Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93116 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Elusive Malware [Closed]

Started by Divinusmortalis , Jul 19 2014 09:30 AM
Maleware scanners wont find browser tab popups expanding pages highjack

  • This topic is locked This topic is locked
34 replies to this topic

#1 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 19 July 2014 - 09:30 AM

Hello, I've been searching recently after a long period of odd PC behavior. When I go to,say, a youtube page, the white area between the video and the comments section continuously expands in intervals of about two or three seconds. Also, after a few clicks of links and I think the clicking of the scroll bar opens up a tab on my browser to advertisement websites. And I may just be mistaken, but I feel as if I have a keylogger by the way the cursor flickers while I type in skype. Sometimes the cursor disappears and sometimes an hourglass appears next to it. Then again, I don't know if that would be considered a legitimate concern. Oh and one other thing, some advertisement popups still manage to get past Adblocker Plus during my google searches. Here is my HijackThis log.

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:09:36 AM, on 7/19/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)

FIREFOX: 31.0 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\WhatPulse2\whatpulse.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Chad\Downloads\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - BHO: (no name) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Client\MsMpEng.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
O23 - Service: @C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243 (NisSrv) - Unknown owner - C:\Program Files\Microsoft Security Client\NisSrv.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7255 bytes
 


    Advertisements

Register to Remove

#2 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 19 July 2014 - 08:14 PM

Hi Divinusmortalis,

HJT is not used as much for diagnostics anymore. Please run the following scans for review.

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

bullseye_zpse9eaf36e.gif Security Check

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

bullseye_zpse9eaf36e.gif aswMBR

Download aswMBR.exe and save it to your desktop.

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan
  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

bullseye_zpse9eaf36e.gif Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

=========================

 

Can you tell me about this program: WhatPulse2

 

=========================

In your next post please provide the following:

  • checkup.txt
  • aswMBR.txt
  • attach MBR.zip
  • FRST.txt
  • Addition.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

#3 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 20 July 2014 - 08:53 AM

I tried both the archive and the .dat file of MBR but it said I wasn't permitted. Whatpulse2 is pretty much just a novelty program that counts your keystrokes, clickcount, upload and download amount, how much ram I have and how much is being used, and a couple of other things. 

Attached Files


#4 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 20 July 2014 - 09:20 AM

Hi Divinusmortalis,

Please Copy and Paste the logs directly into the reply window unless specifically asked to attach a log. Attaching logs just delays the process as I have to download the file to view it. I appreciate your cooperation. :thumbup:

I don't know what this log is: FBPR.rtf ??
I still need to see the checkup.txt log

====================================

I will review your logs after work and post my next set of instructions then.

====================================

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-20 09:22:32
-----------------------------
09:22:32.328 OS Version: Windows x64 6.1.7601 Service Pack 1
09:22:32.328 Number of processors: 3 586 0x502
09:22:32.329 ComputerName: CHAD-PC UserName: Chad
09:22:34.746 Initialize success
09:22:35.280 VM: initialized successfully
09:22:35.305 VM: Amd CPU supported
09:22:41.812 VM: supported disk I/O ataport.SYS
09:26:42.418 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:26:42.424 Disk 0 Vendor: WDC_WD1001FAES-60Z2A0 06.01D06 Size: 953869MB BusType: 3
09:26:42.557 Disk 0 MBR read successfully
09:26:42.562 Disk 0 MBR scan
09:26:42.568 Disk 0 Windows 7 default MBR code
09:26:42.575 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:26:42.584 Disk 0 default boot code
09:26:42.591 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 942028 MB offset 206911
09:26:42.628 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11738 MB offset 1929482240
09:26:42.668 Disk 0 scanning C:\Windows\system32\drivers
09:26:51.010 Service scanning
09:26:55.569 Service BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys **LOCKED** 5
09:26:56.096 Service ccSet_NIS C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys **LOCKED** 5
09:26:57.843 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
09:26:58.163 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
09:27:01.969 Service IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys **LOCKED** 5
09:27:05.952 Service NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\ENG64.SYS **LOCKED** 5
09:27:06.038 Service NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\EX64.SYS **LOCKED** 5
09:27:10.982 Service SRTSPX C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS **LOCKED** 5
09:27:11.556 Service SymDS C:\Windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS **LOCKED** 5
09:27:11.723 Service SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS **LOCKED** 5
09:27:11.824 Service SymIRON C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS **LOCKED** 5
09:27:11.902 Service SymNetS C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS **LOCKED** 5
09:27:17.043 Modules scanning
09:27:17.049 Disk 0 trace - called modules:
09:27:17.061 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
09:27:17.067 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004949060]
09:27:17.073 3 CLASSPNP.SYS[fffff88001aa743f] -> nt!IofCallDriver -> [0xfffffa80047ef520]
09:27:17.079 5 ACPI.sys[fffff88000f577a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80047e0060]
09:27:17.085 Scan finished successfully
09:27:35.984 Disk 0 MBR has been saved successfully to "C:\Users\Chad\Desktop\MBR.dat"
09:27:36.001 The log file has been saved successfully to "C:\Users\Chad\Desktop\aswMBR.txt"


===================================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Chad (administrator) on CHAD-PC on 20-07-2014 09:26:46
Running from C:\Users\Chad\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
() C:\Program Files (x86)\WhatPulse2\whatpulse.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(AVAST Software) C:\Users\Chad\Downloads\aswMBR.exe
() C:\Users\Chad\Downloads\SecurityCheck(1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-07-15] (LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3054592 2014-04-17] ()
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-06-16] (Glarysoft Ltd)
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\MountPoints2: F - F:\Checker.exe
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\MountPoints2: {4817d4a4-ddd0-11e3-a859-003067adf572} - F:\autorun.exe
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\MountPoints2: {6084ac2d-4199-11e3-bf15-003067adf572} - F:\autorun.exe
HKU\S-1-5-21-768641754-322465483-2195619182-1001\...\MountPoints2: {ec01cbde-9f2f-11e2-84de-003067adf572} - F:\setup.exe /autorun
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk *
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: No Name -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory

FireFox:
========
FF ProfilePath: C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\3dpftn1q.default-1401063780864
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=11.0.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.0.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Chad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Chad\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\3dpftn1q.default-1401063780864\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-27]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-07-07]
FF HKLM-x32\...\Firefox\Extensions: [DynamicPricer@dynamic-pricer.com] - C:\Users\Chad\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi
FF Extension: DynamicPricer - C:\Users\Chad\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi [2014-07-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-07-20]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-16]
CHR Extension: (Google Drive) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-16]
CHR Extension: (YouTube) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-16]
CHR Extension: (Adblock Plus) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-19]
CHR Extension: (Google Search) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-16]
CHR Extension: (Norton Identity Protection) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-07-19]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-07-18]
CHR Extension: (Google Wallet) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-16]
CHR Extension: (Gmail) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-11-05]
CHR HKLM-x32\...\Chrome\Extension: [pbmbgangfmfbhnngbdgkplhjnfoaeihd] - C:\Program Files (x86)\i-beta\Extensions\Chrome\i-beta.crx [2013-11-05]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-10] () [File not signed]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-16] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-16] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-05-31] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-14] (LogMeIn, Inc.)
S4 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
S4 lxdn_device; C:\Windows\SysWOW64\lxdncoms.exe [589824 2007-11-28] ( )
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-01] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [X]
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-16] (Glarysoft Ltd)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-17] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-07] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-07] (Symantec Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [38456 2013-02-11] (GFI Software)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-04-09] (GFI Software)
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-05-20] (Glarysoft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-16] (AnchorFree Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-07-03] (Symantec Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\ENG64.SYS [126040 2014-07-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\EX64.SYS [2099288 2014-07-17] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
U3 aswMBR; \??\C:\Users\Chad\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Chad\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 09:27 - 2014-07-20 09:27 - 00003440 _____ () C:\Users\Chad\Desktop\aswMBR.txt
2014-07-20 09:27 - 2014-07-20 09:27 - 00000512 _____ () C:\Users\Chad\Desktop\MBR.dat
2014-07-20 09:26 - 2014-07-20 09:27 - 00017456 _____ () C:\Users\Chad\Downloads\FRST.txt
2014-07-20 09:25 - 2014-07-20 09:26 - 00000000 ____D () C:\FRST
2014-07-20 09:24 - 2014-07-20 09:24 - 00854390 _____ () C:\Users\Chad\Downloads\SecurityCheck(1).exe
2014-07-20 09:23 - 2014-07-20 09:23 - 02089984 _____ (Farbar) C:\Users\Chad\Downloads\FRST64.exe
2014-07-20 09:21 - 2014-07-20 09:21 - 05185536 _____ (AVAST Software) C:\Users\Chad\Downloads\aswMBR.exe
2014-07-20 08:49 - 2014-07-20 08:49 - 00854390 _____ () C:\Users\Chad\Downloads\SecurityCheck.exe
2014-07-19 16:10 - 2014-07-19 18:53 - 00423928 _____ () C:\Users\Chad\Documents\NBC2.dpp
2014-07-19 15:24 - 2014-07-19 15:24 - 00188239 _____ () C:\Users\Chad\Documents\NBC.dpp
2014-07-19 14:53 - 2014-07-19 14:53 - 00000000 ____D () C:\Users\Chad\AppData\Local\webkit
2014-07-19 14:48 - 2014-07-19 14:48 - 00000896 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-07-19 14:48 - 2014-07-19 14:48 - 00000884 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-07-19 14:48 - 2014-07-19 14:48 - 00000884 _____ () C:\ProgramData\Desktop\GIMP 2.lnk
2014-07-19 14:47 - 2014-07-19 14:48 - 00000000 ____D () C:\Program Files\GIMP 2
2014-07-19 14:46 - 2014-07-19 14:46 - 90396104 _____ (The GIMP Team ) C:\Users\Chad\Downloads\gimp-2.8.10-setup.exe
2014-07-19 13:41 - 2014-07-19 13:39 - 00003015 _____ () C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
2014-07-19 13:41 - 2014-07-19 13:39 - 00003015 _____ () C:\ProgramData\Desktop\CorelDRAW X7 (64-Bit).lnk
2014-07-19 13:40 - 2014-07-19 13:40 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-19 13:40 - 2014-07-19 13:40 - 00000000 ____D () C:\ProgramData\Documents\Corel
2014-07-19 13:40 - 2014-07-19 13:40 - 00000000 ____D () C:\Program Files\Common Files\Protexis
2014-07-19 13:39 - 2014-07-19 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2014-07-19 13:38 - 2014-07-19 14:27 - 00000000 ____D () C:\ProgramData\Corel
2014-07-19 13:38 - 2014-07-19 13:41 - 00000000 ____D () C:\Program Files (x86)\CorelDRAW Graphics Suite X7
2014-07-19 13:38 - 2014-07-19 13:38 - 00000000 ____D () C:\Program Files\Corel
2014-07-19 13:24 - 2014-07-19 13:24 - 00000000 ____D () C:\Users\Chad\Documents\My Palettes
2014-07-19 13:24 - 2014-07-19 13:24 - 00000000 ____D () C:\Users\Chad\Documents\Corel
2014-07-19 13:23 - 2014-07-19 14:20 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Corel
2014-07-19 13:23 - 2014-07-19 13:23 - 00000000 ____D () C:\ProgramData\Protexis64
2014-07-19 13:15 - 2014-07-19 13:15 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-07-19 13:05 - 2014-07-19 14:19 - 00000000 ____D () C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2014-07-19 11:26 - 2014-07-19 11:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 09:55 - 2014-07-19 10:09 - 00007256 _____ () C:\Users\Chad\Downloads\hijackthis.log
2014-07-19 09:54 - 2014-07-19 09:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Chad\Downloads\HijackThis.exe
2014-07-18 19:27 - 2014-07-19 16:12 - 00001642 _____ () C:\Windows\PFRO.log
2014-07-18 18:20 - 2014-07-18 18:21 - 00753184 _____ () C:\Users\Chad\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-07-18 17:23 - 2014-07-18 17:23 - 00323448 _____ (System Applet ) C:\Users\Chad\Downloads\Setup.exe
2014-07-18 17:17 - 2014-07-18 17:17 - 00000000 ____D () C:\NPE
2014-07-18 17:13 - 2014-07-18 19:28 - 00000000 ____D () C:\Users\Chad\AppData\Local\NPE
2014-07-18 15:20 - 2014-07-20 08:25 - 00000896 _____ () C:\Windows\setupact.log
2014-07-18 15:20 - 2014-07-18 15:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 12:30 - 2014-07-13 12:30 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield
2014-07-12 21:20 - 2014-05-16 21:35 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-07-12 21:17 - 2014-07-12 21:19 - 00001050 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-07-12 21:17 - 2014-07-12 21:19 - 00001050 _____ () C:\ProgramData\Desktop\Hotspot Shield.lnk
2014-07-12 21:15 - 2014-07-12 21:20 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-07-12 21:15 - 2014-07-12 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2014-07-12 21:13 - 2014-07-12 21:20 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-07-12 21:13 - 2014-07-12 21:13 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Hotspot Shield
2014-07-11 12:00 - 2014-07-11 13:12 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\FreeFixer
2014-07-11 12:00 - 2014-07-11 13:12 - 00000000 ____D () C:\Users\Chad\AppData\Local\FreeFixer
2014-07-11 11:58 - 2014-07-11 11:58 - 02602023 _____ (Kephyr) C:\Users\Chad\Downloads\freefixersetup.exe
2014-07-11 11:28 - 2014-07-11 11:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chad\Downloads\tdsskiller.exe
2014-07-11 08:56 - 2014-07-11 11:10 - 00067632 _____ (Symantec Corporation) C:\Windows\system32\msln.exe
2014-07-10 18:33 - 2014-07-10 18:33 - 27167987 _____ () C:\Users\Chad\Downloads\torbrowser-install-3.6.2_en-US.exe
2014-07-10 18:32 - 2014-07-10 20:12 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\tor
2014-07-10 16:16 - 2014-07-10 16:16 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-09 18:57 - 2014-07-09 18:58 - 109924088 _____ (Microsoft Corporation) C:\Users\Chad\Downloads\msert.exe
2014-07-09 11:54 - 2014-07-09 11:54 - 00001006 _____ () C:\Users\Chad\Desktop\Borderlands 2.lnk
2014-07-09 11:54 - 2014-07-09 11:54 - 00001001 _____ () C:\Users\Chad\Desktop\NameChanger.lnk
2014-07-09 11:54 - 2014-07-09 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands 2
2014-07-08 18:15 - 2014-07-18 19:25 - 00000000 ____D () C:\Users\Chad\AppData\Local\CrashDumps
2014-07-08 08:39 - 2014-07-11 13:05 - 00000000 ____D () C:\Users\Chad\AppData\Local\fst_us_139
2014-07-08 08:39 - 2014-07-11 11:26 - 00000000 ____D () C:\Users\Chad\AppData\Local\DynamicPricer
2014-07-08 08:39 - 2014-07-11 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy
2014-07-07 14:57 - 2014-07-07 14:57 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-07 14:57 - 2014-07-07 14:57 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-07 14:57 - 2014-07-07 14:57 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-07 14:56 - 2014-07-10 16:16 - 00002503 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-07 14:56 - 2014-07-10 16:16 - 00002503 _____ () C:\ProgramData\Desktop\Norton Internet Security.lnk
2014-07-07 14:55 - 2014-07-18 17:15 - 00000000 ____D () C:\ProgramData\Norton
2014-07-07 14:55 - 2014-07-10 16:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-07 14:55 - 2014-07-10 16:16 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-07-07 14:55 - 2014-07-07 14:55 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-07-07 14:51 - 2014-07-07 14:52 - 204561264 ____N (Symantec Corporation) C:\Users\Chad\Downloads\NIS-TW-21.1.0-EN-US.exe
2014-07-06 10:29 - 2014-07-06 10:29 - 00002168 _____ () C:\Users\Public\Desktop\Heroes of Might and Magic 3 Complete.lnk
2014-07-06 10:29 - 2014-07-06 10:29 - 00002168 _____ () C:\ProgramData\Desktop\Heroes of Might and Magic 3 Complete.lnk
2014-07-06 10:27 - 2014-07-06 10:29 - 00000000 ____D () C:\Program Files (x86)\Heroes of Might and Magic 3 Complete
2014-07-04 21:09 - 2014-07-19 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-07-04 18:03 - 2014-07-04 18:03 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-01 19:52 - 2014-07-01 19:52 - 00002185 _____ () C:\Users\Public\Desktop\Dungeon Lords MMXII.lnk
2014-07-01 19:52 - 2014-07-01 19:52 - 00002185 _____ () C:\ProgramData\Desktop\Dungeon Lords MMXII.lnk
2014-07-01 19:52 - 2014-07-01 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Lords MMXII
2014-07-01 19:38 - 2014-07-01 19:38 - 00000000 ____D () C:\Program Files (x86)\Nordic Games
2014-07-01 12:13 - 2014-07-01 12:13 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-01 12:13 - 2014-07-01 12:13 - 00001149 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2014-07-01 11:44 - 2014-07-01 11:44 - 01915800 _____ () C:\Users\Chad\Downloads\WinRAR_(64bit)_v5.10.exe
2014-07-01 11:42 - 2014-07-09 10:06 - 00000917 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-01 11:42 - 2014-07-09 10:06 - 00000917 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-07-01 11:40 - 2014-07-01 12:45 - 00003162 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update
2014-07-01 11:40 - 2014-07-01 11:40 - 00001172 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-07-01 11:40 - 2014-07-01 11:40 - 00001172 _____ () C:\ProgramData\Desktop\Smart Defrag 3.lnk
2014-07-01 11:36 - 2014-07-09 10:06 - 00000868 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-01 11:36 - 2014-07-09 10:06 - 00000868 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-07-01 11:35 - 2014-07-01 11:35 - 32193008 _____ () C:\Users\Chad\Downloads\Mozilla_Firefox_v31.0_Beta_4.exe
2014-07-01 11:30 - 2014-07-17 12:46 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 11:06 - 2014-07-01 11:06 - 00001082 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-07-01 11:06 - 2014-07-01 11:06 - 00001082 _____ () C:\ProgramData\Desktop\Glary Utilities 5.lnk
2014-07-01 11:06 - 2014-06-16 02:27 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-06-30 15:59 - 2014-06-30 15:59 - 00000000 ____D () C:\Users\Chad\Desktop\ppsspp_win
2014-06-29 17:34 - 2014-06-29 17:34 - 00000000 ____D () C:\Users\Chad\Desktop\PDFs
2014-06-29 10:37 - 2014-06-29 10:37 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-28 21:23 - 2014-06-28 21:23 - 00000000 ____D () C:\Users\Chad\Desktop\Rogue Trader
2014-06-28 21:20 - 2014-07-17 16:29 - 00000000 ____D () C:\Users\Chad\Desktop\RARs
2014-06-28 12:13 - 2014-03-28 19:58 - 00264600 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-28 12:13 - 2014-03-28 19:58 - 00176024 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-28 12:13 - 2014-03-28 19:58 - 00176024 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-28 12:12 - 2014-06-28 12:13 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-26 17:07 - 2014-07-20 08:29 - 00182913 _____ () C:\Windows\WindowsUpdate.log
2014-06-23 13:51 - 2014-07-07 14:55 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Lavasoft
2014-06-23 13:50 - 2014-06-23 13:50 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-23 13:48 - 2014-06-23 13:48 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-20 10:28 - 2014-05-30 05:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-20 10:28 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-20 10:28 - 2014-05-30 05:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-20 10:28 - 2014-05-30 04:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-20 10:28 - 2014-05-30 04:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-20 10:28 - 2014-05-30 04:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-20 10:28 - 2014-05-30 04:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-20 10:28 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-20 10:28 - 2014-05-30 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-20 10:28 - 2014-05-30 04:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-20 10:28 - 2014-05-30 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-20 10:28 - 2014-05-30 04:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-20 10:28 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-20 10:28 - 2014-05-30 04:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-20 10:28 - 2014-05-30 04:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-20 10:28 - 2014-05-30 04:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-20 10:28 - 2014-05-30 04:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-20 10:28 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-20 10:28 - 2014-05-30 03:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-20 10:28 - 2014-05-30 03:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-20 10:28 - 2014-05-30 03:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-20 10:28 - 2014-05-30 03:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-20 10:28 - 2014-05-30 03:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-20 10:28 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-20 10:28 - 2014-05-30 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-20 10:28 - 2014-05-30 03:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-20 10:28 - 2014-05-30 03:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-20 10:28 - 2014-05-30 03:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-20 10:28 - 2014-05-30 03:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-20 10:28 - 2014-05-30 03:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-20 10:28 - 2014-05-30 03:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-20 10:28 - 2014-05-30 03:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-20 10:28 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-20 10:28 - 2014-05-30 03:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-20 10:28 - 2014-05-30 03:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-20 10:28 - 2014-05-30 03:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-20 10:28 - 2014-05-30 03:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-20 10:28 - 2014-05-30 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-20 10:28 - 2014-05-30 03:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-20 10:28 - 2014-05-30 03:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-20 10:28 - 2014-05-30 02:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-20 10:28 - 2014-05-30 02:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-20 10:28 - 2014-05-30 02:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-20 10:28 - 2014-05-30 02:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-20 10:28 - 2014-05-30 02:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-20 10:28 - 2014-05-30 02:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-20 10:28 - 2014-05-30 02:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-20 10:28 - 2014-05-30 02:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-20 10:28 - 2014-05-30 02:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-20 10:28 - 2014-05-30 02:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-20 10:28 - 2014-05-30 02:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-20 10:28 - 2014-05-30 02:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-20 10:28 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-20 10:28 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-20 10:28 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-20 10:28 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-20 10:28 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-20 10:28 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-20 10:27 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-20 10:27 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-20 10:27 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-20 10:27 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-20 10:27 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-20 10:27 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-20 10:27 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-20 10:27 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-07-20 09:27 - 2014-07-20 09:27 - 00003440 _____ () C:\Users\Chad\Desktop\aswMBR.txt
2014-07-20 09:27 - 2014-07-20 09:27 - 00000512 _____ () C:\Users\Chad\Desktop\MBR.dat
2014-07-20 09:27 - 2014-07-20 09:26 - 00017456 _____ () C:\Users\Chad\Downloads\FRST.txt
2014-07-20 09:26 - 2014-07-20 09:25 - 00000000 ____D () C:\FRST
2014-07-20 09:26 - 2014-04-25 20:16 - 00000000 ____D () C:\Users\Chad\AppData\Local\WhatPulse
2014-07-20 09:24 - 2014-07-20 09:24 - 00854390 _____ () C:\Users\Chad\Downloads\SecurityCheck(1).exe
2014-07-20 09:23 - 2014-07-20 09:23 - 02089984 _____ (Farbar) C:\Users\Chad\Downloads\FRST64.exe
2014-07-20 09:21 - 2014-07-20 09:21 - 05185536 _____ (AVAST Software) C:\Users\Chad\Downloads\aswMBR.exe
2014-07-20 09:09 - 2013-04-07 13:02 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Skype
2014-07-20 08:49 - 2014-07-20 08:49 - 00854390 _____ () C:\Users\Chad\Downloads\SecurityCheck.exe
2014-07-20 08:49 - 2014-04-10 10:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 08:44 - 2014-04-16 16:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 08:33 - 2009-07-13 23:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 08:33 - 2009-07-13 23:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 08:29 - 2014-06-26 17:07 - 00182913 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 08:26 - 2014-05-20 16:05 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-07-20 08:26 - 2013-11-05 13:48 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-20 08:26 - 2013-04-08 13:20 - 00000000 ____D () C:\Users\Chad\AppData\Local\LogMeIn Hamachi
2014-07-20 08:25 - 2014-07-18 15:20 - 00000896 _____ () C:\Windows\setupact.log
2014-07-20 08:25 - 2014-04-16 16:23 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 08:25 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-19 19:12 - 2014-04-25 20:16 - 00000000 ____D () C:\Program Files (x86)\WhatPulse2
2014-07-19 18:53 - 2014-07-19 16:10 - 00423928 _____ () C:\Users\Chad\Documents\NBC2.dpp
2014-07-19 16:12 - 2014-07-18 19:27 - 00001642 _____ () C:\Windows\PFRO.log
2014-07-19 16:12 - 2014-01-27 03:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 16:12 - 2009-07-13 23:45 - 05156776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 15:24 - 2014-07-19 15:24 - 00188239 _____ () C:\Users\Chad\Documents\NBC.dpp
2014-07-19 15:02 - 2013-05-06 15:09 - 00000000 ____D () C:\Users\Chad\.gimp-2.8
2014-07-19 14:53 - 2014-07-19 14:53 - 00000000 ____D () C:\Users\Chad\AppData\Local\webkit
2014-07-19 14:48 - 2014-07-19 14:48 - 00000896 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-07-19 14:48 - 2014-07-19 14:48 - 00000884 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-07-19 14:48 - 2014-07-19 14:48 - 00000884 _____ () C:\ProgramData\Desktop\GIMP 2.lnk
2014-07-19 14:48 - 2014-07-19 14:47 - 00000000 ____D () C:\Program Files\GIMP 2
2014-07-19 14:46 - 2014-07-19 14:46 - 90396104 _____ (The GIMP Team ) C:\Users\Chad\Downloads\gimp-2.8.10-setup.exe
2014-07-19 14:44 - 2014-07-04 21:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-07-19 14:27 - 2014-07-19 13:38 - 00000000 ____D () C:\ProgramData\Corel
2014-07-19 14:20 - 2014-07-19 13:23 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Corel
2014-07-19 14:19 - 2014-07-19 13:05 - 00000000 ____D () C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2014-07-19 13:41 - 2014-07-19 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2014-07-19 13:41 - 2014-07-19 13:38 - 00000000 ____D () C:\Program Files (x86)\CorelDRAW Graphics Suite X7
2014-07-19 13:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-19 13:40 - 2014-07-19 13:40 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-19 13:40 - 2014-07-19 13:40 - 00000000 ____D () C:\ProgramData\Documents\Corel
2014-07-19 13:40 - 2014-07-19 13:40 - 00000000 ____D () C:\Program Files\Common Files\Protexis
2014-07-19 13:39 - 2014-07-19 13:41 - 00003015 _____ () C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
2014-07-19 13:39 - 2014-07-19 13:41 - 00003015 _____ () C:\ProgramData\Desktop\CorelDRAW X7 (64-Bit).lnk
2014-07-19 13:38 - 2014-07-19 13:38 - 00000000 ____D () C:\Program Files\Corel
2014-07-19 13:24 - 2014-07-19 13:24 - 00000000 ____D () C:\Users\Chad\Documents\My Palettes
2014-07-19 13:24 - 2014-07-19 13:24 - 00000000 ____D () C:\Users\Chad\Documents\Corel
2014-07-19 13:24 - 2013-04-06 21:39 - 00145968 _____ () C:\Users\Chad\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-19 13:23 - 2014-07-19 13:23 - 00000000 ____D () C:\ProgramData\Protexis64
2014-07-19 13:19 - 2013-08-24 10:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-19 13:15 - 2014-07-19 13:15 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-07-19 11:27 - 2014-07-19 11:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 10:09 - 2014-07-19 09:55 - 00007256 _____ () C:\Users\Chad\Downloads\hijackthis.log
2014-07-19 09:54 - 2014-07-19 09:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Chad\Downloads\HijackThis.exe
2014-07-18 20:41 - 2014-03-20 17:43 - 00000000 ____D () C:\Users\Chad\Desktop\Tor Browser
2014-07-18 19:28 - 2014-07-18 17:13 - 00000000 ____D () C:\Users\Chad\AppData\Local\NPE
2014-07-18 19:27 - 2009-07-14 00:08 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-18 19:25 - 2014-07-08 18:15 - 00000000 ____D () C:\Users\Chad\AppData\Local\CrashDumps
2014-07-18 18:22 - 2014-05-31 17:52 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-07-18 18:22 - 2014-05-31 17:52 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-07-18 18:21 - 2014-07-18 18:20 - 00753184 _____ () C:\Users\Chad\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-07-18 17:23 - 2014-07-18 17:23 - 00323448 _____ (System Applet ) C:\Users\Chad\Downloads\Setup.exe
2014-07-18 17:17 - 2014-07-18 17:17 - 00000000 ____D () C:\NPE
2014-07-18 17:15 - 2014-07-07 14:55 - 00000000 ____D () C:\ProgramData\Norton
2014-07-18 15:20 - 2014-07-18 15:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 13:14 - 2013-08-24 10:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 13:14 - 2013-04-06 22:36 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\DAEMON Tools Lite
2014-07-18 13:13 - 2013-12-10 18:15 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Azureus
2014-07-17 16:29 - 2014-06-28 21:20 - 00000000 ____D () C:\Users\Chad\Desktop\RARs
2014-07-17 14:51 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-17 14:26 - 2009-07-14 00:13 - 00796870 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-17 12:46 - 2014-07-01 11:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-17 12:46 - 2013-11-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-13 12:30 - 2014-07-13 12:30 - 00000000 ____D () C:\Windows\SysWOW64\Hotspot Shield
2014-07-12 21:20 - 2014-07-12 21:15 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-07-12 21:20 - 2014-07-12 21:13 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-07-12 21:19 - 2014-07-12 21:17 - 00001050 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-07-12 21:19 - 2014-07-12 21:17 - 00001050 _____ () C:\ProgramData\Desktop\Hotspot Shield.lnk
2014-07-12 21:15 - 2014-07-12 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2014-07-12 21:13 - 2014-07-12 21:13 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Hotspot Shield
2014-07-12 21:10 - 2009-07-13 21:34 - 00001217 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-07-11 13:13 - 2013-04-23 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-07-11 13:13 - 2013-04-23 16:39 - 00000000 ____D () C:\GOG Games
2014-07-11 13:13 - 2013-04-06 23:06 - 00000000 ____D () C:\Users\Chad\Documents\My Games
2014-07-11 13:12 - 2014-07-11 12:00 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\FreeFixer
2014-07-11 13:12 - 2014-07-11 12:00 - 00000000 ____D () C:\Users\Chad\AppData\Local\FreeFixer
2014-07-11 13:12 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-11 13:05 - 2014-07-08 08:39 - 00000000 ____D () C:\Users\Chad\AppData\Local\fst_us_139
2014-07-11 12:41 - 2014-06-08 18:17 - 00000000 ____D () C:\Program Files (x86)\GetPrivate
2014-07-11 11:58 - 2014-07-11 11:58 - 02602023 _____ (Kephyr) C:\Users\Chad\Downloads\freefixersetup.exe
2014-07-11 11:28 - 2014-07-11 11:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chad\Downloads\tdsskiller.exe
2014-07-11 11:26 - 2014-07-08 08:39 - 00000000 ____D () C:\Users\Chad\AppData\Local\DynamicPricer
2014-07-11 11:17 - 2014-07-08 08:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy
2014-07-11 11:12 - 2014-06-08 18:17 - 00003470 _____ () C:\Windows\System32\Tasks\GPUpdateCheck
2014-07-11 11:10 - 2014-07-11 08:56 - 00067632 _____ (Symantec Corporation) C:\Windows\system32\msln.exe
2014-07-11 08:57 - 2014-06-15 00:46 - 00000000 ____D () C:\Program Files (x86)\Mount&Blade - Warband
2014-07-10 20:12 - 2014-07-10 18:32 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\tor
2014-07-10 18:53 - 2013-06-19 22:28 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\vlc
2014-07-10 18:33 - 2014-07-10 18:33 - 27167987 _____ () C:\Users\Chad\Downloads\torbrowser-install-3.6.2_en-US.exe
2014-07-10 16:16 - 2014-07-10 16:16 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-10 16:16 - 2014-07-07 14:56 - 00002503 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-10 16:16 - 2014-07-07 14:56 - 00002503 _____ () C:\ProgramData\Desktop\Norton Internet Security.lnk
2014-07-10 16:16 - 2014-07-07 14:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-10 16:16 - 2014-07-07 14:55 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-07-10 13:48 - 2014-04-10 10:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 13:48 - 2013-09-23 20:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 13:48 - 2013-09-23 20:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 18:58 - 2014-07-09 18:57 - 109924088 _____ (Microsoft Corporation) C:\Users\Chad\Downloads\msert.exe
2014-07-09 11:54 - 2014-07-09 11:54 - 00001006 _____ () C:\Users\Chad\Desktop\Borderlands 2.lnk
2014-07-09 11:54 - 2014-07-09 11:54 - 00001001 _____ () C:\Users\Chad\Desktop\NameChanger.lnk
2014-07-09 11:54 - 2014-07-09 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands 2
2014-07-09 11:38 - 2011-03-02 00:10 - 00000000 ____D () C:\Games
2014-07-09 10:06 - 2014-07-01 11:42 - 00000917 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-09 10:06 - 2014-07-01 11:42 - 00000917 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-07-09 10:06 - 2014-07-01 11:36 - 00000868 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-09 10:06 - 2014-07-01 11:36 - 00000868 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-07-07 14:57 - 2014-07-07 14:57 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-07 14:57 - 2014-07-07 14:57 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-07 14:57 - 2014-07-07 14:57 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-07 14:56 - 2013-04-09 16:40 - 00000000 ____D () C:\ProgramData\Ad-Aware Antivirus
2014-07-07 14:56 - 2013-04-09 15:52 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Ad-Aware Antivirus
2014-07-07 14:55 - 2014-07-07 14:55 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-07-07 14:55 - 2014-06-23 13:51 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Lavasoft
2014-07-07 14:52 - 2014-07-07 14:51 - 204561264 ____N (Symantec Corporation) C:\Users\Chad\Downloads\NIS-TW-21.1.0-EN-US.exe
2014-07-06 10:29 - 2014-07-06 10:29 - 00002168 _____ () C:\Users\Public\Desktop\Heroes of Might and Magic 3 Complete.lnk
2014-07-06 10:29 - 2014-07-06 10:29 - 00002168 _____ () C:\ProgramData\Desktop\Heroes of Might and Magic 3 Complete.lnk
2014-07-06 10:29 - 2014-07-06 10:27 - 00000000 ____D () C:\Program Files (x86)\Heroes of Might and Magic 3 Complete
2014-07-04 18:03 - 2014-07-04 18:03 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-01 19:52 - 2014-07-01 19:52 - 00002185 _____ () C:\Users\Public\Desktop\Dungeon Lords MMXII.lnk
2014-07-01 19:52 - 2014-07-01 19:52 - 00002185 _____ () C:\ProgramData\Desktop\Dungeon Lords MMXII.lnk
2014-07-01 19:52 - 2014-07-01 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Lords MMXII
2014-07-01 19:38 - 2014-07-01 19:38 - 00000000 ____D () C:\Program Files (x86)\Nordic Games
2014-07-01 12:45 - 2014-07-01 11:40 - 00003162 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update
2014-07-01 12:45 - 2014-05-17 09:52 - 00003156 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-07-01 12:45 - 2014-04-29 15:08 - 00002980 _____ () C:\Windows\System32\Tasks\{3C37BC52-012E-452C-9E5F-A241D6398790}
2014-07-01 12:45 - 2014-04-29 15:06 - 00002980 _____ () C:\Windows\System32\Tasks\{A1D4A5D4-96F3-48B7-90D1-57BA0C448BAD}
2014-07-01 12:45 - 2014-04-16 16:23 - 00003900 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-01 12:45 - 2014-04-16 16:23 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-01 12:45 - 2013-10-24 23:06 - 00003170 _____ () C:\Windows\System32\Tasks\{CA2FF5C2-9677-4F36-86D1-BB48FD1EE672}
2014-07-01 12:45 - 2013-05-22 01:56 - 00002914 _____ () C:\Windows\System32\Tasks\{1D7AEF4F-14FC-4E32-B1BD-943513AA4278}
2014-07-01 12:45 - 2013-04-09 18:33 - 00004318 _____ () C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2014-07-01 12:44 - 2014-05-20 16:05 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-01 12:29 - 2013-04-06 22:22 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-01 12:16 - 2013-09-18 16:02 - 00000000 ____D () C:\Program Files (x86)\Total War ROME II
2014-07-01 12:13 - 2014-07-01 12:13 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-01 12:13 - 2014-07-01 12:13 - 00001149 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2014-07-01 12:13 - 2014-01-27 03:49 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-01 11:44 - 2014-07-01 11:44 - 01915800 _____ () C:\Users\Chad\Downloads\WinRAR_(64bit)_v5.10.exe
2014-07-01 11:44 - 2013-04-06 22:22 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-01 11:44 - 2013-04-06 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-01 11:40 - 2014-07-01 11:40 - 00001172 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-07-01 11:40 - 2014-07-01 11:40 - 00001172 _____ () C:\ProgramData\Desktop\Smart Defrag 3.lnk
2014-07-01 11:40 - 2014-01-07 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-07-01 11:36 - 2013-05-22 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-01 11:36 - 2013-05-22 14:12 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-01 11:35 - 2014-07-01 11:35 - 32193008 _____ () C:\Users\Chad\Downloads\Mozilla_Firefox_v31.0_Beta_4.exe
2014-07-01 11:06 - 2014-07-01 11:06 - 00001082 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-07-01 11:06 - 2014-07-01 11:06 - 00001082 _____ () C:\ProgramData\Desktop\Glary Utilities 5.lnk
2014-07-01 11:06 - 2014-05-20 16:05 - 00002622 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-07-01 11:06 - 2014-05-20 16:05 - 00001094 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-01 11:03 - 2014-06-07 14:10 - 00000234 _____ () C:\BackupLoader.ini
2014-07-01 11:03 - 2013-12-01 17:08 - 00000000 ____D () C:\Users\Chad\Desktop\Prog. Shortcuts
2014-06-30 15:59 - 2014-06-30 15:59 - 00000000 ____D () C:\Users\Chad\Desktop\ppsspp_win
2014-06-29 17:34 - 2014-06-29 17:34 - 00000000 ____D () C:\Users\Chad\Desktop\PDFs
2014-06-29 12:47 - 2014-01-05 23:10 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-29 12:47 - 2013-05-15 21:45 - 00000000 ____D () C:\Users\Chad\AppData\Roaming\Tunngle
2014-06-29 10:37 - 2014-06-29 10:37 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-28 21:24 - 2013-04-15 00:21 - 00000000 ____D () C:\Users\Chad\Desktop\Derps
2014-06-28 21:23 - 2014-06-28 21:23 - 00000000 ____D () C:\Users\Chad\Desktop\Rogue Trader
2014-06-28 21:23 - 2013-07-21 17:54 - 00000000 ___RD () C:\Users\Chad\Desktop\text docs
2014-06-28 21:22 - 2013-06-18 12:52 - 00000000 ____D () C:\Users\Chad\Desktop\Game shortcuts
2014-06-28 21:20 - 2013-09-08 20:30 - 00000000 ___RD () C:\Users\Chad\Desktop\My pics
2014-06-28 12:13 - 2014-06-28 12:12 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-28 12:13 - 2014-03-24 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-28 12:13 - 2013-08-22 20:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-23 13:50 - 2014-06-23 13:50 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-23 13:48 - 2014-06-23 13:48 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-20 18:13 - 2014-06-15 00:59 - 00000000 ____D () C:\Users\Chad\Documents\Mount&Blade Warband Savegames
2014-06-20 10:35 - 2013-07-12 00:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 10:32 - 2013-04-06 20:44 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 10:30 - 2014-06-20 10:30 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-11-11 04:23

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by Chad at 2014-07-20 09:28:15
Running from C:\Users\Chad\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Amnesia: A Machine for Pigs (HKLM-x32\...\Amnesia: A Machine for Pigs_is1) (Version: - )
Anachronox (HKLM-x32\...\Anachronox_is1) (Version: - GOG.com)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: 1.8.0 - 2K Games)
Castlevania: Lords of Shadow - Ultimate Edition (HKLM-x32\...\Castlevania: Lords of Shadow - Ultimate Edition_is1) (Version: - Konami Digital Entertainment)
Castlevania: Lords of Shadow 2 (HKLM-x32\...\Q2FzdGxldmFuaWFMb3Jkc29mU2hhZG93Mg==_is1) (Version: 1 - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Company of Heroes 2 Update v3.0.0.9704 incl DLC (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DoWpro 3.59 Full Installer (HKLM-x32\...\DoWpro) (Version: 3.59 Full Installer - )
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Dungeon Lords MMXII (HKLM-x32\...\{5FE4CE4A-593C-4158-951F-75BB5A3CC743}_is1) (Version: - Nordic Games GmbH)
EA AutoPatch (HKLM-x32\...\Network Play System) (Version: - )
Eternal Darkness: Sanity's Requiem (HKLM-x32\...\Eternal Darkness: Sanity's Requiem_is1) (Version: Eternal Darkness: Sanity's Requiem - By Ma2012ks © - EmuGames (PC-company))
Fallout New Vegas (HKLM-x32\...\{219ED5A0-9CBF-4F3A-B927-37C9E5C5F14F}_is1) (Version: 1.4.0.525 - Bethesda Softworks)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
Floris Mod Pack 2.5 (HKLM-x32\...\Floris Mod Pack_is1) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glary Utilities PRO 5.2 (HKLM-x32\...\Glary Utilities 5) (Version: 5.2.0.5 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{E0303B6A-C675-4102-95DA-C013625BFA99}) (Version: 1.00.00001 - Rockstar Games)
GURPS Character Assistant 4 (HKLM-x32\...\GURPS Character Assistant 4) (Version: - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\Heroes of Might and Magic 3 Complete_is1) (Version: - GOG.com)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java SE Development Kit 8 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.100 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (x32 Version: 2.2.0.222 - LogMeIn, Inc.) Hidden
Manhunt (HKLM-x32\...\{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}) (Version: 1.00.0000 - Rockstar Games)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.3.0219.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Finalizer (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mount and Blade Warband version 1.158 (HKLM-x32\...\{E1404855-C907-47CE-A52E-F6894F889872}_is1) (Version: 1.158 - )
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Murdered - Soul Suspect (HKLM-x32\...\Murdered - Soul Suspect_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
MyPaint 1.0.0 (HKCU\...\MyPaint) (Version: 1.0.0 - Martin Renold & MyPaint Development Team)
Neverwinter Nights 2 Complete (HKLM-x32\...\GOGPACKNWN2COMPLETE_is1) (Version: 2.1.0.6 - GOG.com)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
NOX (HKLM-x32\...\NOX_is1) (Version: - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.11.0.25617 - Grinding Gear Games)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Pidgin-Encryption Plugin (remove only) (HKLM-x32\...\pidgin-encryption) (Version: - )
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version: - )
Red Orchestra 2: Heroes of Stalingrad Beta (HKLM-x32\...\Steam App 104320) (Version: - )
RESIDENT EVIL2 (HKLM-x32\...\RESIDENT EVIL2) (Version: - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Saints Row 2 version 1.02 (HKLM-x32\...\{75D84EF7-0D8C-4e70-STROW2-7B42A5D4E0EB}_is1) (Version: 1.02 - Black_Box)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.2.24 - Serif (Europe) Ltd)
Shadowrun Returns (HKLM-x32\...\Shadowrun Returns_is1) (Version: - Harebrained Holdings)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
South Park The Stick of Truth (HKLM-x32\...\South Park The Stick of Truth_is1) (Version: - Ubisoft)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Roleplaying assistant V7.13d (HKLM-x32\...\{DA5BE26C-8295-4F7F-BBA8-475EF9231289}) (Version: 7.13 - Sybil)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226-1) (Version: 5.3.0.0 - Azureus Software, Inc.)
War Thunder Launcher 1.0.1.199 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WhatPulse version 2.4 (HKLM-x32\...\{95CC8D5F-90A1-4285-9B2D-8D0FBCFD8D0D}_is1) (Version: 2.4 - WhatPulse)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version: - Noble Empire Corp.)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Restore Points =========================

07-07-2014 19:54:32 AA11
11-07-2014 17:40:39 Before freefixer
13-07-2014 02:14:08 Device Driver Package Install: Anchorfree Inc Network Service
13-07-2014 02:15:41 Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters
13-07-2014 02:19:16 Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters
18-07-2014 22:56:49 Norton_Power_Eraser_20140718175618661
19-07-2014 18:18:52 Microsoft Visual Studio Tools for Applications 2012

==================== Scheduled Tasks (whitelisted) =============

Task: {0047F3CB-C310-48DE-8710-BF3F8E0ED2D5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0A8BB851-F92C-4FB9-ABAF-8BD6CDA15F2B} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {0CB8FBC1-DD05-4350-AD69-3D40BB458986} - System32\Tasks\{A1D4A5D4-96F3-48B7-90D1-57BA0C448BAD} => C:\Program Files (x86)\GURPS Character Assistant 4\gca4.exe [2011-12-11] (Miser Software & Steve Jackson Games)
Task: {153FF0CD-E41D-4741-8AE8-B40601D8DFFE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {1C00007D-F745-4F72-A770-4C5A980ACBA7} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {2446A5A7-F3F0-4A88-A77D-B7B352CF1EFB} - System32\Tasks\Disk Speedup => C:\Program Files (x86)\Glary Utilities 4\DiskDefrag.exe
Task: {244B3201-00EA-415F-B40F-9C0002D8F3CC} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-06-17] (IObit)
Task: {25899984-7A89-4D3C-809B-12FE57E5BE0F} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {28C7934D-0536-49C9-A382-E6FDAAEAC322} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {30098686-67D1-4FD2-9F25-233C1EB75053} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {3C3632D9-EEF7-4887-8B6C-CAE4BB62F00F} - System32\Tasks\PC shut down => /s
Task: {41418D42-2D12-4E1C-9EF5-FF4FC13DBE85} - System32\Tasks\Games\UpdateCheck_S-1-5-21-768641754-322465483-2195619182-1001
Task: {43B432A8-1B51-4835-8882-616BA9BFE470} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {448B5884-B5E8-49A8-9E9A-53438F166946} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {647D53FF-59C6-4C09-B32A-1880C0287585} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {73B00CFC-2547-4119-AB03-C077ECA31210} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {78998D43-2882-4BC9-8ED7-449F193828B9} - System32\Tasks\Driver Booster SkipUAC (Chad) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {7A517813-AC5F-46FE-A4E3-FD57E17B5AE9} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
Task: {825342D9-AEEE-46DF-9904-C8011B96EFFB} - System32\Tasks\{3C37BC52-012E-452C-9E5F-A241D6398790} => C:\Program Files (x86)\GURPS Character Assistant 4\gca4.exe [2011-12-11] (Miser Software & Steve Jackson Games)
Task: {8A5E68F2-4BF2-4255-8A7C-56EE03F64BC2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: {93AD4CE8-4085-41D8-89CE-3C20B08CE5D9} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {94BC8F54-0635-4968-BAE3-F7690A5B19AF} - System32\Tasks\GPUpdateCheck => C:\Program Files (x86)\GetPrivate\gpup.exe
Task: {9B847DB7-AB1D-4B91-A7E7-5B6BF5704709} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-06-16] (Glarysoft Ltd)
Task: {A495602B-D710-4AB8-9D9B-7CF983F8C9F0} - System32\Tasks\{1D7AEF4F-14FC-4E32-B1BD-943513AA4278} => F:\setup_reus_2.0.0.10.exe
Task: {AB475A0C-BC9B-4E28-A63A-71B748998AC6} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-31] (IObit)
Task: {BCEBD0FD-FDB6-46AC-9CA4-B546E08E2822} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {BFB71C9C-D8EF-4B6E-9992-18F063D669B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.)
Task: {F926B65F-A5B4-4357-89E7-99E32F08FF00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-16] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Disk Speedup.job => C:\Program Files (x86)\Glary Utilities 4\DiskDefrag.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-06 20:08 - 2009-08-13 12:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2014-05-16 17:34 - 2014-05-16 17:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-06-01 11:26 - 2014-06-01 11:33 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-25 20:16 - 2014-04-17 21:51 - 03054592 _____ () C:\Program Files (x86)\WhatPulse2\whatpulse.exe
2014-07-20 09:24 - 2014-07-20 09:24 - 00854390 _____ () C:\Users\Chad\Downloads\SecurityCheck(1).exe
2014-05-16 19:11 - 2014-05-16 19:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-16 19:37 - 2014-05-16 19:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-04-25 20:16 - 2013-04-08 09:34 - 00137728 _____ () C:\Program Files (x86)\WhatPulse2\CrashRpt1402.dll
2014-07-19 11:26 - 2014-07-19 11:27 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-10 13:48 - 2014-07-10 13:48 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\system32\msln.exe:226a1e12446c88e45a6b9c07f2e9a801

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService6 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 3
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: LavasoftAdAwareService11 => 3
MSCONFIG\Services: LiveUpdateSvc => 3
MSCONFIG\Services: LMIGuardianSvc => 3
MSCONFIG\Services: lxdn_device => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RzKLService => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 6 => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Chad\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
MSCONFIG\startupreg: IntelliType Pro => "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: lxdnmon.exe => "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "c:\program files (x86)\steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

The Windows Event Log service is starting.
The Windows Event Log service could not be started.

A system error has occurred.

The system cannot find message text for message number 0x1069 in the message file for (null).

More help is available by typing NET HELPMSG 4201.


==================== Memory info ===========================

Percentage of memory in use: 65%
Total physical RAM: 4095.3 MB
Available physical RAM: 1429.13 MB
Total Pagefile: 8188.79 MB
Available Pagefile: 5225.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.95 GB) (Free:310.12 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.46 GB) (Free:1.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (DungeonLordsMMXI) (CDROM) (Total:4.14 GB) (Free:0 GB) CDFS
Drive h: (My Book) (Fixed) (Total:931.51 GB) (Free:776 GB) NTFS
Drive j: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5080C528)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 


Edited by OCD, 20 July 2014 - 09:22 AM.
corrected a spelling error

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

#5 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 20 July 2014 - 10:46 AM

I apologize, my mistake uploading instead of copy and paste. Also ignore that text document I sent you, accidentally sent you something unrelated. Here is the Checkup.txt. I ran the program and closed the results thinking it was saved to my pc.

 

Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8    
 Java SE Development Kit 8
 Java version out of Date!
 Adobe Flash Player 14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (31.0)
 Google Chrome 33.0.1750.117  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````


#6 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 20 July 2014 - 08:06 PM

Hi Divinusmortalis,

Thanks for the log.  :thumbup:  For maximum results please run all tools directly from the desktop in the future, not the downloads folder.

=========================
 

And I may just be mistaken, but I feel as if I have a keylogger by the way the cursor flickers while I type in skype. Sometimes the cursor disappears and sometimes an hourglass appears next to it. Then again, I don't know if that would be considered a legitimate concern.


This may be the effects of WhatPulse2 program you have installed. You can try uninstalling it and see if that alleviates the issue.

=========================

I see you have/had TDSSKiller on your computer. Did you run a scan with it? If so, locate the log and include it in your next reply.
A copy of the log will be saved automatically to the root of the drive (typically C:\)

=========================

bullseye_zpse9eaf36e.gif DeFogger

Please download DeFogger to your desktop.
Right click and select "Run as Administrator" DeFogger to run the tool.

  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • If it needs to, DeFogger may ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
Do not re-enable these drivers until otherwise instructed.

=========================

bullseye_zpse9eaf36e.gif Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

  • All Java

=========================

bullseye_zpse9eaf36e.gif Update Java

  • Get the current version of Java (Version 7 Update 60) by going to http://java.com/en/d...d/installed.jsp
  • Select the Verify Java Version button and follow the onscreen instructions to update if necessary.

=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

bullseye_zpse9eaf36e.gif FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO-x32: No Name -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-16] (AnchorFree Inc.) [File not signed]

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

bullseye_zpse9eaf36e.gif AdwCleaner v3: Scan & Clean

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that log file in your next reply.
  • A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

bullseye_zpse9eaf36e.gif Junkware Removal Tool

Download Junkware Removal Tool to your desktop.

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Shut down your protection software now to avoid potential conflicts.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

=========================

In your next post please provide the following:


  • Fixlog.txt
  • AdwCleaner[S0].txt
  • JRT.txt
  • TDSSKiller log (if you have it)

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

#7 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:15 AM

Post is too long, would a txt doc be okay?


#8 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 21 July 2014 - 10:29 AM

Break it up into multiple replies


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

#9 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:39 AM

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:52 on 21/07/2014 (Chad)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-07-2014
Ran by Chad at 2014-07-21 10:13:10 Run:1
Running from C:\Users\Chad\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO-x32: No Name -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO-x32: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-16] (AnchorFree Inc.) [File not signed]
*****************

C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe => No running process found
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}C' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}C'=> Key not found.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
hshld => Service not found.


The system needed a reboot.

==== End of Fixlog ====

# AdwCleaner v3.216 - Report created 21/07/2014 at 10:20:08
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Chad - CHAD-PC
# Running from : C:\Users\Chad\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\ProgramData\IObit\Driver Booster
[x] Not Deleted : C:\Program Files (x86)\GetPrivate
Folder Deleted : C:\Program Files (x86)\IObit\Driver Booster
Folder Deleted : C:\Program Files (x86)\MSR
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\ASPNET\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\ASPNET\AppData\Local\torch
Folder Deleted : C:\Users\Chad\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Chad\AppData\Local\torch
Folder Deleted : C:\Users\Chad\AppData\Local\fst_us_139
Folder Deleted : C:\Users\Chad\AppData\Local\Temp\hotspot shield
Folder Deleted : C:\Users\Chad\AppData\Roaming\GetPrivate
[x] Not Deleted : C:\Users\Chad\AppData\Roaming\IObit\Driver Booster
Folder Deleted : C:\Users\Chad\AppData\Roaming\v9
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\j64c3riu.default\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\j64c3riu.default\Extensions\plugin@i-beta.com
File Deleted : C:\END
File Deleted : C:\Users\Chad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Deleted : C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\3dpftn1q.default-1401063780864\invalidprefs.js
File Deleted : C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\j64c3riu.default\user.js
File Deleted : C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update

***** [ Shortcuts ] *****


#10 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:40 AM

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dghncoeocefmhkhiphdgikkamjeglbfh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\blockAndSurf
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\Email Notifier
Key Deleted : HKLM\Software\FrEeSoFtOdAy
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\Tutorials
Key Deleted : [x64] HKLM\SOFTWARE\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\3dpftn1q.default-1401063780864\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [7945 octets] - [21/07/2014 10:17:12]
AdwCleaner[S0].txt - [7622 octets] - [21/07/2014 10:20:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7682 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Chad on Mon 07/21/2014 at 10:25:50.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-768641754-322465483-2195619182-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-768641754-322465483-2195619182-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricerInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricerInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricer_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricerInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricerInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricer_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Chad\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Chad\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver genius"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Chad\AppData\Roaming\mozilla\firefox\profiles\3dpftn1q.default-1401063780864\minidumps [48 files]



~~~ Event Viewer Logs were cleared


    Advertisements

Register to Remove

#11 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:41 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/21/2014 at 10:33:11.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

11:28:48.0927 0x0ef4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
11:30:00.0181 0x0ef4  ============================================================
11:30:00.0181 0x0ef4  Current date / time: 2014/07/11 11:30:00.0181
11:30:00.0181 0x0ef4  SystemInfo:
11:30:00.0181 0x0ef4  
11:30:00.0181 0x0ef4  OS Version: 6.1.7601 ServicePack: 1.0
11:30:00.0181 0x0ef4  Product type: Workstation
11:30:00.0181 0x0ef4  ComputerName: CHAD-PC
11:30:00.0181 0x0ef4  UserName: Chad
11:30:00.0181 0x0ef4  Windows directory: C:\Windows
11:30:00.0181 0x0ef4  System windows directory: C:\Windows
11:30:00.0181 0x0ef4  Running under WOW64
11:30:00.0181 0x0ef4  Processor architecture: Intel x64
11:30:00.0181 0x0ef4  Number of processors: 3
11:30:00.0181 0x0ef4  Page size: 0x1000
11:30:00.0181 0x0ef4  Boot type: Normal boot
11:30:00.0181 0x0ef4  ============================================================
11:30:04.0421 0x0ef4  KLMD registered as C:\Windows\system32\drivers\20379757.sys
11:30:05.0201 0x0ef4  System UUID: {2F8A60F7-782A-8F6A-1384-5BD4DE101DEA}
11:30:06.0601 0x0ef4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
11:30:06.0601 0x0ef4  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:30:07.0071 0x0ef4  ============================================================
11:30:07.0071 0x0ef4  \Device\Harddisk0\DR0:
11:30:07.0101 0x0ef4  MBR partitions:
11:30:07.0101 0x0ef4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:30:07.0101 0x0ef4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0x72FE67C1
11:30:07.0101 0x0ef4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x73019000, BlocksNum 0x16ED000
11:30:07.0101 0x0ef4  \Device\Harddisk1\DR1:
11:30:07.0101 0x0ef4  MBR partitions:
11:30:07.0101 0x0ef4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
11:30:07.0101 0x0ef4  ============================================================
11:30:07.0181 0x0ef4  C: <-> \Device\Harddisk0\DR0\Partition2
11:30:07.0281 0x0ef4  D: <-> \Device\Harddisk0\DR0\Partition3
11:30:07.0321 0x0ef4  H: <-> \Device\Harddisk1\DR1\Partition1
11:30:07.0391 0x0ef4  J: <-> \Device\Harddisk0\DR0\Partition1
11:30:07.0391 0x0ef4  ============================================================
11:30:07.0391 0x0ef4  Initialize success
11:30:07.0391 0x0ef4  ============================================================
11:30:11.0661 0x00bc  ============================================================
11:30:11.0661 0x00bc  Scan started
11:30:11.0661 0x00bc  Mode: Manual;
11:30:11.0661 0x00bc  ============================================================
11:30:11.0661 0x00bc  KSN ping started
11:30:38.0596 0x00bc  KSN ping finished: true
11:30:43.0373 0x00bc  ================ Scan system memory ========================
11:30:43.0374 0x00bc  System memory - ok
11:30:43.0374 0x00bc  ================ Scan services =============================
11:30:44.0005 0x00bc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:30:44.0024 0x00bc  1394ohci - ok
11:30:44.0127 0x00bc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:30:44.0143 0x00bc  ACPI - ok
11:30:44.0166 0x00bc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:30:44.0180 0x00bc  AcpiPmi - ok
11:30:44.0410 0x00bc  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:30:44.0433 0x00bc  AdobeARMservice - ok
11:30:44.0896 0x00bc  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:30:44.0901 0x00bc  AdobeFlashPlayerUpdateSvc - ok
11:30:45.0011 0x00bc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:30:45.0041 0x00bc  adp94xx - ok
11:30:45.0147 0x00bc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:30:45.0182 0x00bc  adpahci - ok
11:30:45.0234 0x00bc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:30:45.0279 0x00bc  adpu320 - ok
11:30:45.0380 0x00bc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:30:45.0402 0x00bc  AeLookupSvc - ok
11:30:45.0502 0x00bc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
11:30:45.0522 0x00bc  AFD - ok
11:30:45.0613 0x00bc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:30:45.0620 0x00bc  agp440 - ok
11:30:45.0708 0x00bc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:30:45.0722 0x00bc  ALG - ok
11:30:45.0759 0x00bc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:30:45.0797 0x00bc  aliide - ok
11:30:45.0871 0x00bc  [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:30:45.0951 0x00bc  AMD External Events Utility - ok
11:30:46.0215 0x00bc  AMD FUEL Service - ok
11:30:46.0312 0x00bc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:30:46.0356 0x00bc  amdide - ok
11:30:46.0430 0x00bc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:30:46.0433 0x00bc  AmdK8 - ok
11:30:48.0681 0x00bc  [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:30:49.0077 0x00bc  amdkmdag - ok
11:30:49.0355 0x00bc  [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:30:49.0383 0x00bc  amdkmdap - ok
11:30:49.0414 0x00bc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:30:49.0415 0x00bc  AmdPPM - ok
11:30:49.0478 0x00bc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:30:49.0497 0x00bc  amdsata - ok
11:30:49.0566 0x00bc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:30:49.0571 0x00bc  amdsbs - ok
11:30:49.0587 0x00bc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:30:49.0588 0x00bc  amdxata - ok
11:30:49.0667 0x00bc  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:30:49.0682 0x00bc  AODDriver4.2 - ok
11:30:49.0702 0x00bc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
11:30:49.0704 0x00bc  AppID - ok
11:30:49.0747 0x00bc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:30:49.0759 0x00bc  AppIDSvc - ok
11:30:49.0815 0x00bc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
11:30:49.0835 0x00bc  Appinfo - ok
11:30:49.0859 0x00bc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:30:49.0872 0x00bc  arc - ok
11:30:49.0895 0x00bc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:30:49.0910 0x00bc  arcsas - ok
11:30:50.0175 0x00bc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:30:50.0281 0x00bc  aspnet_state - ok
11:30:50.0315 0x00bc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:50.0335 0x00bc  AsyncMac - ok
11:30:50.0363 0x00bc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:30:50.0364 0x00bc  atapi - ok
11:30:50.0424 0x00bc  [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:30:50.0435 0x00bc  AtiHDAudioService - ok
11:30:50.0582 0x00bc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:30:50.0604 0x00bc  AudioEndpointBuilder - ok
11:30:50.0628 0x00bc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:30:50.0641 0x00bc  AudioSrv - ok
11:30:50.0702 0x00bc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:30:50.0718 0x00bc  AxInstSV - ok
11:30:50.0836 0x00bc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:30:50.0851 0x00bc  b06bdrv - ok
11:30:50.0887 0x00bc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:30:50.0903 0x00bc  b57nd60a - ok
11:30:50.0922 0x00bc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:30:50.0934 0x00bc  BDESVC - ok
11:30:50.0961 0x00bc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:30:50.0977 0x00bc  Beep - ok
11:30:51.0037 0x00bc  [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
11:30:51.0051 0x00bc  BEService - ok
11:30:51.0194 0x00bc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:30:51.0216 0x00bc  BFE - ok
11:30:51.0584 0x00bc  [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys
11:30:51.0622 0x00bc  BHDrvx64 - ok
11:30:51.0843 0x00bc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:30:51.0921 0x00bc  BITS - ok
11:30:51.0967 0x00bc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:30:51.0983 0x00bc  blbdrive - ok
11:30:52.0034 0x00bc  [ 369D7E0E01117A1A4A23C9C6A04EED06, 000793ECF7BF88A108A9FF623AF03508AD360854D08BD70DF32C22EBFE78E119 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
11:30:52.0047 0x00bc  BootDefragDriver - ok
11:30:52.0099 0x00bc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:30:52.0115 0x00bc  bowser - ok
11:30:52.0129 0x00bc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:30:52.0130 0x00bc  BrFiltLo - ok
11:30:52.0159 0x00bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:30:52.0173 0x00bc  BrFiltUp - ok
11:30:52.0231 0x00bc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:30:52.0254 0x00bc  Browser - ok
11:30:52.0344 0x00bc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:30:52.0352 0x00bc  Brserid - ok
11:30:52.0381 0x00bc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:30:52.0383 0x00bc  BrSerWdm - ok
11:30:52.0400 0x00bc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:30:52.0409 0x00bc  BrUsbMdm - ok
11:30:52.0426 0x00bc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:30:52.0442 0x00bc  BrUsbSer - ok
11:30:52.0482 0x00bc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:30:52.0508 0x00bc  BTHMODEM - ok
11:30:52.0556 0x00bc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:30:52.0570 0x00bc  bthserv - ok
11:30:52.0675 0x00bc  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys
11:30:52.0692 0x00bc  ccSet_NIS - ok
11:30:52.0718 0x00bc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:30:52.0733 0x00bc  cdfs - ok
11:30:52.0796 0x00bc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:30:52.0807 0x00bc  cdrom - ok
11:30:52.0892 0x00bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:30:52.0912 0x00bc  CertPropSvc - ok
11:30:52.0936 0x00bc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:30:52.0950 0x00bc  circlass - ok
11:30:52.0977 0x00bc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
11:30:52.0989 0x00bc  CLFS - ok
11:30:53.0150 0x00bc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:53.0167 0x00bc  clr_optimization_v2.0.50727_32 - ok
11:30:53.0301 0x00bc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:30:53.0467 0x00bc  clr_optimization_v2.0.50727_64 - ok
11:30:53.0635 0x00bc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:30:53.0658 0x00bc  clr_optimization_v4.0.30319_32 - ok
11:30:53.0689 0x00bc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:30:53.0766 0x00bc  clr_optimization_v4.0.30319_64 - ok
11:30:53.0797 0x00bc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:30:53.0813 0x00bc  CmBatt - ok
11:30:53.0844 0x00bc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:30:53.0856 0x00bc  cmdide - ok
11:30:53.0975 0x00bc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
11:30:53.0988 0x00bc  CNG - ok
11:30:54.0009 0x00bc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:30:54.0010 0x00bc  Compbatt - ok
11:30:54.0034 0x00bc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:30:54.0042 0x00bc  CompositeBus - ok
11:30:54.0046 0x00bc  COMSysApp - ok
11:30:54.0089 0x00bc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:30:54.0091 0x00bc  crcdisk - ok
11:30:54.0150 0x00bc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:30:54.0160 0x00bc  CryptSvc - ok
11:30:54.0200 0x00bc  [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
11:30:54.0203 0x00bc  dc3d - ok
11:30:54.0269 0x00bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll


#12 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:42 AM

11:30:54.0296 0x00bc  DcomLaunch - ok
11:30:54.0349 0x00bc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:30:54.0370 0x00bc  defragsvc - ok
11:30:54.0397 0x00bc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:30:54.0400 0x00bc  DfsC - ok
11:30:54.0450 0x00bc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:30:54.0468 0x00bc  Dhcp - ok
11:30:54.0506 0x00bc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:30:54.0511 0x00bc  discache - ok
11:30:54.0534 0x00bc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:30:54.0537 0x00bc  Disk - ok
11:30:54.0577 0x00bc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:30:54.0594 0x00bc  Dnscache - ok
11:30:54.0652 0x00bc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:30:54.0679 0x00bc  dot3svc - ok
11:30:54.0703 0x00bc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:30:54.0709 0x00bc  DPS - ok
11:30:54.0744 0x00bc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:30:54.0745 0x00bc  drmkaud - ok
11:30:54.0777 0x00bc  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:30:54.0800 0x00bc  dtsoftbus01 - ok
11:30:54.0887 0x00bc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:30:54.0915 0x00bc  DXGKrnl - ok
11:30:54.0988 0x00bc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:30:55.0013 0x00bc  EapHost - ok
11:30:55.0560 0x00bc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:30:55.0638 0x00bc  ebdrv - ok
11:30:55.0741 0x00bc  [ 5E346ADBAD5110EAB2E9808ABE877A00, 4B72C34E41B8AA15D166F65B5A037A1230A9FF65F827D18A57E2198573616EAD ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:30:55.0759 0x00bc  eeCtrl - ok
11:30:55.0807 0x00bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
11:30:55.0825 0x00bc  EFS - ok
11:30:55.0984 0x00bc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:30:56.0004 0x00bc  ehRecvr - ok
11:30:56.0028 0x00bc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:30:56.0049 0x00bc  ehSched - ok
11:30:56.0188 0x00bc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:30:56.0212 0x00bc  elxstor - ok
11:30:56.0583 0x00bc  [ F9FF75495330F23276EEADFE7E6DCBB9, 1213BAAD9297B560F77E3779DA28832A70F2C8C616809723D0BDF46E7E44800C ] EraserSvc11313  C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
11:30:56.0601 0x00bc  EraserSvc11313 - ok
11:30:56.0655 0x00bc  [ 773ACF5823046FA40D7FD898559A7228, 7DF39C42F781E7864CC791E3449CCDF0124930D128D168E8F9C80374640FFBE7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:30:56.0675 0x00bc  EraserUtilRebootDrv - ok
11:30:56.0695 0x00bc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:30:56.0716 0x00bc  ErrDev - ok
11:30:56.0855 0x00bc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:30:56.0866 0x00bc  EventSystem - ok
11:30:56.0899 0x00bc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:30:56.0914 0x00bc  exfat - ok
11:30:56.0976 0x00bc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:30:56.0982 0x00bc  fastfat - ok
11:30:57.0112 0x00bc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:30:57.0138 0x00bc  Fax - ok
11:30:57.0164 0x00bc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:30:57.0166 0x00bc  fdc - ok
11:30:57.0206 0x00bc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:30:57.0208 0x00bc  fdPHost - ok
11:30:57.0242 0x00bc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:30:57.0255 0x00bc  FDResPub - ok
11:30:57.0274 0x00bc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:30:57.0277 0x00bc  FileInfo - ok
11:30:57.0457 0x00bc  [ D409D4A4517865131999FAC96D366CBF, 512A80C4B180D5D6DECBAFB831A56C0DC8C5D1CC7E749465C47D29EC4DA45719 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
11:30:57.0491 0x00bc  FileMonitor - ok
11:30:57.0526 0x00bc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:30:57.0528 0x00bc  Filetrace - ok
11:30:57.0552 0x00bc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:30:57.0568 0x00bc  flpydisk - ok
11:30:57.0637 0x00bc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:30:57.0659 0x00bc  FltMgr - ok
11:30:57.0907 0x00bc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:30:57.0938 0x00bc  FontCache - ok
11:30:58.0051 0x00bc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:30:58.0072 0x00bc  FontCache3.0.0.0 - ok
11:30:58.0105 0x00bc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:30:58.0153 0x00bc  FsDepends - ok
11:30:58.0190 0x00bc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:30:58.0191 0x00bc  Fs_Rec - ok
11:30:58.0263 0x00bc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:30:58.0279 0x00bc  fvevol - ok
11:30:58.0297 0x00bc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:30:58.0299 0x00bc  gagp30kx - ok
11:30:58.0353 0x00bc  [ BA5996C46AF098047A0337A540180B71, 1B0265889C7B9B68EEB7BC97A8F2CB9B4AADEBB05780655BCFD37B148F3B594B ] gfiark          C:\Windows\system32\drivers\gfiark.sys
11:30:58.0366 0x00bc  gfiark - ok
11:30:58.0417 0x00bc  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
11:30:58.0424 0x00bc  gfibto - ok
11:30:58.0526 0x00bc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:30:58.0545 0x00bc  gpsvc - ok
11:30:58.0604 0x00bc  [ 04697FD2E72486667CDE08696EE7586D, 79F438BC3BC7CA7C9307C82A6C6B34792849C14DF57057007613F6A7FD199AB8 ] GUBootStartup   C:\Windows\system32\drivers\GUBootStartup.sys
11:30:58.0605 0x00bc  GUBootStartup - ok
11:30:58.0729 0x00bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:30:58.0751 0x00bc  gupdate - ok
11:30:58.0756 0x00bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:30:58.0759 0x00bc  gupdatem - ok
11:30:58.0795 0x00bc  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
11:30:58.0797 0x00bc  hamachi - ok
11:30:59.0248 0x00bc  [ 8E459BA8360F33D64BE96F9550E56EE8, AA0568EE4DE90C7D6001759BADE17729E4420DEBE106DB8AFDC2B4E1C518DC49 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
11:30:59.0322 0x00bc  Hamachi2Svc - ok
11:30:59.0353 0x00bc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:30:59.0364 0x00bc  hcw85cir - ok
11:30:59.0476 0x00bc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:30:59.0500 0x00bc  HdAudAddService - ok
11:30:59.0534 0x00bc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:30:59.0550 0x00bc  HDAudBus - ok
11:30:59.0586 0x00bc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:30:59.0588 0x00bc  HidBatt - ok
11:30:59.0624 0x00bc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:30:59.0646 0x00bc  HidBth - ok
11:30:59.0681 0x00bc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:30:59.0699 0x00bc  HidIr - ok
11:30:59.0743 0x00bc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:30:59.0759 0x00bc  hidserv - ok
11:30:59.0791 0x00bc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:30:59.0805 0x00bc  HidUsb - ok
11:30:59.0865 0x00bc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:30:59.0881 0x00bc  hkmsvc - ok
11:30:59.0919 0x00bc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:30:59.0935 0x00bc  HomeGroupListener - ok
11:31:00.0054 0x00bc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:31:00.0076 0x00bc  HomeGroupProvider - ok
11:31:00.0119 0x00bc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:31:00.0137 0x00bc  HpSAMD - ok
11:31:00.0296 0x00bc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:31:00.0318 0x00bc  HTTP - ok
11:31:00.0361 0x00bc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:31:00.0362 0x00bc  hwpolicy - ok
11:31:00.0402 0x00bc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:31:00.0416 0x00bc  i8042prt - ok
11:31:00.0524 0x00bc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:31:00.0547 0x00bc  iaStorV - ok
11:31:00.0684 0x00bc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:31:00.0717 0x00bc  idsvc - ok
11:31:00.0964 0x00bc  [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140710.002\IDSvia64.sys
11:31:00.0991 0x00bc  IDSVia64 - ok
11:31:00.0996 0x00bc  IEEtwCollectorService - ok
11:31:01.0024 0x00bc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:31:01.0027 0x00bc  iirsp - ok
11:31:01.0166 0x00bc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:31:01.0190 0x00bc  IKEEXT - ok
11:31:01.0304 0x00bc  [ EAEA4B0005869A4ABE6070BD364143B7, BD439C15EFBBAFAF88ADD4C988CC7AA04128EF689B1C9CF49FEE9B57417C08B7 ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
11:31:01.0372 0x00bc  IMFservice - ok
11:31:01.0954 0x00bc  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:31:02.0062 0x00bc  IntcAzAudAddService - ok
11:31:02.0130 0x00bc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:31:02.0146 0x00bc  intelide - ok
11:31:02.0174 0x00bc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:31:02.0200 0x00bc  intelppm - ok
11:31:02.0287 0x00bc  [ D7B749051DA5FB4604F4141F19C47660, 2B33DF9AFF7CB99A782B252E8EB65CA49874A112986A1C49CD9971210597A8AE ] IObitUnlocker   C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys
11:31:02.0411 0x00bc  IObitUnlocker - ok
11:31:02.0506 0x00bc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:31:02.0530 0x00bc  IPBusEnum - ok
11:31:02.0604 0x00bc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:31:02.0621 0x00bc  IpFilterDriver - ok
11:31:02.0849 0x00bc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:31:02.0863 0x00bc  iphlpsvc - ok
11:31:02.0894 0x00bc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:31:02.0907 0x00bc  IPMIDRV - ok
11:31:02.0933 0x00bc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:31:02.0947 0x00bc  IPNAT - ok
11:31:02.0989 0x00bc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:31:02.0999 0x00bc  IRENUM - ok
11:31:03.0030 0x00bc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:31:03.0032 0x00bc  isapnp - ok
11:31:03.0125 0x00bc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:31:03.0150 0x00bc  iScsiPrt - ok
11:31:03.0183 0x00bc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:31:03.0193 0x00bc  kbdclass - ok
11:31:03.0233 0x00bc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:31:03.0255 0x00bc  kbdhid - ok
11:31:03.0282 0x00bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
11:31:03.0284 0x00bc  KeyIso - ok
11:31:03.0345 0x00bc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:31:03.0348 0x00bc  KSecDD - ok
11:31:03.0409 0x00bc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:31:03.0420 0x00bc  KSecPkg - ok
11:31:03.0447 0x00bc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:31:03.0449 0x00bc  ksthunk - ok
11:31:03.0502 0x00bc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:31:03.0524 0x00bc  KtmRm - ok
11:31:03.0594 0x00bc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:31:03.0609 0x00bc  LanmanServer - ok
11:31:03.0666 0x00bc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:31:03.0688 0x00bc  LanmanWorkstation - ok
11:31:04.0077 0x00bc  [ 9221BD3515C49AED30FA88152BFD7168, CD23280C8A1AE00EEEBFC74D403EDE0BF6CB03DDDC3CB971338A7C9FB76CD7F3 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
11:31:04.0135 0x00bc  LiveUpdateSvc - ok
11:31:04.0170 0x00bc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:31:04.0185 0x00bc  lltdio - ok
11:31:04.0232 0x00bc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:31:04.0249 0x00bc  lltdsvc - ok
11:31:04.0273 0x00bc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:31:04.0275 0x00bc  lmhosts - ok


#13 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:43 AM

11:31:04.0341 0x00bc  [ D5F9C50082FA5F82C35922998B3DAD6E, 4957FB1888EC69E16E6D019F2D984EE810F8532FAB504B30D32518E4D3F01FDB ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
11:31:04.0357 0x00bc  LMIGuardianSvc - ok
11:31:04.0387 0x00bc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:31:04.0406 0x00bc  LSI_FC - ok
11:31:04.0439 0x00bc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:31:04.0443 0x00bc  LSI_SAS - ok
11:31:04.0470 0x00bc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:31:04.0480 0x00bc  LSI_SAS2 - ok
11:31:04.0501 0x00bc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:31:04.0535 0x00bc  LSI_SCSI - ok
11:31:04.0582 0x00bc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:31:04.0600 0x00bc  luafv - ok
11:31:04.0604 0x00bc  lxdn_device - ok
11:31:04.0633 0x00bc  [ DE585D1D266805E5EEDAE911FDD16F38, D954C1795D98653F1FB0AE8650FF0DEDDAA730B98C9449E6F608154D573DAB27 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
11:31:04.0635 0x00bc  ManyCam - ok
11:31:04.0672 0x00bc  MBAMSwissArmy - ok
11:31:04.0735 0x00bc  [ 5858C4ABE87D0A842A941D6BD08038F1, FA082135752ECE107AC5E94066541F07FC1D56CE070CE8476A30375308F290A9 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
11:31:04.0753 0x00bc  mcaudrv_simple - ok
11:31:04.0820 0x00bc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:31:04.0841 0x00bc  Mcx2Svc - ok
11:31:04.0853 0x00bc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:31:04.0864 0x00bc  megasas - ok
11:31:04.0897 0x00bc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:31:04.0915 0x00bc  MegaSR - ok
11:31:04.0937 0x00bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:31:04.0948 0x00bc  MMCSS - ok
11:31:04.0979 0x00bc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:31:04.0980 0x00bc  Modem - ok
11:31:05.0029 0x00bc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:31:05.0030 0x00bc  monitor - ok
11:31:05.0055 0x00bc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:31:05.0070 0x00bc  mouclass - ok
11:31:05.0098 0x00bc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:31:05.0116 0x00bc  mouhid - ok
11:31:05.0147 0x00bc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:31:05.0150 0x00bc  mountmgr - ok
11:31:05.0228 0x00bc  [ 0A181FDED34B63086130C7140D6BEE2B, 00A96D8F83CA8883298CA8DE7BC8D669B98C58BBFBE378A32D22F3199795D3DA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:31:05.0241 0x00bc  MozillaMaintenance - ok
11:31:05.0340 0x00bc  [ FC1D590039EF06A381768710E6C07E75, 2F8B4D5232C4848A423A4E647102F3EDFD9B3D55D0D14AC04FD6D60D9212106F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:31:05.0356 0x00bc  MpFilter - ok
11:31:05.0393 0x00bc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:31:05.0402 0x00bc  mpio - ok
11:31:05.0436 0x00bc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:31:05.0454 0x00bc  mpsdrv - ok
11:31:05.0655 0x00bc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:31:05.0675 0x00bc  MpsSvc - ok
11:31:05.0735 0x00bc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:31:05.0747 0x00bc  MRxDAV - ok
11:31:05.0784 0x00bc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:31:05.0806 0x00bc  mrxsmb - ok
11:31:05.0839 0x00bc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:31:05.0856 0x00bc  mrxsmb10 - ok
11:31:05.0888 0x00bc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:31:05.0899 0x00bc  mrxsmb20 - ok
11:31:05.0948 0x00bc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:31:05.0964 0x00bc  msahci - ok
11:31:06.0048 0x00bc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:31:06.0052 0x00bc  msdsm - ok
11:31:06.0081 0x00bc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:31:06.0127 0x00bc  MSDTC - ok
11:31:06.0146 0x00bc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:31:06.0147 0x00bc  Msfs - ok
11:31:06.0179 0x00bc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:31:06.0195 0x00bc  mshidkmdf - ok
11:31:06.0275 0x00bc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:31:06.0291 0x00bc  msisadrv - ok
11:31:06.0353 0x00bc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:31:06.0359 0x00bc  MSiSCSI - ok
11:31:06.0363 0x00bc  msiserver - ok
11:31:06.0424 0x00bc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:31:06.0425 0x00bc  MSKSSRV - ok
11:31:06.0491 0x00bc  MsMpSvc - ok
11:31:06.0514 0x00bc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:31:06.0515 0x00bc  MSPCLOCK - ok
11:31:06.0540 0x00bc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:31:06.0554 0x00bc  MSPQM - ok
11:31:06.0636 0x00bc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:31:06.0651 0x00bc  MsRPC - ok
11:31:06.0678 0x00bc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:31:06.0679 0x00bc  mssmbios - ok
11:31:06.0708 0x00bc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:31:06.0709 0x00bc  MSTEE - ok
11:31:06.0736 0x00bc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:31:06.0748 0x00bc  MTConfig - ok
11:31:06.0785 0x00bc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:31:06.0787 0x00bc  Mup - ok
11:31:06.0902 0x00bc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:31:06.0919 0x00bc  napagent - ok
11:31:07.0003 0x00bc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:31:07.0017 0x00bc  NativeWifiP - ok
11:31:07.0117 0x00bc  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140710.024\ENG64.SYS
11:31:07.0130 0x00bc  NAVENG - ok
11:31:07.0350 0x00bc  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140710.024\EX64.SYS
11:31:07.0401 0x00bc  NAVEX15 - ok
11:31:07.0535 0x00bc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:31:07.0559 0x00bc  NDIS - ok
11:31:07.0578 0x00bc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:31:07.0594 0x00bc  NdisCap - ok
11:31:07.0615 0x00bc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:31:07.0617 0x00bc  NdisTapi - ok
11:31:07.0644 0x00bc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:31:07.0723 0x00bc  Ndisuio - ok
11:31:07.0822 0x00bc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:31:07.0831 0x00bc  NdisWan - ok
11:31:07.0874 0x00bc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:31:07.0889 0x00bc  NDProxy - ok
11:31:07.0925 0x00bc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:31:07.0927 0x00bc  NetBIOS - ok
11:31:07.0965 0x00bc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:31:07.0984 0x00bc  NetBT - ok
11:31:08.0007 0x00bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
11:31:08.0008 0x00bc  Netlogon - ok
11:31:08.0105 0x00bc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:31:08.0113 0x00bc  Netman - ok
11:31:08.0152 0x00bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0181 0x00bc  NetMsmqActivator - ok
11:31:08.0201 0x00bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0204 0x00bc  NetPipeActivator - ok
11:31:08.0252 0x00bc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:31:08.0261 0x00bc  netprofm - ok
11:31:08.0277 0x00bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0280 0x00bc  NetTcpActivator - ok
11:31:08.0297 0x00bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0300 0x00bc  NetTcpPortSharing - ok
11:31:08.0318 0x00bc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:31:08.0320 0x00bc  nfrd960 - ok
11:31:08.0424 0x00bc  [ F9FF75495330F23276EEADFE7E6DCBB9, 1213BAAD9297B560F77E3779DA28832A70F2C8C616809723D0BDF46E7E44800C ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
11:31:08.0430 0x00bc  NIS - ok
11:31:08.0544 0x00bc  [ 8FB3C853E886E1E4D57271672486111C, 2D2954740BF2046FC4C0F1C00FBA9627C356792C0636A51078116876E4886FC6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:31:08.0548 0x00bc  NisDrv - ok
11:31:08.0551 0x00bc  NisSrv - ok
11:31:08.0668 0x00bc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:31:08.0686 0x00bc  NlaSvc - ok
11:31:08.0748 0x00bc  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
11:31:08.0764 0x00bc  NPF - ok
11:31:08.0814 0x00bc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:31:08.0829 0x00bc  Npfs - ok
11:31:08.0868 0x00bc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:31:08.0886 0x00bc  nsi - ok
11:31:08.0909 0x00bc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:31:08.0927 0x00bc  nsiproxy - ok
11:31:09.0345 0x00bc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:31:09.0385 0x00bc  Ntfs - ok
11:31:09.0422 0x00bc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:31:09.0424 0x00bc  Null - ok
11:31:09.0490 0x00bc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:31:09.0509 0x00bc  nvraid - ok
11:31:09.0790 0x00bc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:31:09.0827 0x00bc  nvstor - ok
11:31:09.0850 0x00bc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:31:09.0854 0x00bc  nv_agp - ok
11:31:09.0877 0x00bc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:31:09.0880 0x00bc  ohci1394 - ok
11:31:09.0917 0x00bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:31:09.0926 0x00bc  p2pimsvc - ok
11:31:10.0027 0x00bc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll


#14 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:46 AM

11:31:10.0069 0x00bc  p2psvc - ok
11:31:10.0124 0x00bc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:31:10.0158 0x00bc  Parport - ok
11:31:10.0230 0x00bc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:31:10.0256 0x00bc  partmgr - ok
11:31:10.0342 0x00bc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:31:10.0376 0x00bc  PcaSvc - ok
11:31:10.0456 0x00bc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:31:10.0493 0x00bc  pci - ok
11:31:10.0537 0x00bc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:31:10.0571 0x00bc  pciide - ok
11:31:10.0629 0x00bc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:31:13.0354 0x00bc  pcmcia - ok
11:31:13.0400 0x00bc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:31:13.0433 0x00bc  pcw - ok
11:31:13.0636 0x00bc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:31:13.0681 0x00bc  PEAUTH - ok
11:31:14.0036 0x00bc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:31:14.0039 0x00bc  PerfHost - ok
11:31:14.0310 0x00bc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:31:14.0352 0x00bc  pla - ok
11:31:14.0419 0x00bc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:31:14.0440 0x00bc  PlugPlay - ok
11:31:14.0459 0x00bc  PnkBstrA - ok
11:31:14.0486 0x00bc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:31:14.0493 0x00bc  PNRPAutoReg - ok
11:31:14.0616 0x00bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:31:14.0623 0x00bc  PNRPsvc - ok
11:31:14.0658 0x00bc  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
11:31:14.0678 0x00bc  Point64 - ok
11:31:14.0838 0x00bc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:31:14.0856 0x00bc  PolicyAgent - ok
11:31:14.0893 0x00bc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:31:14.0916 0x00bc  Power - ok
11:31:14.0949 0x00bc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:31:14.0952 0x00bc  PptpMiniport - ok
11:31:14.0978 0x00bc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:31:14.0994 0x00bc  Processor - ok
11:31:15.0048 0x00bc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:31:15.0064 0x00bc  ProfSvc - ok
11:31:15.0089 0x00bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:31:15.0091 0x00bc  ProtectedStorage - ok
11:31:15.0113 0x00bc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:31:15.0117 0x00bc  Psched - ok
11:31:15.0325 0x00bc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:31:15.0369 0x00bc  ql2300 - ok
11:31:15.0403 0x00bc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:31:15.0419 0x00bc  ql40xx - ok
11:31:15.0478 0x00bc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:31:15.0493 0x00bc  QWAVE - ok
11:31:15.0522 0x00bc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:31:15.0524 0x00bc  QWAVEdrv - ok
11:31:15.0551 0x00bc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:31:15.0553 0x00bc  RasAcd - ok
11:31:15.0606 0x00bc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:31:15.0608 0x00bc  RasAgileVpn - ok
11:31:15.0641 0x00bc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:31:15.0658 0x00bc  RasAuto - ok
11:31:15.0690 0x00bc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:31:15.0702 0x00bc  Rasl2tp - ok
11:31:15.0744 0x00bc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:31:15.0761 0x00bc  RasMan - ok
11:31:15.0789 0x00bc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:31:15.0808 0x00bc  RasPppoe - ok
11:31:15.0833 0x00bc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:31:15.0853 0x00bc  RasSstp - ok
11:31:15.0886 0x00bc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:31:15.0897 0x00bc  rdbss - ok
11:31:15.0921 0x00bc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:31:15.0922 0x00bc  rdpbus - ok
11:31:15.0961 0x00bc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:31:15.0983 0x00bc  RDPCDD - ok
11:31:15.0991 0x00bc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:31:15.0992 0x00bc  RDPENCDD - ok
11:31:16.0056 0x00bc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:31:16.0068 0x00bc  RDPREFMP - ok
11:31:16.0126 0x00bc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:31:16.0127 0x00bc  RdpVideoMiniport - ok
11:31:16.0183 0x00bc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:31:16.0193 0x00bc  RDPWD - ok
11:31:16.0224 0x00bc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:31:16.0230 0x00bc  rdyboost - ok
11:31:16.0417 0x00bc  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
11:31:16.0419 0x00bc  RegFilter - ok
11:31:16.0481 0x00bc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:31:16.0496 0x00bc  RemoteAccess - ok
11:31:16.0539 0x00bc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:31:16.0559 0x00bc  RemoteRegistry - ok
11:31:16.0633 0x00bc  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
11:31:16.0659 0x00bc  rpcapd - ok
11:31:16.0681 0x00bc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:31:16.0705 0x00bc  RpcEptMapper - ok
11:31:16.0766 0x00bc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:31:16.0774 0x00bc  RpcLocator - ok
11:31:16.0902 0x00bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:31:16.0913 0x00bc  RpcSs - ok
11:31:16.0956 0x00bc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:31:16.0969 0x00bc  rspndr - ok
11:31:17.0136 0x00bc  [ 46596144363B912105F70016F0E2F908, 199FF8BFA60D8E9662F3C785146FAED3231B514D260F795B2B9857DC1EEB2E4B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:31:17.0158 0x00bc  RTL8167 - ok
11:31:17.0234 0x00bc  [ E4E034F79D88B34C5B4BA28BAE2259F7, A48E0ACFE75F92793E1961D108242A0B6B890ED8541757B7BF7EAAC1D6E963C1 ] RzKLService     C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
11:31:17.0254 0x00bc  RzKLService - ok
11:31:17.0273 0x00bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
11:31:17.0275 0x00bc  SamSs - ok
11:31:17.0303 0x00bc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:31:17.0317 0x00bc  sbp2port - ok
11:31:17.0371 0x00bc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:31:17.0388 0x00bc  SCardSvr - ok
11:31:17.0407 0x00bc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:31:17.0410 0x00bc  scfilter - ok
11:31:17.0515 0x00bc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:31:17.0549 0x00bc  Schedule - ok
11:31:17.0600 0x00bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:31:17.0602 0x00bc  SCPolicySvc - ok
11:31:17.0676 0x00bc  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
11:31:17.0691 0x00bc  ScreamBAudioSvc - ok
11:31:17.0738 0x00bc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:31:17.0761 0x00bc  SDRSVC - ok
11:31:17.0791 0x00bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:31:17.0793 0x00bc  secdrv - ok
11:31:17.0828 0x00bc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:31:17.0840 0x00bc  seclogon - ok
11:31:17.0854 0x00bc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:31:17.0866 0x00bc  SENS - ok
11:31:17.0896 0x00bc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:31:17.0904 0x00bc  SensrSvc - ok
11:31:17.0918 0x00bc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:31:17.0933 0x00bc  Serenum - ok
11:31:17.0951 0x00bc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:31:17.0971 0x00bc  Serial - ok
11:31:18.0004 0x00bc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:31:18.0017 0x00bc  sermouse - ok
11:31:18.0046 0x00bc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:31:18.0061 0x00bc  SessionEnv - ok
11:31:18.0083 0x00bc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:31:18.0084 0x00bc  sffdisk - ok
11:31:18.0093 0x00bc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:31:18.0107 0x00bc  sffp_mmc - ok
11:31:18.0128 0x00bc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:31:18.0143 0x00bc  sffp_sd - ok
11:31:18.0172 0x00bc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:31:18.0173 0x00bc  sfloppy - ok
11:31:18.0274 0x00bc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:31:18.0284 0x00bc  SharedAccess - ok
11:31:18.0403 0x00bc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:31:18.0422 0x00bc  ShellHWDetection - ok
11:31:18.0452 0x00bc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:31:18.0454 0x00bc  SiSRaid2 - ok
11:31:18.0476 0x00bc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:31:18.0493 0x00bc  SiSRaid4 - ok
11:31:18.0619 0x00bc  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe


#15 Divinusmortalis

Divinusmortalis

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 21 July 2014 - 10:49 AM

11:31:18.0635 0x00bc  SkypeUpdate - ok
11:31:18.0695 0x00bc  [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
11:31:18.0711 0x00bc  SmartDefragDriver - ok
11:31:18.0731 0x00bc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:31:18.0746 0x00bc  Smb - ok
11:31:18.0798 0x00bc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:31:18.0810 0x00bc  SNMPTRAP - ok
11:31:18.0847 0x00bc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:31:18.0849 0x00bc  spldr - ok
11:31:18.0981 0x00bc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:31:18.0996 0x00bc  Spooler - ok
11:31:19.0322 0x00bc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:31:19.0410 0x00bc  sppsvc - ok
11:31:19.0442 0x00bc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:31:19.0461 0x00bc  sppuinotify - ok
11:31:19.0638 0x00bc  [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP           C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS
11:31:19.0677 0x00bc  SRTSP - ok
11:31:19.0725 0x00bc  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS
11:31:19.0738 0x00bc  SRTSPX - ok
11:31:19.0848 0x00bc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:31:19.0871 0x00bc  srv - ok
11:31:19.0961 0x00bc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:31:19.0985 0x00bc  srv2 - ok
11:31:20.0038 0x00bc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:31:20.0060 0x00bc  srvnet - ok
11:31:20.0094 0x00bc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:31:20.0112 0x00bc  SSDPSRV - ok
11:31:20.0141 0x00bc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:31:20.0145 0x00bc  SstpSvc - ok
11:31:20.0240 0x00bc  Steam Client Service - ok
11:31:20.0279 0x00bc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:31:20.0301 0x00bc  stexstor - ok
11:31:20.0383 0x00bc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:31:20.0408 0x00bc  stisvc - ok
11:31:20.0432 0x00bc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:31:20.0450 0x00bc  swenum - ok
11:31:20.0503 0x00bc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:31:20.0527 0x00bc  swprv - ok
11:31:20.0623 0x00bc  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS
11:31:20.0639 0x00bc  SymDS - ok
11:31:20.0745 0x00bc  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS
11:31:20.0776 0x00bc  SymEFA - ok
11:31:20.0840 0x00bc  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:31:20.0853 0x00bc  SymEvent - ok
11:31:20.0924 0x00bc  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS
11:31:20.0940 0x00bc  SymIRON - ok
11:31:21.0021 0x00bc  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS
11:31:21.0045 0x00bc  SymNetS - ok
11:31:21.0292 0x00bc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:31:21.0350 0x00bc  SysMain - ok
11:31:21.0403 0x00bc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:31:21.0422 0x00bc  TabletInputService - ok
11:31:21.0468 0x00bc  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
11:31:21.0470 0x00bc  tap0901t - ok
11:31:21.0547 0x00bc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:31:21.0564 0x00bc  TapiSrv - ok
11:31:21.0587 0x00bc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:31:21.0601 0x00bc  TBS - ok
11:31:21.0801 0x00bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:31:21.0862 0x00bc  Tcpip - ok
11:31:21.0934 0x00bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:31:21.0986 0x00bc  TCPIP6 - ok
11:31:22.0046 0x00bc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:31:22.0067 0x00bc  tcpipreg - ok
11:31:22.0102 0x00bc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:31:22.0104 0x00bc  TDPIPE - ok
11:31:22.0155 0x00bc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:31:22.0158 0x00bc  TDTCP - ok
11:31:22.0184 0x00bc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:31:22.0188 0x00bc  tdx - ok
11:31:22.0230 0x00bc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:31:22.0233 0x00bc  TermDD - ok
11:31:22.0301 0x00bc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
11:31:22.0323 0x00bc  TermService - ok
11:31:22.0340 0x00bc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:31:22.0357 0x00bc  Themes - ok
11:31:22.0402 0x00bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:31:22.0424 0x00bc  THREADORDER - ok
11:31:22.0458 0x00bc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:31:22.0474 0x00bc  TrkWks - ok
11:31:22.0509 0x00bc  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
11:31:22.0523 0x00bc  truecrypt - ok
11:31:22.0669 0x00bc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:31:22.0691 0x00bc  TrustedInstaller - ok
11:31:22.0740 0x00bc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:31:22.0755 0x00bc  tssecsrv - ok
11:31:22.0796 0x00bc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:31:22.0811 0x00bc  TsUsbFlt - ok
11:31:22.0858 0x00bc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:31:22.0869 0x00bc  TsUsbGD - ok
11:31:22.0894 0x00bc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:31:22.0908 0x00bc  tunnel - ok
11:31:23.0061 0x00bc  [ 9B67EEB5ECCA7E7A57942D967DD59089, 6CD1575BB52A936875DB6E2EA541C7630CF1B0BC4947A5B12356F7C493316324 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
11:31:23.0085 0x00bc  TunngleService - ok
11:31:23.0115 0x00bc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:31:23.0130 0x00bc  uagp35 - ok
11:31:23.0184 0x00bc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:31:23.0200 0x00bc  udfs - ok
11:31:23.0226 0x00bc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:31:23.0236 0x00bc  UI0Detect - ok
11:31:23.0265 0x00bc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:31:23.0284 0x00bc  uliagpkx - ok
11:31:23.0307 0x00bc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:31:23.0324 0x00bc  umbus - ok
11:31:23.0361 0x00bc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:31:23.0362 0x00bc  UmPass - ok
11:31:23.0448 0x00bc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:31:23.0461 0x00bc  upnphost - ok
11:31:23.0493 0x00bc  [ 893A6B67C8AA502648AD946CF50DDFD1, 9480AD8BF791E5912FC89A9F610D5B2E23FD07DF99A15F6844A8854E4ECB4095 ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
11:31:23.0496 0x00bc  UrlFilter - ok
11:31:23.0576 0x00bc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:31:23.0606 0x00bc  usbaudio - ok
11:31:23.0667 0x00bc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:31:23.0682 0x00bc  usbccgp - ok
11:31:23.0734 0x00bc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:31:23.0748 0x00bc  usbcir - ok
11:31:23.0810 0x00bc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:31:23.0833 0x00bc  usbehci - ok
11:31:23.0968 0x00bc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:31:23.0985 0x00bc  usbhub - ok
11:31:24.0017 0x00bc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:31:24.0046 0x00bc  usbohci - ok
11:31:24.0076 0x00bc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:31:24.0079 0x00bc  usbprint - ok
11:31:24.0124 0x00bc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
11:31:24.0137 0x00bc  usbscan - ok
11:31:24.0169 0x00bc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
11:31:24.0187 0x00bc  USBSTOR - ok
11:31:24.0206 0x00bc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:31:24.0222 0x00bc  usbuhci - ok
11:31:24.0250 0x00bc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:31:24.0263 0x00bc  UxSms - ok
11:31:24.0281 0x00bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
11:31:24.0282 0x00bc  VaultSvc - ok
11:31:24.0323 0x00bc  [ 3A4B01C2BDB07DFEF29B0B369487503A, 83305F55930F355AB71A30509DC313AA3CD856D4B30ED804AF626636F9CD1A6B ] VCSVADHWSer     C:\Windows\system32\DRIVERS\vcsvad.sys
11:31:24.0324 0x00bc  VCSVADHWSer - ok
11:31:24.0360 0x00bc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:31:24.0363 0x00bc  vdrvroot - ok
11:31:24.0390 0x00bc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:31:24.0408 0x00bc  vds - ok
11:31:24.0439 0x00bc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:31:24.0441 0x00bc  vga - ok
11:31:24.0471 0x00bc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:31:24.0479 0x00bc  VgaSave - ok
11:31:24.0524 0x00bc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:31:24.0532 0x00bc  vhdmp - ok
11:31:24.0587 0x00bc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:31:24.0604 0x00bc  viaide - ok
11:31:24.0634 0x00bc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:31:24.0647 0x00bc  volmgr - ok
11:31:24.0763 0x00bc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:31:24.0786 0x00bc  volmgrx - ok
11:31:24.0846 0x00bc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:31:24.0859 0x00bc  volsnap - ok
11:31:24.0909 0x00bc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:31:24.0914 0x00bc  vsmraid - ok
11:31:25.0109 0x00bc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:31:25.0148 0x00bc  VSS - ok
11:31:25.0171 0x00bc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:31:25.0185 0x00bc  vwifibus - ok
11:31:25.0254 0x00bc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:31:25.0278 0x00bc  W32Time - ok
11:31:25.0297 0x00bc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:31:25.0309 0x00bc  WacomPen - ok
11:31:25.0339 0x00bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:31:25.0358 0x00bc  WANARP - ok
11:31:25.0372 0x00bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:31:25.0375 0x00bc  Wanarpv6 - ok
11:31:25.0523 0x00bc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:31:25.0554 0x00bc  WatAdminSvc - ok
11:31:25.0796 0x00bc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:31:25.0835 0x00bc  wbengine - ok
11:31:25.0869 0x00bc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:31:25.0892 0x00bc  WbioSrvc - ok
11:31:26.0004 0x00bc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:31:26.0024 0x00bc  wcncsvc - ok
11:31:26.0053 0x00bc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:31:26.0069 0x00bc  WcsPlugInService - ok
11:31:26.0097 0x00bc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:31:26.0099 0x00bc  Wd - ok
11:31:26.0233 0x00bc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:31:26.0253 0x00bc  Wdf01000 - ok
11:31:26.0272 0x00bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:31:26.0286 0x00bc  WdiServiceHost - ok
11:31:26.0302 0x00bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:31:26.0305 0x00bc  WdiSystemHost - ok
11:31:26.0367 0x00bc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:31:26.0383 0x00bc  WebClient - ok
11:31:26.0423 0x00bc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:31:26.0438 0x00bc  Wecsvc - ok
11:31:26.0466 0x00bc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:31:26.0494 0x00bc  wercplsupport - ok
11:31:26.0528 0x00bc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:31:26.0551 0x00bc  WerSvc - ok
11:31:26.0571 0x00bc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:31:26.0588 0x00bc  WfpLwf - ok
11:31:26.0617 0x00bc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:31:26.0619 0x00bc  WIMMount - ok
11:31:26.0662 0x00bc  WinDefend - ok
11:31:26.0668 0x00bc  WinHttpAutoProxySvc - ok
11:31:26.0759 0x00bc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:31:26.0781 0x00bc  Winmgmt - ok
11:31:26.0788 0x00bc  WinRing0_1_2_0 - ok


Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: Maleware, scanners wont find, browser, tab, popups, expanding, pages, highjack

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·