WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Unknown Threat on Computer [Solved]

Started by obrienmr , Apr 08 2014 02:12 PM

This topic is locked

14 replies to this topic

#1 obrienmr

New Member

Authentic Member
10 posts

Posted 08 April 2014 - 02:12 PM

Hello!

Last ngiht when I was using my laptop it all of a sudden crashed, flashed the blue screen of death or a minute, said something about dumping physical memory and then rebooted like nothing happened. I am assuming something is on here, but am really uncertain. Any help would be greatly appreciated!

Megan

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:10:59 PM, on 4/8/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Megan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Megan\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\coIEPlg.dll (file missing)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\IPS\IPSBHO.DLL (file missing)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\coIEPlg.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [F.lux] "C:\Users\Megan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - Startup: Dropbox.lnk = Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hitachi Backup Service (HitachiBackupService) - Hitachi GST - C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Unknown owner - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16105 bytes

Advertisements

Register to Remove

#2 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 09 April 2014 - 03:10 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

Run FRST.
Don´t change one of the checkboxes and hit Scan.
Logfiles are created on your desktop.
Poste the FRST.txt and (after the first scan only!) the Addition.txt.

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please attach this file to your next reply.

Proud Member of UNITE & TB

#3 obrienmr

New Member

Authentic Member
10 posts

Posted 09 April 2014 - 12:07 PM

Thank you so much for your reply! I've attached the FRST.txt to this reply and the next one will be the Addition.txt.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by Megan (administrator) on MEGAN-PC on 09-04-2014 13:51:51
Running from C:\Users\Megan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(Hitachi GST) C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Flux Software LLC) C:\Users\Megan\AppData\Local\FluxSoftware\Flux\flux.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
(Hewlett-Packard Company) C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-01-16] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2011-01-23] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] - C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-02-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2327952 2010-07-21] (Microsoft Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2544664 2014-03-20] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
HKU\S-1-5-21-1298319460-3845229747-3764270996-1000\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-1298319460-3845229747-3764270996-1000\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company)
HKU\S-1-5-21-1298319460-3845229747-3764270996-1000\...\Run: [F.lux] - C:\Users\Megan\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
HKU\S-1-5-21-1298319460-3845229747-3764270996-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1298319460-3845229747-3764270996-1000\...\Policies\Explorer: [NoLogOff] 0
Startup: C:\Users\Megan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Megan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D6D451B8-D111-46D9-BD64-41C8137DB887} URL = http://www.ask.com/w...}&l=dis&o=uscql
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {D6D451B8-D111-46D9-BD64-41C8137DB887} URL = http://www.ask.com/w...}&l=dis&o=uscql
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={25223353-152F-42AE-B1BC-C8A576A914A0}&mid=c4a0e6fd692747d1985e1943ef32ce6c-b3835073f313668cac80cad4f10baeaa7be21479&lang=en&ds=AVG&pr=fr&d=2012-10-17 18:28:47&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={25223353-152F-42AE-B1BC-C8A576A914A0}&mid=c4a0e6fd692747d1985e1943ef32ce6c-b3835073f313668cac80cad4f10baeaa7be21479&lang=en&ds=AVG&pr=fr&d=2012-10-17 18:28:47&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D6D451B8-D111-46D9-BD64-41C8137DB887} URL = http://www.ask.com/w...}&l=dis&o=uscql
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\coIEPlg.dll No File
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\coIEPlg.dll No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.169.1

FireFox:
========
FF ProfilePath: C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\dswvk01m.default-1346455382372
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Megan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-28]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-28]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.0.5.292
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.0.5.292 [2014-03-20]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "spdy":{"servers":["googleads.g.doubleclick.net:443"
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Extension: (AVG Safe Search) - C:\Users\Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-01-26]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.0.5.292\avg.crx [2014-03-20]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.)
R2 HitachiBackupService; C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe [56832 2011-05-18] (Hitachi GST)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-20] (AVG Secure Search)
S2 N360; "C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\diMaster.dll" /prefetch:1

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-09-30] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-12-01] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Megan\AppData\Local\Temp\ALSysIO64.sys [X]
S1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [X]
S3 EraserUtilDrvI10; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI10.sys [X]
S1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20101201.001\IDSVia64.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20101201.025\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20101201.025\EX64.SYS [X]
S3 SRTSP; \SystemRoot\system32\drivers\N360x64\0500000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \SystemRoot\system32\drivers\N360x64\0500000.07D\SRTSPX64.SYS [X]
S0 SymDS; system32\drivers\N360x64\0500000.07D\SYMDS64.SYS [X]
S0 SymEFA; system32\drivers\N360x64\0500000.07D\SYMEFA64.SYS [X]
S1 SymIRON; \SystemRoot\system32\drivers\N360x64\0500000.07D\Ironx64.SYS [X]
S1 SymNetS; \SystemRoot\system32\drivers\N360x64\0500000.07D\SYMNETS.SYS [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-09 13:51 - 2014-04-09 13:56 - 00024004 _____ () C:\Users\Megan\Downloads\FRST.txt
2014-04-09 13:49 - 2014-04-09 13:51 - 00000000 ____D () C:\FRST
2014-04-09 13:48 - 2014-04-09 13:48 - 02157056 _____ (Farbar) C:\Users\Megan\Downloads\FRST64.exe
2014-04-08 16:55 - 2014-04-08 16:55 - 01129160 _____ () C:\Windows\Minidump\040814-58718-01.dmp
2014-04-08 16:10 - 2014-04-08 16:10 - 00016107 _____ () C:\Users\Megan\Downloads\hijackthis.log
2014-04-08 16:09 - 2014-04-08 16:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Megan\Downloads\HiJackThis.exe
2014-04-07 23:46 - 2014-04-08 16:54 - 370920135 _____ () C:\Windows\MEMORY.DMP
2014-04-07 23:46 - 2014-04-07 23:46 - 01191624 _____ () C:\Windows\Minidump\040714-62369-01.dmp
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\Users\Megan\AppData\Local\Skype
2014-04-03 14:48 - 2014-04-03 14:48 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-02 22:45 - 2014-04-02 22:45 - 00000000 ____D () C:\Users\Megan\AppData\Local\{E315DE74-754F-45FC-A789-350EAAA35730}
2014-03-29 02:14 - 2014-03-29 02:14 - 00000000 ____D () C:\Users\Megan\AppData\Local\{6880606E-1038-4F0F-B266-C1F51457F231}
2014-03-28 21:59 - 2014-03-28 22:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-17 01:59 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 01:59 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-17 01:59 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 01:59 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-17 01:59 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-17 01:59 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 01:59 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-17 01:59 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-17 01:59 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 01:59 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-17 01:59 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 01:59 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-17 01:59 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-17 01:59 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 01:59 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 01:59 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-17 01:59 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 01:59 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-17 01:59 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-17 01:59 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-17 01:59 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-17 01:59 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-17 01:59 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 01:59 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 01:59 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-17 01:59 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 01:59 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 01:59 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 01:59 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 01:59 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-17 01:58 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 01:58 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 01:58 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-17 01:58 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-17 01:58 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-17 01:58 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-17 01:58 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 01:58 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 01:58 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 01:58 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-17 01:54 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-17 01:54 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-17 01:54 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-17 01:54 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-17 01:54 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-17 01:54 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-17 01:51 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-17 01:51 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 01:50 - 2014-03-15 01:50 - 00000000 ____D () C:\Users\Megan\AppData\Roaming\PC-FAX TX

==================== One Month Modified Files and Folders =======

2014-04-09 13:56 - 2014-04-09 13:51 - 00024004 _____ () C:\Users\Megan\Downloads\FRST.txt
2014-04-09 13:56 - 2010-08-24 04:34 - 01286444 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 13:53 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 13:53 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 13:51 - 2014-04-09 13:49 - 00000000 ____D () C:\FRST
2014-04-09 13:51 - 2012-01-04 17:39 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-09 13:48 - 2014-04-09 13:48 - 02157056 _____ (Farbar) C:\Users\Megan\Downloads\FRST64.exe
2014-04-09 13:44 - 2014-02-07 00:46 - 00000000 ____D () C:\Users\Megan\AppData\Roaming\Dropbox
2014-04-09 13:43 - 2014-02-07 00:53 - 00000000 ___RD () C:\Users\Megan\Dropbox
2014-04-09 13:42 - 2012-05-27 23:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 13:39 - 2013-09-29 04:39 - 00012488 _____ () C:\Windows\setupact.log
2014-04-09 13:39 - 2013-06-02 19:39 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-04-09 13:39 - 2010-09-29 04:51 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-04-09 13:39 - 2010-09-01 20:15 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 13:39 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-08 23:16 - 2010-09-01 20:15 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 22:54 - 2014-01-13 00:10 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMegan
2014-04-08 22:54 - 2014-01-13 00:10 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForMegan.job
2014-04-08 22:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-04-08 18:29 - 2010-09-01 20:15 - 00000000 ____D () C:\Users\Megan\AppData\Roaming\Skype
2014-04-08 16:55 - 2014-04-08 16:55 - 01129160 _____ () C:\Windows\Minidump\040814-58718-01.dmp
2014-04-08 16:55 - 2010-10-23 23:29 - 00000000 ____D () C:\Windows\Minidump
2014-04-08 16:54 - 2014-04-07 23:46 - 370920135 _____ () C:\Windows\MEMORY.DMP
2014-04-08 16:10 - 2014-04-08 16:10 - 00016107 _____ () C:\Users\Megan\Downloads\hijackthis.log
2014-04-08 16:10 - 2014-04-08 16:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Megan\Downloads\HiJackThis.exe
2014-04-07 23:46 - 2014-04-07 23:46 - 01191624 _____ () C:\Windows\Minidump\040714-62369-01.dmp
2014-04-06 23:29 - 2010-09-01 14:56 - 00000000 ____D () C:\Users\Megan\AppData\Roaming\HpUpdate
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\Users\Megan\AppData\Local\Skype
2014-04-03 14:48 - 2014-04-03 14:48 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-03 14:48 - 2010-09-01 20:14 - 00000000 ____D () C:\ProgramData\Skype
2014-04-02 22:45 - 2014-04-02 22:45 - 00000000 ____D () C:\Users\Megan\AppData\Local\{E315DE74-754F-45FC-A789-350EAAA35730}
2014-04-01 21:52 - 2011-10-30 19:52 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-01 21:52 - 2010-09-05 12:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-31 13:56 - 2013-10-28 07:21 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-29 11:44 - 2012-04-26 14:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 02:14 - 2014-03-29 02:14 - 00000000 ____D () C:\Users\Megan\AppData\Local\{6880606E-1038-4F0F-B266-C1F51457F231}
2014-03-29 02:14 - 2010-10-23 23:34 - 00000000 ____D () C:\Users\Megan\AppData\Local\Windows Live
2014-03-28 22:00 - 2014-03-28 21:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 01:19 - 2012-12-09 19:54 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-28 01:18 - 2012-12-09 19:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-28 01:18 - 2012-12-09 19:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-27 21:11 - 2010-09-01 20:15 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 21:11 - 2010-09-01 20:15 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 14:10 - 2012-05-27 23:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-27 14:10 - 2012-05-27 23:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-27 14:10 - 2011-06-11 11:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-27 14:10 - 2010-09-19 20:28 - 00000000 ____D () C:\Users\Megan\AppData\Local\Adobe
2014-03-27 02:23 - 2013-10-01 11:59 - 00133568 _____ () C:\Windows\PFRO.log
2014-03-21 00:34 - 2012-07-03 21:17 - 00000000 ____D () C:\Users\Megan\AppData\Local\AVG Secure Search
2014-03-20 22:23 - 2010-09-08 20:09 - 00000000 ____D () C:\Users\Megan\Documents\Megan
2014-03-20 20:33 - 2014-03-02 22:08 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-20 20:32 - 2013-07-05 01:23 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-03-20 20:31 - 2012-10-17 18:28 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-03-20 20:30 - 2012-09-04 21:48 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-03-18 03:10 - 2013-08-24 21:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 03:01 - 2010-09-06 12:43 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 13:33 - 2009-07-14 00:45 - 00429712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 13:30 - 2013-03-13 00:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 13:30 - 2013-03-13 00:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 03:03 - 2010-09-01 14:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-15 01:50 - 2014-03-15 01:50 - 00000000 ____D () C:\Users\Megan\AppData\Roaming\PC-FAX TX
2014-03-15 01:50 - 2014-03-09 20:35 - 00000334 _____ () C:\Windows\Brpfx04a.ini
2014-03-11 09:52 - 2012-08-30 23:03 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

Files to move or delete:
====================
C:\ProgramData\hash.dat

Some content of TEMP:
====================
C:\Users\Megan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpechrh4.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-03 03:54

==================== End Of Log ============================

#4 obrienmr

New Member

Authentic Member
10 posts

Posted 09 April 2014 - 12:08 PM

Here's the addition.txt!

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Megan at 2014-04-09 13:58:22
Running from C:\Users\Megan\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{28FA742C-DC52-9804-7116-E198E0AEFAE4}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.0.5.292 - AVG Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J615W (HKLM-x32\...\{7FB6B1B7-075B-4B7F-BEB6-97584F73C7B5}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0310.1824.32984 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0929.2212.37971 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help English (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help French (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help German (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
ccc-utility64 (Version: 2010.0929.2212.37971 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Celtx (2.9.7) (HKLM-x32\...\Celtx (2.9.7)) (Version: 2.9.7 (en-US) - Greyfirst)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2527 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1307 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1307 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.3810 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.3810 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
f.lux (HKCU\...\Flux) (Version: - )
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hitachi Backup 1.0.5.57 (HKLM-x32\...\{67BF56F7-CA07-4FE5-94AD-E37A6FB7CD8A}) (Version: 1.0.5.57 - Hitachi Global Storage Technologies)
Hitachi Backup 1.0.5.59 (HKLM-x32\...\{4A475538-D426-4EB0-8F10-E95F3DB875D1}) (Version: 1.0.5.59 - Hitachi Global Storage Technologies)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2261 - HP Photo Creations Powered by RocketLife)
HP Power Plan Utility (HKLM-x32\...\{F6B6A150-08FA-46D5-808A-EB638269551D}) (Version: 1.0.6 - Hewlett-Packard)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0178 (HKLM-x32\...\{9A4317FB-5775-4FB3-BDC9-995595106F1F}) (Version: 1.02.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.0 (HKLM\...\{563F041C-DFDB-437B-A1E8-E141E0906076}) (Version: 8.0.225.0 - Microsoft)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 5.0.0.125 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.34 - Symantec)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3715 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Revo Uninstaller 1.92 (HKLM-x32\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Roxio CinemaNow 2.0 (x32 Version: 1.0.262 - Hewlett-Packard) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points =========================

09-03-2014 02:37:20 Installed Java 7 Update 51
10-03-2014 00:26:44 Installed Brother Software Suite
10-03-2014 00:31:00 Device Driver Package Install: Brother Imaging devices
10-03-2014 00:34:45 Device Driver Package Install: Brother Printers
17-03-2014 05:39:30 Windows Update
17-03-2014 06:52:44 Windows Update
18-03-2014 07:00:19 Windows Update
22-03-2014 21:35:04 Windows Update
26-03-2014 22:17:57 Windows Update
28-03-2014 05:16:59 Windows Update
31-03-2014 18:00:36 Windows Update
07-04-2014 03:43:50 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1F958CD8-6F39-4408-8B0F-3537240061EE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{38695877-B087-41DF-A196-52693388AFCD}.exe
Task: {221035AF-CAD1-486D-8B02-B5F007739A7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: {5BB6F3FC-2003-4EB4-9FDD-09A7C6944670} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2010-07-21] (Microsoft Corporation)
Task: {70F527D4-C9FF-4875-8567-6F5591CA3D69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-27] (Adobe Systems Incorporated)
Task: {725F1712-4C09-49B3-806C-34C56A0DFF52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7642CE06-E1FC-43D6-8801-918FF5611EF9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {7AB06D2B-BCFA-40BD-BAF4-93700FA6F556} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {7C4918AC-EE24-46B8-ADDA-F59876E6AE74} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {853D45CC-FC29-4D66-AF1C-32F33DF22C03} - System32\Tasks\Symantec\Norton Error Processor 5.0.0.125 => C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\SymErr.exe
Task: {87857756-48F6-4134-BDEF-85DDDD064D13} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {8FB2A95E-A3CF-4D9E-AA8B-6899D7A93D04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {907BA8CF-D4D2-49F7-9300-833B7A6410DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {C154C5BE-1332-4B83-9AEB-5935F5B3E8CE} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()
Task: {C1D9CB96-690B-482A-8EA8-24D79C0D8474} - System32\Tasks\Symantec\Norton Error Analyzer 5.0.0.125 => C:\Program Files (x86)\Norton 360\Engine\5.0.0.125\SymErr.exe
Task: {DB164A9C-8E29-4CEA-8DE9-FAEE3CF6A1E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E242A851-C195-44F1-818F-3B9EDF0A7809} - System32\Tasks\HPCeeScheduleForMegan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {E78FB6A2-A872-4567-A062-1FB73BAE6451} - System32\Tasks\{C098AD31-641C-4CC1-BDEF-5B8FACAE8F41} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {F5C628B9-8157-43E7-82E6-F66F5CE4629E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{38695877-B087-41DF-A196-52693388AFCD}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMegan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-03-09 20:28 - 2005-04-22 00:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-03-20 20:32 - 2014-03-20 20:30 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
2012-10-17 18:28 - 2014-03-20 20:30 - 02544664 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2010-04-05 14:11 - 2010-04-05 14:11 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-04-05 14:12 - 2010-04-05 14:12 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-04-05 14:12 - 2010-04-05 14:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-08-26 17:51 - 2010-08-26 17:51 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-29 23:11 - 2010-09-29 23:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-04-22 12:19 - 2010-04-22 12:19 - 01954816 _____ () C:\Program Files (x86)\Hitachi\Hitachi Backup\OnlineBackupFacade.dll
2014-03-20 20:32 - 2014-03-20 20:30 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\log4cplusU.dll
2010-06-16 12:48 - 2010-06-16 12:48 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-06-16 12:48 - 2010-06-16 12:48 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-06-16 12:48 - 2010-06-16 12:48 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-04-09 13:42 - 2014-04-09 13:42 - 00041984 _____ () c:\users\megan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpechrh4.dll
2013-10-18 19:55 - 2013-10-18 19:55 - 25100288 _____ () C:\Users\Megan\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-08 22:30 - 2014-03-20 20:30 - 01603608 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
2014-03-09 20:28 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-03-28 21:59 - 2014-03-28 21:59 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-20 20:32 - 2014-03-20 20:30 - 00688664 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.0.5\NativeBrowserApi.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: F.lux => "C:\Users\Megan\Local Settings\Apps\F.lux\flux.exe" /noshow
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

==================== Faulty Device Manager Devices =============

Name: IDSVia64
Description: IDSVia64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDSVia64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Real Time Storage Protection (PEL) x64
Description: Symantec Real Time Storage Protection (PEL) x64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SRTSPX
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Network Security WFP Driver
Description: Symantec Network Security WFP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymNetS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2014 10:07:54 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Megan-PC.local already in use; will try Megan-PC-2.local instead

Error: (04/08/2014 10:07:54 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Megan-PC.local. Addr 162.249.113.191

Error: (04/08/2014 10:07:53 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 162.249.112.183:5353    4 Megan-PC.local. Addr 162.249.112.183

Error: (04/08/2014 04:55:32 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Megan-PC.local already in use; will try Megan-PC-2.local instead

Error: (04/08/2014 04:55:32 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Megan-PC.local. Addr 162.249.113.191

Error: (04/08/2014 04:55:32 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 162.249.112.183:5353    4 Megan-PC.local. Addr 162.249.112.183

Error: (04/08/2014 04:09:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: hpasset.exe, version: 3.0.3.1, time stamp: 0x5202c98c
Faulting module name: hpasset.exe, version: 3.0.3.1, time stamp: 0x5202c98c
Exception code: 0xc0000005
Fault offset: 0x0002b78a
Faulting process id: 0x113c
Faulting application start time: 0xhpasset.exe0
Faulting application path: hpasset.exe1
Faulting module path: hpasset.exe2
Report Id: hpasset.exe3

Error: (04/08/2014 03:58:14 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname Megan-PC.local already in use; will try Megan-PC-2.local instead

Error: (04/08/2014 03:58:14 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Megan-PC.local. Addr 162.249.113.191

Error: (04/08/2014 03:58:14 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 162.249.112.183:5353    4 Megan-PC.local. Addr 162.249.112.183

System errors:
=============
Error: (04/09/2014 01:40:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
IDSVia64
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS

Error: (04/09/2014 01:39:56 PM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service failed to start due to the following error:
%%2

Error: (04/08/2014 04:56:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
IDSVia64
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS

Error: (04/08/2014 04:56:32 PM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error:
%%1053

Error: (04/08/2014 04:56:32 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.

Error: (04/08/2014 04:55:45 PM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service failed to start due to the following error:
%%2

Error: (04/08/2014 04:55:13 PM) (Source: BugCheck) (User: )
Description: 0x00000116 (0xfffffa80059464e0, 0xfffff88003e41f5c, 0x0000000000000000, 0x0000000000000002)C:\Windows\MEMORY.DMP040814-58718-01

Error: (04/08/2014 04:55:06 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:52:46 PM on ‎4/‎8/‎2014 was unexpected.

Error: (04/08/2014 03:44:08 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
IDSVia64
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS

Error: (04/08/2014 03:43:33 PM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (04/08/2014 10:07:54 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname Megan-PC.local already in use; will try Megan-PC-2.local instead

Error: (04/08/2014 10:07:54 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Megan-PC.local. Addr 162.249.113.191

Error: (04/08/2014 10:07:53 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 162.249.112.183:5353    4 Megan-PC.local. Addr 162.249.112.183

Error: (04/08/2014 04:55:32 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname Megan-PC.local already in use; will try Megan-PC-2.local instead

Error: (04/08/2014 04:55:32 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Megan-PC.local. Addr 162.249.113.191

Error: (04/08/2014 04:55:32 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 162.249.112.183:5353    4 Megan-PC.local. Addr 162.249.112.183

Error: (04/08/2014 04:09:41 PM) (Source: Application Error)(User: )
Description: hpasset.exe3.0.3.15202c98chpasset.exe3.0.3.15202c98cc00000050002b78a113c01cf536673fceae4C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPAsset\hpasset.exeC:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPAsset\hpasset.exeb7e64ace-bf59-11e3-830f-c80aa9d6279f

Error: (04/08/2014 03:58:14 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname Megan-PC.local already in use; will try Megan-PC-2.local instead

Error: (04/08/2014 03:58:14 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Megan-PC.local. Addr 162.249.113.191

Error: (04/08/2014 03:58:14 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 162.249.112.183:5353    4 Megan-PC.local. Addr 162.249.112.183

==================== Memory info ===========================

Percentage of memory in use: 75%
Total physical RAM: 2810.9 MB
Available physical RAM: 697.17 MB
Total Pagefile: 5619.98 MB
Available Pagefile: 3067.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.09 GB) (Free:210.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.7 GB) (Free:1.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: FD8DFEE3)

Partition: GPT Partition Type.

==================== End Of Log ============================

#5 obrienmr

New Member

Authentic Member
10 posts

Posted 09 April 2014 - 12:09 PM

And finally the last scan you requested. This one didn't bring up anything and I'm pretty sure this is the right logfile you need. Thanks again for your assitance!

14:05:34.0658 0x1410 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12
14:05:43.0301 0x1410 ============================================================
14:05:43.0301 0x1410 Current date / time: 2014/04/09 14:05:43.0301
14:05:43.0301 0x1410 SystemInfo:
14:05:43.0301 0x1410
14:05:43.0301 0x1410 OS Version: 6.1.7601 ServicePack: 1.0
14:05:43.0301 0x1410 Product type: Workstation
14:05:43.0301 0x1410 ComputerName: MEGAN-PC
14:05:43.0301 0x1410 UserName: Megan
14:05:43.0301 0x1410 Windows directory: C:\Windows
14:05:43.0301 0x1410 System windows directory: C:\Windows
14:05:43.0301 0x1410 Running under WOW64
14:05:43.0301 0x1410 Processor architecture: Intel x64
14:05:43.0301 0x1410 Number of processors: 2
14:05:43.0301 0x1410 Page size: 0x1000
14:05:43.0301 0x1410 Boot type: Normal boot
14:05:43.0301 0x1410 ============================================================
14:05:53.0410 0x1410 KLMD registered as C:\Windows\system32\drivers\22225271.sys
14:05:54.0080 0x1410 System UUID: {7679107A-CFB5-1C9C-A034-AD9332AB7E6E}
14:05:56.0155 0x1410 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:05:56.0155 0x1410 ============================================================
14:05:56.0155 0x1410 \Device\Harddisk0\DR0:
14:05:56.0155 0x1410 MBR partitions:
14:05:56.0155 0x1410 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:05:56.0155 0x1410 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2382E800
14:05:56.0155 0x1410 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23892800, BlocksNum 0x1B68000
14:05:56.0155 0x1410 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
14:05:56.0155 0x1410 ============================================================
14:05:56.0202 0x1410 C: <-> \Device\Harddisk0\DR0\Partition2
14:05:56.0311 0x1410 D: <-> \Device\Harddisk0\DR0\Partition3
14:05:56.0327 0x1410 E: <-> \Device\Harddisk0\DR0\Partition4
14:05:56.0327 0x1410 ============================================================
14:05:56.0327 0x1410 Initialize success
14:05:56.0327 0x1410 ============================================================
14:06:03.0908 0x13a4 ============================================================
14:06:03.0908 0x13a4 Scan started
14:06:03.0908 0x13a4 Mode: Manual;
14:06:03.0908 0x13a4 ============================================================
14:06:03.0908 0x13a4 KSN ping started
14:06:27.0231 0x13a4 KSN ping finished: true
14:06:30.0491 0x13a4 ================ Scan system memory ========================
14:06:30.0491 0x13a4 System memory - ok
14:06:30.0491 0x13a4 ================ Scan services =============================
14:06:30.0787 0x13a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:06:30.0819 0x13a4 1394ohci - ok
14:06:30.0912 0x13a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:06:30.0943 0x13a4 ACPI - ok
14:06:30.0990 0x13a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:06:30.0990 0x13a4 AcpiPmi - ok
14:06:31.0193 0x13a4 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:06:31.0209 0x13a4 AdobeARMservice - ok
14:06:31.0365 0x13a4 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:06:31.0380 0x13a4 AdobeFlashPlayerUpdateSvc - ok
14:06:31.0458 0x13a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:06:31.0474 0x13a4 adp94xx - ok
14:06:31.0552 0x13a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:06:31.0567 0x13a4 adpahci - ok
14:06:31.0630 0x13a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:06:31.0661 0x13a4 adpu320 - ok
14:06:31.0708 0x13a4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:06:31.0708 0x13a4 AeLookupSvc - ok
14:06:31.0817 0x13a4 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:06:31.0817 0x13a4 AERTFilters - ok
14:06:31.0895 0x13a4 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
14:06:31.0926 0x13a4 AFD - ok
14:06:31.0973 0x13a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:06:31.0973 0x13a4 agp440 - ok
14:06:32.0035 0x13a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:06:32.0035 0x13a4 ALG - ok
14:06:32.0113 0x13a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:06:32.0129 0x13a4 aliide - ok
14:06:32.0254 0x13a4 ALSysIO - ok
14:06:32.0285 0x13a4 [ 09FCD2C758F1AD3DF931AB9D944FE348, 423C0BC9D89CC9E2A02827EA15E3A4B3BC9C5DD3849F0357A30E2DA0AF3D1CC3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:06:32.0301 0x13a4 AMD External Events Utility - ok
14:06:32.0347 0x13a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:06:32.0347 0x13a4 amdide - ok
14:06:32.0394 0x13a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:06:32.0394 0x13a4 AmdK8 - ok
14:06:32.0707 0x13a4 [ 2E76D0A912AB09CA5586AB23E466A25F, F5B1C406431ED0CFDD941B9FC3C2F78E3D66874F3CF54FB6055616214CD2093B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:06:32.0988 0x13a4 amdkmdag - ok
14:06:33.0097 0x13a4 [ DD3C0C1B62DA0736482501C4BCDCD1F8, 88570E0D5EC7F308B055726C08C3D479E0160B4E0FF050558AE05058CC66EAF3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:06:33.0113 0x13a4 amdkmdap - ok
14:06:33.0144 0x13a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:06:33.0144 0x13a4 AmdPPM - ok
14:06:33.0191 0x13a4 [ 53D8D46D51D390ABDB54ECA623165CB7, D16A3604412D0DC3EA68320FB6980D146ED60D587AAB6B65810C038AFF1EC237 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
14:06:33.0191 0x13a4 amdsata - ok
14:06:33.0238 0x13a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:06:33.0284 0x13a4 amdsbs - ok
14:06:33.0300 0x13a4 [ 75C51148154E34EB3D7BB84749A758D5, 8865F223CBAE166A9BF6CBCDA66F63369F151CCB449A28E95560C36AD45D0C85 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
14:06:33.0316 0x13a4 amdxata - ok
14:06:33.0347 0x13a4 [ 08E8A4172C57ABD7693A6915CF1E7A99, C33C480A3D72D9432F40CB1B3D58DC9769F527BF616AA1A081BEB932AC6F0DBE ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
14:06:33.0347 0x13a4 amd_sata - ok
14:06:33.0394 0x13a4 [ 9866AF4E4AD7F16E810B6C0B8473F9CD, 2EC0253B286B213D44C2A042CE0EE3F10FFFBE22E3CD5F0D8D7EEB41D238FC1C ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
14:06:33.0394 0x13a4 amd_xata - ok
14:06:33.0487 0x13a4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:06:33.0487 0x13a4 AppID - ok
14:06:33.0534 0x13a4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:06:33.0534 0x13a4 AppIDSvc - ok
14:06:33.0596 0x13a4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:06:33.0596 0x13a4 Appinfo - ok
14:06:33.0784 0x13a4 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:06:33.0784 0x13a4 Apple Mobile Device - ok
14:06:33.0862 0x13a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:06:33.0862 0x13a4 arc - ok
14:06:33.0924 0x13a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:06:33.0940 0x13a4 arcsas - ok
14:06:34.0345 0x13a4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:06:34.0376 0x13a4 aspnet_state - ok
14:06:34.0423 0x13a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:06:34.0439 0x13a4 AsyncMac - ok
14:06:34.0486 0x13a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:06:34.0501 0x13a4 atapi - ok
14:06:34.0766 0x13a4 [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:06:35.0016 0x13a4 athr - ok
14:06:35.0172 0x13a4 [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:06:35.0172 0x13a4 AtiPcie - ok
14:06:35.0281 0x13a4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:06:35.0312 0x13a4 AudioEndpointBuilder - ok
14:06:35.0359 0x13a4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:06:35.0375 0x13a4 AudioSrv - ok
14:06:35.0468 0x13a4 [ BE5047191368D2C014202AB2775768B7, 5EC5B88B7FA7F9A9A6A665FD8638A3DF8030D6CD72C15C53CC3C34A88C1B9B27 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
14:06:35.0484 0x13a4 Avgdiska - ok
14:06:36.0030 0x13a4 [ 9D5EA7BD5E29F404CD158AED17B40A15, BC38F90AD8BBB51C27D9D325E400DF10B8A8BE34A497A7207F2E73E46E9AB3EE ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
14:06:36.0389 0x13a4 AVGIDSAgent - ok
14:06:36.0482 0x13a4 [ EE48CA8AB25E2B0EE3D3E5A463C5A37E, 06A0AF4CB8D3715701ABD272E42F7CCF406C61AF838F5F53A7F6630D4A600905 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:06:36.0498 0x13a4 AVGIDSDriver - ok
14:06:36.0560 0x13a4 [ 494D668B4CB866A1D6835E5F01B13EF1, A2989DB82F31F9B30E4DC1F814BD0D7E286B33DB033C63796E2020BD18648EF3 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
14:06:36.0560 0x13a4 AVGIDSHA - ok
14:06:36.0654 0x13a4 [ 4BE8BB177B4C2BC3564845EF6D1073F1, 4ACA54EA54F5ABA96A73BD83C0C5A83C37090FEB7CBE67AE94E9CD3E364931C8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
14:06:36.0685 0x13a4 Avgldx64 - ok
14:06:36.0763 0x13a4 [ D3772CC086FB81F76B5A82C85E1C7C8E, B1BEFD7AC658F28AECEF5468F5815504BDDC8A4203207B6F0CA53C5B216F782D ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
14:06:36.0794 0x13a4 Avgloga - ok
14:06:36.0857 0x13a4 [ A0BCE5DC2C1F1EE5C1CA19A33375AC23, 517663AEDD7A45607E17910DE60B2847E521472F9C0AB56034617BE2F351DE8D ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
14:06:36.0872 0x13a4 Avgmfx64 - ok
14:06:36.0904 0x13a4 [ 12FAAF366975B2BF2E93F1866C0E480D, 559480A1434E6805CF4F3DB5352E98387053194BB7B0DB18099B53D306D9951D ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
14:06:36.0919 0x13a4 Avgrkx64 - ok
14:06:37.0028 0x13a4 [ 4E364FABBD147F59E5D524C9EA86D772, 5D2B1E35EDBF68C23C5BF38B8B7AC484E3430219E0072C4831F58A9E8386A5FD ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
14:06:37.0044 0x13a4 Avgtdia - ok
14:06:37.0169 0x13a4 [ CFD0AABD50BF9BEDF550618E48CF7CB7, EAF2EAA3A7ED99A2870FCFB578A556190FA2977F2DC041C8EFA3AE13C05AC74B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
14:06:37.0169 0x13a4 avgtp - ok
14:06:37.0262 0x13a4 [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
14:06:37.0278 0x13a4 avgwd - ok
14:06:37.0340 0x13a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:06:37.0340 0x13a4 AxInstSV - ok
14:06:37.0418 0x13a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:06:37.0434 0x13a4 b06bdrv - ok
14:06:37.0512 0x13a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:06:37.0528 0x13a4 b57nd60a - ok
14:06:37.0606 0x13a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:06:37.0606 0x13a4 BDESVC - ok
14:06:37.0637 0x13a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:06:37.0652 0x13a4 Beep - ok
14:06:37.0762 0x13a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:06:37.0793 0x13a4 BFE - ok
14:06:37.0902 0x13a4 BHDrvx64 - ok
14:06:37.0996 0x13a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:06:38.0058 0x13a4 BITS - ok
14:06:38.0105 0x13a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:06:38.0105 0x13a4 blbdrive - ok
14:06:38.0245 0x13a4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:06:38.0261 0x13a4 Bonjour Service - ok
14:06:38.0323 0x13a4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:06:38.0323 0x13a4 bowser - ok
14:06:38.0370 0x13a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:06:38.0370 0x13a4 BrFiltLo - ok
14:06:38.0417 0x13a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:06:38.0432 0x13a4 BrFiltUp - ok
14:06:38.0479 0x13a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:06:38.0495 0x13a4 Browser - ok
14:06:38.0542 0x13a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:06:38.0557 0x13a4 Brserid - ok
14:06:38.0620 0x13a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:06:38.0620 0x13a4 BrSerWdm - ok
14:06:38.0651 0x13a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:06:38.0651 0x13a4 BrUsbMdm - ok
14:06:38.0666 0x13a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:06:38.0682 0x13a4 BrUsbSer - ok
14:06:38.0807 0x13a4 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
14:06:38.0807 0x13a4 BrYNSvc - ok
14:06:38.0885 0x13a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:06:38.0885 0x13a4 BTHMODEM - ok
14:06:38.0932 0x13a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:06:38.0947 0x13a4 bthserv - ok
14:06:38.0994 0x13a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:06:39.0010 0x13a4 cdfs - ok
14:06:39.0103 0x13a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:06:39.0166 0x13a4 cdrom - ok
14:06:39.0337 0x13a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:06:39.0337 0x13a4 CertPropSvc - ok
14:06:39.0431 0x13a4 [ 2C24DB5F78F0ACA759803001E6B4F320, 4977EBCCD7026E941E8AD997967378D3080131929B8FE4DBA6F929CEC3AAC728 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:06:39.0446 0x13a4 CinemaNow Service - ok
14:06:39.0556 0x13a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:06:39.0556 0x13a4 circlass - ok
14:06:39.0618 0x13a4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:06:39.0634 0x13a4 CLFS - ok
14:06:39.0712 0x13a4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:39.0712 0x13a4 clr_optimization_v2.0.50727_32 - ok
14:06:39.0821 0x13a4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:06:39.0821 0x13a4 clr_optimization_v2.0.50727_64 - ok
14:06:40.0008 0x13a4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:40.0102 0x13a4 clr_optimization_v4.0.30319_32 - ok
14:06:40.0164 0x13a4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:06:40.0242 0x13a4 clr_optimization_v4.0.30319_64 - ok
14:06:40.0289 0x13a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:06:40.0304 0x13a4 CmBatt - ok
14:06:40.0367 0x13a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:06:40.0367 0x13a4 cmdide - ok
14:06:40.0460 0x13a4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:06:40.0507 0x13a4 CNG - ok
14:06:40.0570 0x13a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:06:40.0570 0x13a4 Compbatt - ok
14:06:40.0632 0x13a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:06:40.0632 0x13a4 CompositeBus - ok
14:06:40.0726 0x13a4 COMSysApp - ok
14:06:40.0757 0x13a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:06:40.0772 0x13a4 crcdisk - ok
14:06:40.0882 0x13a4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:06:40.0897 0x13a4 CryptSvc - ok
14:06:40.0975 0x13a4 [ 76E02DB615A03801D698199A2BC4A06A, 402A8DE76D2181E2E5E10116284EDB2B5793BE33A417261F4B56B2851F34FA15 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
14:06:41.0006 0x13a4 dc3d - ok
14:06:41.0116 0x13a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:06:41.0162 0x13a4 DcomLaunch - ok
14:06:41.0272 0x13a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:06:41.0303 0x13a4 defragsvc - ok
14:06:41.0381 0x13a4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:06:41.0381 0x13a4 DfsC - ok
14:06:41.0490 0x13a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:06:41.0506 0x13a4 Dhcp - ok
14:06:41.0584 0x13a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:06:41.0599 0x13a4 discache - ok
14:06:41.0662 0x13a4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:06:41.0662 0x13a4 Disk - ok
14:06:41.0724 0x13a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:06:41.0740 0x13a4 Dnscache - ok
14:06:41.0802 0x13a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:06:41.0818 0x13a4 dot3svc - ok
14:06:41.0911 0x13a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:06:41.0927 0x13a4 DPS - ok
14:06:41.0989 0x13a4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:06:42.0005 0x13a4 drmkaud - ok
14:06:42.0130 0x13a4 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:06:42.0254 0x13a4 DXGKrnl - ok
14:06:42.0301 0x13a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:06:42.0301 0x13a4 EapHost - ok
14:06:42.0488 0x13a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:06:42.0629 0x13a4 ebdrv - ok
14:06:42.0769 0x13a4 [ 066108AE4C35835081598827A1A7D08D, DB32304EBD63E6D71F4B500A4BCB566D2CC6E9D9115D1FB9DA816C4BA8C6F65E ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:06:42.0785 0x13a4 eeCtrl - ok
14:06:42.0832 0x13a4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
14:06:42.0832 0x13a4 EFS - ok
14:06:42.0956 0x13a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:06:43.0003 0x13a4 ehRecvr - ok
14:06:43.0066 0x13a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:06:43.0097 0x13a4 ehSched - ok
14:06:43.0190 0x13a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:06:43.0237 0x13a4 elxstor - ok
14:06:43.0268 0x13a4 EraserUtilDrvI10 - ok
14:06:43.0331 0x13a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:06:43.0331 0x13a4 ErrDev - ok
14:06:43.0440 0x13a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:06:43.0471 0x13a4 EventSystem - ok
14:06:43.0502 0x13a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:06:43.0518 0x13a4 exfat - ok
14:06:43.0549 0x13a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:06:43.0565 0x13a4 fastfat - ok
14:06:43.0643 0x13a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:06:43.0690 0x13a4 Fax - ok
14:06:43.0752 0x13a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:06:43.0752 0x13a4 fdc - ok
14:06:43.0799 0x13a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:06:43.0799 0x13a4 fdPHost - ok
14:06:43.0814 0x13a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:06:43.0814 0x13a4 FDResPub - ok
14:06:43.0846 0x13a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:06:43.0846 0x13a4 FileInfo - ok
14:06:43.0861 0x13a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:06:43.0877 0x13a4 Filetrace - ok
14:06:43.0892 0x13a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:06:43.0892 0x13a4 flpydisk - ok
14:06:44.0002 0x13a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:06:44.0033 0x13a4 FltMgr - ok
14:06:44.0189 0x13a4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:06:44.0282 0x13a4 FontCache - ok
14:06:44.0360 0x13a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:06:44.0360 0x13a4 FontCache3.0.0.0 - ok
14:06:44.0423 0x13a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:06:44.0423 0x13a4 FsDepends - ok
14:06:44.0470 0x13a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:06:44.0470 0x13a4 Fs_Rec - ok
14:06:44.0532 0x13a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:06:44.0548 0x13a4 fvevol - ok
14:06:44.0594 0x13a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:06:44.0610 0x13a4 gagp30kx - ok
14:06:44.0688 0x13a4 [ 1FDA0DF739234C4023851A282DD28704, 993187336366C53B125A989DD264506B000AA65789C1B6907DF85CFC64E894C7 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:06:44.0704 0x13a4 GameConsoleService - ok
14:06:44.0766 0x13a4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:06:44.0766 0x13a4 GEARAspiWDM - ok
14:06:44.0860 0x13a4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:06:44.0938 0x13a4 gpsvc - ok
14:06:45.0000 0x13a4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:06:45.0016 0x13a4 gupdate - ok
14:06:45.0062 0x13a4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:06:45.0062 0x13a4 gupdatem - ok
14:06:45.0140 0x13a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:06:45.0140 0x13a4 hcw85cir - ok
14:06:45.0234 0x13a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:06:45.0265 0x13a4 HdAudAddService - ok
14:06:45.0312 0x13a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:06:45.0312 0x13a4 HDAudBus - ok
14:06:45.0359 0x13a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:06:45.0359 0x13a4 HidBatt - ok
14:06:45.0406 0x13a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:06:45.0406 0x13a4 HidBth - ok
14:06:45.0452 0x13a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:06:45.0452 0x13a4 HidIr - ok
14:06:45.0577 0x13a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:06:45.0577 0x13a4 hidserv - ok
14:06:45.0655 0x13a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:06:45.0655 0x13a4 HidUsb - ok
14:06:45.0733 0x13a4 [ 7C2FA08BE562F5B8BE5428FDD926404C, BE6CC437A89C86F69815059565AE08810AB6597508575D948C92217CC53D6D45 ] HitachiBackupService C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
14:06:45.0733 0x13a4 HitachiBackupService - ok
14:06:45.0811 0x13a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:06:45.0811 0x13a4 hkmsvc - ok
14:06:45.0874 0x13a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:06:45.0905 0x13a4 HomeGroupListener - ok
14:06:45.0998 0x13a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:06:46.0014 0x13a4 HomeGroupProvider - ok
14:06:46.0154 0x13a4 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:06:46.0154 0x13a4 HP Support Assistant Service - ok
14:06:46.0310 0x13a4 [ 58CC11D14D88EF70EF7ABBC75B5EEBD8, 769FAE57F3BDF81890976DA51FB9C89D520653E5D0072A6DB98C7B8FACD54E87 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:06:46.0326 0x13a4 HP Wireless Assistant Service - ok
14:06:46.0513 0x13a4 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:06:46.0591 0x13a4 hpqwmiex - ok
14:06:46.0669 0x13a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:06:46.0669 0x13a4 HpSAMD - ok
14:06:46.0732 0x13a4 [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:06:46.0732 0x13a4 HPWMISVC - ok
14:06:46.0825 0x13a4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:06:46.0872 0x13a4 HTTP - ok
14:06:46.0934 0x13a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:06:46.0934 0x13a4 hwpolicy - ok
14:06:46.0981 0x13a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:06:46.0997 0x13a4 i8042prt - ok
14:06:47.0090 0x13a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:06:47.0122 0x13a4 iaStorV - ok
14:06:47.0231 0x13a4 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:06:47.0246 0x13a4 IDriverT - ok
14:06:47.0402 0x13a4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:06:47.0496 0x13a4 idsvc - ok
14:06:47.0543 0x13a4 IDSVia64 - ok
14:06:47.0605 0x13a4 IEEtwCollectorService - ok
14:06:47.0980 0x13a4 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:06:48.0307 0x13a4 igfx - ok
14:06:48.0370 0x13a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:06:48.0385 0x13a4 iirsp - ok
14:06:48.0479 0x13a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:06:48.0526 0x13a4 IKEEXT - ok
14:06:48.0713 0x13a4 [ D311E2DD59A34079D89C249B2A4D9FDB, F2DB1DBD5619A48545434983DDB5260A610F22B37E1D81720B688FEF95C9AD07 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:06:48.0838 0x13a4 IntcAzAudAddService - ok
14:06:48.0900 0x13a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:06:48.0916 0x13a4 intelide - ok
14:06:48.0947 0x13a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:06:48.0947 0x13a4 intelppm - ok
14:06:48.0994 0x13a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:06:48.0994 0x13a4 IPBusEnum - ok
14:06:49.0040 0x13a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:06:49.0056 0x13a4 IpFilterDriver - ok
14:06:49.0134 0x13a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:06:49.0181 0x13a4 iphlpsvc - ok
14:06:49.0243 0x13a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:06:49.0243 0x13a4 IPMIDRV - ok
14:06:49.0290 0x13a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:06:49.0306 0x13a4 IPNAT - ok
14:06:49.0430 0x13a4 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:06:49.0508 0x13a4 iPod Service - ok
14:06:49.0571 0x13a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:06:49.0571 0x13a4 IRENUM - ok
14:06:49.0650 0x13a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:06:49.0650 0x13a4 isapnp - ok
14:06:49.0697 0x13a4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:06:49.0712 0x13a4 iScsiPrt - ok
14:06:49.0759 0x13a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:06:49.0759 0x13a4 kbdclass - ok
14:06:49.0821 0x13a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:06:49.0821 0x13a4 kbdhid - ok
14:06:49.0853 0x13a4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
14:06:49.0853 0x13a4 KeyIso - ok
14:06:49.0915 0x13a4 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:06:49.0931 0x13a4 KSecDD - ok
14:06:49.0993 0x13a4 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:06:50.0009 0x13a4 KSecPkg - ok
14:06:50.0040 0x13a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:06:50.0055 0x13a4 ksthunk - ok
14:06:50.0102 0x13a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:06:50.0133 0x13a4 KtmRm - ok
14:06:50.0227 0x13a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:06:50.0243 0x13a4 LanmanServer - ok
14:06:50.0289 0x13a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:06:50.0321 0x13a4 LanmanWorkstation - ok
14:06:50.0414 0x13a4 Lavasoft Kernexplorer - ok
14:06:50.0617 0x13a4 [ 07B1888209C54B675FFCCBDE9F06D2C6, F80DA304CEFC062D4E604C0A7A2B60361161F259FBE8E94332F6BAD640630D23 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:06:50.0633 0x13a4 LightScribeService - ok
14:06:50.0789 0x13a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:06:50.0789 0x13a4 lltdio - ok
14:06:50.0913 0x13a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:06:50.0945 0x13a4 lltdsvc - ok
14:06:51.0023 0x13a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:06:51.0023 0x13a4 lmhosts - ok
14:06:51.0194 0x13a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:06:51.0210 0x13a4 LSI_FC - ok
14:06:51.0225 0x13a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:06:51.0225 0x13a4 LSI_SAS - ok
14:06:51.0272 0x13a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:06:51.0272 0x13a4 LSI_SAS2 - ok
14:06:51.0303 0x13a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:06:51.0319 0x13a4 LSI_SCSI - ok
14:06:51.0350 0x13a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:06:51.0366 0x13a4 luafv - ok
14:06:51.0787 0x13a4 [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
14:06:51.0787 0x13a4 McComponentHostService - ok
14:06:51.0849 0x13a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:06:51.0865 0x13a4 Mcx2Svc - ok
14:06:51.0912 0x13a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:06:51.0912 0x13a4 megasas - ok
14:06:51.0974 0x13a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:06:51.0990 0x13a4 MegaSR - ok
14:06:52.0052 0x13a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:06:52.0068 0x13a4 MMCSS - ok
14:06:52.0083 0x13a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:06:52.0099 0x13a4 Modem - ok
14:06:52.0115 0x13a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:06:52.0115 0x13a4 monitor - ok
14:06:52.0177 0x13a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
14:06:52.0177 0x13a4 mouclass - ok
14:06:52.0239 0x13a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:06:52.0239 0x13a4 mouhid - ok
14:06:52.0286 0x13a4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:06:52.0286 0x13a4 mountmgr - ok
14:06:52.0364 0x13a4 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:06:52.0380 0x13a4 MozillaMaintenance - ok
14:06:52.0458 0x13a4 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:06:52.0473 0x13a4 MpFilter - ok
14:06:52.0505 0x13a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:06:52.0520 0x13a4 mpio - ok
14:06:52.0536 0x13a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:06:52.0536 0x13a4 mpsdrv - ok
14:06:52.0629 0x13a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:06:52.0692 0x13a4 MpsSvc - ok
14:06:52.0770 0x13a4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:06:52.0770 0x13a4 MRxDAV - ok
14:06:52.0832 0x13a4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:06:52.0848 0x13a4 mrxsmb - ok
14:06:52.0895 0x13a4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:06:52.0910 0x13a4 mrxsmb10 - ok
14:06:52.0926 0x13a4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:06:52.0941 0x13a4 mrxsmb20 - ok
14:06:53.0019 0x13a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:06:53.0113 0x13a4 msahci - ok
14:06:53.0160 0x13a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:06:53.0160 0x13a4 msdsm - ok
14:06:53.0191 0x13a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:06:53.0207 0x13a4 MSDTC - ok
14:06:53.0253 0x13a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:06:53.0253 0x13a4 Msfs - ok
14:06:53.0331 0x13a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:06:53.0347 0x13a4 mshidkmdf - ok
14:06:53.0394 0x13a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:06:53.0409 0x13a4 msisadrv - ok
14:06:53.0643 0x13a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:06:53.0690 0x13a4 MSiSCSI - ok
14:06:53.0706 0x13a4 msiserver - ok
14:06:53.0737 0x13a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:06:53.0737 0x13a4 MSKSSRV - ok
14:06:53.0799 0x13a4 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:06:53.0815 0x13a4 MsMpSvc - ok
14:06:53.0846 0x13a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:06:53.0893 0x13a4 MSPCLOCK - ok
14:06:53.0940 0x13a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:06:53.0940 0x13a4 MSPQM - ok
14:06:54.0002 0x13a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:06:54.0018 0x13a4 MsRPC - ok
14:06:54.0111 0x13a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:06:54.0111 0x13a4 mssmbios - ok
14:06:54.0143 0x13a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:06:54.0158 0x13a4 MSTEE - ok
14:06:54.0174 0x13a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:06:54.0189 0x13a4 MTConfig - ok
14:06:54.0221 0x13a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:06:54.0221 0x13a4 Mup - ok
14:06:54.0408 0x13a4 N360 - ok
14:06:54.0455 0x13a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:06:54.0486 0x13a4 napagent - ok
14:06:54.0579 0x13a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:06:54.0595 0x13a4 NativeWifiP - ok
14:06:54.0595 0x13a4 NAVENG - ok
14:06:54.0611 0x13a4 NAVEX15 - ok
14:06:54.0751 0x13a4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:06:54.0782 0x13a4 NDIS - ok
14:06:54.0829 0x13a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:06:54.0829 0x13a4 NdisCap - ok
14:06:54.0860 0x13a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:06:54.0860 0x13a4 NdisTapi - ok
14:06:54.0923 0x13a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:06:54.0938 0x13a4 Ndisuio - ok
14:06:54.0985 0x13a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:06:54.0985 0x13a4 NdisWan - ok
14:06:55.0032 0x13a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:06:55.0032 0x13a4 NDProxy - ok
14:06:55.0063 0x13a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:06:55.0063 0x13a4 NetBIOS - ok
14:06:55.0141 0x13a4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:06:55.0157 0x13a4 NetBT - ok
14:06:55.0203 0x13a4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
14:06:55.0203 0x13a4 Netlogon - ok
14:06:55.0297 0x13a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:06:55.0328 0x13a4 Netman - ok
14:06:55.0453 0x13a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:56.0264 0x13a4 NetMsmqActivator - ok
14:06:56.0311 0x13a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:56.0327 0x13a4 NetPipeActivator - ok
14:06:56.0405 0x13a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:06:56.0436 0x13a4 netprofm - ok
14:06:56.0514 0x13a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:56.0529 0x13a4 NetTcpActivator - ok
14:06:56.0561 0x13a4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:06:56.0561 0x13a4 NetTcpPortSharing - ok
14:06:56.0997 0x13a4 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:06:57.0341 0x13a4 netw5v64 - ok
14:06:57.0403 0x13a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:06:57.0403 0x13a4 nfrd960 - ok
14:06:57.0481 0x13a4 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:06:57.0512 0x13a4 NisDrv - ok
14:06:57.0606 0x13a4 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:06:57.0621 0x13a4 NisSrv - ok
14:06:57.0715 0x13a4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:06:57.0731 0x13a4 NlaSvc - ok
14:06:57.0793 0x13a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:06:57.0809 0x13a4 Npfs - ok
14:06:57.0840 0x13a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:06:57.0855 0x13a4 nsi - ok
14:06:57.0871 0x13a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:06:57.0871 0x13a4 nsiproxy - ok
14:06:58.0106 0x13a4 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:06:58.0231 0x13a4 Ntfs - ok
14:06:58.0293 0x13a4 [ 4C08A14D04E62963E96E0BB57BBC953B, AACBD606F31532F49C516751D934E1B3C167C99195B6E3B582CFF5F5FFB420CB ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
14:06:58.0293 0x13a4 NuidFltr - ok
14:06:58.0340 0x13a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:06:58.0340 0x13a4 Null - ok
14:06:58.0387 0x13a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:06:58.0387 0x13a4 nvraid - ok
14:06:58.0449 0x13a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:06:58.0465 0x13a4 nvstor - ok
14:06:58.0512 0x13a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:06:58.0527 0x13a4 nv_agp - ok
14:06:58.0590 0x13a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:06:58.0590 0x13a4 ohci1394 - ok
14:06:58.0636 0x13a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:06:58.0652 0x13a4 ose - ok
14:06:59.0089 0x13a4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:06:59.0354 0x13a4 osppsvc - ok
14:06:59.0448 0x13a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:06:59.0510 0x13a4 p2pimsvc - ok
14:06:59.0713 0x13a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:06:59.0728 0x13a4 p2psvc - ok
14:06:59.0791 0x13a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:06:59.0791 0x13a4 Parport - ok
14:06:59.0838 0x13a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:06:59.0869 0x13a4 partmgr - ok
14:06:59.0900 0x13a4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:06:59.0900 0x13a4 PcaSvc - ok
14:06:59.0994 0x13a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:06:59.0994 0x13a4 pci - ok
14:07:00.0056 0x13a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:07:00.0056 0x13a4 pciide - ok
14:07:00.0118 0x13a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:07:00.0150 0x13a4 pcmcia - ok
14:07:00.0196 0x13a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:07:00.0196 0x13a4 pcw - ok
14:07:00.0243 0x13a4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:07:00.0259 0x13a4 PEAUTH - ok
14:07:00.0352 0x13a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:07:00.0368 0x13a4 PerfHost - ok
14:07:00.0555 0x13a4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:07:00.0664 0x13a4 pla - ok
14:07:00.0742 0x13a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:07:00.0789 0x13a4 PlugPlay - ok
14:07:00.0820 0x13a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:07:00.0820 0x13a4 PNRPAutoReg - ok
14:07:00.0867 0x13a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:07:00.0898 0x13a4 PNRPsvc - ok
14:07:00.0961 0x13a4 [ B8D8EC78B0F9ED8E220506181274F3D3, D920277EE66AAAB6D66BF328DD5A40DDD8382BF4F331EAB398069EDB842FF18E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
14:07:00.0976 0x13a4 Point64 - ok
14:07:01.0054 0x13a4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:07:01.0101 0x13a4 PolicyAgent - ok
14:07:01.0148 0x13a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:07:01.0164 0x13a4 Power - ok
14:07:01.0242 0x13a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:07:01.0257 0x13a4 PptpMiniport - ok
14:07:01.0304 0x13a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:07:01.0351 0x13a4 Processor - ok
14:07:01.0429 0x13a4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:07:01.0491 0x13a4 ProfSvc - ok
14:07:01.0554 0x13a4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:07:01.0569 0x13a4 ProtectedStorage - ok
14:07:01.0647 0x13a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:07:01.0663 0x13a4 Psched - ok
14:07:01.0881 0x13a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:07:02.0006 0x13a4 ql2300 - ok
14:07:02.0100 0x13a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:07:02.0100 0x13a4 ql40xx - ok
14:07:02.0146 0x13a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:07:02.0146 0x13a4 QWAVE - ok
14:07:02.0193 0x13a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:07:02.0193 0x13a4 QWAVEdrv - ok
14:07:02.0209 0x13a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:07:02.0224 0x13a4 RasAcd - ok
14:07:02.0287 0x13a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:07:02.0287 0x13a4 RasAgileVpn - ok
14:07:02.0318 0x13a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:07:02.0334 0x13a4 RasAuto - ok
14:07:02.0365 0x13a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:07:02.0380 0x13a4 Rasl2tp - ok
14:07:02.0443 0x13a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:07:02.0458 0x13a4 RasMan - ok
14:07:02.0490 0x13a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:07:02.0490 0x13a4 RasPppoe - ok
14:07:02.0505 0x13a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:07:02.0521 0x13a4 RasSstp - ok
14:07:02.0583 0x13a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:07:02.0599 0x13a4 rdbss - ok
14:07:02.0630 0x13a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:07:02.0630 0x13a4 rdpbus - ok
14:07:02.0677 0x13a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:07:02.0677 0x13a4 RDPCDD - ok
14:07:02.0739 0x13a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:07:02.0739 0x13a4 RDPENCDD - ok
14:07:02.0755 0x13a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:07:02.0755 0x13a4 RDPREFMP - ok
14:07:02.0817 0x13a4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:07:02.0864 0x13a4 RDPWD - ok
14:07:02.0926 0x13a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:07:02.0942 0x13a4 rdyboost - ok
14:07:02.0989 0x13a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:07:03.0004 0x13a4 RemoteAccess - ok
14:07:03.0067 0x13a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:07:03.0083 0x13a4 RemoteRegistry - ok
14:07:03.0130 0x13a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:07:03.0130 0x13a4 RpcEptMapper - ok
14:07:03.0161 0x13a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:07:03.0161 0x13a4 RpcLocator - ok
14:07:03.0255 0x13a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:07:03.0302 0x13a4 RpcSs - ok
14:07:03.0349 0x13a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:07:03.0364 0x13a4 rspndr - ok
14:07:03.0427 0x13a4 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
14:07:03.0442 0x13a4 RSUSBSTOR - ok
14:07:03.0520 0x13a4 [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:07:03.0551 0x13a4 RTL8167 - ok
14:07:03.0692 0x13a4 [ 4EA7E5DF0CB237156176FA0349E6E87F, 542C5291369009FD9B52B5939E3B55E4CC37056E03815986CA1C1EFCFB52F5D6 ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
14:07:03.0707 0x13a4 RtVOsdService - ok
14:07:03.0723 0x13a4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
14:07:03.0739 0x13a4 SamSs - ok
14:07:03.0785 0x13a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:07:03.0801 0x13a4 sbp2port - ok
14:07:04.0004 0x13a4 [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:07:04.0082 0x13a4 SBSDWSCService - ok
14:07:04.0160 0x13a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:07:04.0175 0x13a4 SCardSvr - ok
14:07:04.0222 0x13a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:07:04.0238 0x13a4 scfilter - ok
14:07:04.0378 0x13a4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:07:04.0472 0x13a4 Schedule - ok
14:07:04.0550 0x13a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:07:04.0550 0x13a4 SCPolicySvc - ok
14:07:04.0628 0x13a4 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
14:07:04.0628 0x13a4 sdbus - ok
14:07:04.0690 0x13a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:07:04.0706 0x13a4 SDRSVC - ok
14:07:04.0737 0x13a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:07:04.0737 0x13a4 secdrv - ok
14:07:04.0784 0x13a4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:07:04.0799 0x13a4 seclogon - ok
14:07:04.0831 0x13a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:07:04.0831 0x13a4 SENS - ok
14:07:04.0893 0x13a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:07:04.0893 0x13a4 SensrSvc - ok
14:07:04.0924 0x13a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:07:04.0924 0x13a4 Serenum - ok
14:07:04.0971 0x13a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:07:05.0002 0x13a4 Serial - ok
14:07:05.0049 0x13a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:07:05.0049 0x13a4 sermouse - ok
14:07:05.0127 0x13a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:07:05.0143 0x13a4 SessionEnv - ok
14:07:05.0189 0x13a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:07:05.0205 0x13a4 sffdisk - ok
14:07:05.0221 0x13a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:07:05.0221 0x13a4 sffp_mmc - ok
14:07:05.0252 0x13a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:07:05.0267 0x13a4 sffp_sd - ok
14:07:05.0314 0x13a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:07:05.0314 0x13a4 sfloppy - ok
14:07:05.0377 0x13a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:07:05.0408 0x13a4 SharedAccess - ok
14:07:05.0735 0x13a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:07:05.0829 0x13a4 ShellHWDetection - ok
14:07:05.0891 0x13a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:07:05.0907 0x13a4 SiSRaid2 - ok
14:07:05.0938 0x13a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:07:05.0938 0x13a4 SiSRaid4 - ok
14:07:06.0032 0x13a4 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:07:06.0047 0x13a4 SkypeUpdate - ok
14:07:06.0110 0x13a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:07:06.0125 0x13a4 Smb - ok
14:07:06.0203 0x13a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:07:06.0203 0x13a4 SNMPTRAP - ok
14:07:06.0235 0x13a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:07:06.0235 0x13a4 spldr - ok
14:07:06.0328 0x13a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:07:06.0391 0x13a4 Spooler - ok
14:07:06.0937 0x13a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:07:07.0249 0x13a4 sppsvc - ok
14:07:07.0311 0x13a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:07:07.0327 0x13a4 sppuinotify - ok
14:07:07.0373 0x13a4 SRTSP - ok
14:07:07.0405 0x13a4 SRTSPX - ok
14:07:07.0592 0x13a4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:07:07.0623 0x13a4 srv - ok
14:07:07.0685 0x13a4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:07:07.0717 0x13a4 srv2 - ok
14:07:07.0779 0x13a4 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:07:07.0810 0x13a4 SrvHsfHDA - ok
14:07:07.0951 0x13a4 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:07:08.0091 0x13a4 SrvHsfV92 - ok
14:07:08.0200 0x13a4 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:07:08.0231 0x13a4 SrvHsfWinac - ok
14:07:08.0294 0x13a4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:07:08.0309 0x13a4 srvnet - ok
14:07:08.0341 0x13a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:07:08.0356 0x13a4 SSDPSRV - ok
14:07:08.0356 0x13a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:07:08.0387 0x13a4 SstpSvc - ok
14:07:08.0419 0x13a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:07:08.0419 0x13a4 stexstor - ok
14:07:08.0481 0x13a4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:07:08.0481 0x13a4 StillCam - ok
14:07:08.0668 0x13a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:07:08.0699 0x13a4 stisvc - ok
14:07:08.0746 0x13a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:07:08.0746 0x13a4 swenum - ok
14:07:08.0809 0x13a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:07:08.0855 0x13a4 swprv - ok
14:07:08.0902 0x13a4 SymDS - ok
14:07:08.0933 0x13a4 SymEFA - ok
14:07:08.0965 0x13a4 SymIRON - ok
14:07:08.0980 0x13a4 SymNetS - ok
14:07:09.0136 0x13a4 [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:07:09.0245 0x13a4 SynTP - ok
14:07:09.0370 0x13a4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:07:09.0448 0x13a4 SysMain - ok
14:07:09.0542 0x13a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:07:09.0542 0x13a4 TabletInputService - ok
14:07:09.0604 0x13a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:07:09.0620 0x13a4 TapiSrv - ok
14:07:09.0651 0x13a4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:07:09.0651 0x13a4 TBS - ok
14:07:09.0854 0x13a4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:07:09.0994 0x13a4 Tcpip - ok
14:07:10.0213 0x13a4 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:07:10.0337 0x13a4 TCPIP6 - ok
14:07:10.0447 0x13a4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:07:10.0462 0x13a4 tcpipreg - ok
14:07:10.0556 0x13a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:07:10.0556 0x13a4 TDPIPE - ok
14:07:10.0618 0x13a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:07:10.0618 0x13a4 TDTCP - ok
14:07:10.0727 0x13a4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:07:10.0727 0x13a4 tdx - ok
14:07:10.0790 0x13a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:07:10.0790 0x13a4 TermDD - ok
14:07:10.0883 0x13a4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
14:07:10.0930 0x13a4 TermService - ok
14:07:11.0024 0x13a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:07:11.0024 0x13a4 Themes - ok
14:07:11.0086 0x13a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:07:11.0086 0x13a4 THREADORDER - ok
14:07:11.0133 0x13a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:07:11.0149 0x13a4 TrkWks - ok
14:07:11.0258 0x13a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:07:11.0273 0x13a4 TrustedInstaller - ok
14:07:11.0336 0x13a4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:07:11.0336 0x13a4 tssecsrv - ok
14:07:11.0429 0x13a4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:07:11.0507 0x13a4 TsUsbFlt - ok
14:07:11.0570 0x13a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:07:11.0570 0x13a4 tunnel - ok
14:07:11.0617 0x13a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:07:11.0632 0x13a4 uagp35 - ok
14:07:11.0695 0x13a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:07:11.0726 0x13a4 udfs - ok
14:07:11.0773 0x13a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:07:11.0788 0x13a4 UI0Detect - ok
14:07:11.0851 0x13a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:07:11.0851 0x13a4 uliagpkx - ok
14:07:11.0929 0x13a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
14:07:11.0929 0x13a4 umbus - ok
14:07:12.0022 0x13a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:07:12.0085 0x13a4 UmPass - ok
14:07:12.0163 0x13a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:07:12.0194 0x13a4 upnphost - ok
14:07:12.0287 0x13a4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:07:12.0303 0x13a4 USBAAPL64 - ok
14:07:12.0350 0x13a4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:07:12.0365 0x13a4 usbccgp - ok
14:07:12.0428 0x13a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:07:12.0428 0x13a4 usbcir - ok
14:07:12.0475 0x13a4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:07:12.0475 0x13a4 usbehci - ok
14:07:12.0537 0x13a4 [ DC2B306861F42EEEB92EF525F4119F08, D16CF4EA03F6D0C3F6008E9ECB56AC170E39B137A83AA713972FC33168ACF1BC ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
14:07:12.0537 0x13a4 usbfilter - ok
14:07:12.0646 0x13a4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:07:12.0677 0x13a4 usbhub - ok
14:07:12.0740 0x13a4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:07:12.0740 0x13a4 usbohci - ok
14:07:12.0818 0x13a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:07:12.0818 0x13a4 usbprint - ok
14:07:12.0880 0x13a4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
14:07:12.0880 0x13a4 usbscan - ok
14:07:12.0927 0x13a4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:07:12.0943 0x13a4 USBSTOR - ok
14:07:12.0989 0x13a4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:07:12.0989 0x13a4 usbuhci - ok
14:07:13.0099 0x13a4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:07:13.0114 0x13a4 usbvideo - ok
14:07:13.0161 0x13a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:07:13.0177 0x13a4 UxSms - ok
14:07:13.0223 0x13a4 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
14:07:13.0223 0x13a4 VaultSvc - ok
14:07:13.0317 0x13a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:07:13.0317 0x13a4 vdrvroot - ok
14:07:13.0520 0x13a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:07:13.0598 0x13a4 vds - ok
14:07:13.0660 0x13a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:07:13.0676 0x13a4 vga - ok
14:07:13.0691 0x13a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:07:13.0691 0x13a4 VgaSave - ok
14:07:13.0769 0x13a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:07:13.0785 0x13a4 vhdmp - ok
14:07:13.0847 0x13a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:07:13.0847 0x13a4 viaide - ok
14:07:13.0894 0x13a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:07:13.0894 0x13a4 volmgr - ok
14:07:13.0972 0x13a4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:07:13.0988 0x13a4 volmgrx - ok
14:07:14.0050 0x13a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:07:14.0066 0x13a4 volsnap - ok
14:07:14.0128 0x13a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:07:14.0144 0x13a4 vsmraid - ok
14:07:14.0331 0x13a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:07:14.0456 0x13a4 VSS - ok
14:07:14.0861 0x13a4 [ 29CC39577CA273CA0E75FD562E66AE96, FA4A597CBFB918280C36EFBD11E73F9A2285C1A9B00913BDDDA546F3DCD310CF ] vToolbarUpdater18.0.5 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
14:07:15.0002 0x13a4 vToolbarUpdater18.0.5 - ok
14:07:15.0080 0x13a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:07:15.0080 0x13a4 vwifibus - ok
14:07:15.0158 0x13a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:07:15.0173 0x13a4 vwififlt - ok
14:07:15.0236 0x13a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:07:15.0298 0x13a4 W32Time - ok
14:07:15.0345 0x13a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:07:15.0361 0x13a4 WacomPen - ok
14:07:15.0439 0x13a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:07:15.0454 0x13a4 WANARP - ok
14:07:15.0517 0x13a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:07:15.0532 0x13a4 Wanarpv6 - ok
14:07:15.0688 0x13a4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:07:15.0844 0x13a4 WatAdminSvc - ok
14:07:16.0031 0x13a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:07:16.0141 0x13a4 wbengine - ok
14:07:16.0219 0x13a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:07:16.0234 0x13a4 WbioSrvc - ok
14:07:16.0328 0x13a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:07:16.0406 0x13a4 wcncsvc - ok
14:07:16.0437 0x13a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:07:16.0437 0x13a4 WcsPlugInService - ok
14:07:16.0499 0x13a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:07:16.0515 0x13a4 Wd - ok
14:07:16.0640 0x13a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:07:16.0702 0x13a4 Wdf01000 - ok
14:07:16.0733 0x13a4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:07:16.0749 0x13a4 WdiServiceHost - ok
14:07:16.0780 0x13a4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:07:16.0796 0x13a4 WdiSystemHost - ok
14:07:16.0921 0x13a4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:07:16.0967 0x13a4 WebClient - ok
14:07:17.0201 0x13a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:07:17.0217 0x13a4 Wecsvc - ok
14:07:17.0265 0x13a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:07:17.0280 0x13a4 wercplsupport - ok
14:07:17.0312 0x13a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:07:17.0327 0x13a4 WerSvc - ok
14:07:17.0405 0x13a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:07:17.0405 0x13a4 WfpLwf - ok
14:07:17.0452 0x13a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:07:17.0452 0x13a4 WIMMount - ok
14:07:17.0546 0x13a4 WinDefend - ok
14:07:17.0608 0x13a4 WinHttpAutoProxySvc - ok
14:07:17.0670 0x13a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:07:17.0702 0x13a4 Winmgmt - ok
14:07:17.0889 0x13a4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:07:18.0045 0x13a4 WinRM - ok
14:07:18.0154 0x13a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:07:18.0154 0x13a4 WinUsb - ok
14:07:18.0248 0x13a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:07:18.0327 0x13a4 Wlansvc - ok
14:07:18.0654 0x13a4 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:07:18.0826 0x13a4 wlidsvc - ok
14:07:18.0904 0x13a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:07:18.0904 0x13a4 WmiAcpi - ok
14:07:18.0951 0x13a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:07:18.0966 0x13a4 wmiApSrv - ok
14:07:19.0044 0x13a4 WMPNetworkSvc - ok
14:07:19.0122 0x13a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:07:19.0122 0x13a4 WPCSvc - ok
14:07:19.0185 0x13a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:07:19.0200 0x13a4 WPDBusEnum - ok
14:07:19.0247 0x13a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:07:19.0247 0x13a4 ws2ifsl - ok
14:07:19.0278 0x13a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:07:19.0294 0x13a4 wscsvc - ok
14:07:19.0309 0x13a4 WSearch - ok
14:07:19.0606 0x13a4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:07:19.0777 0x13a4 wuauserv - ok
14:07:19.0871 0x13a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:07:19.0887 0x13a4 WudfPf - ok
14:07:19.0933 0x13a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:07:19.0949 0x13a4 WUDFRd - ok
14:07:20.0011 0x13a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:07:20.0027 0x13a4 wudfsvc - ok
14:07:20.0089 0x13a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:07:20.0121 0x13a4 WwanSvc - ok
14:07:20.0199 0x13a4 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
14:07:20.0230 0x13a4 yukonw7 - ok
14:07:20.0277 0x13a4 ================ Scan global ===============================
14:07:20.0308 0x13a4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:07:20.0370 0x13a4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:07:20.0401 0x13a4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:07:20.0479 0x13a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:07:20.0557 0x13a4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:07:20.0589 0x13a4 [ Global ] - ok
14:07:20.0589 0x13a4 ================ Scan MBR ==================================
14:07:20.0620 0x13a4 [ E644EED2FE54A78300183D6C69A3AA85 ] \Device\Harddisk0\DR0
14:07:21.0181 0x13a4 \Device\Harddisk0\DR0 - ok
14:07:21.0181 0x13a4 ================ Scan VBR ==================================
14:07:21.0213 0x13a4 [ 47CEB17D8D9828C8A460087C366618DE ] \Device\Harddisk0\DR0\Partition1
14:07:21.0213 0x13a4 \Device\Harddisk0\DR0\Partition1 - ok
14:07:21.0259 0x13a4 [ ED88C689460669744F2EE8DFBDBB626C ] \Device\Harddisk0\DR0\Partition2
14:07:21.0259 0x13a4 \Device\Harddisk0\DR0\Partition2 - ok
14:07:21.0291 0x13a4 [ 375084E1F7D7706636A8FC73E66771F3 ] \Device\Harddisk0\DR0\Partition3
14:07:21.0306 0x13a4 \Device\Harddisk0\DR0\Partition3 - ok
14:07:21.0353 0x13a4 [ 841B5807C7617772AB0A72477CF5B5D0 ] \Device\Harddisk0\DR0\Partition4
14:07:21.0384 0x13a4 \Device\Harddisk0\DR0\Partition4 - ok
14:07:21.0384 0x13a4 Waiting for KSN requests completion. In queue: 100
14:07:22.0398 0x13a4 Waiting for KSN requests completion. In queue: 100
14:07:23.0412 0x13a4 Waiting for KSN requests completion. In queue: 100
14:07:24.0632 0x13a4 AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
14:07:24.0632 0x13a4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
14:07:24.0694 0x13a4 Win FW state via NFP2: enabled
14:07:27.0206 0x13a4 ============================================================
14:07:27.0206 0x13a4 Scan finished
14:07:27.0206 0x13a4 ============================================================
14:07:27.0237 0x04b0 Detected object count: 0
14:07:27.0237 0x04b0 Actual detected object count: 0

#6 obrienmr

New Member

Authentic Member
10 posts

Posted 09 April 2014 - 12:11 PM

Or it's this one, not for sure, I am sorry!

#7 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 10 April 2014 - 04:17 AM

Nothing to see!

Full System Scan with Malwarebytes Antimalware

If not existing, please download Malwarebytes Anti-Malware to your desktop.
Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
- Launch Malwarebytes Anti-Malware
- A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.

If the program is already installed:

Run Malwarebytes Antimalware
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings and ensure these options are ticked:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click Scan
Wait for the scan to finish
If any threats were found, click the 'List of found threats' , then click Export to text file....
Save it to your desktop, then please copy and paste that log as a reply to this topic.

Proud Member of UNITE & TB

#8 obrienmr

New Member

Authentic Member
10 posts

Posted 10 April 2014 - 08:01 PM

Strange that there's nothing there! Heres the Malware one and ill run the second scan now! Thank you again for all of your help!

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.04.10.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16659
Megan :: MEGAN-PC [administrator]

4/10/2014 2:29:38 PM
mbam-log-2014-04-10 (14-29-38).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 481887
Time elapsed: 3 hour(s), 41 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 obrienmr

New Member

Authentic Member
10 posts

Posted 11 April 2014 - 10:43 AM

Here's the second scan!

Thank you again for the help!

C:\Users\Megan\Desktop\New folder\ccsetup314.exe   Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Megan\Desktop\New folder\disk-defrag-setup.exe   a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Megan\Downloads\ccsetup406.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application

#10 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 14 April 2014 - 07:13 AM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner

Please download AdwCleaner to your desktop.

Run adwcleaner.exe
Hit Scan and wait for the scan to finish.
Confirm the message but don´t uncheck anything.
Hit Clean
When the run is finished, it will open up a text file
Please post its contents within your next reply
You´ll find the log file at C:\AdwCleaner[S1].txt also

Delete junk with JRT

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

Save it to your desktop, start it and follow the instructions in the window.
After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Proud Member of UNITE & TB

#11 obrienmr

New Member

Authentic Member
10 posts

Posted 15 April 2014 - 08:41 PM

Here's the first scan!

# AdwCleaner v3.023 - Report created 15/04/2014 at 22:35:04
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Megan - MEGAN-PC
# Running from : C:\Users\Megan\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Megan\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Megan\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\dswvk01m.default-1346455382372\prefs.js ]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.0.5.292");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Megan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [8614 octets] - [15/04/2014 22:33:41]
AdwCleaner[S0].txt - [8402 octets] - [15/04/2014 22:35:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8462 octets] ##########

#12 obrienmr

New Member

Authentic Member
10 posts

Posted 15 April 2014 - 08:56 PM

The second!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Megan on Tue 04/15/2014 at 22:44:51.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{00A763A4-5FCF-409A-A2D7-43C59E8DE9C3}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{01871E71-23D6-4FE3-9562-6E4683B59918}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{04090F7A-DA3A-42B9-AB0D-114B0CF0E6B1}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{0F8E094F-4DB0-4857-9794-89BFE88A08E1}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{1CB8B854-CAED-4CB9-A356-B3E6323D539D}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{26EB1943-277F-450D-B18D-FE8596BA4599}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{3D4C8094-738F-4B13-A9C9-60785518C372}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{3E3C87BE-056B-4192-879D-6B571401BA67}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{51DC0ED6-2CA0-49A2-B3E6-4C994914FD8F}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{54FC716D-2343-443B-86D5-7D68F53076AD}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{5A46394B-1205-4B3A-AD78-2525312367F5}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{61F25DFF-DB8F-474D-AA23-521121F66E17}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{6880606E-1038-4F0F-B266-C1F51457F231}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{699EA697-7BD2-45BD-875A-801F26C4F6A8}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{6D2D07C5-8D8C-4AF8-B1CB-80BD90D4ADD2}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{6D922871-907E-468A-B953-AF1B36F15343}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{70F18786-8CD9-4369-93DB-BA567E8B0308}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{79612DBB-46DA-4F4C-8444-64F30F3070FE}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{7BB8667B-34B6-4E0F-B8F9-2233F1060F9E}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{A98EE2D5-5903-450A-A4CA-0C65E23A69F1}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{AD5CECA2-D43A-47BD-A209-959166FCD0A1}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{B76B7FFA-D40C-4E97-AF63-CF35563D376D}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{B7F15F12-C2EE-4D1E-BFBB-5D81177ED49B}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{BB238A0E-DFA4-4741-BC75-99A14D2FA6DB}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{C45B5177-A13A-42C3-9C77-4E35AEE307B7}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{C6A9A2DB-545F-49EA-983C-B239F27148CF}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{C97F75E3-2D0F-4870-95B1-5D2C0903B6F7}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{D9207D19-5AE1-41E7-963C-CA3B6D977308}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{DE50D866-6E1F-4B6E-BF02-0E65D69A9BF7}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{DFFFCE83-46F6-49EE-A6B8-8E7DD664058B}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{E0F2AA1C-1D9E-41A9-9392-DA4EA7678A1F}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{E1EA603A-7369-435A-8700-1851778685C0}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{E315DE74-754F-45FC-A789-350EAAA35730}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{EE96324E-1A27-4EF0-860C-7A146DA47D29}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{EEDD0415-1B0C-48D9-A51F-23BE42C32148}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{EEE5829C-DA2E-4B19-A9D3-97CABFB22AA4}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{F21BDDC0-5018-4528-8F99-55A12E33E6F0}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{F3270C6C-C7F1-4EC8-BE88-0DE6F6F3236C}
Successfully deleted: [Empty Folder] C:\Users\Megan\appdata\local\{FD192539-6741-4DE4-8516-1FA1635F4BF4}

~~~ FireFox

Emptied folder: C:\Users\Megan\AppData\Roaming\mozilla\firefox\profiles\dswvk01m.default-1346455382372\minidumps [283 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/15/2014 at 22:56:45.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#13 obrienmr

New Member

Authentic Member
10 posts

Posted 15 April 2014 - 09:05 PM

And finally the last! Thanks again for everything!

Results of screen317's Security Check version 0.99.81
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 51
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 12.0.0.77
Adobe Reader XI
Mozilla Firefox (28.0)
Google Chrome 33.0.1750.154
Google Chrome 34.0.1847.116
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

#14 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 16 April 2014 - 03:22 PM

Your system is clean now!

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
Click upon Start-->control panel-->add/remove programs.
Search for and remove any older reader versions.

Uninstall our tools using delfix

Please follow these steps in order:

In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
In any case please download delfix to your desktop.
- Close all other programms and start delfix.
- Please check all the boxes and run the tool.
- delfix will now delete all found traces of our removal process
If there is still something left please delete it manualy.

Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.

Recommendations: How to protect yourself

System Updates
Please ensure to have automatic updates activated in your control panel.
For further information and a tutorial, see this Microsoft Support article.
Protection
What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
- To keep your browser free of advertising, you may install the Adblock Plus browser extension.
  It will filter unwanted advertising out of the website´s content.
- To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
  It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
  In addition, before accessing a dangerous classified web site, a warning screen is displayed.
Up to date Software
Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:
- Secunia Personal Software Inspector - checks if your software has updates available.
- SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software.
- Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser.
Backup
Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
Behaviour
The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
- While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
- Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
- When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
- Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

Proud Member of UNITE & TB

#15 ----------------

SuperMember

Authentic Member
1,095 posts

Posted 22 April 2014 - 06:41 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.

Proud Member of UNITE & TB

Body Background

skin color theme