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-03-30 22:05 - 2014-03-30 22:05 - 00003820 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA
2014-03-30 22:05 - 2014-03-30 22:05 - 00003470 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core
2014-03-30 22:05 - 2014-03-30 22:05 - 00000000 ____D () C:\Users\Nathaniel\AppData\Local\Facebook
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 15:16 - 2014-02-12 13:11 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 15:16 - 2014-02-12 13:11 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-22 21:26 - 2014-03-22 21:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-22 21:26 - 2014-03-22 21:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-22 21:25 - 2014-03-22 21:25 - 13084896 _____ (Microsoft Corporation) C:\Users\Nathaniel\Downloads\Silverlight_x64.exe
2014-03-22 21:25 - 2014-03-22 21:25 - 13084896 _____ (Microsoft Corporation) C:\Users\Nathaniel\Downloads\Silverlight_x64(1).exe
2014-03-20 13:28 - 2014-03-06 12:05 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\HpUpdate
2014-03-19 00:44 - 2014-02-12 13:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 00:43 - 2014-02-12 13:55 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 17:26 - 2014-02-17 13:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-18 13:30 - 2014-03-18 13:29 - 00004978 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MA-LAPTOP-Nathaniel MA-Laptop
2014-03-18 12:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-18 12:32 - 2014-02-27 21:34 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\uTorrent
2014-03-17 21:42 - 2013-08-22 15:46 - 00036257 _____ () C:\Windows\setupact.log
2014-03-17 19:05 - 2014-03-17 19:05 - 00000000 ____D () C:\Users\Nathaniel\Downloads\The Hunger Games Catching Fire 2013 720p BluRay x264 AAC - Ozlem
2014-03-17 19:04 - 2014-03-17 19:04 - 00002326 _____ () C:\Users\Nathaniel\Downloads\[kickass.to]the.hunger.games.catching.fire.2013.720p.bluray.x264.aac.ozlem.torrent
2014-03-15 02:47 - 2013-08-22 15:44 - 00473392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 20:59 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 20:59 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-14 20:11 - 2014-03-14 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-14 20:11 - 2014-03-14 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf
2014-03-14 08:18 - 2013-08-22 14:25 - 00000167 _____ () C:\Windows\win.ini
2014-03-13 09:25 - 2014-02-24 21:26 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 09:06 - 2014-03-10 09:05 - 02385464 _____ () C:\Users\Nathaniel\Downloads\Cust_insight_Customers-v19.csv
2014-03-10 09:02 - 2014-03-10 09:02 - 02105296 _____ () C:\Users\Nathaniel\Downloads\Cust_insight_Customers-Product-Regression3.csv
2014-03-10 09:02 - 2014-03-10 09:02 - 01695067 _____ () C:\Users\Nathaniel\Downloads\Cust_insight_Customers-v21.csv
2014-03-08 18:20 - 2014-03-08 18:20 - 00020148 _____ () C:\Users\Nathaniel\Desktop\Issue Boarding Pass.htm
2014-03-08 18:20 - 2014-03-08 18:20 - 00000000 ____D () C:\Users\Nathaniel\Desktop\Issue Boarding Pass_files
2014-03-07 00:39 - 2014-02-17 13:06 - 00000000 ____D () C:\Users\Nathaniel\AppData\Local\Packages
2014-03-06 12:06 - 2014-03-06 12:06 - 00003496 _____ () C:\Windows\System32\Tasks\HPLJCustParticipation
2014-03-06 12:06 - 2014-03-06 12:06 - 00001272 _____ () C:\Users\Public\Desktop\HP LJ200 M276 Scan.lnk
2014-03-06 12:06 - 2014-03-06 12:06 - 00000608 ___SH () C:\Windows\system32\winzvprt5.sys
2014-03-06 12:06 - 2014-03-06 12:06 - 00000242 _____ () C:\Windows\system32\hppfaxprinter5.ini
2014-03-06 12:06 - 2014-03-06 12:06 - 00000000 ____D () C:\Users\Public\Documents\HP_LaserJet_Fax_0_6
2014-03-06 12:06 - 2014-03-06 12:06 - 00000000 ____D () C:\Users\Nathaniel\AppData\Roaming\Hewlett-Packard Company
2014-03-06 12:06 - 2014-03-06 12:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-06 12:06 - 2014-03-06 12:00 - 00000000 ____D () C:\ProgramData\HP
2014-03-06 12:06 - 2014-03-06 12:00 - 00000000 ____D () C:\Program Files (x86)\HP
2014-03-06 12:05 - 2014-03-06 12:05 - 00001297 _____ () C:\Users\Public\Desktop\HP LaserJet 200 color MFP M276 - Help & Learn Center.lnk
2014-03-06 12:05 - 2014-03-06 12:05 - 00000199 _____ () C:\Windows\SysWOW64\msiexec.log
2014-03-06 12:05 - 2014-03-06 12:05 - 00000168 _____ () C:\Windows\system32\AddPort.ini
2014-03-06 12:05 - 2014-03-06 12:05 - 00000000 ____D () C:\Users\Nathaniel\Desktop\HP
2014-03-06 12:00 - 2014-03-06 11:59 - 00000000 ____D () C:\HP_LaserJet_200_color_MFP_M276
2014-03-06 11:58 - 2014-03-06 11:56 - 115599616 _____ () C:\Users\Nathaniel\Downloads\LJ-Pro-200-color-MFP-M276-full-solution-12201.exe
2014-03-05 09:26 - 2014-04-01 15:16 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-04-01 15:16 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-04-01 15:16 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\Nathaniel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Nathaniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsatnnb.dll
C:\Users\Nathaniel\AppData\Local\Temp\nvStInst.exe
C:\Users\Nathaniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Nathaniel\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 07:08] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
 
LastRegBack: 2014-03-24 18:53
 
==================== End Of Log ============================
 
 
 
 
Addition
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Nathaniel at 2014-04-03 13:20:22
Running from C:\Users\Nathaniel\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.7 - Dropbox, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
HP LaserJet 200 color MFP M276 (HKLM-x32\...\{CC38C23C-7824-4DBB-AC73-997CD0BBFEC7}) (Version: 5.0.12201.1116 - Hewlett-Packard)
HP LaserJet 200 color MFP M276 Fax (x32 Version: 29.0.84.0 - Hewlett-Packard Co.) Hidden
HP LaserJet 200 color MFP M276 HP Device Toolbox (x32 Version: 29.0.84.0 - Hewlett-Packard Co.) Hidden
HP LJ200 M276 HP Scan (x32 Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (x32 Version: 4.0.0.7242 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 2.0.0.404 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.404 - HP) Hidden
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM276DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.8 - HP) Hidden
HPLaserJet200color-MFPM276_HelpLearnCenter_SI (HKLM-x32\...\{0F044C7A-6EE1-4F03-90AC-329AAF2FCF12}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden
HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden
HPLJUTM276 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM276 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM276LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
hppSendFaxM276 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM276 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Project Professional 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA 3D Vision Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Perfect Photo Suite 8 (HKLM-x32\...\{FCB1666A-3488-4E43-A680-A111398C80E9}) (Version: 8.1.0 - onOne Software)
Search Protection (HKCU\...\Search Protection) (Version: 8.9.0.1 - Spigot, Inc.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Tennis Elbow 2013 1.0c (HKLM-x32\...\Tennis Elbow 2013) (Version: 1.0c - Mana Games)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D5412C67-998B-4246-A668-AB522D9F63FE}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{686A7FD7-2496-49C8-A0BE-D8A1CF1A32ED}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{A3C746D9-41B4-4C7E-BF60-0F8C50AD5A0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{EADF44E2-DD3F-4FAC-B17F-566956C06503}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{12087F1E-35F9-4620-9157-BD9C3CFFA2E2}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{52105DB7-F9D9-482C-8796-1461BBB69123}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00B4-0409-1000-0000000FF1CE}_Office15.PRJPROR_{BE6BA77F-2B69-4871-93D5-212C5D95BD32}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
18-03-2014 13:35:32 Windows Update
25-03-2014 16:53:35 Scheduled Checkpoint
31-03-2014 20:10:51 Windows Modules Installer
 
==================== Hosts content: ==========================
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06436CFE-2043-45CF-BA92-803764376472} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {145CBF50-B50E-46DE-B6A0-1C914833CCB4} - \UpdaterEX No Task File
Task: {1D7E489E-37DF-4960-BEA4-98331F2D2BF2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {405E6ADC-B25D-42F4-9C3C-F55A479F1910} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {55EFE9E0-597C-466E-B0A1-08360EDCEA8B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core => C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-30] (Facebook Inc.)
Task: {5728B7AA-3A35-4941-8309-FEE3B417AA14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-12] (Google Inc.)
Task: {5B325225-2AD4-4963-88D8-588BCF822B1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-12] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AC8AF57-BBB1-4F80-9650-8AF12EC4B63D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MA-LAPTOP-Nathaniel MA-Laptop => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {98F7C2ED-DD64-4913-B4AE-8F0B01577734} - \MySearchDial No Task File
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C4A7C7B5-84E3-4E0A-A35D-10FA7126F8D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA => C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-30] (Facebook Inc.)
Task: {C72825C4-4861-45AF-9187-BA9151FBD310} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D565A617-CD04-402E-93A9-B640C9AF8BFF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-15] (Hewlett Packard)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003Core.job => C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4197190699-2502681883-4131900191-1003UA.job => C:\Users\Nathaniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-12 13:13 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-17 12:25 - 2013-10-17 12:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-07-19 13:55 - 2013-07-19 13:55 - 01421480 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-10-17 12:25 - 2013-10-17 12:25 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-04-03 08:27 - 2014-04-03 08:27 - 00041984 _____ () C:\Users\Nathaniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsatnnb.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Nathaniel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-16 18:41 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
2014-03-29 15:21 - 2014-03-29 15:21 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Nathaniel\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/02/2014 05:43:42 PM) (Source: Application Hang) (User: )
Description: The program LiveComm.exe version 17.5.9600.20413 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1e44
 
Start Time: 01cf4e87d13f66a4
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: f0b49c14-ba85-11e3-825c-0c8bfdb9f8c4
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (04/01/2014 03:38:37 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=33.0.1750.154;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f31f7bd1-0c65-4dad-b306-764fa9295b13.dmp
 
Error: (03/31/2014 10:43:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:43:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:43:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:43:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:42:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:42:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:42:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/31/2014 10:42:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Error in manifest or policy file "Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" on line Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition is Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (04/01/2014 04:04:18 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvUpdater service failed to start due to the following error: 
%%2
 
Error: (04/01/2014 03:45:04 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvUpdater service failed to start due to the following error: 
%%2
 
Error: (04/01/2014 03:44:15 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (04/01/2014 03:38:30 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service terminated unexpectedly. It has done this 1 time(s).
 
Error: (04/01/2014 03:38:30 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (04/01/2014 03:12:50 PM) (Source: Service Control Manager) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: 
%%0
 
Error: (04/01/2014 02:56:43 PM) (Source: DCOM) (User: MA-LAPTOP)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}
 
Error: (04/01/2014 02:45:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
 
Error: (04/01/2014 07:24:04 AM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error: 
%%2
 
Error: (04/01/2014 07:06:45 AM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvUpdater service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
 
Microsoft Office Sessions:
=========================
Error: (04/02/2014 05:43:42 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.204131e4401cf4e87d13f66a44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exef0b49c14-ba85-11e3-825c-0c8bfdb9f8c4microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (04/01/2014 03:38:37 PM) (Source: Chrome)(User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=33.0.1750.154;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f31f7bd1-0c65-4dad-b306-764fa9295b13.dmp
 
Error: (03/31/2014 10:43:57 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:43:56 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:43:04 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:43:03 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:42:54 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:42:54 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:42:53 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
Error: (03/31/2014 10:42:52 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFCLOC,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\DLCleaner\mfc90u.dllC:\Program Files (x86)\DLCleaner\Microsoft.VC90.MFCLOC.MANIFEST4
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 41%
Total physical RAM: 6042.57 MB
Available physical RAM: 3527.07 MB
Total Pagefile: 7002.57 MB
Available Pagefile: 4217.78 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.42 GB) (Free:416.3 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 06881F6F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
TDSS
 
 
13:25:43.0294 0x0d14  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
13:25:58.0929 0x0d14  ============================================================
13:25:58.0929 0x0d14  Current date / time: 2014/04/03 13:25:58.0929
13:25:58.0929 0x0d14  SystemInfo:
13:25:58.0930 0x0d14  
13:25:58.0930 0x0d14  OS Version: 6.3.9600 ServicePack: 0.0
13:25:58.0930 0x0d14  Product type: Workstation
13:25:58.0930 0x0d14  ComputerName: MA-LAPTOP
13:25:58.0930 0x0d14  UserName: Nathaniel
13:25:58.0930 0x0d14  Windows directory: C:\Windows
13:25:58.0930 0x0d14  System windows directory: C:\Windows
13:25:58.0930 0x0d14  Running under WOW64
13:25:58.0930 0x0d14  Processor architecture: Intel x64
13:25:58.0930 0x0d14  Number of processors: 4
13:25:58.0930 0x0d14  Page size: 0x1000
13:25:58.0930 0x0d14  Boot type: Normal boot
13:25:58.0930 0x0d14  ============================================================
13:25:59.0231 0x0d14  KLMD registered as C:\Windows\system32\drivers\26916844.sys
13:25:59.0581 0x0d14  System UUID: {48CF8A24-A6AF-D2EA-EF8B-FC6B083523D2}
13:26:01.0010 0x0d14  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:26:01.0027 0x0d14  ============================================================
13:26:01.0027 0x0d14  \Device\Harddisk0\DR0:
13:26:01.0028 0x0d14  MBR partitions:
13:26:01.0028 0x0d14  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
13:26:01.0028 0x0d14  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x3A2D6000
13:26:01.0028 0x0d14  ============================================================
13:26:01.0049 0x0d14  C: <-> \Device\Harddisk0\DR0\Partition2
13:26:01.0049 0x0d14  ============================================================
13:26:01.0049 0x0d14  Initialize success
13:26:01.0049 0x0d14  ============================================================
13:26:11.0309 0x1608  ============================================================
13:26:11.0309 0x1608  Scan started
13:26:11.0309 0x1608  Mode: Manual; 
13:26:11.0309 0x1608  ============================================================
13:26:11.0309 0x1608  KSN ping started
13:26:12.0235 0x1608  KSN ping finished: true
13:26:12.0679 0x1608  ================ Scan system memory ========================
13:26:12.0679 0x1608  System memory - ok
13:26:12.0679 0x1608  ================ Scan services =============================
13:26:12.0871 0x1608  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
13:26:12.0884 0x1608  1394ohci - ok
13:26:12.0925 0x1608  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
13:26:12.0931 0x1608  3ware - ok
13:26:12.0978 0x1608  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:26:12.0991 0x1608  ACPI - ok
13:26:13.0010 0x1608  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
13:26:13.0013 0x1608  acpiex - ok
13:26:13.0022 0x1608  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
13:26:13.0023 0x1608  acpipagr - ok
13:26:13.0033 0x1608  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
13:26:13.0034 0x1608  AcpiPmi - ok
13:26:13.0040 0x1608  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
13:26:13.0041 0x1608  acpitime - ok
13:26:13.0109 0x1608  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:26:13.0113 0x1608  AdobeARMservice - ok
13:26:13.0224 0x1608  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:26:13.0239 0x1608  AdobeFlashPlayerUpdateSvc - ok
13:26:13.0310 0x1608  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
13:26:13.0337 0x1608  ADP80XX - ok
13:26:13.0369 0x1608  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:26:13.0372 0x1608  AeLookupSvc - ok
13:26:13.0402 0x1608  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\Windows\system32\drivers\afd.sys
13:26:13.0414 0x1608  AFD - ok
13:26:13.0431 0x1608  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:26:13.0434 0x1608  agp440 - ok
13:26:13.0440 0x1608  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
13:26:13.0442 0x1608  ahcache - ok
13:26:13.0454 0x1608  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
13:26:13.0457 0x1608  ALG - ok
13:26:13.0475 0x1608  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
13:26:13.0478 0x1608  AmdK8 - ok
13:26:13.0505 0x1608  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
13:26:13.0512 0x1608  AmdPPM - ok
13:26:13.0533 0x1608  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:26:13.0539 0x1608  amdsata - ok
13:26:13.0564 0x1608  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:26:13.0578 0x1608  amdsbs - ok
13:26:13.0591 0x1608  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:26:13.0593 0x1608  amdxata - ok
13:26:13.0631 0x1608  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
13:26:13.0636 0x1608  AppID - ok
13:26:13.0669 0x1608  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:26:13.0672 0x1608  AppIDSvc - ok
13:26:13.0702 0x1608  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\Windows\System32\appinfo.dll
13:26:13.0708 0x1608  Appinfo - ok
13:26:13.0738 0x1608  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:26:13.0750 0x1608  AppMgmt - ok
13:26:13.0817 0x1608  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\Windows\system32\AppReadiness.dll
13:26:13.0838 0x1608  AppReadiness - ok
13:26:13.0935 0x1608  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
13:26:13.0962 0x1608  AppXSvc - ok
13:26:13.0991 0x1608  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:26:13.0995 0x1608  arcsas - ok
13:26:14.0011 0x1608  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:26:14.0015 0x1608  atapi - ok
13:26:14.0042 0x1608  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
13:26:14.0046 0x1608  AudioEndpointBuilder - ok
13:26:14.0100 0x1608  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:26:14.0113 0x1608  Audiosrv - ok
13:26:14.0147 0x1608  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:26:14.0151 0x1608  AxInstSV - ok
13:26:14.0198 0x1608  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:26:14.0220 0x1608  b06bdrv - ok
13:26:14.0255 0x1608  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
13:26:14.0258 0x1608  BasicDisplay - ok
13:26:14.0269 0x1608  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
13:26:14.0270 0x1608  BasicRender - ok
13:26:14.0329 0x1608  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
13:26:14.0339 0x1608  BBSvc - ok
13:26:14.0359 0x1608  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
13:26:14.0372 0x1608  BBUpdate - ok
13:26:14.0391 0x1608  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
13:26:14.0394 0x1608  bcmfn2 - ok
13:26:14.0449 0x1608  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\Windows\System32\bdesvc.dll
13:26:14.0468 0x1608  BDESVC - ok
13:26:14.0484 0x1608  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
13:26:14.0486 0x1608  Beep - ok
13:26:14.0556 0x1608  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\Windows\System32\bfe.dll
13:26:14.0580 0x1608  BFE - ok
13:26:14.0656 0x1608  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
13:26:14.0695 0x1608  BITS - ok
13:26:14.0734 0x1608  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:26:14.0741 0x1608  bowser - ok
13:26:14.0794 0x1608  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
13:26:14.0808 0x1608  BrokerInfrastructure - ok
13:26:14.0848 0x1608  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll
13:26:14.0856 0x1608  Browser - ok
13:26:14.0872 0x1608  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
13:26:14.0875 0x1608  BthAvrcpTg - ok
13:26:14.0925 0x1608  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
13:26:14.0928 0x1608  BthEnum - ok
13:26:14.0955 0x1608  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
13:26:14.0959 0x1608  BthHFEnum - ok
13:26:14.0976 0x1608  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
13:26:14.0978 0x1608  bthhfhid - ok
13:26:15.0011 0x1608  [ FCD8BD17B7193CFFF18C332D1A381D7F, CD8A03086695F8FF2566697164D1FD1B60210C017220EFBD78CB12C38CD12BE1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
13:26:15.0026 0x1608  BthLEEnum - ok
13:26:15.0050 0x1608  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
13:26:15.0053 0x1608  BTHMODEM - ok
13:26:15.0070 0x1608  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:26:15.0074 0x1608  BthPan - ok
13:26:15.0174 0x1608  [ 10EDF9E0838BA4578FFFFF274632D454, 7719C161A3A05DF62124177A8EC97800DFE855D2B738C443F1B44E8643A4CF44 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:26:15.0208 0x1608  BTHPORT - ok
13:26:15.0233 0x1608  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
13:26:15.0235 0x1608  bthserv - ok
13:26:15.0251 0x1608  [ 0E7FA34B975764C33B5DBC6F8C401627, 9727B9D216D0670D2F2BC5B464B5FDAEC8BC769CA6ADC7F3858EDA3DA0F8036C ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:26:15.0254 0x1608  BTHUSB - ok
13:26:15.0275 0x1608  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:26:15.0277 0x1608  cdfs - ok
13:26:15.0307 0x1608  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
13:26:15.0312 0x1608  cdrom - ok
13:26:15.0333 0x1608  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:26:15.0338 0x1608  CertPropSvc - ok
13:26:15.0352 0x1608  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
13:26:15.0353 0x1608  circlass - ok
13:26:15.0374 0x1608  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
13:26:15.0382 0x1608  CLFS - ok
13:26:15.0398 0x1608  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
13:26:15.0399 0x1608  CmBatt - ok
13:26:15.0415 0x1608  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:26:15.0426 0x1608  CNG - ok
13:26:15.0480 0x1608  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
13:26:15.0483 0x1608  CompositeBus - ok
13:26:15.0491 0x1608  COMSysApp - ok
13:26:15.0502 0x1608  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
13:26:15.0506 0x1608  condrv - ok
13:26:15.0599 0x1608  [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
13:26:15.0615 0x1608  cphs - ok
13:26:15.0659 0x1608  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:26:15.0666 0x1608  CryptSvc - ok
13:26:15.0728 0x1608  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\Windows\system32\drivers\csc.sys
13:26:15.0754 0x1608  CSC - ok
13:26:15.0800 0x1608  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\Windows\System32\cscsvc.dll
13:26:15.0817 0x1608  CscService - ok
13:26:15.0827 0x1608  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
13:26:15.0829 0x1608  dam - ok
13:26:15.0893 0x1608  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:26:15.0917 0x1608  DcomLaunch - ok
13:26:15.0954 0x1608  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:26:15.0961 0x1608  defragsvc - ok
13:26:15.0995 0x1608  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\Windows\System32\drivers\DellRbtn.sys
13:26:15.0996 0x1608  DellRbtn - ok
13:26:16.0029 0x1608  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\Windows\system32\das.dll
13:26:16.0036 0x1608  DeviceAssociationService - ok
13:26:16.0055 0x1608  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
13:26:16.0058 0x1608  DeviceInstall - ok
13:26:16.0074 0x1608  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
13:26:16.0078 0x1608  Dfsc - ok
13:26:16.0118 0x1608  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:26:16.0124 0x1608  Dhcp - ok
13:26:16.0140 0x1608  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
13:26:16.0144 0x1608  disk - ok
13:26:16.0147 0x1608  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
13:26:16.0148 0x1608  dmvsc - ok
13:26:16.0185 0x1608  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:26:16.0189 0x1608  Dnscache - ok
13:26:16.0220 0x1608  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
13:26:16.0229 0x1608  dot3svc - ok
13:26:16.0251 0x1608  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
13:26:16.0259 0x1608  DPS - ok
13:26:16.0279 0x1608  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:26:16.0281 0x1608  drmkaud - ok
13:26:16.0306 0x1608  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
13:26:16.0314 0x1608  DsmSvc - ok
13:26:16.0411 0x1608  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:26:16.0501 0x1608  DXGKrnl - ok
13:26:16.0536 0x1608  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
13:26:16.0539 0x1608  Eaphost - ok
13:26:16.0678 0x1608  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:26:16.0814 0x1608  ebdrv - ok
13:26:16.0852 0x1608  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
13:26:16.0853 0x1608  EFS - ok
13:26:16.0871 0x1608  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
13:26:16.0876 0x1608  EhStorClass - ok
13:26:16.0898 0x1608  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
13:26:16.0906 0x1608  EhStorTcgDrv - ok
13:26:16.0922 0x1608  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
13:26:16.0923 0x1608  ErrDev - ok
13:26:16.0979 0x1608  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
13:26:17.0001 0x1608  EventSystem - ok
13:26:17.0025 0x1608  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:26:17.0032 0x1608  exfat - ok
13:26:17.0059 0x1608  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:26:17.0067 0x1608  fastfat - ok
13:26:17.0115 0x1608  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
13:26:17.0139 0x1608  Fax - ok
13:26:17.0154 0x1608  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
13:26:17.0155 0x1608  fdc - ok
13:26:17.0171 0x1608  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
13:26:17.0172 0x1608  fdPHost - ok
13:26:17.0188 0x1608  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
13:26:17.0190 0x1608  FDResPub - ok
13:26:17.0209 0x1608  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
13:26:17.0214 0x1608  fhsvc - ok
13:26:17.0230 0x1608  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:26:17.0233 0x1608  FileInfo - ok
13:26:17.0253 0x1608  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:26:17.0256 0x1608  Filetrace - ok
13:26:17.0274 0x1608  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
13:26:17.0275 0x1608  flpydisk - ok
13:26:17.0298 0x1608  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:26:17.0309 0x1608  FltMgr - ok
13:26:17.0382 0x1608  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\Windows\system32\FntCache.dll
13:26:17.0427 0x1608  FontCache - ok
13:26:17.0528 0x1608  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:26:17.0531 0x1608  FontCache3.0.0.0 - ok
13:26:17.0552 0x1608  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:26:17.0557 0x1608  FsDepends - ok
13:26:17.0578 0x1608  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:26:17.0582 0x1608  Fs_Rec - ok
13:26:17.0639 0x1608  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:26:17.0659 0x1608  fvevol - ok
13:26:17.0680 0x1608  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
13:26:17.0681 0x1608  FxPPM - ok
13:26:17.0705 0x1608  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:26:17.0709 0x1608  gagp30kx - ok
13:26:17.0734 0x1608  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
13:26:17.0735 0x1608  gencounter - ok
13:26:17.0753 0x1608  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
13:26:17.0759 0x1608  GPIOClx0101 - ok
13:26:17.0832 0x1608  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\Windows\System32\gpsvc.dll
13:26:17.0861 0x1608  gpsvc - ok
13:26:17.0935 0x1608  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:26:17.0941 0x1608  gupdate - ok
13:26:17.0955 0x1608  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:26:17.0961 0x1608  gupdatem - ok
13:26:18.0023 0x1608  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:26:18.0041 0x1608  HdAudAddService - ok
13:26:18.0057 0x1608  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
13:26:18.0060 0x1608  HDAudBus - ok
13:26:18.0079 0x1608  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
13:26:18.0080 0x1608  HidBatt - ok
13:26:18.0109 0x1608  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
13:26:18.0112 0x1608  HidBth - ok
13:26:18.0123 0x1608  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
13:26:18.0125 0x1608  hidi2c - ok
13:26:18.0142 0x1608  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
13:26:18.0145 0x1608  HidIr - ok
13:26:18.0171 0x1608  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
13:26:18.0174 0x1608  hidserv - ok
13:26:18.0190 0x1608  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
13:26:18.0191 0x1608  HidUsb - ok
13:26:18.0238 0x1608  [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
13:26:18.0270 0x1608  hitmanpro37 - ok
13:26:18.0309 0x1608  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:26:18.0317 0x1608  hkmsvc - ok
13:26:18.0349 0x1608  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:26:18.0367 0x1608  HomeGroupListener - ok
13:26:18.0407 0x1608  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:26:18.0425 0x1608  HomeGroupProvider - ok
13:26:18.0466 0x1608  [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
13:26:18.0468 0x1608  HP DS Service - ok
13:26:18.0494 0x1608  [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
13:26:18.0503 0x1608  HP LaserJet Service - ok
13:26:18.0537 0x1608  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:26:18.0541 0x1608  HpSAMD - ok
13:26:18.0621 0x1608  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:26:18.0657 0x1608  HTTP - ok
13:26:18.0672 0x1608  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:26:18.0674 0x1608  hwpolicy - ok
13:26:18.0678 0x1608  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
13:26:18.0679 0x1608  hyperkbd - ok
13:26:18.0683 0x1608  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
13:26:18.0684 0x1608  HyperVideo - ok
13:26:18.0713 0x1608  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
13:26:18.0717 0x1608  i8042prt - ok
13:26:18.0722 0x1608  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
13:26:18.0723 0x1608  iaLPSSi_GPIO - ok
13:26:18.0743 0x1608  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
13:26:18.0748 0x1608  iaLPSSi_I2C - ok
13:26:18.0774 0x1608  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
13:26:18.0790 0x1608  iaStorAV - ok
13:26:18.0813 0x1608  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:26:18.0822 0x1608  iaStorV - ok
13:26:18.0826 0x1608  IEEtwCollectorService - ok
13:26:18.0952 0x1608  [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:26:19.0107 0x1608  igfx - ok
13:26:19.0167 0x1608  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:26:19.0200 0x1608  IKEEXT - ok
13:26:19.0235 0x1608  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
13:26:19.0237 0x1608  intaud_WaveExtensible - ok
13:26:19.0264 0x1608  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:26:19.0267 0x1608  intelide - ok
13:26:19.0299 0x1608  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\Windows\system32\drivers\intelpep.sys
13:26:19.0303 0x1608  intelpep - ok
13:26:19.0334 0x1608  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
13:26:19.0340 0x1608  intelppm - ok
13:26:19.0363 0x1608  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:26:19.0368 0x1608  IpFilterDriver - ok
13:26:19.0445 0x1608  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:26:19.0470 0x1608  iphlpsvc - ok
13:26:19.0476 0x1608  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
13:26:19.0478 0x1608  IPMIDRV - ok
13:26:19.0500 0x1608  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:26:19.0504 0x1608  IPNAT - ok
13:26:19.0523 0x1608  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:26:19.0524 0x1608  IRENUM - ok
13:26:19.0534 0x1608  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:26:19.0535 0x1608  isapnp - ok
13:26:19.0556 0x1608  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
13:26:19.0565 0x1608  iScsiPrt - ok
13:26:19.0588 0x1608  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
13:26:19.0589 0x1608  iwdbus - ok
13:26:19.0607 0x1608  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
13:26:19.0609 0x1608  kbdclass - ok
13:26:19.0620 0x1608  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
13:26:19.0621 0x1608  kbdhid - ok
13:26:19.0638 0x1608  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\Windows\system32\drivers\kbldfltr.sys
13:26:19.0640 0x1608  kbldfltr - ok
13:26:19.0654 0x1608  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
13:26:19.0655 0x1608  kdnic - ok
13:26:19.0670 0x1608  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
13:26:19.0672 0x1608  KeyIso - ok
13:26:19.0703 0x1608  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:26:19.0708 0x1608  KSecDD - ok
13:26:19.0737 0x1608  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:26:19.0749 0x1608  KSecPkg - ok
13:26:19.0771 0x1608  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:26:19.0773 0x1608  ksthunk - ok
13:26:19.0821 0x1608  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:26:19.0842 0x1608  KtmRm - ok
13:26:19.0891 0x1608  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:26:19.0910 0x1608  LanmanServer - ok
13:26:19.0944 0x1608  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:26:19.0962 0x1608  LanmanWorkstation - ok
13:26:20.0028 0x1608  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
13:26:20.0057 0x1608  lfsvc - ok
13:26:20.0085 0x1608  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:26:20.0091 0x1608  lltdio - ok
13:26:20.0130 0x1608  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:26:20.0148 0x1608  lltdsvc - ok
13:26:20.0170 0x1608  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:26:20.0175 0x1608  lmhosts - ok
13:26:20.0200 0x1608  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:26:20.0208 0x1608  LSI_SAS - ok
13:26:20.0232 0x1608  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:26:20.0238 0x1608  LSI_SAS2 - ok
13:26:20.0251 0x1608  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
13:26:20.0256 0x1608  LSI_SAS3 - ok
13:26:20.0269 0x1608  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
13:26:20.0275 0x1608  LSI_SSS - ok
13:26:20.0332 0x1608  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\Windows\System32\lsm.dll
13:26:20.0355 0x1608  LSM - ok
13:26:20.0376 0x1608  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:26:20.0381 0x1608  luafv - ok
13:26:20.0413 0x1608  [ 92008BFC4A409AD92DFBB50AF392AECC, 99B6B005B0DD4307D8A9A3AB08E81778B333AE5279EE5C5C18E9E2FBCBB56370 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:26:20.0416 0x1608  MBAMProtector - ok
13:26:20.0536 0x1608  [ 47DF4BC3D1561B6DAFA0862735FA1493, 88791A710DD71CCAE9FB772AD85BE94BA21B65D7C85937BE85D5B12885EC4CD3 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
13:26:20.0631 0x1608  MBAMScheduler - ok
13:26:20.0663 0x1608  [ 2CFC417EED3BF5DDA255CB7EF7E09D45, C70C3AC5A2D97904F2E27669AFE5F7EED0F25B387BEFD42B68E36D44F9A3D37D ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
13:26:20.0680 0x1608  MBAMService - ok
13:26:20.0751 0x1608  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:26:20.0758 0x1608  MBAMSwissArmy - ok
13:26:20.0782 0x1608  [ 43B54D2F6A1EC2028F64CE733204D417, 02790582EB8FBCC71D2818F9A4176F85D530E31E4767A05C05D5697FC560EC97 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:26:20.0786 0x1608  MBAMWebAccessControl - ok
13:26:20.0815 0x1608  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
13:26:20.0820 0x1608  megasas - ok
13:26:20.0873 0x1608  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
13:26:20.0894 0x1608  megasr - ok
13:26:20.0921 0x1608  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
13:26:20.0926 0x1608  MEIx64 - ok
13:26:20.0956 0x1608  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
13:26:20.0959 0x1608  MMCSS - ok
13:26:20.0972 0x1608  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
13:26:20.0975 0x1608  Modem - ok
13:26:20.0986 0x1608  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
13:26:20.0989 0x1608  monitor - ok
13:26:21.0006 0x1608  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
13:26:21.0010 0x1608  mouclass - ok
13:26:21.0024 0x1608  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
13:26:21.0025 0x1608  mouhid - ok
13:26:21.0043 0x1608  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:26:21.0047 0x1608  mountmgr - ok
13:26:21.0101 0x1608  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:26:21.0107 0x1608  MozillaMaintenance - ok
13:26:21.0121 0x1608  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:26:21.0125 0x1608  mpsdrv - ok
13:26:21.0202 0x1608  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:26:21.0229 0x1608  MpsSvc - ok
13:26:21.0267 0x1608  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:26:21.0274 0x1608  MRxDAV - ok
13:26:21.0310 0x1608  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:26:21.0324 0x1608  mrxsmb - ok
13:26:21.0348 0x1608  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:26:21.0358 0x1608  mrxsmb10 - ok
13:26:21.0397 0x1608  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:26:21.0409 0x1608  mrxsmb20 - ok
13:26:21.0434 0x1608  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
13:26:21.0443 0x1608  MsBridge - ok
13:26:21.0481 0x1608  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
13:26:21.0492 0x1608  MSDTC - ok
13:26:21.0519 0x1608  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:26:21.0522 0x1608  Msfs - ok
13:26:21.0541 0x1608  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
13:26:21.0545 0x1608  msgpiowin32 - ok
13:26:21.0560 0x1608  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:26:21.0561 0x1608  mshidkmdf - ok
13:26:21.0576 0x1608  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
13:26:21.0579 0x1608  mshidumdf - ok
13:26:21.0599 0x1608  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:26:21.0602 0x1608  msisadrv - ok
13:26:21.0631 0x1608  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:26:21.0642 0x1608  MSiSCSI - ok
13:26:21.0651 0x1608  msiserver - ok
13:26:21.0676 0x1608  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
13:26:21.0685 0x1608  MsKeyboardFilter - ok
13:26:21.0708 0x1608  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:26:21.0711 0x1608  MSKSSRV - ok
13:26:21.0730 0x1608  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
13:26:21.0735 0x1608  MsLldp - ok
13:26:21.0743 0x1608  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:26:21.0745 0x1608  MSPCLOCK - ok
13:26:21.0753 0x1608  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:26:21.0756 0x1608  MSPQM - ok
13:26:21.0796 0x1608  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:26:21.0812 0x1608  MsRPC - ok
13:26:21.0833 0x1608  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
13:26:21.0835 0x1608  mssmbios - ok
13:26:21.0841 0x1608  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:26:21.0842 0x1608  MSTEE - ok
13:26:21.0860 0x1608  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
13:26:21.0861 0x1608  MTConfig - ok
13:26:21.0869 0x1608  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
13:26:21.0872 0x1608  Mup - ok
13:26:21.0879 0x1608  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
13:26:21.0882 0x1608  mvumis - ok
13:26:21.0925 0x1608  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
13:26:21.0939 0x1608  napagent - ok
13:26:21.0984 0x1608  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:26:22.0000 0x1608  NativeWifiP - ok
13:26:22.0019 0x1608  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
13:26:22.0026 0x1608  NcaSvc - ok
13:26:22.0052 0x1608  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
13:26:22.0058 0x1608  NcbService - ok
13:26:22.0082 0x1608  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
13:26:22.0085 0x1608  NcdAutoSetup - ok
13:26:22.0161 0x1608  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:26:22.0207 0x1608  NDIS - ok
13:26:22.0227 0x1608  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:26:22.0229 0x1608  NdisCap - ok
13:26:22.0252 0x1608  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
13:26:22.0259 0x1608  NdisImPlatform - ok
13:26:22.0276 0x1608  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:26:22.0280 0x1608  NdisTapi - ok
13:26:22.0300 0x1608  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:26:22.0305 0x1608  Ndisuio - ok
13:26:22.0327 0x1608  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
13:26:22.0331 0x1608  NdisVirtualBus - ok
13:26:22.0368 0x1608  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:26:22.0381 0x1608  NdisWan - ok
13:26:22.0398 0x1608  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
13:26:22.0410 0x1608  NdisWanLegacy - ok
13:26:22.0425 0x1608  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:26:22.0430 0x1608  NDProxy - ok
13:26:22.0451 0x1608  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
13:26:22.0458 0x1608  Ndu - ok
13:26:22.0497 0x1608  [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
13:26:22.0502 0x1608  Net Driver HPZ12 - ok
13:26:22.0512 0x1608  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:26:22.0516 0x1608  NetBIOS - ok
13:26:22.0538 0x1608  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:26:22.0555 0x1608  NetBT - ok
13:26:22.0567 0x1608  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
13:26:22.0569 0x1608  Netlogon - ok
13:26:22.0605 0x1608  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
13:26:22.0614 0x1608  Netman - ok
13:26:22.0646 0x1608  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
13:26:22.0663 0x1608  netprofm - ok
13:26:22.0712 0x1608  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:26:22.0720 0x1608  NetTcpPortSharing - ok
13:26:22.0748 0x1608  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
13:26:22.0754 0x1608  netvsc - ok
13:26:22.0911 0x1608  [ 31D3E4959C410A7DEC2109CA8BF369AD, C62EFB02E950BCAC104051603DEDD9A497ED4FA81D3236008C15AFACE6CBE092 ] NETwNb64        C:\Windows\system32\DRIVERS\NETwbw02.sys
13:26:23.0058 0x1608  NETwNb64 - ok
13:26:23.0211 0x1608  [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew02.sys
13:26:23.0377 0x1608  NETwNe64 - ok
13:26:23.0416 0x1608  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:26:23.0423 0x1608  NlaSvc - ok
13:26:23.0496 0x1608  [ 91FC7F4BB192639E8893A9733E1F0E82, 095A807ACE813A8954018293D65294DFAFA2B1A66DCAFBCFDACA8654FF062C31 ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
13:26:23.0502 0x1608  nlsX86cc - ok
13:26:23.0525 0x1608  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:26:23.0530 0x1608  Npfs - ok
13:26:23.0553 0x1608  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
13:26:23.0555 0x1608  npsvctrig - ok
13:26:23.0583 0x1608  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
13:26:23.0587 0x1608  nsi - ok
13:26:23.0598 0x1608  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:26:23.0601 0x1608  nsiproxy - ok
13:26:23.0726 0x1608  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:26:23.0819 0x1608  Ntfs - ok
13:26:23.0830 0x1608  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
13:26:23.0831 0x1608  Null - ok
13:26:24.0201 0x1608  [ 52B33E12FF8C9E219CAEC1BB4A5F5E4C, 5272178B39FEDB3F001249FE7C852787EFD715FC49BBAAE58158A189AFB8A337 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:26:24.0548 0x1608  nvlddmkm - ok
13:26:24.0679 0x1608  [ 6F5D2728019DCE7BFF3BAC1885CC0449, D62ECFE384361F04E6AF446CBB8CF64A58556AEFC0E04204F81073B016960EB8 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:26:24.0707 0x1608  NvNetworkService - ok
13:26:24.0717 0x1608  [ FACB0871B4480935F47234362F2FAE26, 1C5D520540E8B809C60AC0DA593918471D22E84C54D901C8FF2210FE33073940 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
13:26:24.0719 0x1608  nvpciflt - ok
13:26:24.0741 0x1608  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:26:24.0745 0x1608  nvraid - ok
13:26:24.0752 0x1608  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:26:24.0756 0x1608  nvstor - ok
13:26:25.0296 0x1608  [ F9C2484E42EDB56E1FFE8378DA3AA778, FB200D950A3BC92B5207A31E9B8255F1DA3989F2DEA160FB653AD1D283FFBFC4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
13:26:25.0561 0x1608  NvStreamSvc - ok
13:26:25.0614 0x1608  [ 2B47EDD27365F9F5D8E87648BECF52C4, CADA4B19791441373580919FFF89623489C7A1737857760B96CC3F0A08DB8D59 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:26:25.0629 0x1608  nvsvc - ok
13:26:25.0654 0x1608  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:26:25.0655 0x1608  nvvad_WaveExtensible - ok
13:26:25.0674 0x1608  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:26:25.0681 0x1608  nv_agp - ok
13:26:25.0751 0x1608  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:26:25.0760 0x1608  ose64 - ok
13:26:25.0846 0x1608  [ A7D2BB4D2F143AAF0809F4DD07D6BA98, 1704853057DABD59E8113D9062135A7912EBE7F928CA4B29B675700ADEA7DBEA ] OutfoxTvService C:\Program Files\OutfoxTV\OutfoxTvService.exe
13:26:25.0868 0x1608  OutfoxTvService - ok
13:26:25.0872 0x1608  OutfoxTvUpdater - ok
13:26:25.0914 0x1608  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:26:25.0937 0x1608  p2pimsvc - ok
13:26:25.0986 0x1608  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:26:26.0009 0x1608  p2psvc - ok
13:26:26.0041 0x1608  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
13:26:26.0046 0x1608  Parport - ok
13:26:26.0069 0x1608  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:26:26.0074 0x1608  partmgr - ok
13:26:26.0116 0x1608  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:26:26.0137 0x1608  PcaSvc - ok
13:26:26.0199 0x1608  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\Windows\system32\drivers\pci.sys
13:26:26.0214 0x1608  pci - ok
13:26:26.0231 0x1608  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:26:26.0233 0x1608  pciide - ok
13:26:26.0255 0x1608  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:26:26.0261 0x1608  pcmcia - ok
13:26:26.0268 0x1608  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:26:26.0270 0x1608  pcw - ok
13:26:26.0307 0x1608  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\Windows\system32\drivers\pdc.sys
13:26:26.0314 0x1608  pdc - ok
13:26:26.0365 0x1608  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:26:26.0388 0x1608  PEAUTH - ok
13:26:26.0474 0x1608  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:26:26.0540 0x1608  PeerDistSvc - ok
13:26:26.0602 0x1608  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:26:26.0604 0x1608  PerfHost - ok
13:26:26.0698 0x1608  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
13:26:26.0757 0x1608  pla - ok
13:26:26.0784 0x1608  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:26:26.0787 0x1608  PlugPlay - ok
13:26:26.0819 0x1608  [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
13:26:26.0824 0x1608  Pml Driver HPZ12 - ok
13:26:26.0852 0x1608  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:26:26.0857 0x1608  PNRPAutoReg - ok
13:26:26.0897 0x1608  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:26:26.0913 0x1608  PNRPsvc - ok
13:26:26.0950 0x1608  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:26:26.0966 0x1608  PolicyAgent - ok
13:26:26.0984 0x1608  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
13:26:26.0987 0x1608  Power - ok
13:26:27.0157 0x1608  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
13:26:27.0201 0x1608  PrintNotify - ok
13:26:27.0227 0x1608  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
13:26:27.0231 0x1608  Processor - ok
13:26:27.0266 0x1608  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:26:27.0279 0x1608  ProfSvc - ok
13:26:27.0307 0x1608  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:26:27.0316 0x1608  Psched - ok
13:26:27.0361 0x1608  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
13:26:27.0381 0x1608  QWAVE - ok
13:26:27.0402 0x1608  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:26:27.0406 0x1608  QWAVEdrv - ok
13:26:27.0427 0x1608  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:26:27.0430 0x1608  RasAcd - ok
13:26:27.0462 0x1608  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
13:26:27.0471 0x1608  RasAuto - ok
13:26:27.0517 0x1608  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\Windows\System32\rasmans.dll
13:26:27.0543 0x1608  RasMan - ok
13:26:27.0577 0x1608  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:26:27.0581 0x1608  RasPppoe - ok
13:26:27.0620 0x1608  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:26:27.0635 0x1608  rdbss - ok
13:26:27.0658 0x1608  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
13:26:27.0659 0x1608  rdpbus - ok
13:26:27.0683 0x1608  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:26:27.0691 0x1608  RDPDR - ok
13:26:27.0706 0x1608  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:26:27.0709 0x1608  RdpVideoMiniport - ok
13:26:27.0746 0x1608  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:26:27.0756 0x1608  rdyboost - ok
13:26:27.0810 0x1608  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
13:26:27.0839 0x1608  ReFS - ok
13:26:27.0869 0x1608  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:26:27.0876 0x1608  RemoteAccess - ok
13:26:27.0905 0x1608  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:26:27.0911 0x1608  RemoteRegistry - ok
13:26:27.0934 0x1608  [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
13:26:27.0940 0x1608  RFCOMM - ok
13:26:27.0960 0x1608  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:26:27.0963 0x1608  RpcEptMapper - ok
13:26:27.0973 0x1608  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
13:26:27.0975 0x1608  RpcLocator - ok
13:26:28.0008 0x1608  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\Windows\system32\rpcss.dll
13:26:28.0021 0x1608  RpcSs - ok
13:26:28.0051 0x1608  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:26:28.0053 0x1608  rspndr - ok
13:26:28.0089 0x1608  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
13:26:28.0101 0x1608  RTL8168 - ok
13:26:28.0120 0x1608  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
13:26:28.0121 0x1608  s3cap - ok
13:26:28.0137 0x1608  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
13:26:28.0141 0x1608  SamSs - ok
13:26:28.0175 0x1608  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:26:28.0183 0x1608  sbp2port - ok
13:26:28.0229 0x1608  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:26:28.0246 0x1608  SCardSvr - ok
13:26:28.0284 0x1608  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
13:26:28.0336 0x1608  ScDeviceEnum - ok
13:26:28.0356 0x1608  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:26:28.0359 0x1608  scfilter - ok
13:26:28.0437 0x1608  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\Windows\system32\schedsvc.dll
13:26:28.0485 0x1608  Schedule - ok
13:26:28.0530 0x1608  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:26:28.0539 0x1608  SCPolicySvc - ok
13:26:28.0592 0x1608  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\Windows\System32\drivers\sdbus.sys
13:26:28.0610 0x1608  sdbus - ok
13:26:28.0641 0x1608  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
13:26:28.0649 0x1608  sdstor - ok
13:26:28.0672 0x1608  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:26:28.0675 0x1608  secdrv - ok
13:26:28.0703 0x1608  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
13:26:28.0708 0x1608  seclogon - ok
13:26:28.0725 0x1608  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
13:26:28.0732 0x1608  SENS - ok
13:26:28.0766 0x1608  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:26:28.0781 0x1608  SensrSvc - ok
13:26:28.0803 0x1608  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
13:26:28.0808 0x1608  SerCx - ok
13:26:28.0850 0x1608  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
13:26:28.0859 0x1608  SerCx2 - ok
13:26:28.0880 0x1608  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
13:26:28.0883 0x1608  Serenum - ok
13:26:28.0901 0x1608  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
13:26:28.0908 0x1608  Serial - ok
13:26:28.0930 0x1608  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
13:26:28.0932 0x1608  sermouse - ok
13:26:28.0998 0x1608  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:26:29.0020 0x1608  SessionEnv - ok
13:26:29.0037 0x1608  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
13:26:29.0039 0x1608  sfloppy - ok
13:26:29.0096 0x1608  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:26:29.0121 0x1608  SharedAccess - ok
13:26:29.0187 0x1608  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:26:29.0208 0x1608  ShellHWDetection - ok
13:26:29.0225 0x1608  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:26:29.0229 0x1608  SiSRaid2 - ok
13:26:29.0252 0x1608  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:26:29.0255 0x1608  SiSRaid4 - ok
13:26:29.0298 0x1608  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:26:29.0301 0x1608  SkypeUpdate - ok
13:26:29.0319 0x1608  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
13:26:29.0321 0x1608  smphost - ok
13:26:29.0340 0x1608  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:26:29.0346 0x1608  SNMPTRAP - ok
13:26:29.0399 0x1608  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
13:26:29.0422 0x1608  spaceport - ok
13:26:29.0446 0x1608  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
13:26:29.0449 0x1608  SpbCx - ok
13:26:29.0479 0x1608  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe
13:26:29.0496 0x1608  Spooler - ok
13:26:29.0729 0x1608  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
13:26:29.0828 0x1608  sppsvc - ok
13:26:29.0893 0x1608  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:26:29.0911 0x1608  srv - ok
13:26:29.0963 0x1608  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:26:29.0995 0x1608  srv2 - ok
13:26:30.0040 0x1608  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:26:30.0055 0x1608  srvnet - ok
13:26:30.0100 0x1608  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:26:30.0118 0x1608  SSDPSRV - ok
13:26:30.0137 0x1608  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:26:30.0151 0x1608  SstpSvc - ok
13:26:30.0235 0x1608  [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:26:30.0258 0x1608  Stereo Service - ok
13:26:30.0290 0x1608  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:26:30.0294 0x1608  stexstor - ok
13:26:30.0328 0x1608  [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
13:26:30.0330 0x1608  StillCam - ok
13:26:30.0385 0x1608  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
13:26:30.0406 0x1608  stisvc - ok
13:26:30.0422 0x1608  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
13:26:30.0424 0x1608  storahci - ok
13:26:30.0434 0x1608  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
13:26:30.0437 0x1608  storflt - ok
13:26:30.0473 0x1608  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
13:26:30.0478 0x1608  stornvme - ok
13:26:30.0502 0x1608  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
13:26:30.0507 0x1608  StorSvc - ok
13:26:30.0527 0x1608  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:26:30.0531 0x1608  storvsc - ok
13:26:30.0543 0x1608  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\Windows\System32\drivers\storvsp.sys
13:26:30.0547 0x1608  storvsp - ok
13:26:30.0569 0x1608  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
13:26:30.0576 0x1608  svsvc - ok
13:26:30.0589 0x1608  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
13:26:30.0592 0x1608  swenum - ok
13:26:30.0676 0x1608  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\Windows\System32\swprv.dll
13:26:30.0702 0x1608  swprv - ok
13:26:30.0790 0x1608  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\Windows\system32\sysmain.dll
13:26:30.0817 0x1608  SysMain - ok
13:26:30.0849 0x1608  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
13:26:30.0854 0x1608  SystemEventsBroker - ok
13:26:30.0886 0x1608  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
13:26:30.0900 0x1608  TabletInputService - ok
13:26:30.0940 0x1608  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:26:30.0958 0x1608  TapiSrv - ok
13:26:31.0118 0x0350  Object required for P2P: [ E0EF6C1399A9B1AAA0B28590411BED04 ] C:\Windows\system32\DRIVERS\TeeDriverx64.sys
13:26:31.0120 0x1608  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:26:31.0219 0x1608  Tcpip - ok
13:26:31.0288 0x1608  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:26:31.0328 0x1608  TCPIP6 - ok
13:26:31.0353 0x1608  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:26:31.0355 0x1608  tcpipreg - ok
13:26:31.0370 0x1608  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:26:31.0374 0x1608  tdx - ok
13:26:31.0395 0x1608  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
13:26:31.0399 0x1608  terminpt - ok
13:26:31.0475 0x1608  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\Windows\System32\termsrv.dll
13:26:31.0503 0x1608  TermService - ok
13:26:31.0523 0x1608  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
13:26:31.0525 0x1608  Themes - ok
13:26:31.0551 0x1608  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:26:31.0553 0x1608  THREADORDER - ok
13:26:31.0579 0x1608  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
13:26:31.0595 0x1608  TimeBroker - ok
13:26:31.0643 0x1608  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
13:26:31.0655 0x1608  TPM - ok
13:26:31.0670 0x1608  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
13:26:31.0680 0x1608  TrkWks - ok
13:26:31.0728 0x1608  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:26:31.0734 0x1608  TrustedInstaller - ok
13:26:31.0760 0x1608  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:26:31.0765 0x1608  TsUsbFlt - ok
13:26:31.0782 0x1608  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
13:26:31.0784 0x1608  TsUsbGD - ok
13:26:31.0820 0x1608  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:26:31.0830 0x1608  tunnel - ok
13:26:31.0856 0x1608  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:26:31.0861 0x1608  uagp35 - ok
13:26:31.0887 0x1608  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
13:26:31.0893 0x1608  UASPStor - ok
13:26:31.0940 0x1608  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
13:26:31.0954 0x1608  UCX01000 - ok
13:26:31.0999 0x1608  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:26:32.0019 0x1608  udfs - ok
13:26:32.0043 0x1608  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
13:26:32.0047 0x1608  UEFI - ok
13:26:32.0085 0x1608  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:26:32.0092 0x1608  UI0Detect - ok
13:26:32.0110 0x1608  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:26:32.0115 0x1608  uliagpkx - ok
13:26:32.0193 0x0350  Object send P2P result: true
13:26:32.0253 0x1608  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
13:26:32.0255 0x1608  umbus - ok
13:26:32.0269 0x1608  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
13:26:32.0270 0x1608  UmPass - ok
13:26:32.0302 0x1608  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:26:32.0314 0x1608  UmRdpService - ok
13:26:32.0347 0x1608  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
13:26:32.0363 0x1608  upnphost - ok
13:26:32.0406 0x1608  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
13:26:32.0418 0x1608  usbccgp - ok
13:26:32.0443 0x1608  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
13:26:32.0451 0x1608  usbcir - ok
13:26:32.0477 0x1608  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
13:26:32.0485 0x1608  usbehci - ok
13:26:32.0532 0x1608  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
13:26:32.0555 0x1608  usbhub - ok
13:26:32.0589 0x1608  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
13:26:32.0608 0x1608  USBHUB3 - ok
13:26:32.0617 0x1608  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
13:26:32.0618 0x1608  usbohci - ok
13:26:32.0635 0x1608  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
13:26:32.0636 0x1608  usbprint - ok
13:26:32.0677 0x1608  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
13:26:32.0689 0x1608  USBSTOR - ok
13:26:32.0702 0x1608  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
13:26:32.0705 0x1608  usbuhci - ok
13:26:32.0737 0x1608  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:26:32.0752 0x1608  usbvideo - ok
13:26:32.0795 0x1608  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
13:26:32.0810 0x1608  USBXHCI - ok
13:26:32.0830 0x1608  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:26:32.0833 0x1608  VaultSvc - ok
13:26:32.0850 0x1608  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:26:32.0852 0x1608  vdrvroot - ok
13:26:32.0934 0x1608  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\Windows\System32\vds.exe
13:26:32.0987 0x1608  vds - ok
13:26:33.0051 0x1608  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
13:26:33.0061 0x1608  VerifierExt - ok
13:26:33.0132 0x1608  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
13:26:33.0172 0x1608  vhdmp - ok
13:26:33.0182 0x1608  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:26:33.0184 0x1608  viaide - ok
13:26:33.0207 0x1608  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\Windows\System32\drivers\Vid.sys
13:26:33.0215 0x1608  Vid - ok
13:26:33.0231 0x1608  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:26:33.0237 0x1608  vmbus - ok
13:26:33.0252 0x1608  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
13:26:33.0255 0x1608  VMBusHID - ok
13:26:33.0280 0x1608  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
13:26:33.0286 0x1608  vmbusr - ok
13:26:33.0326 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
13:26:33.0345 0x1608  vmicguestinterface - ok
13:26:33.0376 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
13:26:33.0392 0x1608  vmicheartbeat - ok
13:26:33.0414 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
13:26:33.0431 0x1608  vmickvpexchange - ok
13:26:33.0453 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
13:26:33.0471 0x1608  vmicrdv - ok
13:26:33.0486 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
13:26:33.0494 0x1608  vmicshutdown - ok
13:26:33.0507 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
13:26:33.0515 0x1608  vmictimesync - ok
13:26:33.0552 0x1608  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
13:26:33.0560 0x1608  vmicvss - ok
13:26:33.0577 0x1608  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:26:33.0580 0x1608  volmgr - ok
13:26:33.0615 0x1608  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:26:33.0623 0x1608  volmgrx - ok
13:26:33.0673 0x1608  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:26:33.0685 0x1608  volsnap - ok
13:26:33.0704 0x1608  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
13:26:33.0707 0x1608  vpci - ok
13:26:33.0719 0x1608  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
13:26:33.0722 0x1608  vpcivsp - ok
13:26:33.0750 0x1608  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:26:33.0755 0x1608  vsmraid - ok
13:26:33.0815 0x1608  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\Windows\system32\vssvc.exe
13:26:33.0838 0x1608  VSS - ok
13:26:33.0875 0x1608  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
13:26:33.0882 0x1608  VSTXRAID - ok
13:26:33.0896 0x1608  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:26:33.0897 0x1608  vwifibus - ok
13:26:33.0926 0x1608  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:26:33.0928 0x1608  vwififlt - ok
13:26:33.0936 0x1608  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:26:33.0938 0x1608  vwifimp - ok
13:26:33.0969 0x1608  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
13:26:33.0976 0x1608  W32Time - ok
13:26:33.0996 0x1608  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
13:26:33.0996 0x1608  WacomPen - ok
13:26:34.0075 0x1608  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\Windows\system32\wbengine.exe
13:26:34.0122 0x1608  wbengine - ok
13:26:34.0163 0x1608  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:26:34.0171 0x1608  WbioSrvc - ok
13:26:34.0181 0x1608  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
13:26:34.0188 0x1608  Wcmsvc - ok
13:26:34.0221 0x1608  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:26:34.0229 0x1608  wcncsvc - ok
13:26:34.0252 0x1608  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:26:34.0255 0x1608  WcsPlugInService - ok
13:26:34.0287 0x1608  [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
13:26:34.0290 0x1608  WdBoot - ok
13:26:34.0360 0x1608  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:26:34.0391 0x1608  Wdf01000 - ok
13:26:34.0416 0x1608  [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
13:26:34.0425 0x1608  WdFilter - ok
13:26:34.0446 0x1608  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:26:34.0450 0x1608  WdiServiceHost - ok
13:26:34.0459 0x1608  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:26:34.0463 0x1608  WdiSystemHost - ok
13:26:34.0483 0x1608  [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
13:26:34.0488 0x1608  WdNisDrv - ok
13:26:34.0504 0x1608  WdNisSvc - ok
13:26:34.0536 0x1608  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\Windows\System32\webclnt.dll
13:26:34.0552 0x1608  WebClient - ok
13:26:34.0577 0x1608  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:26:34.0591 0x1608  Wecsvc - ok
13:26:34.0608 0x1608  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
13:26:34.0613 0x1608  WEPHOSTSVC - ok
13:26:34.0633 0x1608  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:26:34.0641 0x1608  wercplsupport - ok
13:26:34.0664 0x1608  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\Windows\System32\WerSvc.dll
13:26:34.0673 0x1608  WerSvc - ok
13:26:34.0730 0x1608  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
13:26:34.0739 0x1608  WFPLWFS - ok
13:26:34.0774 0x1608  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
13:26:34.0783 0x1608  WiaRpc - ok
13:26:34.0806 0x1608  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:26:34.0809 0x1608  WIMMount - ok
13:26:34.0815 0x1608  WinDefend - ok
13:26:34.0887 0x1608  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
13:26:34.0913 0x1608  WinHttpAutoProxySvc - ok
13:26:34.0978 0x1608  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:26:34.0990 0x1608  Winmgmt - ok
13:26:35.0127 0x1608  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\Windows\system32\WsmSvc.dll
13:26:35.0209 0x1608  WinRM - ok
13:26:35.0245 0x1608  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:26:35.0250 0x1608  WinUsb - ok
13:26:35.0343 0x1608  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\Windows\System32\wlansvc.dll
13:26:35.0367 0x1608  WlanSvc - ok
13:26:35.0438 0x1608  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
13:26:35.0463 0x1608  wlidsvc - ok
13:26:35.0474 0x1608  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
13:26:35.0475 0x1608  WmiAcpi - ok
13:26:35.0505 0x1608  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:26:35.0510 0x1608  wmiApSrv - ok
13:26:35.0526 0x1608  WMPNetworkSvc - ok
13:26:35.0624 0x1608  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
13:26:35.0696 0x1608  workfolderssvc - ok
13:26:35.0717 0x1608  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
13:26:35.0719 0x1608  wpcfltr - ok
13:26:35.0741 0x1608  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:26:35.0745 0x1608  WPCSvc - ok
13:26:35.0763 0x1608  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:26:35.0771 0x1608  WPDBusEnum - ok
13:26:35.0794 0x1608  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
13:26:35.0798 0x1608  WpdUpFltr - ok
13:26:35.0812 0x1608  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:26:35.0814 0x1608  ws2ifsl - ok
13:26:35.0842 0x1608  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:26:35.0853 0x1608  wscsvc - ok
13:26:35.0894 0x1608  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
13:26:35.0896 0x1608  WSDPrintDevice - ok
13:26:35.0934 0x1608  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
13:26:35.0937 0x1608  WSDScan - ok
13:26:35.0945 0x1608  WSearch - ok
13:26:36.0107 0x1608  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\Windows\System32\WSService.dll
13:26:36.0160 0x1608  WSService - ok
13:26:36.0320 0x1608  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:26:36.0407 0x1608  wuauserv - ok
13:26:36.0446 0x1608  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:26:36.0453 0x1608  WudfPf - ok
13:26:36.0490 0x1608  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
13:26:36.0504 0x1608  WUDFRd - ok
13:26:36.0518 0x1608  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
13:26:36.0525 0x1608  WUDFSensorLP - ok
13:26:36.0558 0x1608  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:26:36.0563 0x1608  wudfsvc - ok
13:26:36.0575 0x1608  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdComp     C:\Windows\system32\DRIVERS\WUDFRd.sys
13:26:36.0583 0x1608  WUDFWpdComp - ok
13:26:36.0595 0x1608  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
13:26:36.0602 0x1608  WUDFWpdFs - ok
13:26:36.0614 0x1608  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
13:26:36.0622 0x1608  WUDFWpdMtp - ok
13:26:36.0654 0x1608  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:26:36.0674 0x1608  WwanSvc - ok
13:26:36.0708 0x1608  [ 18D476A18E4DCC9B5823EBF6DAD96C58, 536DCA54E36BFA6916C550A747FD297BBB1DC0D31206536A386B1C8E024FFBCC ] xusb22          C:\Windows\System32\drivers\xusb22.sys
13:26:36.0712 0x1608  xusb22 - ok
13:26:36.0728 0x1608  ================ Scan global ===============================
13:26:36.0769 0x1608  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
13:26:36.0789 0x1608  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\Windows\system32\winsrv.dll
13:26:36.0821 0x1608  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
13:26:36.0863 0x1608  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\system32\services.exe
13:26:36.0877 0x1608  [ Global ] - ok
13:26:36.0878 0x1608  ================ Scan MBR ==================================
13:26:36.0894 0x1608  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:26:37.0169 0x1608  \Device\Harddisk0\DR0 - ok
13:26:37.0170 0x1608  ================ Scan VBR ==================================
13:26:37.0175 0x1608  [ B0C511C802EA32D1484742746F9DAC77 ] \Device\Harddisk0\DR0\Partition1
13:26:37.0188 0x1608  \Device\Harddisk0\DR0\Partition1 - ok
13:26:37.0194 0x1608  [ 7DA5C33DD5EA5A818000114612A1752D ] \Device\Harddisk0\DR0\Partition2
13:26:37.0203 0x1608  \Device\Harddisk0\DR0\Partition2 - ok
13:26:37.0205 0x1608  Waiting for KSN requests completion. In queue: 132
13:26:38.0205 0x1608  Waiting for KSN requests completion. In queue: 132
13:26:39.0317 0x1608  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x61100 ( enabled : updated )
13:26:39.0325 0x1608  Win FW state via NFP2: enabled
13:26:40.0308 0x1608  ============================================================
13:26:40.0308 0x1608  Scan finished
13:26:40.0308 0x1608  ============================================================
13:26:40.0327 0x1724  Detected object count: 0
13:26:40.0327 0x1724  Actual detected object count: 0

Edited by Natfrangou, 03 April 2014 - 06:30 AM.


#6 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 04 April 2014 - 04:32 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 

#7 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 04 April 2014 - 08:21 AM

This is the FRST log;

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Nathaniel at 2014-04-04 14:58:02 Run:1
Running from C:\Users\Nathaniel\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Search Protection
 
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\...\Run: [SearchProtection] - "C:\Users\Nathaniel\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\...\Run: [OutfoxTV] - C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
FF Homepage: hxxp://www.outfox.tv/?referid=|
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
 
R2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [610192 2014-03-25] (Outfox Tv Productions Pty Ltd)
S2 OutfoxTvUpdater; C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe [X]
 
C:\Users\Nathaniel\AppData\Roaming\Search Protection
C:\Program Files\OutfoxTV
*****************
 
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection => Value deleted successfully.
HKU\S-1-5-21-4197190699-2502681883-4131900191-1003\Software\Microsoft\Windows\CurrentVersion\Run\\OutfoxTV => Value deleted successfully.
Firefox homepage deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
OutfoxTvService => Unable to stop service
OutfoxTvService => Service deleted successfully.
OutfoxTvUpdater => Service deleted successfully.
"C:\Users\Nathaniel\AppData\Roaming\Search Protection" => File/Directory not found.
C:\Program Files\OutfoxTV => Moved successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
 
 
 
Malwares found nothing.


#8 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 07 April 2014 - 04:09 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 

#9 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 08 April 2014 - 08:58 AM

These are the threats it found;

 

 

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight\FindRight.FirstRun.exe.vir    a variant of MSIL/BrowseFox.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight\FindRightBHO.dll.vir    Win32/BrowseFox.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight\FindRightUninstall.exe.vir    Win32/BrowseFox.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight\updateFindRight.exe.vir    a variant of Win32/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll.vir    a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll.vir    probably a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe.vir    a variant of Win32/Toolbar.Montiera.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll.vir    a variant of Win32/Toolbar.Montiera.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll.vir    a variant of Win32/Toolbar.Escort.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Nathaniel\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe.vir    a variant of Win32/DealPly.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Nathaniel\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe.vir    a variant of Win32/DealPly.O potentially unwanted application
C:\Users\Nathaniel\AppData\Local\Microsoft\Windows\INetCache\IE\L9TZ45J9\SPSetup[1].exe    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\Users\Nathaniel\Downloads\cbsidlm-cbsi183-Kindle_for_PC-ORG-75185974.exe    a variant of Win32/CNETInstaller.B potentially unwanted application
 



#10 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 08 April 2014 - 09:02 AM

 

C:\Users\Nathaniel\AppData\Local\Microsoft\Windows\INetCache\IE\L9TZ45J9\SPSetup[1].exe    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\Users\Nathaniel\Downloads\cbsidlm-cbsi183-Kindle_for_PC-ORG-75185974.exe    a variant of Win32/CNETInstaller.B potentially unwanted application

Delete these files.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 

#11 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 08 April 2014 - 09:27 AM

 

 

C:\Users\Nathaniel\AppData\Local\Microsoft\Windows\INetCache\IE\L9TZ45J9\SPSetup[1].exe    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\Users\Nathaniel\Downloads\cbsidlm-cbsi183-Kindle_for_PC-ORG-75185974.exe    a variant of Win32/CNETInstaller.B potentially unwanted application

Delete these files.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

 

  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

 

 

 

I haven't been able to delete those files. Both JRT and Adwcleaner have only cleared roaming data from my browsers.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by Nathaniel on 08/04/2014 at 16:21:14.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Nathaniel\AppData\Roaming\mozilla\firefox\profiles\it1tgkz2.default-1396376725351\minidumps [2 files]
 
 
 
 
 
# AdwCleaner v3.023 - Report created 08/04/2014 at 16:13:25
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Nathaniel - MA-LAPTOP
# Running from : C:\Users\Nathaniel\Downloads\adwcleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\Nathaniel\AppData\Roaming\Mozilla\Firefox\Profiles\it1tgkz2.default-1396376725351\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Nathaniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
 
 
 
Should I still run the security check?


#12 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 09 April 2014 - 02:49 AM

yes


Proud Member of UNITE & TB
 

#13 Natfrangou

Natfrangou

    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 09 April 2014 - 05:40 AM

 Results of screen317's Security Check version 0.99.81  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 51  
 Adobe Flash Player     12.0.0.77  
 Adobe Reader XI  
 Mozilla Firefox (28.0)
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#14 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 09 April 2014 - 07:32 AM

Your system is clean now! :)

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 

#15 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 22 April 2014 - 06:40 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.
Proud Member of UNITE & TB
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users