Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Slow Startup, Many Programs Running Slow, Unusual HHD Activity [Closed


  • This topic is locked This topic is locked
12 replies to this topic

#1 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 25 June 2014 - 04:26 AM

As of lately, despite paring down the number of start-up programs, computer is taking longer to start. Many programs seem to be running slower than usual. I have also begun to notice unusual and "rhythmic" hard drive activity when there shouldn't be any. I've even shut down all active programs and the hard drive acts as if something is scanning it. NIS and SuperAntispyware scan have come up clean (only NIS operates in real time mode). I have also tried to clean out as many temp files and other junkware using CCleaner and Auslogic Boostspeed. I also have installed and am running VPN/Private Internet Access.

 

Here is the HijackThis log:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:05:56 AM, on 6/25/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\GERRYG~1\AppData\Local\Temp\ocr8979.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\GERRYG~1\AppData\Local\Temp\ocrBB71.tmp\bin\rubyw.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
C:\Users\Gerry Goldshine\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.me/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/im...r/SysProExe.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CrypKey License - Unknown owner - C:\windows\system32\crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\nlssrv32.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8957 bytes
 

I also have the log files from both dds.scr scan and OTL scan should you require them.

 

Thank you in advance for your assistance.

 

Gerry


Edited by 1excop36, 25 June 2014 - 04:35 AM.

Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."

    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 25 June 2014 - 06:45 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 

#3 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 25 June 2014 - 12:45 PM

Marius

 

Thank you for assisting me. We have an interesting problem at the ouset. The email notification I received of your response differs from what is posted here on the What the Tech Forum. The email requests that I download and run the FRST scan as well as TDSSKiller, which I did. The response on the Forum requests that I run FRST and aswMBR. When I tried to aswMBR, it set off Norton Internet Security, which quaranteened it stating it contained WS.Malware.2. I realize this could be a false positive but given the differences in what is posted here and the email I received, I've deleted aswMBR until I hear back from you. I the meantime I've included the results of the FRST scans and the TDSSKiller scan. Again, thank you for your help.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Gerry Goldshine (administrator) on SAL9000V2 on 25-06-2014 11:14:30
Running from C:\Users\Gerry Goldshine\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(ASCOMP Software GmbH) C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\RunOnce: [Uninstall C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [StartMenuLogOff] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [HideRunAsVerb] 1
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: "autocheck autochk /p \??\C:""""autocheck autochk * """

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.me/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?r...DE&dcc=DE&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x27353D5A3E76CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {E533D9B5-4252-42EB-9AB5-EC3855001A55} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {06B47159-3298-4EB3-A77C-0EB72B5C9A20} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
SearchScopes: HKCU - {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.n...q={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/im...r/SysProExe.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Hosts: 127.0.0.1 activate.adobe.com67.221.174.30   tagged.com
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218

FireFox:
========
FF ProfilePath: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.start.me/
FF Keyword.URL: https://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.3.1 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Users\Gerry Goldshine\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Gerry Goldshine\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Gerry Goldshine\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\user.js
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\s-amazon.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\startpage-https.xml
FF Extension: Ant Video Downloader - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\anttoolbar@ant.com [2014-06-21]
FF Extension: CuteButtons - Crystal SVG - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\CuteButtonsCrystalSVG@ChoGGi [2014-06-21]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\donottrackplus@abine.com [2014-06-21]
FF Extension: HTTPS-Everywhere - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\https-everywhere@eff.org [2014-06-21]
FF Extension: Toolbar Buttons - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-06-21]
FF Extension: Forecastfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-06-24]
FF Extension: ColorfulTabs - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-06-21]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2014-06-21]
FF Extension: AddThis - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2014-06-21]
FF Extension: Empty Cache Button - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-06-21]
FF Extension: Dr.Web Anti-Virus Link Checker - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2014-06-21]
FF Extension: WOT - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-06-21]
FF Extension: Cleanest Addon Manager - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\cam@sdrocking.com.xpi [2014-06-21]
FF Extension: Classic Theme Restorer - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF Extension: Safe In Cloud - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\info@safe-in-cloud.com.xpi [2014-06-21]
FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2014-06-21]
FF Extension: Dolphin Connect - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid1-79nQAfjhUybb3A@jetpack.xpi [2014-06-21]
FF Extension: Privacy Badger Firefox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2014-06-21]
FF Extension: Noia Fox options - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2014-06-21]
FF Extension: Print / Print Preview (Update) - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\printprintpreview-andrewsfirefoxextensions@gmail.com.xpi [2014-06-21]
FF Extension: S3.Download Statusbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\s3download@statusbar.xpi [2014-06-21]
FF Extension: Status-4-Evar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\status4evar@caligonstudios.com.xpi [2014-06-25]
FF Extension: Torrent Finder Toolbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\TFToolbarX@torrent-finder.xpi [2014-06-21]
FF Extension: Toggle Private Browsing - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\toggleprivatebrowsing@supernova00.biz.xpi [2014-06-21]
FF Extension: TrackMeNot - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2014-06-21]
FF Extension: Facebook Phishing Protector - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2014-06-21]
FF Extension: Flagfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-06-21]
FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2014-06-21]
FF Extension: Quick Translator - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-06-21]
FF Extension: Bluhell Firewall - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-06-21]
FF Extension: Facebook Toolbar Button - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2014-06-21]
FF Extension: Noia Fox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2014-06-21]
FF Extension: Add-on Update Checker - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{891f0410-aaa2-11e0-9f1c-0800200c9a66}.xpi [2014-06-21]
FF Extension: Fasterfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2014-06-25]
FF Extension: BetterPrivacy - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-06-21]
FF Extension: Extended Statusbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2014-06-21]
FF Extension: Menu Editor - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-06-25]
FF Extension: Download Manager Tweak - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2014-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF [2014-02-21]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\TheSage\extensions\firefox
FF Extension: TheSage one-click lookup - C:\Program Files (x86)\TheSage\extensions\firefox [2014-01-18]

Chrome:
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M72E4B7AB-EF30-4EB8-9455-1621BF1C4B1E&SearchSource=55&CUI=&UM=5&UP=SP37710FC9-D7EF-4CE2-8646-AC18F1406269&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M72E4B7AB-EF30-4EB8-9455-1621BF1C4B1E&SearchSource=55&CUI=&UM=5&UP=SP37710FC9-D7EF-4CE2-8646-AC18F1406269&SSPV="
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: http://www.trovi.com...rchTerms}&SSPV=
CHR Extension: (Logitech SetPoint) - C:\Users\Gerry Goldshine\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-10-11]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\TheSage\TheSage\extensions\chrome\ [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 CrypKey License; C:\windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2009-10-30] (Tablet Driver) [File not signed]
S2 RoxLiveShare10; No ImagePath

==================== Drivers (Whitelisted) ====================

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
S1 fanio; C:\windows\SysWOW64\drivers\fanio.sys [14464 2007-02-16] (Christian Diefer) [File not signed]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-04-23] (Arainia Solutions LLC)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140624.003\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\ENG64.SYS [126040 2014-05-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\EX64.SYS [2099288 2014-05-18] (Symantec Corporation)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-18] ()
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 Tablet2k; No ImagePath
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
S2 thdudf; C:\Windows\SysWOW64\DRIVERS\thdudf.sys [66944 2013-06-20] (TOSHIBA Corporation) [File not signed]
S3 wanatw; No ImagePath
S3 cpuz136; \??\C:\windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S0 SMR322; System32\drivers\SMR322.SYS [X]
U3 fxliqpoc; \??\C:\Users\GERRYG~1\AppData\Local\Temp\fxliqpoc.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-25 11:14 - 2014-06-25 11:15 - 00028359 _____ () C:\Users\Gerry Goldshine\Desktop\FRST.txt
2014-06-25 11:13 - 2014-06-25 11:14 - 00000000 ____D () C:\FRST
2014-06-25 11:09 - 2014-06-25 11:09 - 02082816 _____ (Farbar) C:\Users\Gerry Goldshine\Desktop\FRST64.exe
2014-06-25 02:37 - 2014-06-25 11:07 - 00000000 ____D () C:\Users\Gerry Goldshine\Desktop\Computer Repair
2014-06-25 02:06 - 2014-06-25 02:06 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-24 21:18 - 2014-06-24 21:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 12:14 - 2014-06-22 13:11 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\PM backup
2014-06-21 21:25 - 2014-06-21 21:30 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Moonchild Productions
2014-06-21 21:25 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Moonchild Productions
2014-06-21 21:24 - 2014-06-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-06-21 14:09 - 2014-05-15 19:46 - 00001162 _____ () C:\Users\Gerry Goldshine\Documents\indexfile.txt
2014-06-21 13:57 - 2014-06-21 13:57 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 13:12 - 2014-06-21 13:12 - 00813000 _____ () C:\Users\Gerry Goldshine\Downloads\palemoon-websetup.exe
2014-06-20 21:44 - 2014-06-25 02:37 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Computer Repair
2014-06-15 20:42 - 2014-06-15 20:42 - 00002368 _____ () C:\Users\Gerry Goldshine\AppData\Local\recently-used.xbel
2014-06-12 02:25 - 2014-06-12 02:25 - 00000374 _____ () C:\windows\KINGSTON (G).lnk
2014-06-12 00:50 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-12 00:50 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-11 14:48 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-11 14:48 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-11 14:48 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-11 14:48 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-11 14:48 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-11 14:48 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-11 14:48 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-11 14:48 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-11 14:48 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-11 14:48 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-11 14:48 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-11 14:48 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-11 14:48 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-11 14:48 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-11 14:48 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-11 14:48 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-11 14:43 - 2013-09-24 19:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-06-11 14:43 - 2013-09-24 18:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-06-11 04:16 - 2014-06-11 13:06 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Adventure Time
2014-06-11 03:35 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 03:35 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 03:35 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 03:35 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 03:35 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 03:35 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 03:35 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 03:35 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 03:35 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 03:35 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 03:35 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 03:35 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 03:35 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 03:35 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 03:35 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 03:35 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 03:35 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 03:35 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 03:35 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 03:35 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 03:35 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 03:35 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 03:35 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 03:35 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 03:35 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 03:35 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 03:35 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 03:35 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 03:35 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 03:35 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 03:35 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 03:35 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 03:35 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 03:35 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 03:35 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 03:35 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 03:35 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 03:35 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 03:35 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 03:35 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 03:35 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 03:35 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 03:35 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 03:35 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 03:35 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 03:35 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 03:35 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 03:35 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 03:35 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 03:35 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 03:35 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 03:35 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-11 03:35 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 03:35 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 03:35 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 03:35 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 03:35 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 03:35 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 03:35 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 03:35 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 03:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 03:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 03:35 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 03:35 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 03:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 03:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 03:34 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-11 03:34 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-05 21:48 - 2014-06-05 09:39 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Gerry Goldshine\Desktop\TDSSKiller.exe
2014-05-29 17:05 - 2014-05-29 17:08 - 07295560 _____ (Nova Development ) C:\Users\Gerry Goldshine\Downloads\Hallmark Holiday Pack Build2.exe

==================== One Month Modified Files and Folders =======

2014-06-25 11:15 - 2014-06-25 11:14 - 00028359 _____ () C:\Users\Gerry Goldshine\Desktop\FRST.txt
2014-06-25 11:14 - 2014-06-25 11:13 - 00000000 ____D () C:\FRST
2014-06-25 11:14 - 2013-06-07 01:10 - 01542668 _____ () C:\windows\WindowsUpdate.log
2014-06-25 11:09 - 2014-06-25 11:09 - 02082816 _____ (Farbar) C:\Users\Gerry Goldshine\Desktop\FRST64.exe
2014-06-25 11:07 - 2014-06-25 02:37 - 00000000 ____D () C:\Users\Gerry Goldshine\Desktop\Computer Repair
2014-06-25 11:05 - 2014-05-23 22:11 - 00000358 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2014-06-25 02:37 - 2014-06-20 21:44 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Computer Repair
2014-06-25 02:29 - 2014-05-25 03:18 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New  Icons
2014-06-25 02:29 - 2011-04-24 21:11 - 00000000 ____D () C:\Users\Gerry Goldshine\My System Icons
2014-06-25 02:06 - 2014-06-25 02:06 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-25 00:52 - 2014-03-19 12:10 - 00000000 ____D () C:\Program Files (x86)\Safe In Cloud
2014-06-25 00:33 - 2009-07-13 22:13 - 00786538 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-24 21:19 - 2014-06-24 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-24 21:18 - 2013-06-29 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-24 12:05 - 2012-08-31 17:03 - 00000000 _____ () C:\ProgramData\TEMP
2014-06-23 17:38 - 2009-07-13 21:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-23 17:38 - 2009-07-13 21:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-23 17:31 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-22 13:15 - 2014-01-21 03:03 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet
2014-06-22 13:11 - 2014-06-22 12:14 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\PM backup
2014-06-22 12:21 - 2014-01-21 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2014-06-21 21:30 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Moonchild Productions
2014-06-21 21:25 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Moonchild Productions
2014-06-21 21:25 - 2011-03-11 22:05 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla
2014-06-21 21:24 - 2014-06-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-06-21 20:57 - 2014-05-21 21:33 - 00000000 ____D () C:\ProgramData\VSO
2014-06-21 13:57 - 2014-06-21 13:57 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 13:14 - 2013-07-02 14:59 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\tixati
2014-06-21 13:12 - 2014-06-21 13:12 - 00813000 _____ () C:\Users\Gerry Goldshine\Downloads\palemoon-websetup.exe
2014-06-20 21:23 - 2014-05-23 20:18 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New DVD Case Inserts
2014-06-20 19:46 - 2014-05-21 21:41 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\ConvertXtoDVD
2014-06-18 22:22 - 2011-05-24 00:18 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Axialis
2014-06-17 17:10 - 2011-05-30 23:38 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\DVD Profiler
2014-06-15 23:11 - 2014-05-17 20:37 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\inkscape
2014-06-15 20:42 - 2014-06-15 20:42 - 00002368 _____ () C:\Users\Gerry Goldshine\AppData\Local\recently-used.xbel
2014-06-14 19:31 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-06-14 12:24 - 2013-06-08 23:13 - 00055303 _____ () C:\Users\Gerry Goldshine\.pia_manager_crash.log
2014-06-13 21:39 - 2011-02-27 23:51 - 00000000 ____D () C:\Users\Gerry Goldshine
2014-06-13 17:35 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\Cursors
2014-06-13 02:56 - 2013-07-01 02:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-13 02:55 - 2012-09-01 15:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\CrashDumps
2014-06-12 02:25 - 2014-06-12 02:25 - 00000374 _____ () C:\windows\KINGSTON (G).lnk
2014-06-12 01:48 - 2013-06-16 11:24 - 00000000 ____D () C:\temp
2014-06-11 15:39 - 2011-05-30 23:36 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\DVD Profiler
2014-06-11 15:03 - 2014-05-24 12:41 - 00002586 _____ () C:\Users\Gerry Goldshine\Desktop\MS Word 2007.lnk
2014-06-11 14:56 - 2009-07-13 21:45 - 05279752 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-11 14:54 - 2013-08-15 03:02 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 14:54 - 2013-03-31 16:10 - 00000000 ____D () C:\windows\schemas
2014-06-11 14:51 - 2011-03-03 14:19 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-11 14:50 - 2011-03-18 02:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 14:46 - 2014-04-29 17:36 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-11 13:15 - 2014-03-16 17:28 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Book Covers
2014-06-11 13:08 - 2014-05-16 18:49 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New Wallpaper
2014-06-11 13:07 - 2011-03-30 00:31 - 00000000 ____D () C:\Users\Gerry Goldshine\Assorted Images & ClipArt
2014-06-11 13:06 - 2014-06-11 04:16 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Adventure Time
2014-06-11 00:17 - 2009-07-13 20:20 - 00000000 __RSD () C:\windows\Media
2014-06-10 23:12 - 2013-02-14 01:03 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Hallmark Card Studio Projects
2014-06-10 21:41 - 2013-03-26 21:53 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Calibre Library
2014-06-10 18:17 - 2011-08-06 01:31 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\avidemux
2014-06-10 18:05 - 2011-02-27 23:52 - 00248928 _____ () C:\Users\Gerry Goldshine\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 02:13 - 2014-06-11 03:34 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 02:08 - 2014-06-11 03:34 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-07 10:29 - 2013-01-14 15:12 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Nitro PDF
2014-06-07 10:18 - 2011-03-11 02:06 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-06-05 09:39 - 2014-06-05 21:48 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Gerry Goldshine\Desktop\TDSSKiller.exe
2014-06-04 20:40 - 2014-03-14 14:43 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Free Ebooks
2014-06-04 01:31 - 2014-04-07 19:53 - 00000000 ____D () C:\windows\Downloaded Installations
2014-06-04 01:31 - 2013-06-08 01:14 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-06-04 01:31 - 2011-01-07 14:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-01 17:57 - 2013-06-08 01:14 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Winamp
2014-06-01 13:09 - 2014-04-27 13:40 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Avanquest North America
2014-05-30 03:21 - 2014-06-11 03:35 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 03:02 - 2014-06-11 03:35 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 03:02 - 2014-06-11 03:35 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 02:45 - 2014-06-11 03:35 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 02:39 - 2014-06-11 03:35 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 02:39 - 2014-06-11 03:35 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 02:38 - 2014-06-11 03:35 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 02:28 - 2014-06-11 03:35 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 02:27 - 2014-06-11 03:35 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 02:24 - 2014-06-11 03:35 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 02:21 - 2014-06-11 03:35 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 02:21 - 2014-06-11 03:35 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 02:20 - 2014-06-11 03:35 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 02:18 - 2014-06-11 03:35 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 02:11 - 2014-06-11 03:35 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 02:08 - 2014-06-11 03:35 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 02:06 - 2014-06-11 03:35 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 02:02 - 2014-06-11 03:35 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 01:55 - 2014-06-11 03:35 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 01:49 - 2014-06-11 03:35 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 01:46 - 2014-06-11 03:35 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 01:44 - 2014-06-11 03:35 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 01:44 - 2014-06-11 03:35 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 01:43 - 2014-06-11 03:35 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 01:42 - 2014-06-11 03:35 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 01:38 - 2014-06-11 03:35 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 01:35 - 2014-06-11 03:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 01:34 - 2014-06-11 03:35 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 01:33 - 2014-06-11 03:35 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 01:30 - 2014-06-11 03:35 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 01:29 - 2014-06-11 03:35 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 01:28 - 2014-06-11 03:35 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 01:27 - 2014-06-11 03:35 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 01:24 - 2014-06-11 03:35 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 01:23 - 2014-06-11 03:35 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 01:16 - 2014-06-11 03:35 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 01:10 - 2014-06-11 03:35 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 01:06 - 2014-06-11 03:35 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 01:04 - 2014-06-11 03:35 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 01:02 - 2014-06-11 03:35 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 00:56 - 2014-06-11 03:35 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 00:56 - 2014-06-11 03:35 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 00:54 - 2014-06-11 03:35 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 00:50 - 2014-06-11 03:35 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 00:49 - 2014-06-11 03:35 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 00:43 - 2014-06-11 03:35 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 00:40 - 2014-06-11 03:35 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 00:30 - 2014-06-11 03:35 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 00:21 - 2014-06-11 03:35 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 00:15 - 2014-06-11 03:35 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 00:13 - 2014-06-11 03:35 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 00:13 - 2014-06-11 03:35 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-29 17:08 - 2014-05-29 17:05 - 07295560 _____ (Nova Development ) C:\Users\Gerry Goldshine\Downloads\Hallmark Holiday Pack Build2.exe
2014-05-28 17:03 - 2014-05-25 20:15 - 00000000 ___RD () C:\Users\Gerry Goldshine\OneDrive
2014-05-27 10:21 - 2013-06-12 09:46 - 00047104 ___SH () C:\Users\Gerry Goldshine\Documents\Thumbs.db
2014-05-26 21:46 - 2014-05-24 12:35 - 00001032 _____ () C:\Users\Gerry Goldshine\Desktop\Control Panel.lnk
2014-05-26 21:46 - 2014-01-17 15:43 - 00002032 _____ () C:\Users\Public\Desktop\Mavis Beacon 20.lnk
2014-05-26 04:25 - 2011-05-30 23:36 - 00001981 _____ () C:\Users\Gerry Goldshine\Desktop\DVD Profiler.lnk
2014-05-26 04:22 - 2011-10-27 19:25 - 00001890 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-05-26 04:21 - 2014-05-24 12:25 - 00002561 _____ () C:\Users\Gerry Goldshine\Desktop\MS Excel 2007.lnk
2014-05-26 04:11 - 2014-01-19 01:12 - 00001970 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 16 x64.lnk
2014-05-26 04:08 - 2014-05-24 12:23 - 00001775 _____ () C:\Users\Gerry Goldshine\Desktop\Powerpoint 2007.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 01:02

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Gerry Goldshine at 2014-06-25 11:15:37
Running from C:\Users\Gerry Goldshine\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
4UOnly 1.2.7 (HKLM-x32\...\4UOnly_is1) (Version: 1.2.7 - Dillobits Software, Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{4CFE23CC-779D-4572-A76F-AB60A958BC79}) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Angry Birds Star Wars (HKLM-x32\...\{C336AA55-BBA3-4908-886F-25CF6D302D13}) (Version: 1.2.0 - Rovio Entertainment Ltd.)
Ant.com IE add-on (HKLM-x32\...\Ant.com IE add-on) (Version: 2.2.1.75 - Ant.com)
Ant.com IE add-on (x32 Version: 2.2.1.75 - Ant.com) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.33 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.4.2.0 - Auslogics Labs Pty Ltd)
Avery Wizard 5.0 (HKLM-x32\...\{D43E122B-C053-4545-999A-2219BF8F6422}) (Version: 5.0.3 - Avery)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Avidemux 2.6 (HKLM-x32\...\Avidemux 2.6 (64-bit)) (Version: 2.6.1.8321 - )
Axialis CursorWorkshop 6.33 (HKLM-x32\...\CursorWorkshop) (Version: 6.33 - Axialis Software)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.0.0.0 - ASCOMP Software GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C410 (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{2737D16B-D96A-48B6-A6D9-BDD22333CD3D}) (Version: 1.37.0 - Kovid Goyal)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Color Efex Pro 3.0 Complete (HKLM-x32\...\Color Efex Pro 3.0 Complete Stand-Alone) (Version: 3.1.1.0 - Nik Software, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daum PotPlayer 1.5.38562 x64 Edition (HKLM\...\PotPlayer64) (Version:  - )
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.209 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 8.0 - Dell)
DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Desktop Icon Position Saver (64-bit) (HKLM-x32\...\dips64) (Version:  - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.99.000 - Hewlett-Packard) Hidden
DVD Profiler Version 3.8.2 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version:  - )
ePUBee DRM Removal (HKLM-x32\...\{642A2F98-4BF5-4844-9614-899DDBA0C01A}) (Version: 2.02 - ePUBee)
ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 3.0.5.1 - ePUBee Inc.)
eReader (HKLM-x32\...\{453C9E55-80DF-4BD2-9885-52A1FB0D9382}) (Version: 3.0.3 - Palm Digital Media)
Fax (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Google Books Download (HKLM-x32\...\GoogleBooks) (Version: 1.4.1 - eBook Download)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
GPL Ghostscript 9.01 (HKLM\...\GPL Ghostscript 9.01) (Version:  - )
Greenfish Icon Editor Pro 3.1 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version:  - Greenfish Corporation)
H&R Block California 2013 (HKLM-x32\...\{FA9B4B45-B7F0-47A4-894B-19BBF8829FE2}) (Version: 1.13.6701 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.6502 - HRB Technology, LLC.)
Hallmark Card Studio 2013 Deluxe (HKLM-x32\...\{A6E08FBC-FC99-4CEE-B645-83A42107BE89}) (Version: 14.0.1.1 - Creative Home)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{C1164ED0-EF08-4B0B-8084-3BDAEAAEFD8D}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java™ SE Development Kit 7 Update 3 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 - Oracle)
JavaFX 2.0.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.0.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
Mask Pro 4.1.4 (HKLM-x32\...\{2DFAC810-6DD8-4E23-96A4-BEB118408203}) (Version: 4.1.4 - onOne Software)
Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund)
Media Cope 4.0 (HKLM-x32\...\Media Cope_is1) (Version:  - Media Cope)
Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.9.1 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.0.1 (x86 en-US)) (Version: 24.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version:  - xiles)
Nitro Pro 9 (HKLM\...\{8829CDD8-8A60-474E-8230-701986CE0DAE}) (Version: 9.0.5.9 - Nitro)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Tab EnterPrise 9.20 (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version:  - Detong Technology Ltd.)
Pale Moon 24.6.2 (x86 en-US) (HKLM-x32\...\Pale Moon 24.6.2 (x86 en-US)) (Version: 24.6.2 - Moonchild Productions)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Photoupz 1.63 (HKLM-x32\...\Photoupz) (Version: 1.63 - EvenPixel Ltd)
Portrait Professional Studio 9.0 (HKLM-x32\...\Portrait Professional Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PS_AIO_07_C410_SW_Min (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden
Quicken WillMaker Plus 2011 (HKLM-x32\...\Quicken WillMaker Plus 2011) (Version:  - Nolo)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.06.02 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RapidTyping 5 (HKLM-x32\...\RapidTyping5) (Version: 5.0.25.11 - RapidTyping Software)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.2 - VS Revo Group, Ltd.)
Safe In Cloud Password Manager (HKLM-x32\...\{9C59A9EC-BB66-4D09-A7A7-CA1E6E5FBE4E}) (Version: 2.2 - Andrey Shcherbakov)
SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0 Stand-Alone) (Version: 3.0.0.5 - Nik Software, Inc.)
Simply Good Pictures 2 (HKLM-x32\...\{DD2FEA6F-5AC2-46B2-0001-C2A0C077FD2C}) (Version: 2.0.12.1210 - Engelmann Media GmbH)
SmartEdit 3.211 (HKLM-x32\...\SmartEdit_is1) (Version:  - Bad Wolf Software)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software Informer 1.3.1092.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Stamina 2.5 (HKLM-x32\...\Stamina) (Version:  - )
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TheSage (HKLM\...\TheSage) (Version: 6.2.1802 - Sequence Publishing)
TheSage (HKLM-x32\...\TheSage) (Version: 6.0.1798 - Sequence Publishing)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - © 2006-2011, Tom Thielicke IT Solutions)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Topaz  InFocus (HKLM-x32\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (x32 Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (64-bit) (HKLM-x32\...\Topaz Adjust 4 (64-bit)) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (64-bit) (Version: 4.1.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM-x32\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (x32 Version: 4.1.0 - Topaz Labs) Hidden
Topaz DeJpeg 4 (64-bit) (HKLM-x32\...\Topaz DeJpeg 4 (64-bit)) (Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (64-bit) (Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (x32 Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeNoise 5 (64-bit) (HKLM-x32\...\Topaz DeNoise 5 (64-bit)) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (64-bit) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (x32 Version: 5.0.1 - Topaz Labs) Hidden
Topaz InFocus (64-bit) (HKLM-x32\...\Topaz InFocus (64-bit)) (Version: 1.0.0 - Topaz Labs)
Topaz InFocus (64-bit) (Version: 1.0.0 - Topaz Labs) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ultimate EPubsoft DRM Removal 8.5.5 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.5.5 - EPUBSOFT)
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Viveza 2 (HKLM-x32\...\Viveza 2) (Version: 2.0.0.4 - Nik Software, Inc.)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.2 - VSO Software)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.7 Beta - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Essentials Pack (HKLM-x32\...\Winamp Essentials Pack) (Version: v5.63a - Christoph Grether)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winstep Start Menu Organizer 1.5 (HKLM-x32\...\Winstep Organizer_is1) (Version:  - )
WinWay Resume Deluxe (HKLM-x32\...\{DFACE88E-BFD1-4E1F-AF5C-100C979A12B0}) (Version: 12.00.019 - WinWay Corporation)
Wondershare DVD Creator(Build 2.6.5) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version:  - Wondershare)
yBook (HKLM-x32\...\yBook_is1) (Version:  - Spacejock Software)
Zoner Photo Studio 16 - Envelopes and Templates (HKLM\...\ZonerPhotoStudio16_Templates_EN_is1) (Version: 16.0.1.3 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.5 - ZONER software)

==================== Restore Points  =========================

12-06-2014 10:00:15 Windows Update
20-06-2014 08:43:05 Scheduled Checkpoint
21-06-2014 20:53:33 Revo Uninstaller Pro's restore point - Mozilla Firefox 30.0 (x86 en-US)
22-06-2014 03:55:40 Revo Uninstaller Pro's restore point - Pale Moon 24.6.2 (x86 en-US)
25-06-2014 09:46:02 OTL Restore Point - 6/25/2014 2:45:59 AM

==================== Hosts content: ==========================

2009-07-13 19:34 - 2014-04-07 18:14 - 00004308 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com67.221.174.30   tagged.com

==================== Scheduled Tasks (whitelisted) =============

Task: {10163250-0E2B-4A47-9D47-FA36825279EC} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {18771961-7EBD-44F3-ACC4-766FB9ACE8E0} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Gerry Goldshine logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2013-12-27] (Auslogics)
Task: {20AB5C56-5EFB-4ACF-8668-223C033ADC9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.)
Task: {293A78B9-9D20-4FB2-BC67-E4987B9A017F} - System32\Tasks\Auslogics\BoostSpeed\Integrator\Start On Gerry Goldshine Logon => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
Task: {4A5B84AA-4188-44BA-9213-94F73E43CF27} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5EA33125-760A-460D-9C92-5806647CCDC1} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {61F170EC-CCC1-40DA-A18D-13B5BEA19C0C} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-05-23] (Informer Technologies, Inc.)
Task: {62BD61BA-C7A5-4091-8492-83711CE1DF6A} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] ()
Task: {73F3EC9E-D066-4A9A-8967-9C24665ED071} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-23] (Adobe Systems Incorporated)
Task: {876E3EE1-8454-45C9-A76C-499DF58E6C56} - System32\Tasks\Auslogics\BoostSpeed\Integrator\Scan and Repair => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
Task: {8CE5565F-A7D3-47BF-B093-7BF21CE05987} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {A31B914C-C053-4757-920B-DE1BBE4C55AB} - System32\Tasks\{FDC5718F-4327-49FA-9B45-1E3C0D7F2373} => Firefox.exe
Task: {B192212A-B934-4A21-80FD-679CAC69DE0F} - System32\Tasks\BackUp_Maker-Gerry_Goldshine => C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe [2014-04-01] (ASCOMP Software GmbH)
Task: {B72DCD66-895C-4728-94BD-08BFAEFD3531} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-04-23] ()
Task: {BD3661F4-57E6-4FF3-AD3E-ABCC3CCE121B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {C7BE9DC4-FB0B-4174-91AA-97C67DAB19D0} - System32\Tasks\SoftUpdateLogon => C:\Users\Gerry
Task: {CDD9D5B9-8FBD-4C80-8170-D232772B6590} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.)
Task: {E04395FE-F938-41D1-BBED-581657525391} - System32\Tasks\DTReg => C:\Users\Gerry Goldshine\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {E8ED78A6-BB2D-4659-8A52-DD8C7619E5E0} - System32\Tasks\SoftUpdateDaily => C:\Users\Gerry
Task: {FF685FAD-D936-4DEE-9246-D45031351862} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2014-03-06 09:56 - 2014-03-06 09:56 - 01569792 _____ () C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-12 04:47 - 2014-02-12 04:47 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-01-07 14:24 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:D8999815
AlternateDataStreams: C:\ProgramData\TEMP:F169C698

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92905262.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92905262.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\windows\pss\Event Planner Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Gerry Goldshine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Utilities^Startup^ERUNT AutoBackup.lnk => C:\windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupreg: Aimersoft Helper Compact.exe =>
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Google Update => "C:\Users\Gerry Goldshine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: MusicManager =>
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SkyDrive => "C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== Faulty Device Manager Devices =============

Name: Photosmart Prem C410 series
Description: Photosmart Prem C410 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2014 06:45:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2246

Error: (06/25/2014 06:45:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2246

Error: (06/25/2014 06:45:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2014 06:45:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (06/25/2014 06:45:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (06/25/2014 06:45:52 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2014 00:28:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1544

Error: (06/25/2014 00:28:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1544

Error: (06/25/2014 00:28:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/24/2014 08:08:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5132


System errors:
=============
Error: (06/23/2014 06:50:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/23/2014 05:31:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SMR322

Error: (06/23/2014 05:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TOSHIBA UDF2.5 Reader File System Driver service failed to start due to the following error:
%%1275

Error: (06/23/2014 05:31:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\thdudf.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/23/2014 05:31:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\windows\SysWow64\drivers\fanio.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/23/2014 05:30:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/22/2014 06:11:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (06/22/2014 06:11:02 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (06/22/2014 03:29:46 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/22/2014 03:29:44 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 6106.36 MB
Available physical RAM: 2970.72 MB
Total Pagefile: 12210.91 MB
Available Pagefile: 9461.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:152.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Toshiba External USB HDD USB) (Fixed) (Total:298.09 GB) (Free:148.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: FB55FDD4)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: A92524D7)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

I will post TSSDKiller scan in a second post.

 

Gerry


Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."


#4 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 25 June 2014 - 12:46 PM

Here is the TDSSKiller Scan results

 

11:20:03.0841 0x09a8  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
11:20:15.0026 0x09a8  ============================================================
11:20:15.0026 0x09a8  Current date / time: 2014/06/25 11:20:15.0026
11:20:15.0026 0x09a8  SystemInfo:
11:20:15.0026 0x09a8  
11:20:15.0026 0x09a8  OS Version: 6.1.7601 ServicePack: 1.0
11:20:15.0026 0x09a8  Product type: Workstation
11:20:15.0026 0x09a8  ComputerName: SAL9000V2
11:20:15.0042 0x09a8  UserName: Gerry Goldshine
11:20:15.0042 0x09a8  Windows directory: C:\windows
11:20:15.0042 0x09a8  System windows directory: C:\windows
11:20:15.0042 0x09a8  Running under WOW64
11:20:15.0042 0x09a8  Processor architecture: Intel x64
11:20:15.0042 0x09a8  Number of processors: 2
11:20:15.0042 0x09a8  Page size: 0x1000
11:20:15.0042 0x09a8  Boot type: Normal boot
11:20:15.0042 0x09a8  ============================================================
11:20:15.0447 0x09a8  KLMD registered as C:\windows\system32\drivers\10346987.sys
11:20:15.0884 0x09a8  System UUID: {06B32B32-1541-7657-36D6-74475E99348F}
11:20:16.0820 0x09a8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:20:16.0836 0x09a8  Drive \Device\Harddisk1\DR13 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:20:16.0898 0x09a8  ============================================================
11:20:16.0898 0x09a8  \Device\Harddisk0\DR0:
11:20:16.0945 0x09a8  MBR partitions:
11:20:16.0945 0x09a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
11:20:16.0945 0x09a8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
11:20:16.0945 0x09a8  \Device\Harddisk1\DR13:
11:20:16.0992 0x09a8  MBR partitions:
11:20:16.0992 0x09a8  \Device\Harddisk1\DR13\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
11:20:16.0992 0x09a8  ============================================================
11:20:17.0085 0x09a8  C: <-> \Device\Harddisk0\DR0\Partition2
11:20:17.0413 0x09a8  F: <-> \Device\Harddisk1\DR13\Partition1
11:20:17.0413 0x09a8  ============================================================
11:20:17.0413 0x09a8  Initialize success
11:20:17.0413 0x09a8  ============================================================
11:20:19.0472 0x05c0  ============================================================
11:20:19.0472 0x05c0  Scan started
11:20:19.0472 0x05c0  Mode: Manual;
11:20:19.0472 0x05c0  ============================================================
11:20:19.0472 0x05c0  KSN ping started
11:20:22.0732 0x05c0  KSN ping finished: true
11:20:24.0136 0x05c0  ================ Scan system memory ========================
11:20:24.0136 0x05c0  System memory - ok
11:20:24.0136 0x05c0  ================ Scan services =============================
11:20:24.0230 0x05c0  [ 620C92D6EEFA9853A3EAD41B5EB9B5FD, 72DD7297179AC6629B816DD9656D5EC3F02BE677EA01A05A5EB808180F0D775F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:20:24.0246 0x05c0  !SASCORE - ok
11:20:24.0464 0x05c0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
11:20:24.0480 0x05c0  1394ohci - ok
11:20:24.0542 0x05c0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
11:20:24.0558 0x05c0  ACPI - ok
11:20:24.0604 0x05c0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
11:20:24.0604 0x05c0  AcpiPmi - ok
11:20:24.0729 0x05c0  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:20:24.0729 0x05c0  AdobeARMservice - ok
11:20:24.0901 0x05c0  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:20:24.0901 0x05c0  AdobeFlashPlayerUpdateSvc - ok
11:20:24.0948 0x05c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
11:20:24.0963 0x05c0  adp94xx - ok
11:20:24.0979 0x05c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
11:20:24.0979 0x05c0  adpahci - ok
11:20:25.0010 0x05c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
11:20:25.0026 0x05c0  adpu320 - ok
11:20:25.0057 0x05c0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
11:20:25.0057 0x05c0  AeLookupSvc - ok
11:20:25.0119 0x05c0  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:20:25.0119 0x05c0  AERTFilters - ok
11:20:25.0197 0x05c0  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
11:20:25.0213 0x05c0  AFD - ok
11:20:25.0275 0x05c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
11:20:25.0291 0x05c0  agp440 - ok
11:20:25.0322 0x05c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
11:20:25.0322 0x05c0  ALG - ok
11:20:25.0369 0x05c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
11:20:25.0369 0x05c0  aliide - ok
11:20:25.0416 0x05c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
11:20:25.0416 0x05c0  amdide - ok
11:20:25.0447 0x05c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
11:20:25.0447 0x05c0  AmdK8 - ok
11:20:25.0462 0x05c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
11:20:25.0478 0x05c0  AmdPPM - ok
11:20:25.0478 0x05c0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
11:20:25.0478 0x05c0  amdsata - ok
11:20:25.0509 0x05c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
11:20:25.0509 0x05c0  amdsbs - ok
11:20:25.0540 0x05c0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
11:20:25.0540 0x05c0  amdxata - ok
11:20:25.0572 0x05c0  [ E71711D37C48AC40FD3E2866A5ABBA51, C85DB75741B17A0A84B045DC461B5A6C5EA2A34BCD661107D355CE8DF4A29E03 ] anvsnddrv       C:\windows\system32\drivers\anvsnddrv.sys
11:20:25.0572 0x05c0  anvsnddrv - ok
11:20:25.0634 0x05c0  [ 8655A2983A86D6675135B1FF6892055D, 1A983C11987138A606E2E1E87E353F27BA69832B6881071315886878ECBD27E1 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
11:20:25.0634 0x05c0  ApfiltrService - ok
11:20:25.0681 0x05c0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
11:20:25.0681 0x05c0  AppID - ok
11:20:25.0728 0x05c0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
11:20:25.0728 0x05c0  AppIDSvc - ok
11:20:25.0774 0x05c0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
11:20:25.0774 0x05c0  Appinfo - ok
11:20:25.0868 0x05c0  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:20:25.0868 0x05c0  Apple Mobile Device - ok
11:20:25.0915 0x05c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
11:20:25.0915 0x05c0  arc - ok
11:20:25.0930 0x05c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
11:20:25.0930 0x05c0  arcsas - ok
11:20:26.0055 0x05c0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:20:26.0055 0x05c0  aspnet_state - ok
11:20:26.0071 0x05c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
11:20:26.0071 0x05c0  AsyncMac - ok
11:20:26.0102 0x05c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
11:20:26.0102 0x05c0  atapi - ok
11:20:26.0242 0x05c0  [ 96ABF88241F90FF647E55C934C55C2F1, DC9EBDD132BC6A1A79A768C575C962B19DB9805C490F926BE8D4804164A2CD7F ] athr            C:\windows\system32\DRIVERS\athrx.sys
11:20:26.0289 0x05c0  athr - ok
11:20:26.0367 0x05c0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:20:26.0383 0x05c0  AudioEndpointBuilder - ok
11:20:26.0398 0x05c0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
11:20:26.0414 0x05c0  AudioSrv - ok
11:20:26.0461 0x05c0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
11:20:26.0461 0x05c0  AxInstSV - ok
11:20:26.0523 0x05c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
11:20:26.0539 0x05c0  b06bdrv - ok
11:20:26.0554 0x05c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
11:20:26.0570 0x05c0  b57nd60a - ok
11:20:26.0617 0x05c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
11:20:26.0617 0x05c0  BDESVC - ok
11:20:26.0648 0x05c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
11:20:26.0648 0x05c0  Beep - ok
11:20:26.0726 0x05c0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
11:20:26.0742 0x05c0  BFE - ok
11:20:26.0991 0x05c0  [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys
11:20:27.0022 0x05c0  BHDrvx64 - ok
11:20:27.0116 0x05c0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
11:20:27.0132 0x05c0  BITS - ok
11:20:27.0147 0x05c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
11:20:27.0147 0x05c0  blbdrive - ok
11:20:27.0210 0x05c0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:20:27.0225 0x05c0  Bonjour Service - ok
11:20:27.0272 0x05c0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
11:20:27.0272 0x05c0  bowser - ok
11:20:27.0319 0x05c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
11:20:27.0319 0x05c0  BrFiltLo - ok
11:20:27.0334 0x05c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
11:20:27.0334 0x05c0  BrFiltUp - ok
11:20:27.0381 0x05c0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
11:20:27.0397 0x05c0  Browser - ok
11:20:27.0428 0x05c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
11:20:27.0444 0x05c0  Brserid - ok
11:20:27.0475 0x05c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
11:20:27.0475 0x05c0  BrSerWdm - ok
11:20:27.0506 0x05c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
11:20:27.0506 0x05c0  BrUsbMdm - ok
11:20:27.0537 0x05c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
11:20:27.0537 0x05c0  BrUsbSer - ok
11:20:27.0537 0x05c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
11:20:27.0553 0x05c0  BTHMODEM - ok
11:20:27.0600 0x05c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
11:20:27.0600 0x05c0  bthserv - ok
11:20:27.0709 0x05c0  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys
11:20:27.0724 0x05c0  ccSet_NIS - ok
11:20:27.0756 0x05c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
11:20:27.0756 0x05c0  cdfs - ok
11:20:27.0802 0x05c0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\drivers\cdrom.sys
11:20:27.0802 0x05c0  cdrom - ok
11:20:27.0849 0x05c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
11:20:27.0849 0x05c0  CertPropSvc - ok
11:20:27.0880 0x05c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
11:20:27.0880 0x05c0  circlass - ok
11:20:27.0943 0x05c0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
11:20:27.0943 0x05c0  CLFS - ok
11:20:28.0021 0x05c0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:20:28.0021 0x05c0  clr_optimization_v2.0.50727_32 - ok
11:20:28.0099 0x05c0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:20:28.0099 0x05c0  clr_optimization_v2.0.50727_64 - ok
11:20:28.0161 0x05c0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:20:28.0161 0x05c0  clr_optimization_v4.0.30319_32 - ok
11:20:28.0192 0x05c0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:20:28.0192 0x05c0  clr_optimization_v4.0.30319_64 - ok
11:20:28.0239 0x05c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
11:20:28.0239 0x05c0  CmBatt - ok
11:20:28.0286 0x05c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
11:20:28.0286 0x05c0  cmdide - ok
11:20:28.0364 0x05c0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
11:20:28.0380 0x05c0  CNG - ok
11:20:28.0395 0x05c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
11:20:28.0395 0x05c0  Compbatt - ok
11:20:28.0458 0x05c0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
11:20:28.0458 0x05c0  CompositeBus - ok
11:20:28.0458 0x05c0  COMSysApp - ok
11:20:28.0520 0x05c0  cpuz136 - ok
11:20:28.0551 0x05c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
11:20:28.0551 0x05c0  crcdisk - ok
11:20:28.0582 0x05c0  [ 2177A0F611584BCA1DFDD7EEB35C0224, 7B9C74B11152398BAECBBA01A31F4D2009672BDD326E970C144FAD9CB80C444F ] CrypKey License C:\windows\system32\crypserv.exe
11:20:28.0598 0x05c0  CrypKey License - ok
11:20:28.0645 0x05c0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
11:20:28.0660 0x05c0  CryptSvc - ok
11:20:28.0707 0x05c0  [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
11:20:28.0707 0x05c0  CtClsFlt - ok
11:20:28.0770 0x05c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
11:20:28.0770 0x05c0  DcomLaunch - ok
11:20:28.0816 0x05c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
11:20:28.0832 0x05c0  defragsvc - ok
11:20:28.0879 0x05c0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
11:20:28.0879 0x05c0  DfsC - ok
11:20:28.0941 0x05c0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
11:20:28.0957 0x05c0  Dhcp - ok
11:20:28.0988 0x05c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
11:20:28.0988 0x05c0  discache - ok
11:20:29.0035 0x05c0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
11:20:29.0035 0x05c0  Disk - ok
11:20:29.0097 0x05c0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
11:20:29.0097 0x05c0  Dnscache - ok
11:20:29.0191 0x05c0  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
11:20:29.0191 0x05c0  DockLoginService - ok
11:20:29.0253 0x05c0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
11:20:29.0253 0x05c0  dot3svc - ok
11:20:29.0316 0x05c0  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
11:20:29.0331 0x05c0  Dot4 - ok
11:20:29.0378 0x05c0  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\drivers\Dot4Prt.sys
11:20:29.0378 0x05c0  Dot4Print - ok
11:20:29.0425 0x05c0  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
11:20:29.0425 0x05c0  dot4usb - ok
11:20:29.0472 0x05c0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
11:20:29.0487 0x05c0  DPS - ok
11:20:29.0518 0x05c0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
11:20:29.0518 0x05c0  drmkaud - ok
11:20:29.0612 0x05c0  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
11:20:29.0628 0x05c0  DXGKrnl - ok
11:20:29.0674 0x05c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
11:20:29.0674 0x05c0  EapHost - ok
11:20:29.0830 0x05c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
11:20:29.0908 0x05c0  ebdrv - ok
11:20:29.0986 0x05c0  [ 5E346ADBAD5110EAB2E9808ABE877A00, 4B72C34E41B8AA15D166F65B5A037A1230A9FF65F827D18A57E2198573616EAD ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:20:30.0002 0x05c0  eeCtrl - ok
11:20:30.0033 0x05c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
11:20:30.0033 0x05c0  EFS - ok
11:20:30.0127 0x05c0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
11:20:30.0142 0x05c0  ehRecvr - ok
11:20:30.0174 0x05c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
11:20:30.0174 0x05c0  ehSched - ok
11:20:30.0252 0x05c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
11:20:30.0267 0x05c0  elxstor - ok
11:20:30.0345 0x05c0  [ 773ACF5823046FA40D7FD898559A7228, 7DF39C42F781E7864CC791E3449CCDF0124930D128D168E8F9C80374640FFBE7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:20:30.0345 0x05c0  EraserUtilRebootDrv - ok
11:20:30.0392 0x05c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
11:20:30.0392 0x05c0  ErrDev - ok
11:20:30.0439 0x05c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
11:20:30.0455 0x05c0  EventSystem - ok
11:20:30.0470 0x05c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
11:20:30.0470 0x05c0  exfat - ok
11:20:30.0486 0x05c0  fanio - ok
11:20:30.0517 0x05c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
11:20:30.0517 0x05c0  fastfat - ok
11:20:30.0517 0x05c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
11:20:30.0517 0x05c0  fdc - ok
11:20:30.0533 0x05c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
11:20:30.0533 0x05c0  fdPHost - ok
11:20:30.0548 0x05c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
11:20:30.0548 0x05c0  FDResPub - ok
11:20:30.0564 0x05c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
11:20:30.0564 0x05c0  FileInfo - ok
11:20:30.0595 0x05c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
11:20:30.0595 0x05c0  Filetrace - ok
11:20:30.0611 0x05c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
11:20:30.0626 0x05c0  flpydisk - ok
11:20:30.0673 0x05c0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
11:20:30.0689 0x05c0  FltMgr - ok
11:20:30.0782 0x05c0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
11:20:30.0813 0x05c0  FontCache - ok
11:20:30.0876 0x05c0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:20:30.0876 0x05c0  FontCache3.0.0.0 - ok
11:20:30.0938 0x05c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
11:20:30.0938 0x05c0  FsDepends - ok
11:20:30.0969 0x05c0  [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
11:20:30.0985 0x05c0  fssfltr - ok
11:20:31.0141 0x05c0  [ 719FD319E03892FF22A33C18C513B9B0, F9CE212F1DDE9CE6E6394A48B6C5ED333D1243667B6796CC1F7A61AA2E4820D8 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:20:31.0172 0x05c0  fsssvc - ok
11:20:31.0203 0x05c0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
11:20:31.0203 0x05c0  Fs_Rec - ok
11:20:31.0250 0x05c0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
11:20:31.0266 0x05c0  fvevol - ok
11:20:31.0313 0x05c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
11:20:31.0313 0x05c0  gagp30kx - ok
11:20:31.0344 0x05c0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
11:20:31.0344 0x05c0  GEARAspiWDM - ok
11:20:31.0391 0x05c0  [ 4CF044DB46F79BFA47FBDFD35192D765, 8520DBAAB9BD148296B468D972BA51B3B2C829355E6109EE190CB7965873DF8D ] GizmoDrv        C:\windows\system32\drivers\GizmoDrv.sys
11:20:31.0391 0x05c0  GizmoDrv - ok
11:20:31.0437 0x05c0  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
11:20:31.0437 0x05c0  GoToAssist - ok
11:20:31.0515 0x05c0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
11:20:31.0531 0x05c0  gpsvc - ok
11:20:31.0625 0x05c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:20:31.0625 0x05c0  gupdate - ok
11:20:31.0640 0x05c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:20:31.0640 0x05c0  gupdatem - ok
11:20:31.0671 0x05c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
11:20:31.0671 0x05c0  hcw85cir - ok
11:20:31.0734 0x05c0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:20:31.0749 0x05c0  HdAudAddService - ok
11:20:31.0781 0x05c0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
11:20:31.0781 0x05c0  HDAudBus - ok
11:20:31.0812 0x05c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
11:20:31.0827 0x05c0  HidBatt - ok
11:20:31.0859 0x05c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
11:20:31.0859 0x05c0  HidBth - ok
11:20:31.0890 0x05c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
11:20:31.0890 0x05c0  HidIr - ok
11:20:31.0937 0x05c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
11:20:31.0937 0x05c0  hidserv - ok
11:20:31.0983 0x05c0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
11:20:31.0983 0x05c0  HidUsb - ok
11:20:32.0030 0x05c0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
11:20:32.0030 0x05c0  hkmsvc - ok
11:20:32.0077 0x05c0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:20:32.0093 0x05c0  HomeGroupListener - ok
11:20:32.0155 0x05c0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:20:32.0171 0x05c0  HomeGroupProvider - ok
11:20:32.0327 0x05c0  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:20:32.0327 0x05c0  hpqcxs08 - ok
11:20:32.0358 0x05c0  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:20:32.0358 0x05c0  hpqddsvc - ok
11:20:32.0405 0x05c0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
11:20:32.0405 0x05c0  HpSAMD - ok
11:20:32.0483 0x05c0  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:20:32.0514 0x05c0  HPSLPSVC - ok
11:20:32.0576 0x05c0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
11:20:32.0592 0x05c0  HTTP - ok
11:20:32.0623 0x05c0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
11:20:32.0623 0x05c0  hwpolicy - ok
11:20:32.0670 0x05c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
11:20:32.0685 0x05c0  i8042prt - ok
11:20:32.0748 0x05c0  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
11:20:32.0763 0x05c0  iaStor - ok
11:20:32.0857 0x05c0  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:20:32.0857 0x05c0  IAStorDataMgrSvc - ok
11:20:32.0919 0x05c0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
11:20:32.0935 0x05c0  iaStorV - ok
11:20:33.0029 0x05c0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:20:33.0044 0x05c0  idsvc - ok
11:20:33.0153 0x05c0  [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140624.003\IDSvia64.sys
11:20:33.0185 0x05c0  IDSVia64 - ok
11:20:33.0185 0x05c0  IEEtwCollectorService - ok
11:20:33.0528 0x05c0  [ C6238C6ABD6AC99F5D152DA4E9439A3D, 6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D4467D237E698A8E0D9E7B ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
11:20:33.0731 0x05c0  igfx - ok
11:20:33.0793 0x05c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
11:20:33.0809 0x05c0  iirsp - ok
11:20:33.0887 0x05c0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
11:20:33.0902 0x05c0  IKEEXT - ok
11:20:34.0043 0x05c0  [ 2FAAEA2DC2719E67FD7C0D51F9E743F7, 4F56CB5A0309607EC7DC466E6DC7425DAB34D7194F64C4C258BAEC429A7DB303 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:20:34.0089 0x05c0  IntcAzAudAddService - ok
11:20:34.0136 0x05c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
11:20:34.0136 0x05c0  intelide - ok
11:20:34.0183 0x05c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
11:20:34.0183 0x05c0  intelppm - ok
11:20:34.0230 0x05c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
11:20:34.0230 0x05c0  IPBusEnum - ok
11:20:34.0277 0x05c0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
11:20:34.0277 0x05c0  IpFilterDriver - ok
11:20:34.0339 0x05c0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
11:20:34.0355 0x05c0  iphlpsvc - ok
11:20:34.0386 0x05c0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
11:20:34.0386 0x05c0  IPMIDRV - ok
11:20:34.0401 0x05c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
11:20:34.0401 0x05c0  IPNAT - ok
11:20:34.0511 0x05c0  [ DA09DB7356938E513E2AFE76CA76E93B, 017B4B684A0B2FD5350BFDA83A89CE2924A8BB622FC6818375F16843F45D77EA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:20:34.0526 0x05c0  iPod Service - ok
11:20:34.0557 0x05c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
11:20:34.0557 0x05c0  IRENUM - ok
11:20:34.0573 0x05c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
11:20:34.0573 0x05c0  isapnp - ok
11:20:34.0620 0x05c0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
11:20:34.0635 0x05c0  iScsiPrt - ok
11:20:34.0651 0x05c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
11:20:34.0667 0x05c0  kbdclass - ok
11:20:34.0698 0x05c0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
11:20:34.0698 0x05c0  kbdhid - ok
11:20:34.0729 0x05c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
11:20:34.0729 0x05c0  KeyIso - ok
11:20:34.0776 0x05c0  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
11:20:34.0776 0x05c0  KSecDD - ok
11:20:34.0838 0x05c0  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
11:20:34.0838 0x05c0  KSecPkg - ok
11:20:34.0885 0x05c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
11:20:34.0885 0x05c0  ksthunk - ok
11:20:34.0932 0x05c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
11:20:34.0947 0x05c0  KtmRm - ok
11:20:34.0979 0x05c0  [ 32980B4E711D2EF7128C44DC2CF85706, 1468C4497FA888A9A3415F0CB1D18FF2603DFFEF66515E0863C6342ED71214DA ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
11:20:34.0979 0x05c0  L1C - ok
11:20:35.0041 0x05c0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
11:20:35.0041 0x05c0  LanmanServer - ok
11:20:35.0103 0x05c0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:20:35.0119 0x05c0  LanmanWorkstation - ok
11:20:35.0244 0x05c0  [ 70FB6254E29150A7A4A39FDFFD306C33, 23783F90F6A55B0FF506F6D11355F6E04DDFF66309EB029B155F4411B3CBB57A ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
11:20:35.0259 0x05c0  LBTServ - ok
11:20:35.0306 0x05c0  [ 1470EF17E02E82E4F43346DF9E9F11E1, 052D5D71F08B17ECA6013F9908369D101186429BA8B4F9D900BEE5B883A867F9 ] LHidFilt        C:\windows\system32\DRIVERS\LHidFilt.Sys
11:20:35.0306 0x05c0  LHidFilt - ok
11:20:35.0353 0x05c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
11:20:35.0369 0x05c0  lltdio - ok
11:20:35.0431 0x05c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
11:20:35.0447 0x05c0  lltdsvc - ok
11:20:35.0478 0x05c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
11:20:35.0478 0x05c0  lmhosts - ok
11:20:35.0493 0x05c0  [ 12814AE119E959437BEA3110F81BD188, 277A9AA641E8C70F4611B1AA0D7C998547BF109FDB117A4F2C0328663D4D7D71 ] LMouFilt        C:\windows\system32\DRIVERS\LMouFilt.Sys
11:20:35.0493 0x05c0  LMouFilt - ok
11:20:35.0525 0x05c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
11:20:35.0525 0x05c0  LSI_FC - ok
11:20:35.0540 0x05c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
11:20:35.0540 0x05c0  LSI_SAS - ok
11:20:35.0587 0x05c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
11:20:35.0587 0x05c0  LSI_SAS2 - ok
11:20:35.0603 0x05c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
11:20:35.0603 0x05c0  LSI_SCSI - ok
11:20:35.0634 0x05c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
11:20:35.0634 0x05c0  luafv - ok
11:20:35.0696 0x05c0  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus          C:\windows\system32\DRIVERS\mcdbus.sys
11:20:35.0712 0x05c0  mcdbus - ok
11:20:35.0743 0x05c0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
11:20:35.0759 0x05c0  Mcx2Svc - ok
11:20:35.0774 0x05c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
11:20:35.0774 0x05c0  megasas - ok
11:20:35.0790 0x05c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
11:20:35.0790 0x05c0  MegaSR - ok
11:20:35.0821 0x05c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
11:20:35.0821 0x05c0  MMCSS - ok
11:20:35.0837 0x05c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
11:20:35.0837 0x05c0  Modem - ok
11:20:35.0868 0x05c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
11:20:35.0868 0x05c0  monitor - ok
11:20:35.0899 0x05c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
11:20:35.0899 0x05c0  mouclass - ok
11:20:35.0930 0x05c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
11:20:35.0930 0x05c0  mouhid - ok
11:20:35.0993 0x05c0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
11:20:35.0993 0x05c0  mountmgr - ok
11:20:36.0071 0x05c0  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:20:36.0071 0x05c0  MozillaMaintenance - ok
11:20:36.0117 0x05c0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
11:20:36.0117 0x05c0  mpio - ok
11:20:36.0164 0x05c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
11:20:36.0164 0x05c0  mpsdrv - ok
11:20:36.0242 0x05c0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
11:20:36.0258 0x05c0  MpsSvc - ok
11:20:36.0305 0x05c0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
11:20:36.0320 0x05c0  MRxDAV - ok
11:20:36.0367 0x05c0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
11:20:36.0367 0x05c0  mrxsmb - ok
11:20:36.0429 0x05c0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
11:20:36.0445 0x05c0  mrxsmb10 - ok
11:20:36.0492 0x05c0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
11:20:36.0507 0x05c0  mrxsmb20 - ok
11:20:36.0570 0x05c0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
11:20:36.0570 0x05c0  msahci - ok
11:20:36.0585 0x05c0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
11:20:36.0601 0x05c0  msdsm - ok
11:20:36.0617 0x05c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
11:20:36.0632 0x05c0  MSDTC - ok
11:20:36.0695 0x05c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
11:20:36.0695 0x05c0  Msfs - ok
11:20:36.0726 0x05c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
11:20:36.0726 0x05c0  mshidkmdf - ok
11:20:36.0757 0x05c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
11:20:36.0757 0x05c0  msisadrv - ok
11:20:36.0819 0x05c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
11:20:36.0835 0x05c0  MSiSCSI - ok
11:20:36.0835 0x05c0  msiserver - ok
11:20:36.0866 0x05c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
11:20:36.0866 0x05c0  MSKSSRV - ok
11:20:36.0897 0x05c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
11:20:36.0897 0x05c0  MSPCLOCK - ok
11:20:36.0929 0x05c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
11:20:36.0929 0x05c0  MSPQM - ok
11:20:37.0007 0x05c0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
11:20:37.0022 0x05c0  MsRPC - ok
11:20:37.0085 0x05c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
11:20:37.0085 0x05c0  mssmbios - ok
11:20:37.0116 0x05c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
11:20:37.0116 0x05c0  MSTEE - ok
11:20:37.0131 0x05c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
11:20:37.0131 0x05c0  MTConfig - ok
11:20:37.0163 0x05c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
11:20:37.0178 0x05c0  Mup - ok
11:20:37.0241 0x05c0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
11:20:37.0256 0x05c0  napagent - ok
11:20:37.0272 0x05c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
11:20:37.0272 0x05c0  NativeWifiP - ok
11:20:37.0381 0x05c0  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\ENG64.SYS
11:20:37.0381 0x05c0  NAVENG - ok
11:20:37.0490 0x05c0  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\EX64.SYS
11:20:37.0537 0x05c0  NAVEX15 - ok
11:20:37.0631 0x05c0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
11:20:37.0646 0x05c0  NDIS - ok
11:20:37.0693 0x05c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
11:20:37.0693 0x05c0  NdisCap - ok
11:20:37.0755 0x05c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
11:20:37.0755 0x05c0  NdisTapi - ok
11:20:37.0802 0x05c0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
11:20:37.0802 0x05c0  Ndisuio - ok
11:20:37.0865 0x05c0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
11:20:37.0865 0x05c0  NdisWan - ok
11:20:37.0911 0x05c0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
11:20:37.0911 0x05c0  NDProxy - ok
11:20:37.0974 0x05c0  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:20:37.0974 0x05c0  Net Driver HPZ12 - ok
11:20:37.0989 0x05c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
11:20:37.0989 0x05c0  NetBIOS - ok
11:20:38.0052 0x05c0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
11:20:38.0052 0x05c0  NetBT - ok
11:20:38.0083 0x05c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
11:20:38.0083 0x05c0  Netlogon - ok
11:20:38.0130 0x05c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
11:20:38.0145 0x05c0  Netman - ok
11:20:38.0192 0x05c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:20:38.0192 0x05c0  NetMsmqActivator - ok
11:20:38.0223 0x05c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:20:38.0223 0x05c0  NetPipeActivator - ok
11:20:38.0255 0x05c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
11:20:38.0270 0x05c0  netprofm - ok
11:20:38.0286 0x05c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:20:38.0286 0x05c0  NetTcpActivator - ok
11:20:38.0301 0x05c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:20:38.0301 0x05c0  NetTcpPortSharing - ok
11:20:38.0317 0x05c0  [ A97D9B1C2EEB2E169D2593E7073BCD27, 8DE9769E3B68FFA4770959775894517D95A3DCB7D5BC7FF8AFD06798D60F3B3A ] NetworkX        C:\windows\System32\ckldrv.sys
11:20:38.0317 0x05c0  NetworkX - ok
11:20:38.0348 0x05c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
11:20:38.0348 0x05c0  nfrd960 - ok
11:20:38.0457 0x05c0  [ 1305F77D8B17AA4C516263D6F8013836, B45EE4A72C5C93068DF7DEBC3C914C613556D4642E84A34630535E840AA77998 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
11:20:38.0473 0x05c0  NIS - ok
11:20:38.0582 0x05c0  [ 2EC725B687B8301BAFC2808DC689B0BC, B27CFA5CE0B4D16D26507CACF28F7B0CA0CAEE56165F068B26B206E960006DE7 ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
11:20:38.0598 0x05c0  NitroDriverReadSpool9 - ok
11:20:38.0629 0x05c0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
11:20:38.0645 0x05c0  NlaSvc - ok
11:20:38.0754 0x05c0  [ 33E4FEAC832AA2DC8BE339C652C3657E, F05F4F44B19C22876F63C2174E292C675CB6A222D40E63F49896CE734C87FEE8 ] nlsX86cc        C:\windows\SysWOW64\nlssrv32.exe
11:20:38.0754 0x05c0  nlsX86cc - ok
11:20:38.0785 0x05c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
11:20:38.0785 0x05c0  Npfs - ok
11:20:38.0816 0x05c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
11:20:38.0832 0x05c0  nsi - ok
11:20:38.0847 0x05c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
11:20:38.0847 0x05c0  nsiproxy - ok
11:20:38.0957 0x05c0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
11:20:38.0988 0x05c0  Ntfs - ok
11:20:39.0019 0x05c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
11:20:39.0019 0x05c0  Null - ok
11:20:39.0050 0x05c0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
11:20:39.0050 0x05c0  nvraid - ok
11:20:39.0081 0x05c0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
11:20:39.0081 0x05c0  nvstor - ok
11:20:39.0128 0x05c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
11:20:39.0144 0x05c0  nv_agp - ok
11:20:39.0253 0x05c0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:20:39.0269 0x05c0  odserv - ok
11:20:39.0284 0x05c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
11:20:39.0284 0x05c0  ohci1394 - ok
11:20:39.0347 0x05c0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:20:39.0347 0x05c0  ose - ok
11:20:39.0425 0x05c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
11:20:39.0440 0x05c0  p2pimsvc - ok
11:20:39.0534 0x05c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
11:20:39.0549 0x05c0  p2psvc - ok
11:20:39.0596 0x05c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
11:20:39.0596 0x05c0  Parport - ok
11:20:39.0643 0x05c0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
11:20:39.0643 0x05c0  partmgr - ok
11:20:39.0690 0x05c0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
11:20:39.0690 0x05c0  PcaSvc - ok
11:20:39.0737 0x05c0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
11:20:39.0737 0x05c0  pci - ok
11:20:39.0783 0x05c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
11:20:39.0783 0x05c0  pciide - ok
11:20:39.0815 0x05c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
11:20:39.0815 0x05c0  pcmcia - ok
11:20:39.0846 0x05c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
11:20:39.0846 0x05c0  pcw - ok
11:20:39.0893 0x05c0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
11:20:39.0908 0x05c0  PEAUTH - ok
11:20:39.0955 0x05c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
11:20:39.0955 0x05c0  PerfHost - ok
11:20:40.0049 0x05c0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
11:20:40.0080 0x05c0  pla - ok
11:20:40.0158 0x05c0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
11:20:40.0173 0x05c0  PlugPlay - ok
11:20:40.0205 0x05c0  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:20:40.0220 0x05c0  Pml Driver HPZ12 - ok
11:20:40.0251 0x05c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
11:20:40.0251 0x05c0  PNRPAutoReg - ok
11:20:40.0298 0x05c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
11:20:40.0298 0x05c0  PNRPsvc - ok
11:20:40.0345 0x05c0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
11:20:40.0361 0x05c0  PolicyAgent - ok
11:20:40.0407 0x05c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
11:20:40.0423 0x05c0  Power - ok
11:20:40.0485 0x05c0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
11:20:40.0485 0x05c0  PptpMiniport - ok
11:20:40.0563 0x05c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
11:20:40.0563 0x05c0  Processor - ok
11:20:40.0626 0x05c0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
11:20:40.0626 0x05c0  ProfSvc - ok
11:20:40.0657 0x05c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
11:20:40.0673 0x05c0  ProtectedStorage - ok
11:20:40.0704 0x05c0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
11:20:40.0719 0x05c0  Psched - ok
11:20:40.0766 0x05c0  [ 225D3660F926FE761BC8CE10C512AA02, EAA2241E858CD0FF7A1F159FB03D0DF87735EAD1F245F0A569FB6A0330D1B007 ] PTSimBus        C:\windows\system32\DRIVERS\PTSimBus.sys
11:20:40.0766 0x05c0  PTSimBus - ok
11:20:40.0797 0x05c0  [ BD2194786ABAF4860F41118C0C103E7B, 204C17CF91ADD84635907EC5B77FE02F25A098F0B2174D006610859F930E909E ] PTSimHid        C:\windows\system32\DRIVERS\PTSimHid.sys
11:20:40.0797 0x05c0  PTSimHid - ok
11:20:40.0844 0x05c0  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\windows\system32\pwdrvio.sys
11:20:40.0844 0x05c0  pwdrvio - ok
11:20:40.0891 0x05c0  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\windows\system32\pwdspio.sys
11:20:40.0891 0x05c0  pwdspio - ok
11:20:40.0969 0x05c0  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
11:20:40.0969 0x05c0  PxHlpa64 - ok
11:20:41.0078 0x05c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
11:20:41.0109 0x05c0  ql2300 - ok
11:20:41.0141 0x05c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
11:20:41.0141 0x05c0  ql40xx - ok
11:20:41.0187 0x05c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
11:20:41.0203 0x05c0  QWAVE - ok
11:20:41.0219 0x05c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
11:20:41.0219 0x05c0  QWAVEdrv - ok
11:20:41.0265 0x05c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
11:20:41.0265 0x05c0  RasAcd - ok
11:20:41.0328 0x05c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
11:20:41.0328 0x05c0  RasAgileVpn - ok
11:20:41.0359 0x05c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
11:20:41.0375 0x05c0  RasAuto - ok
11:20:41.0421 0x05c0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
11:20:41.0421 0x05c0  Rasl2tp - ok
11:20:41.0484 0x05c0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
11:20:41.0499 0x05c0  RasMan - ok
11:20:41.0609 0x05c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
11:20:41.0624 0x05c0  RasPppoe - ok
11:20:41.0640 0x05c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
11:20:41.0640 0x05c0  RasSstp - ok
11:20:41.0687 0x05c0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
11:20:41.0702 0x05c0  rdbss - ok
11:20:41.0718 0x05c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
11:20:41.0718 0x05c0  rdpbus - ok
11:20:41.0749 0x05c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
11:20:41.0749 0x05c0  RDPCDD - ok
11:20:41.0765 0x05c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
11:20:41.0765 0x05c0  RDPENCDD - ok
11:20:41.0796 0x05c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
11:20:41.0796 0x05c0  RDPREFMP - ok
11:20:41.0827 0x05c0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:20:41.0827 0x05c0  RdpVideoMiniport - ok
11:20:41.0874 0x05c0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
11:20:41.0874 0x05c0  RDPWD - ok
11:20:41.0936 0x05c0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
11:20:41.0936 0x05c0  rdyboost - ok
11:20:41.0999 0x05c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
11:20:42.0014 0x05c0  RemoteAccess - ok
11:20:42.0061 0x05c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
11:20:42.0077 0x05c0  RemoteRegistry - ok
11:20:42.0123 0x05c0  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\windows\system32\DRIVERS\revoflt.sys
11:20:42.0123 0x05c0  Revoflt - ok
11:20:42.0139 0x05c0  RimUsb - ok
11:20:42.0170 0x05c0  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
11:20:42.0170 0x05c0  RimVSerPort - ok
11:20:42.0201 0x05c0  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\windows\system32\Drivers\RootMdm.sys
11:20:42.0201 0x05c0  ROOTMODEM - ok
11:20:42.0248 0x05c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
11:20:42.0248 0x05c0  RpcEptMapper - ok
11:20:42.0279 0x05c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
11:20:42.0279 0x05c0  RpcLocator - ok
11:20:42.0342 0x05c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
11:20:42.0357 0x05c0  RpcSs - ok
11:20:42.0389 0x05c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
11:20:42.0389 0x05c0  rspndr - ok
11:20:42.0435 0x05c0  [ 30F463768D5143BFD7B2DF822B53CF4D, 3DD94DDF95086C7C2A83617B499627C04D020BF9F230C0F080B169CB846F796F ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
11:20:42.0435 0x05c0  RSUSBSTOR - ok
11:20:42.0467 0x05c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
11:20:42.0482 0x05c0  SamSs - ok
11:20:42.0591 0x05c0  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:20:42.0591 0x05c0  SASDIFSV - ok
11:20:42.0623 0x05c0  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:20:42.0623 0x05c0  SASKUTIL - ok
11:20:42.0669 0x05c0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
11:20:42.0669 0x05c0  sbp2port - ok
11:20:42.0732 0x05c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
11:20:42.0747 0x05c0  SCardSvr - ok
11:20:42.0794 0x05c0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
11:20:42.0794 0x05c0  scfilter - ok
11:20:42.0888 0x05c0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
11:20:42.0919 0x05c0  Schedule - ok
11:20:42.0966 0x05c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
11:20:42.0981 0x05c0  SCPolicySvc - ok
11:20:43.0028 0x05c0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
11:20:43.0044 0x05c0  SDRSVC - ok
11:20:43.0075 0x05c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
11:20:43.0075 0x05c0  secdrv - ok
11:20:43.0137 0x05c0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
11:20:43.0137 0x05c0  seclogon - ok
11:20:43.0184 0x05c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
11:20:43.0184 0x05c0  SENS - ok
11:20:43.0215 0x05c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
11:20:43.0215 0x05c0  SensrSvc - ok
11:20:43.0247 0x05c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
11:20:43.0247 0x05c0  Serenum - ok
11:20:43.0293 0x05c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
11:20:43.0293 0x05c0  Serial - ok
11:20:43.0340 0x05c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
11:20:43.0340 0x05c0  sermouse - ok
11:20:43.0387 0x05c0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
11:20:43.0403 0x05c0  SessionEnv - ok
11:20:43.0434 0x05c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
11:20:43.0434 0x05c0  sffdisk - ok
11:20:43.0449 0x05c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
11:20:43.0449 0x05c0  sffp_mmc - ok
11:20:43.0465 0x05c0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
11:20:43.0465 0x05c0  sffp_sd - ok
11:20:43.0481 0x05c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
11:20:43.0481 0x05c0  sfloppy - ok
11:20:43.0590 0x05c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
11:20:43.0605 0x05c0  SharedAccess - ok
11:20:43.0668 0x05c0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:20:43.0683 0x05c0  ShellHWDetection - ok
11:20:43.0715 0x05c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
11:20:43.0715 0x05c0  SiSRaid2 - ok
11:20:43.0730 0x05c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
11:20:43.0746 0x05c0  SiSRaid4 - ok
11:20:43.0777 0x05c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
11:20:43.0777 0x05c0  Smb - ok
11:20:43.0793 0x05c0  SMR322 - ok
11:20:43.0871 0x05c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
11:20:43.0871 0x05c0  SNMPTRAP - ok
11:20:43.0902 0x05c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
11:20:43.0902 0x05c0  spldr - ok
11:20:43.0980 0x05c0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
11:20:43.0995 0x05c0  Spooler - ok
11:20:44.0151 0x05c0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
11:20:44.0214 0x05c0  sppsvc - ok
11:20:44.0292 0x05c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
11:20:44.0307 0x05c0  sppuinotify - ok
11:20:44.0448 0x05c0  [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP           C:\windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS
11:20:44.0463 0x05c0  SRTSP - ok
11:20:44.0526 0x05c0  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS
11:20:44.0526 0x05c0  SRTSPX - ok
11:20:44.0604 0x05c0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
11:20:44.0619 0x05c0  srv - ok
11:20:44.0682 0x05c0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
11:20:44.0697 0x05c0  srv2 - ok
11:20:44.0713 0x05c0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
11:20:44.0729 0x05c0  srvnet - ok
11:20:44.0791 0x05c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
11:20:44.0791 0x05c0  SSDPSRV - ok
11:20:44.0822 0x05c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
11:20:44.0822 0x05c0  SstpSvc - ok
11:20:44.0869 0x05c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
11:20:44.0869 0x05c0  stexstor - ok
11:20:44.0916 0x05c0  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
11:20:44.0916 0x05c0  StillCam - ok
11:20:44.0994 0x05c0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
11:20:45.0009 0x05c0  stisvc - ok
11:20:45.0072 0x05c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
11:20:45.0072 0x05c0  swenum - ok
11:20:45.0119 0x05c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
11:20:45.0150 0x05c0  swprv - ok
11:20:45.0212 0x05c0  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS
11:20:45.0243 0x05c0  SymDS - ok
11:20:45.0337 0x05c0  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS
11:20:45.0353 0x05c0  SymEFA - ok
11:20:45.0415 0x05c0  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
11:20:45.0415 0x05c0  SymEvent - ok
11:20:45.0493 0x05c0  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS
11:20:45.0493 0x05c0  SymIRON - ok
11:20:45.0571 0x05c0  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS
11:20:45.0587 0x05c0  SymNetS - ok
11:20:45.0727 0x05c0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
11:20:45.0758 0x05c0  SysMain - ok
11:20:45.0789 0x05c0  Tablet2k - ok
11:20:45.0836 0x05c0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
11:20:45.0852 0x05c0  TabletInputService - ok
11:20:45.0899 0x05c0  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
11:20:45.0899 0x05c0  tap0901 - ok
11:20:45.0945 0x05c0  [ F33FDC72298DF4BF9813A55D21F4EB31, 34AADF5115CA1B275FEF4238B420FE424F0E1D0FFD1606B24A0D594D7305CF1F ] taphss          C:\windows\system32\DRIVERS\taphss.sys
11:20:45.0961 0x05c0  taphss - ok
11:20:45.0992 0x05c0  [ FA08663E58C3B856CD9A83F3279337FE, D7479595189AF6869C8791003001C90E23C0BD457CB453C2EE2E8ADFA87FDB2F ] taphss6         C:\windows\system32\DRIVERS\taphss6.sys
11:20:45.0992 0x05c0  taphss6 - ok
11:20:46.0039 0x05c0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
11:20:46.0055 0x05c0  TapiSrv - ok
11:20:46.0086 0x05c0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
11:20:46.0086 0x05c0  TBS - ok
11:20:46.0117 0x05c0  [ 530A7F0966493DD437E4342F12CCD63B, 080B107F11CB9CFB315872846106224FA4190A6742B5B68C0E188A0229729EF3 ] TClass2k        C:\windows\system32\DRIVERS\TClass2k.sys
11:20:46.0117 0x05c0  TClass2k - ok
11:20:46.0226 0x05c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
11:20:46.0257 0x05c0  Tcpip - ok
11:20:46.0335 0x05c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
11:20:46.0367 0x05c0  TCPIP6 - ok
11:20:46.0429 0x05c0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
11:20:46.0429 0x05c0  tcpipreg - ok
11:20:46.0523 0x05c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
11:20:46.0523 0x05c0  TDPIPE - ok
11:20:46.0569 0x05c0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
11:20:46.0569 0x05c0  TDTCP - ok
11:20:46.0632 0x05c0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
11:20:46.0632 0x05c0  tdx - ok
11:20:46.0679 0x05c0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
11:20:46.0694 0x05c0  TermDD - ok
11:20:46.0772 0x05c0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
11:20:46.0803 0x05c0  TermService - ok
11:20:46.0819 0x05c0  thdudf - ok
11:20:46.0850 0x05c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
11:20:46.0850 0x05c0  Themes - ok
11:20:46.0897 0x05c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
11:20:46.0913 0x05c0  THREADORDER - ok
11:20:46.0975 0x05c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
11:20:46.0975 0x05c0  TrkWks - ok
11:20:47.0084 0x05c0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:20:47.0084 0x05c0  TrustedInstaller - ok
11:20:47.0162 0x05c0  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
11:20:47.0178 0x05c0  tssecsrv - ok
11:20:47.0225 0x05c0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
11:20:47.0240 0x05c0  TsUsbFlt - ok
11:20:47.0303 0x05c0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
11:20:47.0303 0x05c0  tunnel - ok
11:20:47.0365 0x05c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
11:20:47.0381 0x05c0  uagp35 - ok
11:20:47.0396 0x05c0  [ 01662B4865FDB282677B11CF416757CE, AF85FA61B2560E8387388C7CC4F9F4DDFA52E30631DAB1396B2186E7DF80F9E5 ] UCTblHid        C:\windows\system32\DRIVERS\UCTblHid.sys
11:20:47.0396 0x05c0  UCTblHid - ok
11:20:47.0459 0x05c0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
11:20:47.0474 0x05c0  udfs - ok
11:20:47.0552 0x05c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
11:20:47.0552 0x05c0  UI0Detect - ok
11:20:47.0599 0x05c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
11:20:47.0599 0x05c0  uliagpkx - ok
11:20:47.0646 0x05c0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
11:20:47.0661 0x05c0  umbus - ok
11:20:47.0693 0x05c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
11:20:47.0693 0x05c0  UmPass - ok
11:20:47.0739 0x05c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
11:20:47.0755 0x05c0  upnphost - ok
11:20:47.0802 0x05c0  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
11:20:47.0802 0x05c0  USBAAPL64 - ok
11:20:47.0942 0x05c0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
11:20:47.0942 0x05c0  usbccgp - ok
11:20:48.0005 0x05c0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
11:20:48.0005 0x05c0  usbcir - ok
11:20:48.0036 0x05c0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
11:20:48.0036 0x05c0  usbehci - ok
11:20:48.0067 0x05c0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
11:20:48.0083 0x05c0  usbhub - ok
11:20:48.0114 0x05c0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
11:20:48.0129 0x05c0  usbohci - ok
11:20:48.0176 0x05c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
11:20:48.0192 0x05c0  usbprint - ok
11:20:48.0239 0x05c0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
11:20:48.0239 0x05c0  USBSTOR - ok
11:20:48.0270 0x05c0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
11:20:48.0270 0x05c0  usbuhci - ok
11:20:48.0301 0x05c0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
11:20:48.0301 0x05c0  usbvideo - ok
11:20:48.0348 0x05c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
11:20:48.0348 0x05c0  UxSms - ok
11:20:48.0379 0x05c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
11:20:48.0379 0x05c0  VaultSvc - ok
11:20:48.0426 0x05c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
11:20:48.0426 0x05c0  vdrvroot - ok
11:20:48.0519 0x05c0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
11:20:48.0535 0x05c0  vds - ok
11:20:48.0582 0x05c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
11:20:48.0597 0x05c0  vga - ok
11:20:48.0629 0x05c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
11:20:48.0629 0x05c0  VgaSave - ok
11:20:48.0660 0x05c0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
11:20:48.0660 0x05c0  vhdmp - ok
11:20:48.0722 0x05c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
11:20:48.0722 0x05c0  viaide - ok
11:20:48.0753 0x05c0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
11:20:48.0769 0x05c0  volmgr - ok
11:20:48.0816 0x05c0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
11:20:48.0831 0x05c0  volmgrx - ok
11:20:48.0863 0x05c0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
11:20:48.0878 0x05c0  volsnap - ok
11:20:48.0894 0x05c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
11:20:48.0894 0x05c0  vsmraid - ok
11:20:49.0003 0x05c0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
11:20:49.0034 0x05c0  VSS - ok
11:20:49.0065 0x05c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
11:20:49.0065 0x05c0  vwifibus - ok
11:20:49.0081 0x05c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
11:20:49.0081 0x05c0  vwififlt - ok
11:20:49.0128 0x05c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
11:20:49.0143 0x05c0  W32Time - ok
11:20:49.0175 0x05c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
11:20:49.0175 0x05c0  WacomPen - ok
11:20:49.0221 0x05c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
11:20:49.0221 0x05c0  WANARP - ok
11:20:49.0253 0x05c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
11:20:49.0253 0x05c0  Wanarpv6 - ok
11:20:49.0268 0x05c0  wanatw - ok
11:20:49.0377 0x05c0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
11:20:49.0409 0x05c0  WatAdminSvc - ok
11:20:49.0533 0x05c0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
11:20:49.0565 0x05c0  wbengine - ok
11:20:49.0674 0x05c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
11:20:49.0674 0x05c0  WbioSrvc - ok
11:20:49.0736 0x05c0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
11:20:49.0767 0x05c0  wcncsvc - ok
11:20:49.0783 0x05c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:20:49.0799 0x05c0  WcsPlugInService - ok
11:20:49.0845 0x05c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
11:20:49.0845 0x05c0  Wd - ok
11:20:49.0892 0x05c0  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\windows\system32\DRIVERS\wdcsam64.sys
11:20:49.0892 0x05c0  WDC_SAM - ok
11:20:49.0970 0x05c0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
11:20:49.0986 0x05c0  Wdf01000 - ok
11:20:50.0017 0x05c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
11:20:50.0033 0x05c0  WdiServiceHost - ok
11:20:50.0048 0x05c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
11:20:50.0048 0x05c0  WdiSystemHost - ok
11:20:50.0095 0x05c0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
11:20:50.0111 0x05c0  WebClient - ok
11:20:50.0142 0x05c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
11:20:50.0157 0x05c0  Wecsvc - ok
11:20:50.0189 0x05c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
11:20:50.0189 0x05c0  wercplsupport - ok
11:20:50.0204 0x05c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
11:20:50.0220 0x05c0  WerSvc - ok
11:20:50.0267 0x05c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
11:20:50.0267 0x05c0  WfpLwf - ok
11:20:50.0298 0x05c0  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
11:20:50.0313 0x05c0  WimFltr - ok
11:20:50.0329 0x05c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
11:20:50.0329 0x05c0  WIMMount - ok
11:20:50.0407 0x05c0  WinDefend - ok
11:20:50.0469 0x05c0  WinHttpAutoProxySvc - ok
11:20:50.0563 0x05c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
11:20:50.0563 0x05c0  Winmgmt - ok
11:20:50.0688 0x05c0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
11:20:50.0719 0x05c0  WinRM - ok
11:20:50.0781 0x05c0  [ 37EBA86E2089B9E1FD98A3E98CC81554, 25510FD4101E18C7752ACAFF5B3327D7CBC10DAF5F377E2F16867F8DC90F1A50 ] WinTabService   C:\windows\System32\Drivers\WTSRV.EXE
11:20:50.0797 0x05c0  WinTabService - ok
11:20:50.0844 0x05c0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
11:20:50.0844 0x05c0  WinUsb - ok
11:20:50.0922 0x05c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
11:20:50.0953 0x05c0  Wlansvc - ok
11:20:51.0140 0x05c0  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:20:51.0187 0x05c0  wlidsvc - ok
11:20:51.0218 0x05c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
11:20:51.0218 0x05c0  WmiAcpi - ok
11:20:51.0296 0x05c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
11:20:51.0296 0x05c0  wmiApSrv - ok
11:20:51.0343 0x05c0  WMPNetworkSvc - ok
11:20:51.0437 0x05c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
11:20:51.0437 0x05c0  WPCSvc - ok
11:20:51.0499 0x05c0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
11:20:51.0499 0x05c0  WPDBusEnum - ok
11:20:51.0546 0x05c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
11:20:51.0546 0x05c0  ws2ifsl - ok
11:20:51.0593 0x05c0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
11:20:51.0608 0x05c0  wscsvc - ok
11:20:51.0624 0x05c0  WSearch - ok
11:20:51.0780 0x05c0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
11:20:51.0827 0x05c0  wuauserv - ok
11:20:51.0873 0x05c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
11:20:51.0873 0x05c0  WudfPf - ok
11:20:51.0920 0x05c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
11:20:51.0920 0x05c0  WUDFRd - ok
11:20:51.0983 0x05c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
11:20:51.0983 0x05c0  wudfsvc - ok
11:20:52.0045 0x05c0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
11:20:52.0061 0x05c0  WwanSvc - ok
11:20:52.0139 0x05c0  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\windows\system32\DRIVERS\yk62x64.sys
11:20:52.0154 0x05c0  yukonw7 - ok
11:20:52.0185 0x05c0  ================ Scan global ===============================
11:20:52.0263 0x05c0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
11:20:52.0310 0x05c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
11:20:52.0341 0x05c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
11:20:52.0388 0x05c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
11:20:52.0451 0x05c0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
11:20:52.0466 0x05c0  [ Global ] - ok
11:20:52.0466 0x05c0  ================ Scan MBR ==================================
11:20:52.0482 0x05c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:20:52.0887 0x05c0  \Device\Harddisk0\DR0 - ok
11:20:52.0887 0x05c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR13
11:20:53.0340 0x05c0  \Device\Harddisk1\DR13 - ok
11:20:53.0355 0x05c0  ================ Scan VBR ==================================
11:20:53.0355 0x05c0  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
11:20:53.0355 0x05c0  \Device\Harddisk0\DR0\Partition1 - ok
11:20:53.0355 0x05c0  [ 42830D70BBEF9B5EC0B23BAAE40FA686 ] \Device\Harddisk0\DR0\Partition2
11:20:53.0387 0x05c0  \Device\Harddisk0\DR0\Partition2 - ok
11:20:53.0402 0x05c0  [ 363824321A4FAE80787F94A09ED21433 ] \Device\Harddisk1\DR13\Partition1
11:20:53.0402 0x05c0  \Device\Harddisk1\DR13\Partition1 - ok
11:20:53.0402 0x05c0  ================ Scan generic autorun ======================
11:20:53.0808 0x05c0  [ BF657386FF476CE3630F693182E37800, 03A444880214BD61EBBC80BE8298358CF4F3425C675FF6851923071FC9E2C997 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:20:54.0151 0x05c0  RtHDVCpl - ok
11:20:54.0245 0x05c0  [ FCBCDE0CD1B921C965C63F3CBBE7E65A, A6687DD084F8EE64F60F01666C31C2950ADB6682EDFC0B179871461AC3B66FBE ] C:\Program Files\DellTPad\Apoint.exe
11:20:54.0260 0x05c0  Apoint - ok
11:20:54.0323 0x05c0  [ 87A4570E9D15A2821015B7FB6B821654, BDF5266905DC3F9ED0DBE41798D9907FC9E8D030DD5C28975BBF9BFD8BD9DA71 ] C:\windows\system32\igfxtray.exe
11:20:54.0323 0x05c0  IgfxTray - ok
11:20:54.0354 0x05c0  [ 842683D8F1A58A76E5A03DA35B4962EE, 7D1B1918D69566694D7D0E82A8A1C7537A5C3A1533DC80F60FE212DD2DBC6099 ] C:\windows\system32\hkcmd.exe
11:20:54.0369 0x05c0  HotKeysCmds - ok
11:20:54.0401 0x05c0  [ 99F8C1060BFB20D2039716BBF741D6C2, 8C578E288D88697E88AB9BEAE79D33AF23AD6176D830D5916BD2DD42EC6FADC5 ] C:\windows\system32\igfxpers.exe
11:20:54.0416 0x05c0  Persistence - ok
11:20:54.0510 0x05c0  [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
11:20:54.0525 0x05c0  IAStorIcon - ok
11:20:54.0588 0x05c0  [ F505FED2BE73AD26D2941A0CBCEF2DB5, 645FA78BF2D45C4343F398CA920A78E73ADD4400B0B700529A996CB67D6E6A08 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:20:54.0603 0x05c0  SunJavaUpdateSched - ok
11:20:54.0713 0x05c0  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:20:54.0728 0x05c0  Adobe ARM - ok
11:20:54.0806 0x05c0  [ A4B41CBDD2C91FA3ECD9E27E4D468886, 4A3C8D028F0CA6A705EEAB7DA193F24EB1F245DE4DE4E15C44B44584DCDCBF4B ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
11:20:54.0806 0x05c0  iTunesHelper - ok
11:20:54.0915 0x05c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:20:54.0947 0x05c0  Sidebar - ok
11:20:54.0978 0x05c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:20:54.0993 0x05c0  mctadmin - ok
11:20:55.0025 0x05c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:20:55.0056 0x05c0  Sidebar - ok
11:20:55.0056 0x05c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:20:55.0071 0x05c0  mctadmin - ok
11:20:55.0103 0x05c0  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
11:20:55.0118 0x05c0  Uninstall C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220 - ok
11:20:55.0118 0x05c0  Waiting for KSN requests completion. In queue: 99
11:20:56.0132 0x05c0  Waiting for KSN requests completion. In queue: 99
11:20:57.0146 0x05c0  Waiting for KSN requests completion. In queue: 99
11:20:58.0176 0x05c0  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe ( 21.3.0.0 ), 0x51000 ( enabled : updated )
11:20:58.0191 0x05c0  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe ( 21.3.0.0 ), 0x51010 ( enabled )
11:21:00.0812 0x05c0  ============================================================
11:21:00.0812 0x05c0  Scan finished
11:21:00.0812 0x05c0  ============================================================
11:21:00.0828 0x12b8  Detected object count: 0
11:21:00.0828 0x12b8  Actual detected object count: 0
 


Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."


#5 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 26 June 2014 - 03:25 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 

#6 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 26 June 2014 - 02:15 PM

Marius;

Again, I appreciate your assistance. This is a SHARED computer in my household meaning other people in my household use it; I'm sure I'm not the only one who has faced this issue. Please bear that in mind when chastising people about having "cracked" software. Perhaps I should have been more diilgent in questioning where certain programs came from which is indeed my fault. For that I apologize. I clearly understand the legalities and security issues involved as my user name should indicate. That said, could you be so kind as to help me determine which programs are the "cracked" or "illeagal" ones so that I can remove them? I'm honestly not sure and do not want to uninstall the wrong software.

Also, you did not explain why there was a difference between the first email I received from you and you first posted response here on the forum. As I said, the email has me downloading and running TDSSKiller while your response here has me running aswMBR. When I attempted to run the aswMBR as directed, it set off Norton Internet Security which indicated that the program was maleware. I realize this could be a false-positive but the difference between the email response I received and what is posted here is quite naturally a concern. I'll be happed to either foward or attatch a copy of the email should you wish to see it.

 

Again, I apologize for the "cracked" software issue and plan on addressing it with my family.

 

Gerry


Edited by 1excop36, 26 June 2014 - 02:16 PM.

Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."


#7 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 27 June 2014 - 03:26 AM

Marius;

I've gone through my computer, tried to identify and remove suspicous programs that I did not recognize as having installed myself. I've probably missed some and if you could please help identify those that are "cracked" for me I would appreciate it.

I'm guessing since I have made changes you will need new scans, though you didn't specifically ask. In the hope of saving some time, I've run new FRST and TDSSKiller scans. I am still uncertain as to the aswMBR.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Gerry Goldshine (administrator) on SAL9000V2 on 27-06-2014 02:16:58
Running from C:\Users\Gerry Goldshine\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(ASCOMP Software GmbH) C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\RunOnce: [Uninstall C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [StartMenuLogOff] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [HideRunAsVerb] 1
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: "autocheck autochk /p \??\C:""""autocheck autochk * """

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.me/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?r...DE&dcc=DE&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x27353D5A3E76CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {E533D9B5-4252-42EB-9AB5-EC3855001A55} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {06B47159-3298-4EB3-A77C-0EB72B5C9A20} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
SearchScopes: HKCU - {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.n...q={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/im...r/SysProExe.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Hosts: 127.0.0.1 activate.adobe.com67.221.174.30   tagged.com
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.start.me/
FF Keyword.URL: https://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Users\Gerry Goldshine\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Gerry Goldshine\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Gerry Goldshine\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\user.js
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\s-amazon.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\startpage-https.xml
FF Extension: Ant Video Downloader - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\anttoolbar@ant.com [2014-06-21]
FF Extension: CuteButtons - Crystal SVG - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\CuteButtonsCrystalSVG@ChoGGi [2014-06-21]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\donottrackplus@abine.com [2014-06-21]
FF Extension: HTTPS-Everywhere - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\https-everywhere@eff.org [2014-06-26]
FF Extension: Toolbar Buttons - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-06-21]
FF Extension: Forecastfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-06-24]
FF Extension: ColorfulTabs - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-06-21]
FF Extension: FireShot - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-06-26]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2014-06-21]
FF Extension: AddThis - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2014-06-21]
FF Extension: FEBE - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2014-06-26]
FF Extension: Empty Cache Button - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-06-21]
FF Extension: Dr.Web Anti-Virus Link Checker - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2014-06-21]
FF Extension: WOT - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-06-21]
FF Extension: Cleanest Addon Manager - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\cam@sdrocking.com.xpi [2014-06-21]
FF Extension: Classic Theme Restorer - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF Extension: Safe In Cloud - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\info@safe-in-cloud.com.xpi [2014-06-21]
FF Extension: Dolphin Connect - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid1-79nQAfjhUybb3A@jetpack.xpi [2014-06-21]
FF Extension: Privacy Badger Firefox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2014-06-21]
FF Extension: Noia Fox options - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2014-06-21]
FF Extension: Print / Print Preview (Update) - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\printprintpreview-andrewsfirefoxextensions@gmail.com.xpi [2014-06-21]
FF Extension: S3.Download Statusbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\s3download@statusbar.xpi [2014-06-21]
FF Extension: Status-4-Evar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\status4evar@caligonstudios.com.xpi [2014-06-25]
FF Extension: Torrent Finder Toolbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\TFToolbarX@torrent-finder.xpi [2014-06-21]
FF Extension: Toggle Private Browsing - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\toggleprivatebrowsing@supernova00.biz.xpi [2014-06-21]
FF Extension: TrackMeNot - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2014-06-21]
FF Extension: Facebook Phishing Protector - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2014-06-21]
FF Extension: Flagfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-06-21]
FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2014-06-21]
FF Extension: Quick Translator - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-06-21]
FF Extension: Bluhell Firewall - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-06-21]
FF Extension: Facebook Toolbar Button - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2014-06-21]
FF Extension: Noia Fox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2014-06-21]
FF Extension: Add-on Update Checker - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{891f0410-aaa2-11e0-9f1c-0800200c9a66}.xpi [2014-06-21]
FF Extension: Fasterfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2014-06-25]
FF Extension: BetterPrivacy - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-06-21]
FF Extension: Extended Statusbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2014-06-21]
FF Extension: Menu Editor - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-06-25]
FF Extension: Download Manager Tweak - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF [2014-02-21]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\TheSage\extensions\firefox
FF Extension: TheSage one-click lookup - C:\Program Files (x86)\TheSage\extensions\firefox [2014-01-18]

Chrome:
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M72E4B7AB-EF30-4EB8-9455-1621BF1C4B1E&SearchSource=55&CUI=&UM=5&UP=SP37710FC9-D7EF-4CE2-8646-AC18F1406269&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M72E4B7AB-EF30-4EB8-9455-1621BF1C4B1E&SearchSource=55&CUI=&UM=5&UP=SP37710FC9-D7EF-4CE2-8646-AC18F1406269&SSPV="
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: http://www.trovi.com...rchTerms}&SSPV=
CHR Extension: (Logitech SetPoint) - C:\Users\Gerry Goldshine\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-10-11]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\TheSage\TheSage\extensions\chrome\ [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 CrypKey License; C:\windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2009-10-30] (Tablet Driver) [File not signed]
S2 RoxLiveShare10; No ImagePath

==================== Drivers (Whitelisted) ====================

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
S1 fanio; C:\windows\SysWOW64\drivers\fanio.sys [14464 2007-02-16] (Christian Diefer) [File not signed]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-04-23] (Arainia Solutions LLC)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140626.002\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\ENG64.SYS [126040 2014-05-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\EX64.SYS [2099288 2014-05-18] (Symantec Corporation)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-18] ()
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 Tablet2k; No ImagePath
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
S2 thdudf; C:\Windows\SysWOW64\DRIVERS\thdudf.sys [66944 2013-06-20] (TOSHIBA Corporation) [File not signed]
S3 wanatw; No ImagePath
S3 cpuz136; \??\C:\windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S0 SMR322; System32\drivers\SMR322.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-27 02:16 - 2014-06-27 02:16 - 00027889 _____ () C:\Users\Gerry Goldshine\Desktop\FRST.txt
2014-06-27 02:15 - 2014-06-27 02:15 - 02082816 _____ (Farbar) C:\Users\Gerry Goldshine\Desktop\FRST64.exe
2014-06-27 01:37 - 2014-06-27 01:37 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\PackageAware
2014-06-26 12:23 - 2014-06-26 12:23 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\FireShot
2014-06-25 11:13 - 2014-06-27 02:17 - 00000000 ____D () C:\FRST
2014-06-25 02:37 - 2014-06-27 02:11 - 00000000 ____D () C:\Users\Gerry Goldshine\Desktop\Computer Repair
2014-06-25 02:06 - 2014-06-25 02:06 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-24 21:18 - 2014-06-24 21:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 12:14 - 2014-06-22 13:11 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\PM backup
2014-06-21 21:25 - 2014-06-21 21:30 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Moonchild Productions
2014-06-21 21:25 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Moonchild Productions
2014-06-21 21:24 - 2014-06-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-06-21 14:09 - 2014-05-15 19:46 - 00001162 _____ () C:\Users\Gerry Goldshine\Documents\indexfile.txt
2014-06-21 13:12 - 2014-06-21 13:12 - 00813000 _____ () C:\Users\Gerry Goldshine\Downloads\palemoon-websetup.exe
2014-06-20 21:44 - 2014-06-25 02:37 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Computer Repair
2014-06-15 20:42 - 2014-06-15 20:42 - 00002368 _____ () C:\Users\Gerry Goldshine\AppData\Local\recently-used.xbel
2014-06-12 02:25 - 2014-06-12 02:25 - 00000374 _____ () C:\windows\KINGSTON (G).lnk
2014-06-12 00:50 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-12 00:50 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-11 14:48 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-11 14:48 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-11 14:48 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-11 14:48 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-11 14:48 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-11 14:48 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-11 14:48 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-11 14:48 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-11 14:48 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-11 14:48 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-11 14:48 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-11 14:48 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-11 14:48 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-11 14:48 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-11 14:48 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-11 14:48 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-11 14:43 - 2013-09-24 19:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-06-11 14:43 - 2013-09-24 18:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-06-11 04:16 - 2014-06-11 13:06 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Adventure Time
2014-06-11 03:35 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 03:35 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 03:35 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 03:35 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 03:35 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 03:35 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 03:35 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 03:35 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 03:35 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 03:35 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 03:35 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 03:35 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 03:35 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 03:35 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 03:35 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 03:35 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 03:35 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 03:35 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 03:35 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 03:35 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 03:35 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 03:35 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 03:35 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 03:35 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 03:35 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 03:35 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 03:35 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 03:35 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 03:35 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 03:35 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 03:35 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 03:35 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 03:35 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 03:35 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 03:35 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 03:35 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 03:35 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 03:35 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 03:35 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 03:35 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 03:35 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 03:35 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 03:35 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 03:35 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 03:35 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 03:35 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 03:35 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 03:35 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 03:35 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 03:35 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 03:35 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 03:35 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-11 03:35 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 03:35 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 03:35 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 03:35 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 03:35 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 03:35 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 03:35 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 03:35 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 03:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 03:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 03:35 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 03:35 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 03:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 03:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 03:34 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-11 03:34 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-05 21:48 - 2014-06-05 09:39 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Gerry Goldshine\Desktop\TDSSKiller.exe
2014-05-29 17:05 - 2014-05-29 17:08 - 07295560 _____ (Nova Development ) C:\Users\Gerry Goldshine\Downloads\Hallmark Holiday Pack Build2.exe

==================== One Month Modified Files and Folders =======

2014-06-27 02:17 - 2014-06-27 02:16 - 00027889 _____ () C:\Users\Gerry Goldshine\Desktop\FRST.txt
2014-06-27 02:17 - 2014-06-25 11:13 - 00000000 ____D () C:\FRST
2014-06-27 02:15 - 2014-06-27 02:15 - 02082816 _____ (Farbar) C:\Users\Gerry Goldshine\Desktop\FRST64.exe
2014-06-27 02:11 - 2014-06-25 02:37 - 00000000 ____D () C:\Users\Gerry Goldshine\Desktop\Computer Repair
2014-06-27 02:05 - 2014-05-23 22:11 - 00000358 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2014-06-27 01:58 - 2014-01-21 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2014-06-27 01:49 - 2011-01-07 14:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-27 01:41 - 2011-05-08 01:30 - 00000000 ___DC () C:\ProgramData\~2
2014-06-27 01:41 - 2011-04-27 17:06 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs
2014-06-27 01:40 - 2011-05-08 01:24 - 00000000 ___DC () C:\ProgramData\~1
2014-06-27 01:38 - 2011-05-08 01:38 - 00000000 ___DC () C:\ProgramData\~0
2014-06-27 01:37 - 2014-06-27 01:37 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\PackageAware
2014-06-27 01:36 - 2011-04-29 02:04 - 00000000 ____D () C:\Program Files\Nik Software
2014-06-27 01:34 - 2014-01-21 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photography
2014-06-27 01:30 - 2014-01-17 22:47 - 00000000 ____D () C:\Program Files\Java
2014-06-27 01:26 - 2014-05-18 12:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphic Design
2014-06-27 01:13 - 2013-06-07 01:10 - 01570874 _____ () C:\windows\WindowsUpdate.log
2014-06-27 01:13 - 2009-07-13 21:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 01:13 - 2009-07-13 21:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 01:05 - 2013-06-29 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-27 01:05 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-27 00:49 - 2014-05-01 12:05 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Wondershare DVD Creator
2014-06-27 00:49 - 2013-04-01 01:07 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-06-26 15:31 - 2014-03-19 12:10 - 00000000 ____D () C:\Program Files (x86)\Safe In Cloud
2014-06-26 15:22 - 2009-07-13 22:13 - 00786538 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-26 12:23 - 2014-06-26 12:23 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\FireShot
2014-06-25 02:37 - 2014-06-20 21:44 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Computer Repair
2014-06-25 02:29 - 2014-05-25 03:18 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New  Icons
2014-06-25 02:29 - 2011-04-24 21:11 - 00000000 ____D () C:\Users\Gerry Goldshine\My System Icons
2014-06-25 02:06 - 2014-06-25 02:06 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-24 21:19 - 2014-06-24 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-24 12:05 - 2012-08-31 17:03 - 00000000 _____ () C:\ProgramData\TEMP
2014-06-22 13:15 - 2014-01-21 03:03 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet
2014-06-22 13:11 - 2014-06-22 12:14 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\PM backup
2014-06-21 21:30 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Moonchild Productions
2014-06-21 21:25 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Moonchild Productions
2014-06-21 21:25 - 2011-03-11 22:05 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla
2014-06-21 21:24 - 2014-06-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-06-21 20:57 - 2014-05-21 21:33 - 00000000 ____D () C:\ProgramData\VSO
2014-06-21 13:14 - 2013-07-02 14:59 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\tixati
2014-06-21 13:12 - 2014-06-21 13:12 - 00813000 _____ () C:\Users\Gerry Goldshine\Downloads\palemoon-websetup.exe
2014-06-20 21:23 - 2014-05-23 20:18 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New DVD Case Inserts
2014-06-20 19:46 - 2014-05-21 21:41 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\ConvertXtoDVD
2014-06-18 22:22 - 2011-05-24 00:18 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Axialis
2014-06-17 17:10 - 2011-05-30 23:38 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\DVD Profiler
2014-06-15 20:42 - 2014-06-15 20:42 - 00002368 _____ () C:\Users\Gerry Goldshine\AppData\Local\recently-used.xbel
2014-06-14 19:31 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-06-14 12:24 - 2013-06-08 23:13 - 00055303 _____ () C:\Users\Gerry Goldshine\.pia_manager_crash.log
2014-06-13 21:39 - 2011-02-27 23:51 - 00000000 ____D () C:\Users\Gerry Goldshine
2014-06-13 17:35 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\Cursors
2014-06-13 02:56 - 2013-07-01 02:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-13 02:55 - 2012-09-01 15:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\CrashDumps
2014-06-12 02:25 - 2014-06-12 02:25 - 00000374 _____ () C:\windows\KINGSTON (G).lnk
2014-06-12 01:48 - 2013-06-16 11:24 - 00000000 ____D () C:\temp
2014-06-11 15:39 - 2011-05-30 23:36 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\DVD Profiler
2014-06-11 15:03 - 2014-05-24 12:41 - 00002586 _____ () C:\Users\Gerry Goldshine\Desktop\MS Word 2007.lnk
2014-06-11 14:56 - 2009-07-13 21:45 - 05279752 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-11 14:54 - 2013-08-15 03:02 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 14:54 - 2013-03-31 16:10 - 00000000 ____D () C:\windows\schemas
2014-06-11 14:51 - 2011-03-03 14:19 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-11 14:50 - 2011-03-18 02:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 14:46 - 2014-04-29 17:36 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-11 13:15 - 2014-03-16 17:28 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Book Covers
2014-06-11 13:08 - 2014-05-16 18:49 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New Wallpaper
2014-06-11 13:07 - 2011-03-30 00:31 - 00000000 ____D () C:\Users\Gerry Goldshine\Assorted Images & ClipArt
2014-06-11 13:06 - 2014-06-11 04:16 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Adventure Time
2014-06-11 00:17 - 2009-07-13 20:20 - 00000000 __RSD () C:\windows\Media
2014-06-10 23:12 - 2013-02-14 01:03 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Hallmark Card Studio Projects
2014-06-10 21:41 - 2013-03-26 21:53 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Calibre Library
2014-06-10 18:17 - 2011-08-06 01:31 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\avidemux
2014-06-10 18:05 - 2011-02-27 23:52 - 00248928 _____ () C:\Users\Gerry Goldshine\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 02:13 - 2014-06-11 03:34 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 02:08 - 2014-06-11 03:34 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-07 10:29 - 2013-01-14 15:12 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Nitro PDF
2014-06-07 10:18 - 2011-03-11 02:06 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-06-05 09:39 - 2014-06-05 21:48 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Gerry Goldshine\Desktop\TDSSKiller.exe
2014-06-04 20:40 - 2014-03-14 14:43 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Free Ebooks
2014-06-04 01:31 - 2014-04-07 19:53 - 00000000 ____D () C:\windows\Downloaded Installations
2014-06-04 01:31 - 2013-06-08 01:14 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-06-01 17:57 - 2013-06-08 01:14 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Winamp
2014-06-01 13:09 - 2014-04-27 13:40 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Avanquest North America
2014-05-30 03:21 - 2014-06-11 03:35 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 03:02 - 2014-06-11 03:35 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 03:02 - 2014-06-11 03:35 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 02:45 - 2014-06-11 03:35 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 02:39 - 2014-06-11 03:35 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 02:39 - 2014-06-11 03:35 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 02:38 - 2014-06-11 03:35 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 02:28 - 2014-06-11 03:35 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 02:27 - 2014-06-11 03:35 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 02:24 - 2014-06-11 03:35 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 02:21 - 2014-06-11 03:35 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 02:21 - 2014-06-11 03:35 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 02:20 - 2014-06-11 03:35 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 02:18 - 2014-06-11 03:35 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 02:11 - 2014-06-11 03:35 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 02:08 - 2014-06-11 03:35 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 02:06 - 2014-06-11 03:35 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 02:02 - 2014-06-11 03:35 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 01:55 - 2014-06-11 03:35 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 01:49 - 2014-06-11 03:35 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 01:46 - 2014-06-11 03:35 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 01:44 - 2014-06-11 03:35 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 01:44 - 2014-06-11 03:35 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 01:43 - 2014-06-11 03:35 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 01:42 - 2014-06-11 03:35 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 01:38 - 2014-06-11 03:35 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 01:35 - 2014-06-11 03:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 01:34 - 2014-06-11 03:35 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 01:33 - 2014-06-11 03:35 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 01:30 - 2014-06-11 03:35 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 01:29 - 2014-06-11 03:35 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 01:28 - 2014-06-11 03:35 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 01:27 - 2014-06-11 03:35 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 01:24 - 2014-06-11 03:35 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 01:23 - 2014-06-11 03:35 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 01:16 - 2014-06-11 03:35 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 01:10 - 2014-06-11 03:35 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 01:06 - 2014-06-11 03:35 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 01:04 - 2014-06-11 03:35 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 01:02 - 2014-06-11 03:35 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 00:56 - 2014-06-11 03:35 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 00:56 - 2014-06-11 03:35 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 00:54 - 2014-06-11 03:35 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 00:50 - 2014-06-11 03:35 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 00:49 - 2014-06-11 03:35 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 00:43 - 2014-06-11 03:35 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 00:40 - 2014-06-11 03:35 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 00:30 - 2014-06-11 03:35 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 00:21 - 2014-06-11 03:35 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 00:15 - 2014-06-11 03:35 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 00:13 - 2014-06-11 03:35 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 00:13 - 2014-06-11 03:35 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-29 17:08 - 2014-05-29 17:05 - 07295560 _____ (Nova Development ) C:\Users\Gerry Goldshine\Downloads\Hallmark Holiday Pack Build2.exe
2014-05-28 17:03 - 2014-05-25 20:15 - 00000000 ___RD () C:\Users\Gerry Goldshine\OneDrive

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 01:02

==================== End Of Log ============================

 

TSSDKiller Scan

 

02:23:35.0495 0x15f8  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
02:23:40.0830 0x15f8  ============================================================
02:23:40.0830 0x15f8  Current date / time: 2014/06/27 02:23:40.0830
02:23:40.0830 0x15f8  SystemInfo:
02:23:40.0830 0x15f8  
02:23:40.0830 0x15f8  OS Version: 6.1.7601 ServicePack: 1.0
02:23:40.0830 0x15f8  Product type: Workstation
02:23:40.0830 0x15f8  ComputerName: SAL9000V2
02:23:40.0830 0x15f8  UserName: Gerry Goldshine
02:23:40.0830 0x15f8  Windows directory: C:\windows
02:23:40.0830 0x15f8  System windows directory: C:\windows
02:23:40.0830 0x15f8  Running under WOW64
02:23:40.0830 0x15f8  Processor architecture: Intel x64
02:23:40.0830 0x15f8  Number of processors: 2
02:23:40.0830 0x15f8  Page size: 0x1000
02:23:40.0830 0x15f8  Boot type: Normal boot
02:23:40.0830 0x15f8  ============================================================
02:23:41.0298 0x15f8  KLMD registered as C:\windows\system32\drivers\91267082.sys
02:23:41.0672 0x15f8  System UUID: {06B32B32-1541-7657-36D6-74475E99348F}
02:23:42.0499 0x15f8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:23:42.0499 0x15f8  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
02:23:44.0543 0x15f8  ============================================================
02:23:44.0543 0x15f8  \Device\Harddisk0\DR0:
02:23:44.0543 0x15f8  MBR partitions:
02:23:44.0543 0x15f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
02:23:44.0543 0x15f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
02:23:44.0543 0x15f8  \Device\Harddisk1\DR1:
02:23:44.0543 0x15f8  MBR partitions:
02:23:44.0543 0x15f8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
02:23:44.0543 0x15f8  ============================================================
02:23:44.0621 0x15f8  C: <-> \Device\Harddisk0\DR0\Partition2
02:23:44.0652 0x15f8  F: <-> \Device\Harddisk1\DR1\Partition1
02:23:44.0652 0x15f8  ============================================================
02:23:44.0652 0x15f8  Initialize success
02:23:44.0652 0x15f8  ============================================================
02:23:46.0680 0x02f8  ============================================================
02:23:46.0680 0x02f8  Scan started
02:23:46.0680 0x02f8  Mode: Manual;
02:23:46.0680 0x02f8  ============================================================
02:23:46.0680 0x02f8  KSN ping started
02:23:49.0472 0x02f8  KSN ping finished: true
02:23:50.0330 0x02f8  ================ Scan system memory ========================
02:23:50.0330 0x02f8  System memory - ok
02:23:50.0330 0x02f8  ================ Scan services =============================
02:23:50.0455 0x02f8  [ 620C92D6EEFA9853A3EAD41B5EB9B5FD, 72DD7297179AC6629B816DD9656D5EC3F02BE677EA01A05A5EB808180F0D775F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
02:23:50.0455 0x02f8  !SASCORE - ok
02:23:50.0674 0x02f8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
02:23:50.0674 0x02f8  1394ohci - ok
02:23:50.0720 0x02f8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
02:23:50.0736 0x02f8  ACPI - ok
02:23:50.0752 0x02f8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
02:23:50.0752 0x02f8  AcpiPmi - ok
02:23:50.0861 0x02f8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:23:50.0861 0x02f8  AdobeARMservice - ok
02:23:51.0032 0x02f8  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:23:51.0048 0x02f8  AdobeFlashPlayerUpdateSvc - ok
02:23:51.0110 0x02f8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
02:23:51.0126 0x02f8  adp94xx - ok
02:23:51.0142 0x02f8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
02:23:51.0142 0x02f8  adpahci - ok
02:23:51.0173 0x02f8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
02:23:51.0173 0x02f8  adpu320 - ok
02:23:51.0220 0x02f8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
02:23:51.0220 0x02f8  AeLookupSvc - ok
02:23:51.0298 0x02f8  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
02:23:51.0298 0x02f8  AERTFilters - ok
02:23:51.0376 0x02f8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys
02:23:51.0391 0x02f8  AFD - ok
02:23:51.0422 0x02f8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
02:23:51.0422 0x02f8  agp440 - ok
02:23:51.0454 0x02f8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
02:23:51.0469 0x02f8  ALG - ok
02:23:51.0516 0x02f8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
02:23:51.0516 0x02f8  aliide - ok
02:23:51.0563 0x02f8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
02:23:51.0563 0x02f8  amdide - ok
02:23:51.0594 0x02f8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
02:23:51.0610 0x02f8  AmdK8 - ok
02:23:51.0625 0x02f8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
02:23:51.0625 0x02f8  AmdPPM - ok
02:23:51.0641 0x02f8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
02:23:51.0641 0x02f8  amdsata - ok
02:23:51.0656 0x02f8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
02:23:51.0672 0x02f8  amdsbs - ok
02:23:51.0688 0x02f8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
02:23:51.0688 0x02f8  amdxata - ok
02:23:51.0719 0x02f8  [ E71711D37C48AC40FD3E2866A5ABBA51, C85DB75741B17A0A84B045DC461B5A6C5EA2A34BCD661107D355CE8DF4A29E03 ] anvsnddrv       C:\windows\system32\drivers\anvsnddrv.sys
02:23:51.0719 0x02f8  anvsnddrv - ok
02:23:51.0766 0x02f8  [ 8655A2983A86D6675135B1FF6892055D, 1A983C11987138A606E2E1E87E353F27BA69832B6881071315886878ECBD27E1 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
02:23:51.0781 0x02f8  ApfiltrService - ok
02:23:51.0812 0x02f8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
02:23:51.0812 0x02f8  AppID - ok
02:23:51.0875 0x02f8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
02:23:51.0875 0x02f8  AppIDSvc - ok
02:23:51.0922 0x02f8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
02:23:51.0922 0x02f8  Appinfo - ok
02:23:52.0015 0x02f8  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:23:52.0015 0x02f8  Apple Mobile Device - ok
02:23:52.0062 0x02f8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
02:23:52.0062 0x02f8  arc - ok
02:23:52.0093 0x02f8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
02:23:52.0093 0x02f8  arcsas - ok
02:23:52.0202 0x02f8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:23:52.0202 0x02f8  aspnet_state - ok
02:23:52.0234 0x02f8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
02:23:52.0234 0x02f8  AsyncMac - ok
02:23:52.0249 0x02f8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
02:23:52.0249 0x02f8  atapi - ok
02:23:52.0374 0x02f8  [ 96ABF88241F90FF647E55C934C55C2F1, DC9EBDD132BC6A1A79A768C575C962B19DB9805C490F926BE8D4804164A2CD7F ] athr            C:\windows\system32\DRIVERS\athrx.sys
02:23:52.0421 0x02f8  athr - ok
02:23:52.0514 0x02f8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
02:23:52.0546 0x02f8  AudioEndpointBuilder - ok
02:23:52.0561 0x02f8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
02:23:52.0577 0x02f8  AudioSrv - ok
02:23:52.0624 0x02f8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
02:23:52.0624 0x02f8  AxInstSV - ok
02:23:52.0717 0x02f8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
02:23:52.0733 0x02f8  b06bdrv - ok
02:23:52.0764 0x02f8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
02:23:52.0764 0x02f8  b57nd60a - ok
02:23:52.0811 0x02f8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
02:23:52.0811 0x02f8  BDESVC - ok
02:23:52.0842 0x02f8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
02:23:52.0842 0x02f8  Beep - ok
02:23:52.0936 0x02f8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
02:23:52.0967 0x02f8  BFE - ok
02:23:53.0260 0x02f8  [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys
02:23:53.0289 0x02f8  BHDrvx64 - ok
02:23:53.0359 0x02f8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
02:23:53.0375 0x02f8  BITS - ok
02:23:53.0390 0x02f8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
02:23:53.0390 0x02f8  blbdrive - ok
02:23:53.0453 0x02f8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
02:23:53.0484 0x02f8  Bonjour Service - ok
02:23:53.0531 0x02f8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
02:23:53.0531 0x02f8  bowser - ok
02:23:53.0577 0x02f8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
02:23:53.0577 0x02f8  BrFiltLo - ok
02:23:53.0593 0x02f8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
02:23:53.0593 0x02f8  BrFiltUp - ok
02:23:53.0655 0x02f8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
02:23:53.0655 0x02f8  Browser - ok
02:23:53.0687 0x02f8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
02:23:53.0702 0x02f8  Brserid - ok
02:23:53.0718 0x02f8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
02:23:53.0718 0x02f8  BrSerWdm - ok
02:23:53.0749 0x02f8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
02:23:53.0749 0x02f8  BrUsbMdm - ok
02:23:53.0765 0x02f8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
02:23:53.0765 0x02f8  BrUsbSer - ok
02:23:53.0780 0x02f8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
02:23:53.0780 0x02f8  BTHMODEM - ok
02:23:53.0827 0x02f8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
02:23:53.0827 0x02f8  bthserv - ok
02:23:53.0967 0x02f8  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys
02:23:53.0967 0x02f8  ccSet_NIS - ok
02:23:53.0999 0x02f8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
02:23:53.0999 0x02f8  cdfs - ok
02:23:54.0045 0x02f8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\drivers\cdrom.sys
02:23:54.0061 0x02f8  cdrom - ok
02:23:54.0108 0x02f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
02:23:54.0108 0x02f8  CertPropSvc - ok
02:23:54.0139 0x02f8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
02:23:54.0139 0x02f8  circlass - ok
02:23:54.0186 0x02f8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
02:23:54.0186 0x02f8  CLFS - ok
02:23:54.0264 0x02f8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:23:54.0264 0x02f8  clr_optimization_v2.0.50727_32 - ok
02:23:54.0326 0x02f8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:23:54.0342 0x02f8  clr_optimization_v2.0.50727_64 - ok
02:23:54.0404 0x02f8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:23:54.0404 0x02f8  clr_optimization_v4.0.30319_32 - ok
02:23:54.0420 0x02f8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:23:54.0420 0x02f8  clr_optimization_v4.0.30319_64 - ok
02:23:54.0451 0x02f8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
02:23:54.0451 0x02f8  CmBatt - ok
02:23:54.0498 0x02f8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
02:23:54.0498 0x02f8  cmdide - ok
02:23:54.0560 0x02f8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys
02:23:54.0576 0x02f8  CNG - ok
02:23:54.0591 0x02f8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
02:23:54.0591 0x02f8  Compbatt - ok
02:23:54.0638 0x02f8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
02:23:54.0638 0x02f8  CompositeBus - ok
02:23:54.0654 0x02f8  COMSysApp - ok
02:23:54.0701 0x02f8  cpuz136 - ok
02:23:54.0732 0x02f8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
02:23:54.0732 0x02f8  crcdisk - ok
02:23:54.0779 0x02f8  [ 2177A0F611584BCA1DFDD7EEB35C0224, 7B9C74B11152398BAECBBA01A31F4D2009672BDD326E970C144FAD9CB80C444F ] CrypKey License C:\windows\system32\crypserv.exe
02:23:54.0779 0x02f8  CrypKey License - ok
02:23:54.0825 0x02f8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
02:23:54.0841 0x02f8  CryptSvc - ok
02:23:54.0888 0x02f8  [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
02:23:54.0888 0x02f8  CtClsFlt - ok
02:23:54.0966 0x02f8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
02:23:54.0981 0x02f8  DcomLaunch - ok
02:23:55.0028 0x02f8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
02:23:55.0044 0x02f8  defragsvc - ok
02:23:55.0091 0x02f8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
02:23:55.0091 0x02f8  DfsC - ok
02:23:55.0137 0x02f8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
02:23:55.0137 0x02f8  Dhcp - ok
02:23:55.0184 0x02f8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
02:23:55.0184 0x02f8  discache - ok
02:23:55.0262 0x02f8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
02:23:55.0262 0x02f8  Disk - ok
02:23:55.0325 0x02f8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
02:23:55.0325 0x02f8  Dnscache - ok
02:23:55.0418 0x02f8  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
02:23:55.0434 0x02f8  DockLoginService - ok
02:23:55.0481 0x02f8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
02:23:55.0481 0x02f8  dot3svc - ok
02:23:55.0527 0x02f8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
02:23:55.0527 0x02f8  Dot4 - ok
02:23:55.0543 0x02f8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\windows\system32\drivers\Dot4Prt.sys
02:23:55.0559 0x02f8  Dot4Print - ok
02:23:55.0590 0x02f8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
02:23:55.0590 0x02f8  dot4usb - ok
02:23:55.0652 0x02f8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
02:23:55.0652 0x02f8  DPS - ok
02:23:55.0699 0x02f8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
02:23:55.0699 0x02f8  drmkaud - ok
02:23:55.0808 0x02f8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
02:23:55.0824 0x02f8  DXGKrnl - ok
02:23:55.0871 0x02f8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
02:23:55.0871 0x02f8  EapHost - ok
02:23:56.0027 0x02f8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
02:23:56.0089 0x02f8  ebdrv - ok
02:23:56.0183 0x02f8  [ 5E346ADBAD5110EAB2E9808ABE877A00, 4B72C34E41B8AA15D166F65B5A037A1230A9FF65F827D18A57E2198573616EAD ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
02:23:56.0198 0x02f8  eeCtrl - ok
02:23:56.0229 0x02f8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\windows\System32\lsass.exe
02:23:56.0229 0x02f8  EFS - ok
02:23:56.0323 0x02f8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
02:23:56.0339 0x02f8  ehRecvr - ok
02:23:56.0385 0x02f8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
02:23:56.0385 0x02f8  ehSched - ok
02:23:56.0448 0x02f8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
02:23:56.0479 0x02f8  elxstor - ok
02:23:56.0541 0x02f8  [ 773ACF5823046FA40D7FD898559A7228, 7DF39C42F781E7864CC791E3449CCDF0124930D128D168E8F9C80374640FFBE7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:23:56.0557 0x02f8  EraserUtilRebootDrv - ok
02:23:56.0588 0x02f8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
02:23:56.0588 0x02f8  ErrDev - ok
02:23:56.0651 0x02f8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
02:23:56.0666 0x02f8  EventSystem - ok
02:23:56.0682 0x02f8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
02:23:56.0697 0x02f8  exfat - ok
02:23:56.0697 0x02f8  fanio - ok
02:23:56.0729 0x02f8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
02:23:56.0729 0x02f8  fastfat - ok
02:23:56.0744 0x02f8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
02:23:56.0744 0x02f8  fdc - ok
02:23:56.0760 0x02f8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
02:23:56.0760 0x02f8  fdPHost - ok
02:23:56.0775 0x02f8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
02:23:56.0791 0x02f8  FDResPub - ok
02:23:56.0807 0x02f8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
02:23:56.0807 0x02f8  FileInfo - ok
02:23:56.0838 0x02f8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
02:23:56.0838 0x02f8  Filetrace - ok
02:23:56.0853 0x02f8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
02:23:56.0853 0x02f8  flpydisk - ok
02:23:56.0916 0x02f8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
02:23:56.0931 0x02f8  FltMgr - ok
02:23:57.0041 0x02f8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
02:23:57.0056 0x02f8  FontCache - ok
02:23:57.0134 0x02f8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:23:57.0134 0x02f8  FontCache3.0.0.0 - ok
02:23:57.0181 0x02f8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
02:23:57.0181 0x02f8  FsDepends - ok
02:23:57.0228 0x02f8  [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
02:23:57.0228 0x02f8  fssfltr - ok
02:23:57.0431 0x02f8  [ 719FD319E03892FF22A33C18C513B9B0, F9CE212F1DDE9CE6E6394A48B6C5ED333D1243667B6796CC1F7A61AA2E4820D8 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
02:23:57.0462 0x02f8  fsssvc - ok
02:23:57.0509 0x02f8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
02:23:57.0509 0x02f8  Fs_Rec - ok
02:23:57.0555 0x02f8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
02:23:57.0571 0x02f8  fvevol - ok
02:23:57.0618 0x02f8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
02:23:57.0618 0x02f8  gagp30kx - ok
02:23:57.0649 0x02f8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
02:23:57.0665 0x02f8  GEARAspiWDM - ok
02:23:57.0696 0x02f8  [ 4CF044DB46F79BFA47FBDFD35192D765, 8520DBAAB9BD148296B468D972BA51B3B2C829355E6109EE190CB7965873DF8D ] GizmoDrv        C:\windows\system32\drivers\GizmoDrv.sys
02:23:57.0696 0x02f8  GizmoDrv - ok
02:23:57.0743 0x02f8  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
02:23:57.0743 0x02f8  GoToAssist - ok
02:23:57.0821 0x02f8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
02:23:57.0836 0x02f8  gpsvc - ok
02:23:57.0930 0x02f8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:23:57.0930 0x02f8  gupdate - ok
02:23:57.0945 0x02f8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:23:57.0945 0x02f8  gupdatem - ok
02:23:57.0977 0x02f8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
02:23:57.0977 0x02f8  hcw85cir - ok
02:23:58.0008 0x02f8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
02:23:58.0023 0x02f8  HdAudAddService - ok
02:23:58.0070 0x02f8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
02:23:58.0086 0x02f8  HDAudBus - ok
02:23:58.0102 0x02f8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
02:23:58.0102 0x02f8  HidBatt - ok
02:23:58.0133 0x02f8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
02:23:58.0133 0x02f8  HidBth - ok
02:23:58.0148 0x02f8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
02:23:58.0164 0x02f8  HidIr - ok
02:23:58.0211 0x02f8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
02:23:58.0211 0x02f8  hidserv - ok
02:23:58.0258 0x02f8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
02:23:58.0258 0x02f8  HidUsb - ok
02:23:58.0304 0x02f8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
02:23:58.0304 0x02f8  hkmsvc - ok
02:23:58.0351 0x02f8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
02:23:58.0351 0x02f8  HomeGroupListener - ok
02:23:58.0414 0x02f8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
02:23:58.0429 0x02f8  HomeGroupProvider - ok
02:23:58.0585 0x02f8  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
02:23:58.0585 0x02f8  hpqcxs08 - ok
02:23:58.0616 0x02f8  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
02:23:58.0616 0x02f8  hpqddsvc - ok
02:23:58.0663 0x02f8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
02:23:58.0663 0x02f8  HpSAMD - ok
02:23:58.0741 0x02f8  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
02:23:58.0772 0x02f8  HPSLPSVC - ok
02:23:58.0850 0x02f8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
02:23:58.0866 0x02f8  HTTP - ok
02:23:58.0897 0x02f8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
02:23:58.0897 0x02f8  hwpolicy - ok
02:23:58.0944 0x02f8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
02:23:58.0944 0x02f8  i8042prt - ok
02:23:59.0022 0x02f8  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
02:23:59.0038 0x02f8  iaStor - ok
02:23:59.0116 0x02f8  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
02:23:59.0131 0x02f8  IAStorDataMgrSvc - ok
02:23:59.0194 0x02f8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
02:23:59.0209 0x02f8  iaStorV - ok
02:23:59.0303 0x02f8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:23:59.0318 0x02f8  idsvc - ok
02:23:59.0474 0x02f8  [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140626.002\IDSvia64.sys
02:23:59.0490 0x02f8  IDSVia64 - ok
02:23:59.0506 0x02f8  IEEtwCollectorService - ok
02:23:59.0849 0x02f8  [ C6238C6ABD6AC99F5D152DA4E9439A3D, 6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D4467D237E698A8E0D9E7B ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
02:24:00.0067 0x02f8  igfx - ok
02:24:00.0145 0x02f8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
02:24:00.0145 0x02f8  iirsp - ok
02:24:00.0208 0x02f8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
02:24:00.0239 0x02f8  IKEEXT - ok
02:24:00.0364 0x02f8  [ 2FAAEA2DC2719E67FD7C0D51F9E743F7, 4F56CB5A0309607EC7DC466E6DC7425DAB34D7194F64C4C258BAEC429A7DB303 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
02:24:00.0426 0x02f8  IntcAzAudAddService - ok
02:24:00.0473 0x02f8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
02:24:00.0473 0x02f8  intelide - ok
02:24:00.0504 0x02f8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
02:24:00.0504 0x02f8  intelppm - ok
02:24:00.0551 0x02f8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
02:24:00.0551 0x02f8  IPBusEnum - ok
02:24:00.0598 0x02f8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
02:24:00.0598 0x02f8  IpFilterDriver - ok
02:24:00.0660 0x02f8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
02:24:00.0676 0x02f8  iphlpsvc - ok
02:24:00.0707 0x02f8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
02:24:00.0707 0x02f8  IPMIDRV - ok
02:24:00.0738 0x02f8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
02:24:00.0738 0x02f8  IPNAT - ok
02:24:00.0863 0x02f8  [ DA09DB7356938E513E2AFE76CA76E93B, 017B4B684A0B2FD5350BFDA83A89CE2924A8BB622FC6818375F16843F45D77EA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
02:24:00.0878 0x02f8  iPod Service - ok
02:24:00.0894 0x02f8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
02:24:00.0894 0x02f8  IRENUM - ok
02:24:00.0925 0x02f8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
02:24:00.0925 0x02f8  isapnp - ok
02:24:00.0972 0x02f8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
02:24:00.0988 0x02f8  iScsiPrt - ok
02:24:01.0034 0x02f8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
02:24:01.0034 0x02f8  kbdclass - ok
02:24:01.0081 0x02f8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
02:24:01.0081 0x02f8  kbdhid - ok
02:24:01.0097 0x02f8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\windows\system32\lsass.exe
02:24:01.0112 0x02f8  KeyIso - ok
02:24:01.0144 0x02f8  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
02:24:01.0159 0x02f8  KSecDD - ok
02:24:01.0206 0x02f8  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
02:24:01.0206 0x02f8  KSecPkg - ok
02:24:01.0253 0x02f8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
02:24:01.0253 0x02f8  ksthunk - ok
02:24:01.0315 0x02f8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
02:24:01.0331 0x02f8  KtmRm - ok
02:24:01.0346 0x02f8  [ 32980B4E711D2EF7128C44DC2CF85706, 1468C4497FA888A9A3415F0CB1D18FF2603DFFEF66515E0863C6342ED71214DA ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
02:24:01.0346 0x02f8  L1C - ok
02:24:01.0409 0x02f8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
02:24:01.0424 0x02f8  LanmanServer - ok
02:24:01.0471 0x02f8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
02:24:01.0471 0x02f8  LanmanWorkstation - ok
02:24:01.0596 0x02f8  [ 70FB6254E29150A7A4A39FDFFD306C33, 23783F90F6A55B0FF506F6D11355F6E04DDFF66309EB029B155F4411B3CBB57A ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
02:24:01.0596 0x02f8  LBTServ - ok
02:24:01.0643 0x02f8  [ 1470EF17E02E82E4F43346DF9E9F11E1, 052D5D71F08B17ECA6013F9908369D101186429BA8B4F9D900BEE5B883A867F9 ] LHidFilt        C:\windows\system32\DRIVERS\LHidFilt.Sys
02:24:01.0643 0x02f8  LHidFilt - ok
02:24:01.0674 0x02f8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
02:24:01.0674 0x02f8  lltdio - ok
02:24:01.0736 0x02f8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
02:24:01.0752 0x02f8  lltdsvc - ok
02:24:01.0783 0x02f8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
02:24:01.0783 0x02f8  lmhosts - ok
02:24:01.0814 0x02f8  [ 12814AE119E959437BEA3110F81BD188, 277A9AA641E8C70F4611B1AA0D7C998547BF109FDB117A4F2C0328663D4D7D71 ] LMouFilt        C:\windows\system32\DRIVERS\LMouFilt.Sys
02:24:01.0814 0x02f8  LMouFilt - ok
02:24:01.0846 0x02f8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
02:24:01.0846 0x02f8  LSI_FC - ok
02:24:01.0861 0x02f8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
02:24:01.0861 0x02f8  LSI_SAS - ok
02:24:01.0877 0x02f8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
02:24:01.0877 0x02f8  LSI_SAS2 - ok
02:24:01.0892 0x02f8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
02:24:01.0892 0x02f8  LSI_SCSI - ok
02:24:01.0924 0x02f8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
02:24:01.0924 0x02f8  luafv - ok
02:24:01.0955 0x02f8  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus          C:\windows\system32\DRIVERS\mcdbus.sys
02:24:01.0970 0x02f8  mcdbus - ok
02:24:02.0017 0x02f8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
02:24:02.0017 0x02f8  Mcx2Svc - ok
02:24:02.0033 0x02f8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
02:24:02.0033 0x02f8  megasas - ok
02:24:02.0048 0x02f8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
02:24:02.0048 0x02f8  MegaSR - ok
02:24:02.0080 0x02f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
02:24:02.0080 0x02f8  MMCSS - ok
02:24:02.0095 0x02f8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
02:24:02.0095 0x02f8  Modem - ok
02:24:02.0142 0x02f8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
02:24:02.0142 0x02f8  monitor - ok
02:24:02.0158 0x02f8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
02:24:02.0158 0x02f8  mouclass - ok
02:24:02.0189 0x02f8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
02:24:02.0204 0x02f8  mouhid - ok
02:24:02.0251 0x02f8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
02:24:02.0251 0x02f8  mountmgr - ok
02:24:02.0314 0x02f8  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:24:02.0314 0x02f8  MozillaMaintenance - ok
02:24:02.0360 0x02f8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
02:24:02.0360 0x02f8  mpio - ok
02:24:02.0407 0x02f8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
02:24:02.0407 0x02f8  mpsdrv - ok
02:24:02.0501 0x02f8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
02:24:02.0516 0x02f8  MpsSvc - ok
02:24:02.0563 0x02f8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
02:24:02.0563 0x02f8  MRxDAV - ok
02:24:02.0641 0x02f8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
02:24:02.0641 0x02f8  mrxsmb - ok
02:24:02.0719 0x02f8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
02:24:02.0719 0x02f8  mrxsmb10 - ok
02:24:02.0782 0x02f8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
02:24:02.0782 0x02f8  mrxsmb20 - ok
02:24:02.0860 0x02f8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
02:24:02.0860 0x02f8  msahci - ok
02:24:02.0875 0x02f8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
02:24:02.0875 0x02f8  msdsm - ok
02:24:02.0906 0x02f8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
02:24:02.0906 0x02f8  MSDTC - ok
02:24:02.0969 0x02f8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
02:24:02.0969 0x02f8  Msfs - ok
02:24:03.0000 0x02f8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
02:24:03.0000 0x02f8  mshidkmdf - ok
02:24:03.0016 0x02f8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
02:24:03.0031 0x02f8  msisadrv - ok
02:24:03.0078 0x02f8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
02:24:03.0094 0x02f8  MSiSCSI - ok
02:24:03.0109 0x02f8  msiserver - ok
02:24:03.0125 0x02f8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
02:24:03.0125 0x02f8  MSKSSRV - ok
02:24:03.0156 0x02f8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
02:24:03.0156 0x02f8  MSPCLOCK - ok
02:24:03.0187 0x02f8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
02:24:03.0187 0x02f8  MSPQM - ok
02:24:03.0265 0x02f8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
02:24:03.0265 0x02f8  MsRPC - ok
02:24:03.0328 0x02f8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
02:24:03.0328 0x02f8  mssmbios - ok
02:24:03.0343 0x02f8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
02:24:03.0343 0x02f8  MSTEE - ok
02:24:03.0374 0x02f8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
02:24:03.0374 0x02f8  MTConfig - ok
02:24:03.0406 0x02f8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
02:24:03.0406 0x02f8  Mup - ok
02:24:03.0468 0x02f8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
02:24:03.0499 0x02f8  napagent - ok
02:24:03.0515 0x02f8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
02:24:03.0515 0x02f8  NativeWifiP - ok
02:24:03.0608 0x02f8  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\ENG64.SYS
02:24:03.0624 0x02f8  NAVENG - ok
02:24:03.0718 0x02f8  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140624.033\EX64.SYS
02:24:03.0764 0x02f8  NAVEX15 - ok
02:24:03.0842 0x02f8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
02:24:03.0874 0x02f8  NDIS - ok
02:24:03.0905 0x02f8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
02:24:03.0905 0x02f8  NdisCap - ok
02:24:03.0920 0x02f8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
02:24:03.0936 0x02f8  NdisTapi - ok
02:24:03.0967 0x02f8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
02:24:03.0983 0x02f8  Ndisuio - ok
02:24:04.0030 0x02f8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
02:24:04.0030 0x02f8  NdisWan - ok
02:24:04.0092 0x02f8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
02:24:04.0108 0x02f8  NDProxy - ok
02:24:04.0154 0x02f8  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
02:24:04.0154 0x02f8  Net Driver HPZ12 - ok
02:24:04.0170 0x02f8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
02:24:04.0170 0x02f8  NetBIOS - ok
02:24:04.0232 0x02f8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
02:24:04.0248 0x02f8  NetBT - ok
02:24:04.0264 0x02f8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\windows\system32\lsass.exe
02:24:04.0264 0x02f8  Netlogon - ok
02:24:04.0310 0x02f8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
02:24:04.0326 0x02f8  Netman - ok
02:24:04.0373 0x02f8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:04.0373 0x02f8  NetMsmqActivator - ok
02:24:04.0388 0x02f8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:04.0388 0x02f8  NetPipeActivator - ok
02:24:04.0435 0x02f8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
02:24:04.0435 0x02f8  netprofm - ok
02:24:04.0451 0x02f8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:04.0451 0x02f8  NetTcpActivator - ok
02:24:04.0466 0x02f8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:04.0466 0x02f8  NetTcpPortSharing - ok
02:24:04.0482 0x02f8  [ A97D9B1C2EEB2E169D2593E7073BCD27, 8DE9769E3B68FFA4770959775894517D95A3DCB7D5BC7FF8AFD06798D60F3B3A ] NetworkX        C:\windows\System32\ckldrv.sys
02:24:04.0482 0x02f8  NetworkX - ok
02:24:04.0498 0x02f8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
02:24:04.0498 0x02f8  nfrd960 - ok
02:24:04.0607 0x02f8  [ 1305F77D8B17AA4C516263D6F8013836, B45EE4A72C5C93068DF7DEBC3C914C613556D4642E84A34630535E840AA77998 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
02:24:04.0622 0x02f8  NIS - ok
02:24:04.0716 0x02f8  [ 2EC725B687B8301BAFC2808DC689B0BC, B27CFA5CE0B4D16D26507CACF28F7B0CA0CAEE56165F068B26B206E960006DE7 ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
02:24:04.0716 0x02f8  NitroDriverReadSpool9 - ok
02:24:04.0763 0x02f8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
02:24:04.0763 0x02f8  NlaSvc - ok
02:24:04.0872 0x02f8  [ 33E4FEAC832AA2DC8BE339C652C3657E, F05F4F44B19C22876F63C2174E292C675CB6A222D40E63F49896CE734C87FEE8 ] nlsX86cc        C:\windows\SysWOW64\nlssrv32.exe
02:24:04.0888 0x02f8  nlsX86cc - ok
02:24:04.0903 0x02f8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
02:24:04.0903 0x02f8  Npfs - ok
02:24:04.0950 0x02f8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
02:24:04.0950 0x02f8  nsi - ok
02:24:04.0981 0x02f8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
02:24:04.0981 0x02f8  nsiproxy - ok
02:24:05.0090 0x02f8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
02:24:05.0122 0x02f8  Ntfs - ok
02:24:05.0137 0x02f8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
02:24:05.0137 0x02f8  Null - ok
02:24:05.0184 0x02f8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
02:24:05.0184 0x02f8  nvraid - ok
02:24:05.0200 0x02f8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
02:24:05.0200 0x02f8  nvstor - ok
02:24:05.0231 0x02f8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
02:24:05.0246 0x02f8  nv_agp - ok
02:24:05.0371 0x02f8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
02:24:05.0387 0x02f8  odserv - ok
02:24:05.0402 0x02f8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
02:24:05.0402 0x02f8  ohci1394 - ok
02:24:05.0465 0x02f8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:24:05.0480 0x02f8  ose - ok
02:24:05.0543 0x02f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
02:24:05.0558 0x02f8  p2pimsvc - ok
02:24:05.0590 0x02f8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
02:24:05.0605 0x02f8  p2psvc - ok
02:24:05.0636 0x02f8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
02:24:05.0636 0x02f8  Parport - ok
02:24:05.0683 0x02f8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
02:24:05.0699 0x02f8  partmgr - ok
02:24:05.0714 0x02f8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
02:24:05.0730 0x02f8  PcaSvc - ok
02:24:05.0792 0x02f8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
02:24:05.0792 0x02f8  pci - ok
02:24:05.0839 0x02f8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
02:24:05.0839 0x02f8  pciide - ok
02:24:05.0870 0x02f8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
02:24:05.0886 0x02f8  pcmcia - ok
02:24:05.0917 0x02f8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
02:24:05.0917 0x02f8  pcw - ok
02:24:05.0964 0x02f8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
02:24:05.0980 0x02f8  PEAUTH - ok
02:24:06.0026 0x02f8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
02:24:06.0026 0x02f8  PerfHost - ok
02:24:06.0136 0x02f8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
02:24:06.0167 0x02f8  pla - ok
02:24:06.0245 0x02f8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
02:24:06.0260 0x02f8  PlugPlay - ok
02:24:06.0307 0x02f8  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
02:24:06.0307 0x02f8  Pml Driver HPZ12 - ok
02:24:06.0354 0x02f8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
02:24:06.0354 0x02f8  PNRPAutoReg - ok
02:24:06.0401 0x02f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
02:24:06.0401 0x02f8  PNRPsvc - ok
02:24:06.0479 0x02f8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
02:24:06.0494 0x02f8  PolicyAgent - ok
02:24:06.0541 0x02f8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
02:24:06.0541 0x02f8  Power - ok
02:24:06.0588 0x02f8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
02:24:06.0588 0x02f8  PptpMiniport - ok
02:24:06.0635 0x02f8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
02:24:06.0635 0x02f8  Processor - ok
02:24:06.0697 0x02f8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
02:24:06.0697 0x02f8  ProfSvc - ok
02:24:06.0728 0x02f8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
02:24:06.0744 0x02f8  ProtectedStorage - ok
02:24:06.0775 0x02f8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
02:24:06.0791 0x02f8  Psched - ok
02:24:06.0838 0x02f8  [ 225D3660F926FE761BC8CE10C512AA02, EAA2241E858CD0FF7A1F159FB03D0DF87735EAD1F245F0A569FB6A0330D1B007 ] PTSimBus        C:\windows\system32\DRIVERS\PTSimBus.sys
02:24:06.0838 0x02f8  PTSimBus - ok
02:24:06.0869 0x02f8  [ BD2194786ABAF4860F41118C0C103E7B, 204C17CF91ADD84635907EC5B77FE02F25A098F0B2174D006610859F930E909E ] PTSimHid        C:\windows\system32\DRIVERS\PTSimHid.sys
02:24:06.0869 0x02f8  PTSimHid - ok
02:24:06.0916 0x02f8  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\windows\system32\pwdrvio.sys
02:24:06.0916 0x02f8  pwdrvio - ok
02:24:06.0962 0x02f8  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\windows\system32\pwdspio.sys
02:24:06.0962 0x02f8  pwdspio - ok
02:24:07.0072 0x02f8  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
02:24:07.0072 0x02f8  PxHlpa64 - ok
02:24:07.0181 0x02f8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
02:24:07.0212 0x02f8  ql2300 - ok
02:24:07.0228 0x02f8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
02:24:07.0228 0x02f8  ql40xx - ok
02:24:07.0306 0x02f8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
02:24:07.0321 0x02f8  QWAVE - ok
02:24:07.0337 0x02f8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
02:24:07.0337 0x02f8  QWAVEdrv - ok
02:24:07.0384 0x02f8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
02:24:07.0384 0x02f8  RasAcd - ok
02:24:07.0430 0x02f8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
02:24:07.0430 0x02f8  RasAgileVpn - ok
02:24:07.0477 0x02f8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
02:24:07.0477 0x02f8  RasAuto - ok
02:24:07.0524 0x02f8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
02:24:07.0524 0x02f8  Rasl2tp - ok
02:24:07.0586 0x02f8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
02:24:07.0602 0x02f8  RasMan - ok
02:24:07.0649 0x02f8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
02:24:07.0649 0x02f8  RasPppoe - ok
02:24:07.0649 0x02f8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
02:24:07.0664 0x02f8  RasSstp - ok
02:24:07.0711 0x02f8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
02:24:07.0711 0x02f8  rdbss - ok
02:24:07.0742 0x02f8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
02:24:07.0742 0x02f8  rdpbus - ok
02:24:07.0758 0x02f8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
02:24:07.0758 0x02f8  RDPCDD - ok
02:24:07.0774 0x02f8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
02:24:07.0774 0x02f8  RDPENCDD - ok
02:24:07.0805 0x02f8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
02:24:07.0805 0x02f8  RDPREFMP - ok
02:24:07.0836 0x02f8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
02:24:07.0836 0x02f8  RdpVideoMiniport - ok
02:24:07.0867 0x02f8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
02:24:07.0883 0x02f8  RDPWD - ok
02:24:07.0930 0x02f8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
02:24:07.0945 0x02f8  rdyboost - ok
02:24:08.0008 0x02f8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
02:24:08.0008 0x02f8  RemoteAccess - ok
02:24:08.0070 0x02f8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
02:24:08.0086 0x02f8  RemoteRegistry - ok
02:24:08.0132 0x02f8  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\windows\system32\DRIVERS\revoflt.sys
02:24:08.0132 0x02f8  Revoflt - ok
02:24:08.0148 0x02f8  RimUsb - ok
02:24:08.0195 0x02f8  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
02:24:08.0195 0x02f8  RimVSerPort - ok
02:24:08.0226 0x02f8  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\windows\system32\Drivers\RootMdm.sys
02:24:08.0226 0x02f8  ROOTMODEM - ok
02:24:08.0273 0x02f8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
02:24:08.0273 0x02f8  RpcEptMapper - ok
02:24:08.0320 0x02f8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
02:24:08.0320 0x02f8  RpcLocator - ok
02:24:08.0398 0x02f8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
02:24:08.0413 0x02f8  RpcSs - ok
02:24:08.0444 0x02f8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
02:24:08.0444 0x02f8  rspndr - ok
02:24:08.0491 0x02f8  [ 30F463768D5143BFD7B2DF822B53CF4D, 3DD94DDF95086C7C2A83617B499627C04D020BF9F230C0F080B169CB846F796F ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
02:24:08.0507 0x02f8  RSUSBSTOR - ok
02:24:08.0538 0x02f8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\windows\system32\lsass.exe
02:24:08.0538 0x02f8  SamSs - ok
02:24:08.0632 0x02f8  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
02:24:08.0632 0x02f8  SASDIFSV - ok
02:24:08.0663 0x02f8  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
02:24:08.0663 0x02f8  SASKUTIL - ok
02:24:08.0710 0x02f8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
02:24:08.0710 0x02f8  sbp2port - ok
02:24:08.0756 0x02f8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
02:24:08.0772 0x02f8  SCardSvr - ok
02:24:08.0819 0x02f8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
02:24:08.0819 0x02f8  scfilter - ok
02:24:08.0912 0x02f8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
02:24:08.0944 0x02f8  Schedule - ok
02:24:09.0006 0x02f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
02:24:09.0006 0x02f8  SCPolicySvc - ok
02:24:09.0053 0x02f8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
02:24:09.0053 0x02f8  SDRSVC - ok
02:24:09.0100 0x02f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
02:24:09.0115 0x02f8  secdrv - ok
02:24:09.0162 0x02f8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
02:24:09.0162 0x02f8  seclogon - ok
02:24:09.0209 0x02f8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
02:24:09.0209 0x02f8  SENS - ok
02:24:09.0240 0x02f8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
02:24:09.0240 0x02f8  SensrSvc - ok
02:24:09.0287 0x02f8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
02:24:09.0287 0x02f8  Serenum - ok
02:24:09.0318 0x02f8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
02:24:09.0334 0x02f8  Serial - ok
02:24:09.0365 0x02f8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
02:24:09.0365 0x02f8  sermouse - ok
02:24:09.0427 0x02f8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
02:24:09.0427 0x02f8  SessionEnv - ok
02:24:09.0474 0x02f8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
02:24:09.0474 0x02f8  sffdisk - ok
02:24:09.0490 0x02f8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
02:24:09.0490 0x02f8  sffp_mmc - ok
02:24:09.0505 0x02f8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
02:24:09.0505 0x02f8  sffp_sd - ok
02:24:09.0521 0x02f8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
02:24:09.0521 0x02f8  sfloppy - ok
02:24:09.0599 0x02f8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
02:24:09.0614 0x02f8  SharedAccess - ok
02:24:09.0677 0x02f8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
02:24:09.0692 0x02f8  ShellHWDetection - ok
02:24:09.0724 0x02f8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
02:24:09.0724 0x02f8  SiSRaid2 - ok
02:24:09.0755 0x02f8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
02:24:09.0755 0x02f8  SiSRaid4 - ok
02:24:09.0786 0x02f8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
02:24:09.0802 0x02f8  Smb - ok
02:24:09.0817 0x02f8  SMR322 - ok
02:24:09.0880 0x02f8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
02:24:09.0895 0x02f8  SNMPTRAP - ok
02:24:09.0911 0x02f8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
02:24:09.0911 0x02f8  spldr - ok
02:24:09.0989 0x02f8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
02:24:10.0004 0x02f8  Spooler - ok
02:24:10.0160 0x02f8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
02:24:10.0238 0x02f8  sppsvc - ok
02:24:10.0285 0x02f8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
02:24:10.0301 0x02f8  sppuinotify - ok
02:24:10.0457 0x02f8  [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP           C:\windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS
02:24:10.0472 0x02f8  SRTSP - ok
02:24:10.0488 0x02f8  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS
02:24:10.0488 0x02f8  SRTSPX - ok
02:24:10.0566 0x02f8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
02:24:10.0566 0x02f8  srv - ok
02:24:10.0644 0x02f8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
02:24:10.0660 0x02f8  srv2 - ok
02:24:10.0691 0x02f8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
02:24:10.0691 0x02f8  srvnet - ok
02:24:10.0753 0x02f8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
02:24:10.0753 0x02f8  SSDPSRV - ok
02:24:10.0784 0x02f8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
02:24:10.0784 0x02f8  SstpSvc - ok
02:24:10.0831 0x02f8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
02:24:10.0831 0x02f8  stexstor - ok
02:24:10.0878 0x02f8  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
02:24:10.0878 0x02f8  StillCam - ok
02:24:10.0956 0x02f8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
02:24:10.0956 0x02f8  stisvc - ok
02:24:11.0018 0x02f8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
02:24:11.0018 0x02f8  swenum - ok
02:24:11.0065 0x02f8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
02:24:11.0081 0x02f8  swprv - ok
02:24:11.0143 0x02f8  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS
02:24:11.0159 0x02f8  SymDS - ok
02:24:11.0252 0x02f8  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS
02:24:11.0284 0x02f8  SymEFA - ok
02:24:11.0330 0x02f8  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
02:24:11.0330 0x02f8  SymEvent - ok
02:24:11.0408 0x02f8  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS
02:24:11.0424 0x02f8  SymIRON - ok
02:24:11.0502 0x02f8  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS
02:24:11.0533 0x02f8  SymNetS - ok
02:24:11.0642 0x02f8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
02:24:11.0674 0x02f8  SysMain - ok
02:24:11.0705 0x02f8  Tablet2k - ok
02:24:11.0767 0x02f8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
02:24:11.0783 0x02f8  TabletInputService - ok
02:24:11.0830 0x02f8  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
02:24:11.0830 0x02f8  tap0901 - ok
02:24:11.0876 0x02f8  [ F33FDC72298DF4BF9813A55D21F4EB31, 34AADF5115CA1B275FEF4238B420FE424F0E1D0FFD1606B24A0D594D7305CF1F ] taphss          C:\windows\system32\DRIVERS\taphss.sys
02:24:11.0876 0x02f8  taphss - ok
02:24:11.0892 0x02f8  [ FA08663E58C3B856CD9A83F3279337FE, D7479595189AF6869C8791003001C90E23C0BD457CB453C2EE2E8ADFA87FDB2F ] taphss6         C:\windows\system32\DRIVERS\taphss6.sys
02:24:11.0892 0x02f8  taphss6 - ok
02:24:11.0939 0x02f8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
02:24:11.0939 0x02f8  TapiSrv - ok
02:24:11.0986 0x02f8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
02:24:11.0986 0x02f8  TBS - ok
02:24:12.0017 0x02f8  [ 530A7F0966493DD437E4342F12CCD63B, 080B107F11CB9CFB315872846106224FA4190A6742B5B68C0E188A0229729EF3 ] TClass2k        C:\windows\system32\DRIVERS\TClass2k.sys
02:24:12.0017 0x02f8  TClass2k - ok
02:24:12.0142 0x02f8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
02:24:12.0173 0x02f8  Tcpip - ok
02:24:12.0235 0x02f8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
02:24:12.0266 0x02f8  TCPIP6 - ok
02:24:12.0329 0x02f8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
02:24:12.0329 0x02f8  tcpipreg - ok
02:24:12.0376 0x02f8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
02:24:12.0376 0x02f8  TDPIPE - ok
02:24:12.0407 0x02f8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
02:24:12.0422 0x02f8  TDTCP - ok
02:24:12.0469 0x02f8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
02:24:12.0469 0x02f8  tdx - ok
02:24:12.0516 0x02f8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
02:24:12.0516 0x02f8  TermDD - ok
02:24:12.0594 0x02f8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll
02:24:12.0610 0x02f8  TermService - ok
02:24:12.0625 0x02f8  thdudf - ok
02:24:12.0672 0x02f8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
02:24:12.0672 0x02f8  Themes - ok
02:24:12.0719 0x02f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
02:24:12.0719 0x02f8  THREADORDER - ok
02:24:12.0781 0x02f8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
02:24:12.0781 0x02f8  TrkWks - ok
02:24:12.0875 0x02f8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
02:24:12.0890 0x02f8  TrustedInstaller - ok
02:24:12.0953 0x02f8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
02:24:12.0953 0x02f8  tssecsrv - ok
02:24:13.0078 0x02f8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
02:24:13.0078 0x02f8  TsUsbFlt - ok
02:24:13.0124 0x02f8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
02:24:13.0124 0x02f8  tunnel - ok
02:24:13.0171 0x02f8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
02:24:13.0171 0x02f8  uagp35 - ok
02:24:13.0202 0x02f8  [ 01662B4865FDB282677B11CF416757CE, AF85FA61B2560E8387388C7CC4F9F4DDFA52E30631DAB1396B2186E7DF80F9E5 ] UCTblHid        C:\windows\system32\DRIVERS\UCTblHid.sys
02:24:13.0202 0x02f8  UCTblHid - ok
02:24:13.0249 0x02f8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
02:24:13.0265 0x02f8  udfs - ok
02:24:13.0343 0x02f8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
02:24:13.0343 0x02f8  UI0Detect - ok
02:24:13.0374 0x02f8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
02:24:13.0374 0x02f8  uliagpkx - ok
02:24:13.0421 0x02f8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
02:24:13.0421 0x02f8  umbus - ok
02:24:13.0452 0x02f8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
02:24:13.0452 0x02f8  UmPass - ok
02:24:13.0483 0x02f8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
02:24:13.0499 0x02f8  upnphost - ok
02:24:13.0546 0x02f8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
02:24:13.0546 0x02f8  USBAAPL64 - ok
02:24:13.0670 0x02f8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
02:24:13.0670 0x02f8  usbccgp - ok
02:24:13.0717 0x02f8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
02:24:13.0733 0x02f8  usbcir - ok
02:24:13.0764 0x02f8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
02:24:13.0764 0x02f8  usbehci - ok
02:24:13.0811 0x02f8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
02:24:13.0811 0x02f8  usbhub - ok
02:24:13.0858 0x02f8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
02:24:13.0858 0x02f8  usbohci - ok
02:24:13.0889 0x02f8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
02:24:13.0889 0x02f8  usbprint - ok
02:24:13.0936 0x02f8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
02:24:13.0936 0x02f8  USBSTOR - ok
02:24:13.0967 0x02f8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
02:24:13.0967 0x02f8  usbuhci - ok
02:24:13.0998 0x02f8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
02:24:13.0998 0x02f8  usbvideo - ok
02:24:14.0045 0x02f8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
02:24:14.0045 0x02f8  UxSms - ok
02:24:14.0076 0x02f8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\windows\system32\lsass.exe
02:24:14.0076 0x02f8  VaultSvc - ok
02:24:14.0123 0x02f8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
02:24:14.0123 0x02f8  vdrvroot - ok
02:24:14.0201 0x02f8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
02:24:14.0216 0x02f8  vds - ok
02:24:14.0248 0x02f8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
02:24:14.0248 0x02f8  vga - ok
02:24:14.0279 0x02f8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
02:24:14.0279 0x02f8  VgaSave - ok
02:24:14.0326 0x02f8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
02:24:14.0341 0x02f8  vhdmp - ok
02:24:14.0388 0x02f8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
02:24:14.0388 0x02f8  viaide - ok
02:24:14.0435 0x02f8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
02:24:14.0435 0x02f8  volmgr - ok
02:24:14.0497 0x02f8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
02:24:14.0513 0x02f8  volmgrx - ok
02:24:14.0544 0x02f8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
02:24:14.0560 0x02f8  volsnap - ok
02:24:14.0591 0x02f8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
02:24:14.0591 0x02f8  vsmraid - ok
02:24:14.0716 0x02f8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
02:24:14.0747 0x02f8  VSS - ok
02:24:14.0794 0x02f8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
02:24:14.0794 0x02f8  vwifibus - ok
02:24:14.0825 0x02f8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
02:24:14.0825 0x02f8  vwififlt - ok
02:24:14.0872 0x02f8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
02:24:14.0887 0x02f8  W32Time - ok
02:24:14.0934 0x02f8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
02:24:14.0934 0x02f8  WacomPen - ok
02:24:14.0981 0x02f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
02:24:14.0981 0x02f8  WANARP - ok
02:24:15.0012 0x02f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
02:24:15.0012 0x02f8  Wanarpv6 - ok
02:24:15.0012 0x02f8  wanatw - ok
02:24:15.0137 0x02f8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
02:24:15.0152 0x02f8  WatAdminSvc - ok
02:24:15.0262 0x02f8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
02:24:15.0293 0x02f8  wbengine - ok
02:24:15.0340 0x02f8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
02:24:15.0355 0x02f8  WbioSrvc - ok
02:24:15.0418 0x02f8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
02:24:15.0433 0x02f8  wcncsvc - ok
02:24:15.0449 0x02f8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
02:24:15.0449 0x02f8  WcsPlugInService - ok
02:24:15.0496 0x02f8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
02:24:15.0496 0x02f8  Wd - ok
02:24:15.0558 0x02f8  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\windows\system32\DRIVERS\wdcsam64.sys
02:24:15.0558 0x02f8  WDC_SAM - ok
02:24:15.0636 0x02f8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
02:24:15.0652 0x02f8  Wdf01000 - ok
02:24:15.0683 0x02f8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll
02:24:15.0683 0x02f8  WdiServiceHost - ok
02:24:15.0698 0x02f8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll
02:24:15.0698 0x02f8  WdiSystemHost - ok
02:24:15.0745 0x02f8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
02:24:15.0761 0x02f8  WebClient - ok
02:24:15.0792 0x02f8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
02:24:15.0808 0x02f8  Wecsvc - ok
02:24:15.0839 0x02f8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
02:24:15.0839 0x02f8  wercplsupport - ok
02:24:15.0854 0x02f8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
02:24:15.0870 0x02f8  WerSvc - ok
02:24:15.0917 0x02f8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
02:24:15.0917 0x02f8  WfpLwf - ok
02:24:15.0948 0x02f8  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
02:24:15.0964 0x02f8  WimFltr - ok
02:24:15.0964 0x02f8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
02:24:15.0964 0x02f8  WIMMount - ok
02:24:16.0042 0x02f8  WinDefend - ok
02:24:16.0073 0x02f8  WinHttpAutoProxySvc - ok
02:24:16.0166 0x02f8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
02:24:16.0182 0x02f8  Winmgmt - ok
02:24:16.0307 0x02f8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll
02:24:16.0354 0x02f8  WinRM - ok
02:24:16.0416 0x02f8  [ 37EBA86E2089B9E1FD98A3E98CC81554, 25510FD4101E18C7752ACAFF5B3327D7CBC10DAF5F377E2F16867F8DC90F1A50 ] WinTabService   C:\windows\System32\Drivers\WTSRV.EXE
02:24:16.0416 0x02f8  WinTabService - ok
02:24:16.0463 0x02f8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
02:24:16.0463 0x02f8  WinUsb - ok
02:24:16.0541 0x02f8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
02:24:16.0556 0x02f8  Wlansvc - ok
02:24:16.0744 0x02f8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:24:16.0790 0x02f8  wlidsvc - ok
02:24:16.0837 0x02f8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
02:24:16.0837 0x02f8  WmiAcpi - ok
02:24:16.0884 0x02f8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
02:24:16.0884 0x02f8  wmiApSrv - ok
02:24:16.0931 0x02f8  WMPNetworkSvc - ok
02:24:16.0962 0x02f8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
02:24:16.0978 0x02f8  WPCSvc - ok
02:24:17.0024 0x02f8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
02:24:17.0024 0x02f8  WPDBusEnum - ok
02:24:17.0071 0x02f8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
02:24:17.0071 0x02f8  ws2ifsl - ok
02:24:17.0118 0x02f8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
02:24:17.0118 0x02f8  wscsvc - ok
02:24:17.0134 0x02f8  WSearch - ok
02:24:17.0274 0x02f8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll
02:24:17.0336 0x02f8  wuauserv - ok
02:24:17.0383 0x02f8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
02:24:17.0399 0x02f8  WudfPf - ok
02:24:17.0430 0x02f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
02:24:17.0446 0x02f8  WUDFRd - ok
02:24:17.0492 0x02f8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
02:24:17.0508 0x02f8  wudfsvc - ok
02:24:17.0570 0x02f8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
02:24:17.0586 0x02f8  WwanSvc - ok
02:24:17.0633 0x02f8  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\windows\system32\DRIVERS\yk62x64.sys
02:24:17.0648 0x02f8  yukonw7 - ok
02:24:17.0695 0x02f8  ================ Scan global ===============================
02:24:17.0773 0x02f8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
02:24:17.0820 0x02f8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
02:24:17.0851 0x02f8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
02:24:17.0898 0x02f8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
02:24:17.0960 0x02f8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
02:24:17.0976 0x02f8  [ Global ] - ok
02:24:17.0976 0x02f8  ================ Scan MBR ==================================
02:24:17.0992 0x02f8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:24:18.0241 0x02f8  \Device\Harddisk0\DR0 - ok
02:24:18.0257 0x02f8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
02:24:18.0616 0x02f8  \Device\Harddisk1\DR1 - ok
02:24:18.0616 0x02f8  ================ Scan VBR ==================================
02:24:18.0631 0x02f8  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
02:24:18.0631 0x02f8  \Device\Harddisk0\DR0\Partition1 - ok
02:24:18.0631 0x02f8  [ 42830D70BBEF9B5EC0B23BAAE40FA686 ] \Device\Harddisk0\DR0\Partition2
02:24:18.0662 0x02f8  \Device\Harddisk0\DR0\Partition2 - ok
02:24:18.0678 0x02f8  [ 363824321A4FAE80787F94A09ED21433 ] \Device\Harddisk1\DR1\Partition1
02:24:18.0678 0x02f8  \Device\Harddisk1\DR1\Partition1 - ok
02:24:18.0678 0x02f8  ================ Scan generic autorun ======================
02:24:19.0084 0x02f8  [ BF657386FF476CE3630F693182E37800, 03A444880214BD61EBBC80BE8298358CF4F3425C675FF6851923071FC9E2C997 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
02:24:19.0286 0x02f8  RtHDVCpl - ok
02:24:19.0396 0x02f8  [ FCBCDE0CD1B921C965C63F3CBBE7E65A, A6687DD084F8EE64F60F01666C31C2950ADB6682EDFC0B179871461AC3B66FBE ] C:\Program Files\DellTPad\Apoint.exe
02:24:19.0411 0x02f8  Apoint - ok
02:24:19.0474 0x02f8  [ 87A4570E9D15A2821015B7FB6B821654, BDF5266905DC3F9ED0DBE41798D9907FC9E8D030DD5C28975BBF9BFD8BD9DA71 ] C:\windows\system32\igfxtray.exe
02:24:19.0474 0x02f8  IgfxTray - ok
02:24:19.0505 0x02f8  [ 842683D8F1A58A76E5A03DA35B4962EE, 7D1B1918D69566694D7D0E82A8A1C7537A5C3A1533DC80F60FE212DD2DBC6099 ] C:\windows\system32\hkcmd.exe
02:24:19.0520 0x02f8  HotKeysCmds - ok
02:24:19.0552 0x02f8  [ 99F8C1060BFB20D2039716BBF741D6C2, 8C578E288D88697E88AB9BEAE79D33AF23AD6176D830D5916BD2DD42EC6FADC5 ] C:\windows\system32\igfxpers.exe
02:24:19.0552 0x02f8  Persistence - ok
02:24:19.0662 0x02f8  [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
02:24:19.0677 0x02f8  IAStorIcon - ok
02:24:19.0787 0x02f8  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
02:24:19.0802 0x02f8  Adobe ARM - ok
02:24:19.0880 0x02f8  [ A4B41CBDD2C91FA3ECD9E27E4D468886, 4A3C8D028F0CA6A705EEAB7DA193F24EB1F245DE4DE4E15C44B44584DCDCBF4B ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
02:24:19.0880 0x02f8  iTunesHelper - ok
02:24:19.0989 0x02f8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:24:20.0021 0x02f8  Sidebar - ok
02:24:20.0052 0x02f8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:24:20.0052 0x02f8  mctadmin - ok
02:24:20.0099 0x02f8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:24:20.0114 0x02f8  Sidebar - ok
02:24:20.0130 0x02f8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:24:20.0130 0x02f8  mctadmin - ok
02:24:20.0177 0x02f8  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
02:24:20.0177 0x02f8  Uninstall C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220 - ok
02:24:20.0177 0x02f8  Waiting for KSN requests completion. In queue: 98
02:24:21.0192 0x02f8  Waiting for KSN requests completion. In queue: 98
02:24:22.0206 0x02f8  Waiting for KSN requests completion. In queue: 98
02:24:23.0251 0x02f8  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe ( 21.3.0.0 ), 0x51000 ( enabled : updated )
02:24:23.0251 0x02f8  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe ( 21.3.0.0 ), 0x51010 ( enabled )
02:24:25.0856 0x02f8  ============================================================
02:24:25.0856 0x02f8  Scan finished
02:24:25.0856 0x02f8  ============================================================
02:24:25.0856 0x115c  Detected object count: 0
02:24:25.0872 0x115c  Actual detected object count: 0
 


Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."


#8 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 30 June 2014 - 05:17 AM

Some of the entries on your machine indicate that installed Adobe products are pirated.

Please remove any Adobe software (except Flash Player and Adobe Reader).

 

 

Scan with CKScanner

Download CKScanner by askey127 from Here & save it to your Desktop.

  • Right-click and Run as Administrator CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply


Proud Member of UNITE & TB
 

#9 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 30 June 2014 - 05:57 AM

Marius

 

aFirst, CKScanner immediately set off Norton Internet Security as soon as I downloaded it to my desktop and it was quarantined. Supposedly it was for "WS.Reputation.1" which as I understand it, means they don't know enough about the file. I'm guessing that means this is a false-positive. I feel more comfortable running this than aswMbr. Should I still run it?

 

As for the Adobe product, when I first got the computer, a neighbor gave me a copy of Photoshop Elements to try but after 30 days the serial/activation number was invalidated and I removed the program (I probably should have known better but it was my neighbor). Other than Adobe Air, Flash, Digital Editons, Shockwave and Reader (all of which were downloaded from Adobe's site), I'm not finding any other Adobe program listed as being installed in the Control Panel list or CCleaner's list of installed programs. Could what you're seeing, be a leftover remnant of that program? I also removed some plug-in programs for Adobe Photoshop as i didn't know where they came from along with a few other programs I considered suspect or unneeded.

 

Gerry


Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."


#10 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 03 July 2014 - 02:22 AM

OK, please rescan with FRST (create a new addition.txt as well) and post the logs now. :)


Proud Member of UNITE & TB
 

#11 1excop36

1excop36

    Authentic Member

  • Authentic Member
  • PipPip
  • 97 posts

Posted 03 July 2014 - 06:54 AM

Okay here's the FRST Scan:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Gerry Goldshine at 2014-07-03 05:46:37
Running from C:\Users\Gerry Goldshine\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

4UOnly 1.2.7 (HKLM-x32\...\4UOnly_is1) (Version: 1.2.7 - Dillobits Software, Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{4CFE23CC-779D-4572-A76F-AB60A958BC79}) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Angry Birds Star Wars (HKLM-x32\...\{C336AA55-BBA3-4908-886F-25CF6D302D13}) (Version: 1.2.0 - Rovio Entertainment Ltd.)
Ant.com IE add-on (HKLM-x32\...\Ant.com IE add-on) (Version: 2.2.1.75 - Ant.com)
Ant.com IE add-on (x32 Version: 2.2.1.75 - Ant.com) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.33 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.5.5.0 - Auslogics Labs Pty Ltd)
Avery Wizard 5.0 (HKLM-x32\...\{D43E122B-C053-4545-999A-2219BF8F6422}) (Version: 5.0.3 - Avery)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Avidemux 2.6 (HKLM-x32\...\Avidemux 2.6 (64-bit)) (Version: 2.6.1.8321 - )
Axialis CursorWorkshop 6.33 (HKLM-x32\...\CursorWorkshop) (Version: 6.33 - Axialis Software)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.0.0.0 - ASCOMP Software GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C410 (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{2737D16B-D96A-48B6-A6D9-BDD22333CD3D}) (Version: 1.37.0 - Kovid Goyal)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daum PotPlayer 1.5.38562 x64 Edition (HKLM\...\PotPlayer64) (Version:  - )
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.3 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.209 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 8.0 - Dell)
DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Desktop Icon Position Saver (64-bit) (HKLM-x32\...\dips64) (Version:  - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.99.000 - Hewlett-Packard) Hidden
DVD Profiler Version 3.8.2 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version:  - )
ePUBee DRM Removal (HKLM-x32\...\{642A2F98-4BF5-4844-9614-899DDBA0C01A}) (Version: 2.02 - ePUBee)
ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 3.0.5.1 - ePUBee Inc.)
eReader (HKLM-x32\...\{453C9E55-80DF-4BD2-9885-52A1FB0D9382}) (Version: 3.0.3 - Palm Digital Media)
Fax (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Google Books Download (HKLM-x32\...\GoogleBooks) (Version: 1.4.1 - eBook Download)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
GPL Ghostscript 9.01 (HKLM\...\GPL Ghostscript 9.01) (Version:  - )
Greenfish Icon Editor Pro 3.1 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version:  - Greenfish Corporation)
H&R Block California 2013 (HKLM-x32\...\{FA9B4B45-B7F0-47A4-894B-19BBF8829FE2}) (Version: 1.13.6701 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.6502 - HRB Technology, LLC.)
Hallmark Card Studio 2013 Deluxe (HKLM-x32\...\{A6E08FBC-FC99-4CEE-B645-83A42107BE89}) (Version: 14.0.1.1 - Creative Home)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{C1164ED0-EF08-4B0B-8084-3BDAEAAEFD8D}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java™ SE Development Kit 7 Update 3 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 - Oracle)
JavaFX 2.0.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.0.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund)
Media Cope 4.0 (HKLM-x32\...\Media Cope_is1) (Version:  - Media Cope)
Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version:  - )
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.9.1 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.0.1 (x86 en-US)) (Version: 24.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version:  - xiles)
Nitro Pro 9 (HKLM\...\{8829CDD8-8A60-474E-8230-701986CE0DAE}) (Version: 9.0.5.9 - Nitro)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Tab EnterPrise 9.20 (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version:  - Detong Technology Ltd.)
Pale Moon 24.6.2 (x86 en-US) (HKLM-x32\...\Pale Moon 24.6.2 (x86 en-US)) (Version: 24.6.2 - Moonchild Productions)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Photoupz 1.63 (HKLM-x32\...\Photoupz) (Version: 1.63 - EvenPixel Ltd)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PS_AIO_07_C410_SW_Min (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden
Quicken WillMaker Plus 2011 (HKLM-x32\...\Quicken WillMaker Plus 2011) (Version:  - Nolo)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.06.02 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.2 - VS Revo Group, Ltd.)
Safe In Cloud Password Manager (HKLM-x32\...\{2638C8C0-394C-46DE-98A8-A6431D2781D1}) (Version: 2.3 - Andrey Shcherbakov)
SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0 Stand-Alone) (Version: 3.0.0.5 - Nik Software, Inc.)
Simply Good Pictures 2 (HKLM-x32\...\{DD2FEA6F-5AC2-46B2-0001-C2A0C077FD2C}) (Version: 2.0.12.1210 - Engelmann Media GmbH)
SmartEdit 3.211 (HKLM-x32\...\SmartEdit_is1) (Version:  - Bad Wolf Software)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software Informer 1.3.1092.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TheSage (HKLM\...\TheSage) (Version: 6.2.1802 - Sequence Publishing)
TheSage (HKLM-x32\...\TheSage) (Version: 6.0.1798 - Sequence Publishing)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Topaz DeNoise 5 (64-bit) (HKLM-x32\...\Topaz DeNoise 5 (64-bit)) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (64-bit) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (x32 Version: 5.0.1 - Topaz Labs) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ultimate EPubsoft DRM Removal 8.5.5 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.5.5 - EPUBSOFT)
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.2 - VSO Software)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.7 Beta - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Essentials Pack (HKLM-x32\...\Winamp Essentials Pack) (Version: v5.63a - Christoph Grether)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winstep Start Menu Organizer 1.5 (HKLM-x32\...\Winstep Organizer_is1) (Version:  - )
WinWay Resume Deluxe (HKLM-x32\...\{DFACE88E-BFD1-4E1F-AF5C-100C979A12B0}) (Version: 12.00.019 - WinWay Corporation)
yBook (HKLM-x32\...\yBook_is1) (Version:  - Spacejock Software)
Zoner Photo Studio 16 - Envelopes and Templates (HKLM\...\ZonerPhotoStudio16_Templates_EN_is1) (Version: 16.0.1.3 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.5 - ZONER software)

==================== Restore Points  =========================

28-06-2014 04:58:48 Auslogics Regisry Defrag - before defragmentation
29-06-2014 17:34:32 Revo Uninstaller Pro's restore point - McAfee Security Scan Plus
29-06-2014 17:41:08 Revo Uninstaller Pro's restore point - PhotoScape
03-07-2014 01:00:08 Installed Safe In Cloud Password Manager.

==================== Hosts content: ==========================

2009-07-13 19:34 - 2014-04-07 18:14 - 00004308 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com67.221.174.30   tagged.com

==================== Scheduled Tasks (whitelisted) =============

Task: {10163250-0E2B-4A47-9D47-FA36825279EC} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {20AB5C56-5EFB-4ACF-8668-223C033ADC9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.)
Task: {293A78B9-9D20-4FB2-BC67-E4987B9A017F} - System32\Tasks\Auslogics\BoostSpeed\Integrator\Start On Gerry Goldshine Logon => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
Task: {34BDF9EE-C716-4315-8F04-E27169858428} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Gerry Goldshine logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2014-04-15] (Auslogics)
Task: {4A5B84AA-4188-44BA-9213-94F73E43CF27} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5EA33125-760A-460D-9C92-5806647CCDC1} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {61F170EC-CCC1-40DA-A18D-13B5BEA19C0C} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-05-23] (Informer Technologies, Inc.)
Task: {62BD61BA-C7A5-4091-8492-83711CE1DF6A} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] ()
Task: {73F3EC9E-D066-4A9A-8967-9C24665ED071} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-29] (Adobe Systems Incorporated)
Task: {876E3EE1-8454-45C9-A76C-499DF58E6C56} - System32\Tasks\Auslogics\BoostSpeed\Integrator\Scan and Repair => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
Task: {8CE5565F-A7D3-47BF-B093-7BF21CE05987} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {A31B914C-C053-4757-920B-DE1BBE4C55AB} - System32\Tasks\{FDC5718F-4327-49FA-9B45-1E3C0D7F2373} => Firefox.exe
Task: {B192212A-B934-4A21-80FD-679CAC69DE0F} - System32\Tasks\BackUp_Maker-Gerry_Goldshine => C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe [2014-04-01] (ASCOMP Software GmbH)
Task: {B72DCD66-895C-4728-94BD-08BFAEFD3531} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-04-23] ()
Task: {BD3661F4-57E6-4FF3-AD3E-ABCC3CCE121B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {C7BE9DC4-FB0B-4174-91AA-97C67DAB19D0} - System32\Tasks\SoftUpdateLogon => C:\Users\Gerry
Task: {CDD9D5B9-8FBD-4C80-8170-D232772B6590} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.)
Task: {E04395FE-F938-41D1-BBED-581657525391} - System32\Tasks\DTReg => C:\Users\Gerry Goldshine\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {E8ED78A6-BB2D-4659-8A52-DD8C7619E5E0} - System32\Tasks\SoftUpdateDaily => C:\Users\Gerry
Task: {FF685FAD-D936-4DEE-9246-D45031351862} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2014-03-06 09:56 - 2014-03-06 09:56 - 01569792 _____ () C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-12 04:47 - 2014-02-12 04:47 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-01-07 14:24 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:D8999815
AlternateDataStreams: C:\ProgramData\TEMP:F169C698

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92905262.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92905262.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\windows\pss\Event Planner Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Gerry Goldshine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Utilities^Startup^ERUNT AutoBackup.lnk => C:\windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupreg: Aimersoft Helper Compact.exe =>
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Google Update => "C:\Users\Gerry Goldshine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: MusicManager =>
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SkyDrive => "C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== Faulty Device Manager Devices =============

Name: Photosmart Prem C410 series
Description: Photosmart Prem C410 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 01:01:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3182

Error: (07/03/2014 01:01:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3182

Error: (07/03/2014 01:01:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2014 01:01:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2106

Error: (07/03/2014 01:01:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2106

Error: (07/03/2014 01:01:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2014 01:01:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1029

Error: (07/03/2014 01:01:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1029

Error: (07/03/2014 01:01:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2014 10:22:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5475


System errors:
=============
Error: (07/01/2014 03:13:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SMR322

Error: (07/01/2014 03:12:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TOSHIBA UDF2.5 Reader File System Driver service failed to start due to the following error:
%%1275

Error: (07/01/2014 03:12:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\thdudf.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/01/2014 03:12:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\windows\SysWow64\drivers\fanio.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/01/2014 03:10:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/01/2014 00:36:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The iPod Service service failed to start due to the following error:
%%1053

Error: (07/01/2014 00:36:34 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (07/01/2014 00:36:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.

Error: (07/01/2014 00:35:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SMR322

Error: (07/01/2014 00:35:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 6106.36 MB
Available physical RAM: 3855.38 MB
Total Pagefile: 12210.91 MB
Available Pagefile: 10075.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:160.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: FB55FDD4)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Here's the Addition Scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Gerry Goldshine (administrator) on SAL9000V2 on 03-07-2014 05:45:58
Running from C:\Users\Gerry Goldshine\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASCOMP Software GmbH) C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [1569792 2014-03-06] ()
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\RunOnce: [Uninstall C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerry Goldshine\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [StartMenuLogOff] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKU\S-1-5-21-1361499315-2266380641-1734000601-1001\...\Policies\Explorer: [HideRunAsVerb] 1
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: "autocheck autochk /p \??\C:""""autocheck autochk * """

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start.me/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?r...DE&dcc=DE&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x27353D5A3E76CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope {E533D9B5-4252-42EB-9AB5-EC3855001A55} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {06B47159-3298-4EB3-A77C-0EB72B5C9A20} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
SearchScopes: HKCU - {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.n...q={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Program Files (x86)\FireShot for Internet Explorer\fsaddin64-0.98.56.dll (getfireshot.com)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Program Files (x86)\FireShot for Internet Explorer\fsaddin-0.98.56.dll (getfireshot.com)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/im...r/SysProExe.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Hosts: 127.0.0.1 activate.adobe.com67.221.174.30   tagged.com
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF Homepage: hxxp://www.start.me/
FF Keyword.URL: https://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Users\Gerry Goldshine\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Gerry Goldshine\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Gerry Goldshine\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\user.js
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\s-amazon.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\searchplugins\startpage-https.xml
FF Extension: Ant Video Downloader - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\anttoolbar@ant.com [2014-07-02]
FF Extension: CuteButtons - Crystal SVG - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\CuteButtonsCrystalSVG@ChoGGi [2014-07-02]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\donottrackplus@abine.com [2014-07-02]
FF Extension: HTTPS-Everywhere - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\https-everywhere@eff.org [2014-07-02]
FF Extension: Toolbar Buttons - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-07-02]
FF Extension: Forecastfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-07-02]
FF Extension: ColorfulTabs - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-07-02]
FF Extension: FireShot - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-07-02]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2014-07-02]
FF Extension: AddThis - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2014-07-02]
FF Extension: FEBE - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2014-07-02]
FF Extension: Empty Cache Button - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-07-02]
FF Extension: Dr.Web Anti-Virus Link Checker - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2014-07-02]
FF Extension: WOT - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-02]
FF Extension: Cleanest Addon Manager - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\cam@sdrocking.com.xpi [2014-06-21]
FF Extension: Classic Theme Restorer - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF Extension: Safe In Cloud - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\info@safe-in-cloud.com.xpi [2014-06-21]
FF Extension: Dolphin Connect - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid1-79nQAfjhUybb3A@jetpack.xpi [2014-06-21]
FF Extension: Privacy Badger Firefox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2014-06-21]
FF Extension: Noia Fox options - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2014-06-21]
FF Extension: Print / Print Preview (Update) - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\printprintpreview-andrewsfirefoxextensions@gmail.com.xpi [2014-06-21]
FF Extension: S3.Download Statusbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\s3download@statusbar.xpi [2014-06-21]
FF Extension: Status-4-Evar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\status4evar@caligonstudios.com.xpi [2014-06-25]
FF Extension: Torrent Finder Toolbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\TFToolbarX@torrent-finder.xpi [2014-06-21]
FF Extension: Toggle Private Browsing - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\toggleprivatebrowsing@supernova00.biz.xpi [2014-06-21]
FF Extension: TrackMeNot - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2014-06-21]
FF Extension: Facebook Phishing Protector - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2014-06-21]
FF Extension: Flagfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-06-21]
FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2014-06-21]
FF Extension: Quick Translator - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-06-21]
FF Extension: Bluhell Firewall - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-06-21]
FF Extension: Facebook Toolbar Button - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2014-06-21]
FF Extension: Noia Fox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2014-06-21]
FF Extension: Add-on Update Checker - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{891f0410-aaa2-11e0-9f1c-0800200c9a66}.xpi [2014-06-21]
FF Extension: Fasterfox - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2014-06-25]
FF Extension: Adblock Plus - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-02]
FF Extension: BetterPrivacy - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-06-21]
FF Extension: Extended Statusbar - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2014-06-21]
FF Extension: Menu Editor - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-06-25]
FF Extension: Download Manager Tweak - C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla\Firefox\Profiles\6m7g255n.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF [2014-02-21]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\TheSage\extensions\firefox
FF Extension: TheSage one-click lookup - C:\Program Files (x86)\TheSage\extensions\firefox [2014-01-18]

Chrome:
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M72E4B7AB-EF30-4EB8-9455-1621BF1C4B1E&SearchSource=55&CUI=&UM=5&UP=SP37710FC9-D7EF-4CE2-8646-AC18F1406269&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M72E4B7AB-EF30-4EB8-9455-1621BF1C4B1E&SearchSource=55&CUI=&UM=5&UP=SP37710FC9-D7EF-4CE2-8646-AC18F1406269&SSPV="
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: http://www.trovi.com...rchTerms}&SSPV=
CHR Extension: (Logitech SetPoint) - C:\Users\Gerry Goldshine\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-10-11]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\TheSage\TheSage\extensions\chrome\ [2013-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 CrypKey License; C:\windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-17] (Nitro PDF Software)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2009-10-30] (Tablet Driver) [File not signed]
S2 RoxLiveShare10; No ImagePath

==================== Drivers (Whitelisted) ====================

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R1 ElRawDisk; C:\windows\system32\drivers\ElRawDsk.sys [30752 2014-04-30] (EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
S1 fanio; C:\windows\SysWOW64\drivers\fanio.sys [14464 2007-02-16] (Christian Diefer) [File not signed]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-04-23] (Arainia Solutions LLC)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140702.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140702.009\ENG64.SYS [126040 2014-05-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140702.009\EX64.SYS [2099288 2014-05-18] (Symantec Corporation)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-18] ()
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 Tablet2k; No ImagePath
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
S2 thdudf; C:\Windows\SysWOW64\DRIVERS\thdudf.sys [66944 2013-06-20] (TOSHIBA Corporation) [File not signed]
S3 wanatw; No ImagePath
S3 cpuz136; \??\C:\windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S0 SMR322; System32\drivers\SMR322.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 05:33 - 2014-07-03 05:46 - 00028354 _____ () C:\Users\Gerry Goldshine\Desktop\FRST.txt
2014-07-03 05:29 - 2014-07-03 05:29 - 02083840 _____ (Farbar) C:\Users\Gerry Goldshine\Desktop\FRST64.exe
2014-07-02 18:00 - 2014-07-02 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safe In Cloud
2014-07-01 12:35 - 2014-07-01 15:12 - 00000112 _____ () C:\windows\setupact.log
2014-07-01 12:35 - 2014-07-01 12:35 - 00000000 _____ () C:\windows\setuperr.log
2014-07-01 12:34 - 2014-07-01 15:12 - 00000324 _____ () C:\windows\errord.log
2014-07-01 12:34 - 2014-07-01 12:34 - 00001294 _____ () C:\windows\PFRO.log
2014-07-01 12:33 - 2014-07-01 15:12 - 00000280 _____ () C:\windows\error.log
2014-06-30 14:46 - 2014-07-02 19:51 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\DogTag Art
2014-06-29 18:55 - 2014-06-29 18:55 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Adobe
2014-06-29 15:32 - 2014-06-29 15:32 - 00000110 ____H () C:\Users\Gerry Goldshine\Downloads\Hiccup 1.jpg.uid-zps
2014-06-27 18:38 - 2014-06-27 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-27 11:21 - 2014-04-30 10:03 - 00030752 _____ (EldoS Corporation) C:\windows\system32\Drivers\ElRawDsk.sys
2014-06-27 01:37 - 2014-06-27 01:37 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\PackageAware
2014-06-26 12:23 - 2014-06-26 12:23 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\FireShot
2014-06-25 11:13 - 2014-07-03 05:46 - 00000000 ____D () C:\FRST
2014-06-25 02:06 - 2014-06-25 02:06 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-24 21:18 - 2014-06-24 21:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 12:14 - 2014-06-22 13:11 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\PM backup
2014-06-21 21:25 - 2014-06-21 21:30 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Moonchild Productions
2014-06-21 21:25 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Moonchild Productions
2014-06-21 21:24 - 2014-06-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-06-21 14:09 - 2014-05-15 19:46 - 00001162 _____ () C:\Users\Gerry Goldshine\Documents\indexfile.txt
2014-06-20 21:44 - 2014-06-25 02:37 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Computer Repair
2014-06-15 20:42 - 2014-06-15 20:42 - 00002368 _____ () C:\Users\Gerry Goldshine\AppData\Local\recently-used.xbel
2014-06-12 02:25 - 2014-06-12 02:25 - 00000374 _____ () C:\windows\KINGSTON (G).lnk
2014-06-12 00:50 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-12 00:50 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-11 14:48 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-11 14:48 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-11 14:48 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-11 14:48 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-11 14:48 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-11 14:48 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-11 14:48 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-11 14:48 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-11 14:48 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-11 14:48 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-11 14:48 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-11 14:48 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-11 14:48 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-11 14:48 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-11 14:48 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-11 14:48 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-11 14:43 - 2013-09-24 19:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-06-11 14:43 - 2013-09-24 18:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-06-11 04:16 - 2014-06-11 13:06 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Adventure Time
2014-06-11 03:35 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 03:35 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 03:35 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 03:35 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 03:35 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 03:35 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 03:35 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 03:35 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 03:35 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 03:35 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 03:35 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 03:35 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 03:35 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 03:35 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 03:35 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 03:35 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 03:35 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 03:35 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 03:35 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 03:35 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 03:35 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 03:35 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 03:35 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 03:35 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 03:35 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 03:35 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 03:35 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 03:35 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 03:35 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 03:35 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 03:35 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 03:35 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 03:35 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 03:35 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 03:35 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 03:35 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 03:35 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 03:35 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 03:35 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 03:35 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 03:35 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 03:35 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 03:35 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 03:35 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 03:35 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 03:35 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 03:35 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 03:35 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 03:35 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 03:35 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 03:35 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 03:35 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-11 03:35 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 03:35 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 03:35 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 03:35 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 03:35 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 03:35 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 03:35 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 03:35 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 03:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 03:35 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 03:35 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 03:35 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 03:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 03:35 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 03:34 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-11 03:34 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

2014-07-03 05:46 - 2014-07-03 05:33 - 00028354 _____ () C:\Users\Gerry Goldshine\Desktop\FRST.txt
2014-07-03 05:46 - 2014-06-25 11:13 - 00000000 ____D () C:\FRST
2014-07-03 05:29 - 2014-07-03 05:29 - 02083840 _____ (Farbar) C:\Users\Gerry Goldshine\Desktop\FRST64.exe
2014-07-03 05:29 - 2013-06-07 01:10 - 01730987 _____ () C:\windows\WindowsUpdate.log
2014-07-03 05:05 - 2014-05-23 22:11 - 00000358 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2014-07-02 22:23 - 2009-07-13 22:13 - 00786538 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-02 19:51 - 2014-06-30 14:46 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\DogTag Art
2014-07-02 19:36 - 2011-02-27 23:52 - 00249320 _____ () C:\Users\Gerry Goldshine\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-02 18:00 - 2014-07-02 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safe In Cloud
2014-07-02 18:00 - 2014-03-19 12:10 - 00000000 ____D () C:\Program Files (x86)\Safe In Cloud
2014-07-02 17:59 - 2013-03-12 19:19 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Downloaded Installations
2014-07-02 09:17 - 2012-08-31 17:03 - 00000000 _____ () C:\ProgramData\TEMP
2014-07-02 04:24 - 2013-06-08 16:50 - 00000000 ____D () C:\Program Files\pia_manager
2014-07-01 15:20 - 2009-07-13 21:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-01 15:20 - 2009-07-13 21:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-01 15:12 - 2014-07-01 12:35 - 00000112 _____ () C:\windows\setupact.log
2014-07-01 15:12 - 2014-07-01 12:34 - 00000324 _____ () C:\windows\errord.log
2014-07-01 15:12 - 2014-07-01 12:33 - 00000280 _____ () C:\windows\error.log
2014-07-01 15:12 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-01 12:35 - 2014-07-01 12:35 - 00000000 _____ () C:\windows\setuperr.log
2014-07-01 12:35 - 2012-08-17 08:53 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 12:34 - 2014-07-01 12:34 - 00001294 _____ () C:\windows\PFRO.log
2014-06-30 04:32 - 2014-01-21 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photography
2014-06-30 04:32 - 2011-05-23 15:31 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Windows Live
2014-06-29 18:55 - 2014-06-29 18:55 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Adobe
2014-06-29 15:32 - 2014-06-29 15:32 - 00000110 ____H () C:\Users\Gerry Goldshine\Downloads\Hiccup 1.jpg.uid-zps
2014-06-29 09:18 - 2012-08-17 08:53 - 00003770 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-06-29 09:18 - 2012-05-11 20:55 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-29 09:18 - 2012-05-11 20:55 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-29 00:30 - 2013-03-26 21:53 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Calibre Library
2014-06-28 23:32 - 2011-05-11 02:11 - 00000000 ____D () C:\Users\Gerry Goldshine\E-Books
2014-06-27 22:01 - 2011-02-27 23:51 - 00000000 ____D () C:\Users\Gerry Goldshine
2014-06-27 21:56 - 2014-05-21 21:33 - 00000000 ____D () C:\ProgramData\VSO
2014-06-27 18:38 - 2014-06-27 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-27 18:38 - 2014-03-18 22:02 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-27 18:38 - 2011-03-11 02:28 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-27 16:37 - 2013-03-31 16:10 - 00000000 ____D () C:\windows\schemas
2014-06-27 11:26 - 2014-01-21 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
2014-06-27 01:58 - 2014-01-21 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2014-06-27 01:49 - 2011-01-07 14:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-27 01:41 - 2011-04-27 17:06 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs
2014-06-27 01:37 - 2014-06-27 01:37 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\PackageAware
2014-06-27 01:36 - 2011-04-29 02:04 - 00000000 ____D () C:\Program Files\Nik Software
2014-06-27 01:30 - 2014-01-17 22:47 - 00000000 ____D () C:\Program Files\Java
2014-06-27 01:26 - 2014-05-18 12:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphic Design
2014-06-27 01:05 - 2013-06-29 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-27 00:49 - 2014-05-01 12:05 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Wondershare DVD Creator
2014-06-26 12:23 - 2014-06-26 12:23 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\FireShot
2014-06-25 02:37 - 2014-06-20 21:44 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Computer Repair
2014-06-25 02:29 - 2014-05-25 03:18 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New  Icons
2014-06-25 02:29 - 2011-04-24 21:11 - 00000000 ____D () C:\Users\Gerry Goldshine\My System Icons
2014-06-25 02:06 - 2014-06-25 02:06 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-24 21:19 - 2014-06-24 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 13:15 - 2014-01-21 03:03 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet
2014-06-22 13:11 - 2014-06-22 12:14 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\PM backup
2014-06-21 21:30 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Moonchild Productions
2014-06-21 21:25 - 2014-06-21 21:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Moonchild Productions
2014-06-21 21:25 - 2011-03-11 22:05 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Mozilla
2014-06-21 21:24 - 2014-06-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-06-21 13:14 - 2013-07-02 14:59 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\tixati
2014-06-20 21:23 - 2014-05-23 20:18 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New DVD Case Inserts
2014-06-20 19:46 - 2014-05-21 21:41 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\ConvertXtoDVD
2014-06-18 22:22 - 2011-05-24 00:18 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\Axialis
2014-06-17 17:10 - 2011-05-30 23:38 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\DVD Profiler
2014-06-15 20:42 - 2014-06-15 20:42 - 00002368 _____ () C:\Users\Gerry Goldshine\AppData\Local\recently-used.xbel
2014-06-14 19:31 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-06-14 12:24 - 2013-06-08 23:13 - 00055303 _____ () C:\Users\Gerry Goldshine\.pia_manager_crash.log
2014-06-13 17:35 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\Cursors
2014-06-13 02:56 - 2013-07-01 02:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-13 02:55 - 2012-09-01 15:25 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Local\CrashDumps
2014-06-12 02:25 - 2014-06-12 02:25 - 00000374 _____ () C:\windows\KINGSTON (G).lnk
2014-06-12 01:48 - 2013-06-16 11:24 - 00000000 ____D () C:\temp
2014-06-11 15:39 - 2011-05-30 23:36 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\DVD Profiler
2014-06-11 15:03 - 2014-05-24 12:41 - 00002586 _____ () C:\Users\Gerry Goldshine\Desktop\MS Word 2007.lnk
2014-06-11 14:56 - 2009-07-13 21:45 - 05279752 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-11 14:54 - 2013-08-15 03:02 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 14:51 - 2011-03-03 14:19 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-11 14:50 - 2011-03-18 02:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 14:46 - 2014-04-29 17:36 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-11 13:15 - 2014-03-16 17:28 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Book Covers
2014-06-11 13:08 - 2014-05-16 18:49 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\New Wallpaper
2014-06-11 13:07 - 2011-03-30 00:31 - 00000000 ____D () C:\Users\Gerry Goldshine\Assorted Images & ClipArt
2014-06-11 13:06 - 2014-06-11 04:16 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Adventure Time
2014-06-11 00:17 - 2009-07-13 20:20 - 00000000 __RSD () C:\windows\Media
2014-06-10 23:12 - 2013-02-14 01:03 - 00000000 ____D () C:\Users\Gerry Goldshine\Documents\Hallmark Card Studio Projects
2014-06-10 18:17 - 2011-08-06 01:31 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\avidemux
2014-06-08 02:13 - 2014-06-11 03:34 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 02:08 - 2014-06-11 03:34 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-07 10:29 - 2013-01-14 15:12 - 00000000 ____D () C:\Users\Gerry Goldshine\AppData\Roaming\Nitro PDF
2014-06-07 10:18 - 2011-03-11 02:06 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-06-04 20:40 - 2014-03-14 14:43 - 00000000 ____D () C:\Users\Gerry Goldshine\Downloads\Free Ebooks
2014-06-04 01:31 - 2014-04-07 19:53 - 00000000 ____D () C:\windows\Downloaded Installations
2014-06-04 01:31 - 2013-06-08 01:14 - 00000000 ____D () C:\Program Files (x86)\Winamp

Some content of TEMP:
====================
C:\Users\Gerry Goldshine\AppData\Local\Temp\SafeInCloud_Setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 18:15

==================== End Of Log ============================


Computers:

 

Mine: Dell N5030 Laptop  Pentium Dual Core T4500 2.30 GHz, 6GB RAM, 10X DVD Recorder Windows 7 & New WD 500GB HD

Wife's: Gateway SX2370-UR10P Desktop AMD A8-3820 APU with Radeon™ HD Graphics 6GB Ram 1TB HD

 

 

"The moment you think you know it all should also be the moment you realize that you do not."


#12 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 04 July 2014 - 04:29 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 

#13 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 15 July 2014 - 06:44 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic
Proud Member of UNITE & TB
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users