WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

I got rootkited and have leftover damage... [Solved]

Started by Nare , Nov 02 2014 03:06 AM

This topic is locked

33 replies to this topic

#1 Nare

Authentic Member

Authentic Member
50 posts

Posted 02 November 2014 - 03:06 AM

I actually had problems cause I went without anti-virus for a while but in the end I looked around and learned up and managed to stabilize the infection and clean the computer and it's pretty much stable now. I did have to use ComboFix however, because it got really bad, like startup issues and fan going into hyper drive bad, and I know it doesn't completely remove everything hence why I am on assistance forums. But most of the problem was just that I was constantly infected due to having no firewall, which I fixed now.

So I got ComboFix logs, and I can also go into major detail on what happened and have screens of all sorts of errors, but almost all of them are gone now. My issue is that it may also have been a hacker so I want to root anything left, and to fix some damage left on Windows, namely:

1) Safe Mode doesn't work. ComboFix says SafeBootRegistry is damaged and needs fixing but it's better to ask first than to look it up myself.

2) Disk space on Windows vanished while I was infected. And I am pretty sure it was viruses, because as I was scanning whenever I got attacked again there'd be some disk space missing, and after the scan removed the virus space would clear up, especially true of startup viruses. I even did stuff like clear some space just in case, had 6 GB left, and on restart I only had 3 GB, like wtf.

I got something to view disk space better with and this looks a bit suspicious. I DO have most of my drive space taken up, but I am convinced I am a few GB short, and even though I calculated my folders and they add up almost exactly to my disk space...Windows folder is 25 GB ;/.

The Program Data folder I didn't calculate...because it's 181 GB...when my drive system is just 151 GB. Treesize says my total disk space on C is 331 GB, when I don't even reach 300 GB total disk space. I am confused by this display error or whatever it is. Microsoft takes up almost all of that with cached icons.

That 1,9 GB file looks especially suspicious, because its nothing but unrecognized file types with long random character names. Can I just delete it?

Anyway here's the logs you asked me for. I couldn't run FRST because Windows canceled it even as it was downloading on the count of being suspicious or something. Got an error saying path to it couldn't be found. Might be part of the virus damage or maybe just my firewall, in any case, letting you know first.

aswMBR version 1.0.1.2172 Copyright© 2014 AVAST Software
Run date: 2014-11-01 21:02:18
-----------------------------
21:02:18.223    OS Version: Windows x64 6.1.7601 Service Pack 1
21:02:18.223    Number of processors: 2 586 0x2A07
21:02:18.223    ComputerName: RAMONA-PC UserName: Iuliu
21:02:23.331    Initialize success
21:02:23.613    VM: initialized successfully
21:02:23.613    VM: Intel CPU supported
21:02:38.453    VM: supported disk I/O iaStor.sys
21:04:59.604    AVAST engine defs: 14110100
21:06:45.397    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:06:45.407    Disk 0 Vendor: Hitachi_ ES2O Size: 305245MB BusType: 3
21:06:45.547    VM: Disk 0 MBR read successfully
21:06:45.557    Disk 0 MBR scan
21:06:45.567    Disk 0 Windows 7 default MBR code
21:06:45.577    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
21:06:45.607    Disk 0 Boot: NTFS     code=2
21:06:45.657    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       155144 MB offset 206848
21:06:45.687    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       149999 MB offset 317941760
21:06:45.927    Disk 0 scanning C:\Windows\system32\drivers
21:07:07.342    Service scanning
21:08:29.854    Modules scanning
21:08:29.854    Disk 0 trace - called modules:
21:08:29.874    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
21:08:29.884    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006eff060]
21:08:29.884    3 CLASSPNP.SYS[fffff88001c5543f] -> nt!IofCallDriver -> [0xfffffa800460ec40]
21:08:29.894    5 ACPI.sys[fffff88000ef97a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004611050]
21:08:33.420    AVAST engine scan C:\Windows
21:08:40.398    AVAST engine scan C:\Windows\system32
21:15:34.011    AVAST engine scan C:\Windows\system32\drivers
21:16:21.478    AVAST engine scan C:\Users\Iuliu
21:25:05.056    File: C:\Users\Iuliu\AppData\Local\YhPack\tmp515A.exe **INFECTED** Win32:Reveton-ABW [Trj]
21:25:05.118    File: C:\Users\Iuliu\AppData\Local\YhPack\tmp5773.exe **INFECTED** Win32:Rootkit-gen [Rtk]
21:33:11.096    AVAST engine scan C:\ProgramData
21:35:50.876    Disk 0 MBR has been saved successfully to "D:\####### cleanup!\MBR.dat"
21:35:50.892    The log file has been saved successfully to "D:\####### cleanup!\aswMBR.txt"

That YhPack is the most constant name in all the infections I had btw and I could not delete it because I didn't know where it originated and I kept getting infected even if I kept scanning. It seems the two way Firewall is stopping it. Anyway, going to wait for a reply before I do anything else.

Edited by Nare, 02 November 2014 - 03:10 AM.

Advertisements

Register to Remove

#2 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 02 November 2014 - 05:14 PM

:welcome:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system

A simple way to check your system: Start --> Computer (right click) --> Properties

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Please make sure All Users is checked

Do not check

*List BCD

*Drivers MD5

*Shortcut txt

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#3 Nare

Authentic Member

Authentic Member
50 posts

Posted 03 November 2014 - 06:18 AM

It was all the protection I have now, which canceled/deleted the file even as it was downloading. Had to use a different browser and shut all the protection down.

I always kind of sensed it was some hacker, but I wasn't really sure what he would have wanted or if it was some automatic infection. But now I know because I checked what some of those files in Secure Program Data were and it was a bunch of stupid movie files of around 800 MB, carp** I would never even watch. Well, here are the logs anyway...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Iuliu (administrator) on RAMONA-PC on 03-11-2014 13:56:49
Running from C:\Users\Iuliu\Desktop
Loaded Profile: Iuliu (Available profiles: Ramona & Iuliu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Română (România)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(www.BitComet.com) C:\Program Files\BitComet\tools\BitCometService.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Join Air\UIExec.exe [139088 2011-02-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-10-30] (Filefacts.net)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3781310032-3316471014-4203319439-1001\...\Policies\Explorer: [Run] "C:\Users\Iuliu\AppData\Roaming\Microsoft\Windows\IEUpdate\verclsid.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * lsdeletePCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyUsers\S-1-5-21-3781310032-3316471014-4203319439-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nyaa.se/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ro-RO
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x75506ACFAEDBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://utw.me/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3781310032-3316471014-4203319439-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: 127.0.0.1 localhost

FireFox:
========
FF ProfilePath: C:\Users\Iuliu\AppData\Roaming\Mozilla\Firefox\Profiles\ii47zk5e.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Iuliu\AppData\Roaming\rcru\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Iuliu\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Iuliu\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Lavasoft Search Plugin - C:\Users\Iuliu\AppData\Roaming\Mozilla\Firefox\Profiles\ii47zk5e.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012-10-21]
FF Extension: Windows Photo Viewer Gallery Interface - C:\Users\Iuliu\AppData\Roaming\Mozilla\Firefox\Profiles\ii47zk5e.default\Extensions\{32603E18-7893-D30E-792A-801055CDA1F3} [2014-09-06]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-16]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Profile: C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jombbjeacppmnbiehjpajljeohfkdlgi [2014-05-21]
CHR Profile: C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Drive) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-05]
CHR Extension: (YouTube) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-05]
CHR Extension: (Google Search) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-05]
CHR Extension: (Skype Click to Call) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-04]
CHR Extension: (Google Wallet) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-05]
CHR Extension: (Gmail) - C:\Users\Iuliu\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR StartMenuInternet: Google Chrome - C:\Users\Iuliu\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [261456 2011-02-14] ()
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-02-19] (GFI Software)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MEMSWEEP2; C:\Windows\system32\6EF9.tmp [6144 2010-05-26] (Sophos Plc) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S1 pumoymyv; No ImagePath
S1 SAVRKBootTasks; C:\Windows\SysWOW64\SAVRKBootTasks.sys [18816 2010-05-26] (Sophos Plc) [File not signed]
S1 SBRE; No ImagePath
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va010; No ImagePath
S3 X6va011; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 slb; \??\D:\Aeria\ScarletBlade\avital\scarlb64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-03 13:56 - 2014-11-03 13:57 - 00023084 _____ () C:\Users\Iuliu\Desktop\FRST.txt
2014-11-03 13:56 - 2014-11-03 13:56 - 00000000 ____D () C:\FRST
2014-11-03 13:55 - 2014-11-03 13:55 - 02114560 _____ (Farbar) C:\Users\Iuliu\Desktop\FRST64.exe
2014-11-02 09:26 - 2014-11-02 09:26 - 00456624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 20:37 - 2014-11-01 20:37 - 05192704 _____ (AVAST Software) C:\Users\Iuliu\Desktop\aswMBR.exe
2014-11-01 15:30 - 2014-11-01 15:30 - 00109672 _____ () C:\Users\Iuliu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-01 09:46 - 2014-11-03 10:49 - 00000392 _____ () C:\Windows\setupact.log
2014-11-01 09:46 - 2014-11-01 09:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-30 07:55 - 2014-03-25 15:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-10-29 20:00 - 2014-10-29 20:00 - 00021075 _____ () C:\ComboFix.txt
2014-10-29 18:38 - 2014-10-29 18:39 - 00870336 _____ (Opera Software) C:\Users\Iuliu\Downloads\Opera_NI_stable.exe
2014-10-29 18:36 - 2014-10-29 18:36 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\Opera Software
2014-10-29 18:36 - 2014-10-29 18:36 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\Opera Software
2014-10-29 18:35 - 2014-10-31 09:46 - 00003836 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414600540
2014-10-29 18:35 - 2014-10-31 09:46 - 00000964 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 25.lnk
2014-10-29 18:35 - 2014-10-29 18:35 - 00001139 _____ () C:\Users\Public\Desktop\Opera 25.lnk
2014-10-29 16:16 - 2014-10-29 16:16 - 00001225 _____ () C:\Users\Iuliu\Desktop\TreeSize Free.lnk
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\JAM Software
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2014-10-29 16:15 - 2014-10-29 16:15 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\ImgBurn
2014-10-29 16:05 - 2014-10-29 16:05 - 00001881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-10-29 16:05 - 2014-10-29 16:05 - 00001869 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-10-29 16:05 - 2014-10-29 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-10-29 16:05 - 2014-10-29 16:05 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-10-28 12:06 - 2014-10-28 15:01 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\Uzixso
2014-10-26 15:21 - 2014-10-26 15:23 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-10-26 15:21 - 2014-10-26 15:21 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-10-26 15:21 - 2014-10-26 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-10-26 15:20 - 2014-10-26 15:21 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-10-26 15:19 - 2014-10-26 15:19 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-10-26 10:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-26 10:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-26 10:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-25 16:12 - 2014-10-25 16:13 - 05583977 ____R (Swearware) C:\Users\Iuliu\Desktop\ComboFix.exe
2014-10-24 23:41 - 2014-10-24 23:41 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-10-24 14:31 - 2014-10-24 14:31 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-10-16 12:08 - 2014-10-16 12:08 - 00033568 _____ () C:\Users\Iuliu\AppData\Local\2ete64.vas
2014-10-15 20:23 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 20:23 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 20:23 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 20:23 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 20:23 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 20:23 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 20:23 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 20:23 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 20:23 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 20:23 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 20:23 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 20:23 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 20:23 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 20:23 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 20:23 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 20:23 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 20:23 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 20:23 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 20:23 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 20:23 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 20:23 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 20:23 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 20:23 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 20:23 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 20:23 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 20:23 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 20:23 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 20:23 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 20:23 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 20:23 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 20:23 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 20:23 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 20:23 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 20:23 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 20:23 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 20:23 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 20:23 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 20:23 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 20:23 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 20:23 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 20:23 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 20:23 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 20:23 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 20:23 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 20:23 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 20:23 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 20:23 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 20:23 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 20:23 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 20:23 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 20:23 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 20:23 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 20:23 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 20:23 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 20:23 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 20:23 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 20:22 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 20:22 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 20:22 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 20:22 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 20:22 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 20:22 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 20:22 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 20:22 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 20:22 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 20:22 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 20:22 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 20:22 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 20:22 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 20:22 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 20:22 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 20:21 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 20:21 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 20:21 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 20:21 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 20:21 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 20:21 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 20:21 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 20:21 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 20:21 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 20:21 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 20:21 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 20:21 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 20:21 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 20:21 - 2014-07-17 04:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 20:21 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 20:21 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 20:21 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 20:21 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 20:21 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 20:21 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 20:21 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 20:21 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 20:21 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 20:21 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 20:21 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 20:21 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 20:21 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 20:21 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 20:21 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 20:21 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 20:21 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-15 20:20 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 20:20 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 10:17 - 2014-10-17 20:25 - 00003036 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-10-05 22:45 - 2014-10-05 22:45 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\GetRightToGo

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-03 13:55 - 2012-07-02 17:54 - 00000000 ____D () C:\Zerg
2014-11-03 13:47 - 2013-09-14 09:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-03 13:36 - 2012-05-05 18:56 - 01844773 _____ () C:\Windows\WindowsUpdate.log
2014-11-03 13:08 - 2014-09-25 17:48 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-03 13:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-11-03 13:03 - 2012-09-10 13:42 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-03 12:59 - 2012-07-06 01:56 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\vlc
2014-11-03 12:39 - 2014-08-15 23:02 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\CrashDumps
2014-11-03 12:39 - 2012-07-06 18:37 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\BitComet
2014-11-03 11:22 - 2013-11-11 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-03 11:03 - 2012-09-10 13:42 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-03 08:32 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-03 08:32 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-03 08:26 - 2013-01-03 00:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-11-03 08:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 09:31 - 2009-07-14 07:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 19:45 - 2012-10-19 16:12 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\tigerplayer
2014-10-31 09:46 - 2012-08-29 20:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-29 20:00 - 2014-09-25 18:02 - 00000000 ____D () C:\Qoobox
2014-10-29 19:55 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-29 18:44 - 2012-10-21 21:52 - 00007669 _____ () C:\Users\Iuliu\AppData\Local\Resmon.ResmonCfg
2014-10-29 17:03 - 2014-08-29 09:41 - 00000282 _____ () C:\Users\Iuliu\AppData\Roaming\burnaware.ini
2014-10-29 12:12 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\YhPack
2014-10-28 12:58 - 2014-09-22 07:55 - 00000000 ____D () C:\Users\Iuliu\Desktop\####### cleanup!
2014-10-27 13:17 - 2014-09-06 22:51 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\Efbtion
2014-10-26 19:44 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\Iuliu\Desktop\ST
2014-10-25 21:13 - 2012-07-02 19:45 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-10-23 11:52 - 2014-10-02 11:14 - 00003134 _____ () C:\Windows\system32\.crusader
2014-10-16 20:56 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 02:06 - 2012-05-05 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-08 08:10 - 2009-07-14 07:08 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-04 18:38 - 2012-07-30 02:33 - 00000000 ____D () C:\Down

Some content of TEMP:
====================
C:\Users\Iuliu\AppData\Local\Temp\Bit99BA.tmp.exe
C:\Users\Iuliu\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 13:52

==================== End Of Log ============================

And now the Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by Iuliu at 2014-11-03 13:58:10
Running from C:\Users\Iuliu\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Disabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Panda Free Antivirus (Disabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 1.62b (HKLM-x32\...\AC3Filter_is1) (Version: 1.62b - Alexander Vigovsky)
AChat v0.150 (HKLM-x32\...\AChat_is1) (Version: 0.150 - SourceForge.NET)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
AML Free Registry Cleaner 4.22 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.16 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0034 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitComet 1.32 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.32 - CometNetwork)
BurnAware Free 4.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
Combined Community Codec Pack 2013-05-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.05.30.0 - CCCP Project)
Dawngate (HKLM-x32\...\{E20BD715-3CAF-4A6C-A7F5-8F2216710B90}) (Version: 174.83.27.0 - Electronic Arts, Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
eMule (HKLM-x32\...\eMule) (Version: - )
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.4.3607.2246 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.135 - Google Inc.) Hidden
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.5 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
K-Lite Codec Pack 9.5.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Media Player Codec Pack 4.2.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.8 - Media Player Codec Pack)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MpcStar 5.4 (HKLM-x32\...\MpcStar) (Version: 5.4 - www.mpcstar.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
One Finger Death Punch 1.0 (HKLM-x32\...\One Finger Death Punch 1.0) (Version: 1.0 - Cat-A-Cat)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.104 - Panda Security)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.2.0.10 - Panda Security)
Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.1.4 - Panda Security)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.8-1.0.8500.20 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)
Registration Code Creator (HKCU\...\Registration Code Creator) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart File Advisor 1.1.3 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.1.3 - Filefacts.net)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Sophos Anti-Rootkit 1.5.4 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.4 - Sophos Plc)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 0.0.66.192 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.9.0 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-11-03 13:36 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {072ACE0D-B143-4DB2-9F62-287AE2DB0AB7} - \Ad-Aware Antivirus Scheduled Scan No Task File <==== ATTENTION
Task: {0EC40DE3-21CC-4EBE-83C0-0A57FB9CFB2C} - \{1ECF109E-52FB-45C5-BEC5-F0254EA032C2} No Task File <==== ATTENTION
Task: {142661E6-D8ED-4C87-8B51-67DABB60E8AE} - \Security Center Update - 3825875842 No Task File <==== ATTENTION
Task: {16B4404E-BA1E-4803-8948-05449465C888} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {19B7B516-C709-47B9-8E08-1E5C174B53A8} - \RunAsStdUser Task No Task File <==== ATTENTION
Task: {1D7F515E-B26F-4ACC-A41E-563C837F97E2} - \GoogleUpdateTaskUserS-1-5-21-3781310032-3316471014-4203319439-1001UA No Task File <==== ATTENTION
Task: {2497FA7B-1DC2-4B3F-ADC7-D5C2BF2C6C70} - \Java Update Scheduler No Task File <==== ATTENTION
Task: {29D47AB6-06EB-463B-A4F3-0CC7262C6B8A} - \ASUS P4G No Task File <==== ATTENTION
Task: {3AF8454B-F2E2-4145-B5E7-EE497D0AD7A9} - \Google Updater and Installer No Task File <==== ATTENTION
Task: {3CBF3A39-DE2F-4C54-91DF-436B0D137936} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {45C4E656-679F-42A6-A7F8-49078CED8899} - \ASUS SmartLogon Console Sensor No Task File <==== ATTENTION
Task: {48A4444D-D1D8-4C4F-967B-39F3E9A8C990} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {4E1B4B2B-1C3D-42B3-B155-A1F1A71F05A1} - \{C93DB00C-0760-452B-8086-77EACFEF8C8A} No Task File <==== ATTENTION
Task: {5A4D89D9-9222-4FD6-94E2-D330AAD0813E} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {60CE4822-488F-4A2C-A9CD-26245FFD0C0F} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {610AB026-ABA4-4B69-8183-3CC7713AF425} - \Adobe online update program No Task File <==== ATTENTION
Task: {6AEAE114-5775-4D45-A578-D248E54BA6AE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3781310032-3316471014-4203319439-1001
Task: {7D42536D-B38C-40DA-B931-2639582F03EA} - \SidebarExecute No Task File <==== ATTENTION
Task: {950C1C35-DAD5-4704-98AF-3F7B8B4658B8} - \{81761E4E-004B-4D46-9AAE-AD52E8F0E552} No Task File <==== ATTENTION
Task: {95A5A710-13C4-49FF-86F4-E1DDA408B584} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {A9E855EB-F896-4EDA-9059-B791FDEE51F8} - System32\Tasks\Opera scheduled Autoupdate 1414600540 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software)
Task: {ACF60D16-BB7A-4377-AC6D-C62295C5B711} - \DivX online update program No Task File <==== ATTENTION
Task: {BF548809-433A-4479-ACEC-97B89DE67308} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {C7E963F0-79CD-4557-9C4A-B6A233A8EA83} - \ACMON No Task File <==== ATTENTION
Task: {E276E95F-51DA-42ED-8F34-F2D3DFFA0FA0} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {E2915857-2348-4432-BE59-0AEC4D6F8B63} - \{B8141B8F-E823-4729-B571-6B7FE8702BFE} No Task File <==== ATTENTION
Task: {E45514F2-B6AC-495D-ABCC-53C10457CB44} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {E55B70FE-6DEA-4A5C-BED2-42E730498421} - \ATKOSD2 No Task File <==== ATTENTION
Task: {E802850A-AC4F-4B15-A669-552C3ED278EF} - \GoogleUpdateTaskUserS-1-5-21-3781310032-3316471014-4203319439-1001Core No Task File <==== ATTENTION
Task: {EE3E6F0B-6C3B-40DE-93A9-765987572655} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3781310032-3316471014-4203319439-1001Core.job => C:\Users\Iuliu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3781310032-3316471014-4203319439-1001UA.job => C:\Users\Iuliu\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-06-17 07:27 - 2011-02-14 16:17 - 00139088 _____ () C:\Program Files (x86)\Join Air\UIExec.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00417280 _____ () C:\Program Files (x86)\Winamp\nsutil.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00078848 _____ () C:\Program Files (x86)\Winamp\nde.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00023040 _____ () C:\Program Files (x86)\Winamp\System\albumart.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00174080 _____ () C:\Program Files (x86)\Winamp\System\auth.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00019456 _____ () C:\Program Files (x86)\Winamp\System\bmp.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00047616 _____ () C:\Program Files (x86)\Winamp\zlib.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00044544 _____ () C:\Program Files (x86)\Winamp\System\devices.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00016896 _____ () C:\Program Files (x86)\Winamp\System\dlmgr.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00014336 _____ () C:\Program Files (x86)\Winamp\System\filereader.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00019456 _____ () C:\Program Files (x86)\Winamp\System\gif.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00016384 _____ () C:\Program Files (x86)\Winamp\System\gracenote.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00623616 _____ () C:\Program Files (x86)\Winamp\System\jnetlib.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00154624 _____ () C:\Program Files (x86)\Winamp\System\jpeg.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00084480 _____ () C:\Program Files (x86)\Winamp\System\playlist.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00103936 _____ () C:\Program Files (x86)\Winamp\System\png.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00013824 _____ () C:\Program Files (x86)\Winamp\System\primo.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00021504 _____ () C:\Program Files (x86)\Winamp\System\tagz.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00035328 _____ () C:\Program Files (x86)\Winamp\System\timer.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00090112 _____ () C:\Program Files (x86)\Winamp\System\xml.w5s
2011-12-09 19:23 - 2012-05-05 15:13 - 00068608 _____ () C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00102400 _____ () C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00072192 _____ () C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00061440 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00043008 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00007168 _____ () C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00109568 _____ () C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00049152 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00165376 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00290304 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00052736 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00075264 _____ () C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00023552 _____ () C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00253440 _____ () C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00016896 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00253440 _____ () C:\Program Files (x86)\Winamp\libsndfile.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00313344 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00022528 _____ () C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00052224 _____ () C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00018432 _____ () C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 01737728 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00083968 _____ () C:\Program Files (x86)\Winamp\tataki.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00027648 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
2011-11-11 00:10 - 2012-05-05 15:13 - 00185344 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00318464 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00294400 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00082944 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00124928 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00249856 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00200192 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00241152 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00060928 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00170496 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00020480 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00118272 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00053760 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00113664 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00028160 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00052224 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00028672 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00057344 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00083456 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00033792 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00032256 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00057344 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
2011-12-09 19:23 - 2012-05-05 15:13 - 00025600 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Iuliu\Downloads:Shareaza.GUID
AlternateDataStreams: C:\Users\Iuliu\Downloads\eMule:Shareaza.GUID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-3781310032-3316471014-4203319439-500 - Administrator - Disabled)
Guest (S-1-5-21-3781310032-3316471014-4203319439-501 - Limited - Disabled)
Iuliu (S-1-5-21-3781310032-3316471014-4203319439-1001 - Administrator - Enabled) => C:\Users\Iuliu
Ramona (S-1-5-21-3781310032-3316471014-4203319439-1000 - Administrator - Enabled) => C:\Users\Ramona

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2014 01:08:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/03/2014 01:08:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/03/2014 01:08:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/03/2014 00:45:00 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Managerul de ferestre desktop a întâlnit o eroare fatală (0x8007000e)

System errors:
=============
Error: (11/03/2014 11:04:33 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/03/2014 08:37:30 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 a întâmpinat o eroare la încercarea de actualizare a semnăturilor.

Versiune nouă semnătură:

Versiune anterioară semnătură: 1.187.842.0

Sursă actualizare: %NT AUTHORITY59

Stadiu actualizare: 4.6.0305.00

Cale sursă: 4.6.0305.01

Tip semnătură: %NT AUTHORITY602

Tip actualizare: %NT AUTHORITY604

Utilizator: NT AUTHORITY\SYSTEM

Versiune curentă motor: %NT AUTHORITY605

Versiune anterioară motor: %NT AUTHORITY606

Cod eroare: %NT AUTHORITY607

Descriere eroare: %NT AUTHORITY608

Error: (11/03/2014 08:27:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Următoarele drivere boot-start sau system-start nu s-au încărcat:
SAVRKBootTasks
SBRE

Error: (11/03/2014 08:27:34 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Serviciul 'WMPNetworkSvc' nu a pornit corect, deoarece CoCreateInstance(CLSID_UPnPDeviceFinder) a întâmpinat eroarea '0x80004005'. Verificați dacă serviciul UPnPHost se execută și componenta UPnPHost din Windows este corect instalată.

Error: (11/03/2014 08:27:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Serviciul UI Assistant Service nu a pornit din cauza erorii următoare:
%%1053

Error: (11/03/2014 08:27:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: S-a atins o limită de expirare (30000 milisecunde) așteptând conectarea serviciului UI Assistant Service.

Error: (11/03/2014 08:27:23 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Apelarea ScRegSetValueExW nu a reușit pentru FailureActions, cu următoarea eroare:
%%5

Error: (11/02/2014 09:37:33 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 a întâmpinat o eroare la încercarea de actualizare a semnăturilor.

Versiune nouă semnătură:

Versiune anterioară semnătură: 1.187.842.0

Sursă actualizare: %NT AUTHORITY59

Stadiu actualizare: 4.6.0305.00

Cale sursă: 4.6.0305.01

Tip semnătură: %NT AUTHORITY602

Tip actualizare: %NT AUTHORITY604

Utilizator: NT AUTHORITY\SYSTEM

Versiune curentă motor: %NT AUTHORITY605

Versiune anterioară motor: %NT AUTHORITY606

Cod eroare: %NT AUTHORITY607

Descriere eroare: %NT AUTHORITY608

Error: (11/02/2014 09:27:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Următoarele drivere boot-start sau system-start nu s-au încărcat:
SAVRKBootTasks
SBRE

Error: (11/02/2014 09:27:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Serviciul UI Assistant Service nu a pornit din cauza erorii următoare:
%%1053

Microsoft Office Sessions:
=========================
Error: (11/28/2012 08:51:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2677 seconds with 1500 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2014-10-29 19:54:45.521
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 19:54:45.490
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 19:54:45.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-29 19:54:45.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-28 14:57:54.645
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-28 14:57:54.598
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-28 14:57:54.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-28 14:57:54.504
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-26 22:28:24.895
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-26 22:28:24.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Celeron® CPU B815 @ 1.60GHz
Percentage of memory in use: 59%
Total physical RAM: 4000.13 MB
Available physical RAM: 1612.9 MB
Total Pagefile: 4143.73 MB
Available Pagefile: 2013.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:151.51 GB) (Free:1.56 GB) NTFS
Drive d: () (Fixed) (Total:146.48 GB) (Free:0.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#4 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 03 November 2014 - 06:37 AM

Lets clean you up some, just a heads up BitComet, downloading anything using the torrents is not wise, a lot of that stuff is infected. I am seeing some stuff on your system that needs to be removed

-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner

Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

Close all open programs and internet browsers.

Double click on AdwCleaner.exe to run the tool.

Click on Scan.

After the scan is complete click on "Clean"

Confirm each time with Ok.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the content of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

===============================================================================

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

===============================================================================

Download Malwarebytes' Anti-Malware to your desktop.

Windows XP : Double click on the icon to run it.

Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#5 Nare

Authentic Member

Authentic Member
50 posts

Posted 03 November 2014 - 01:20 PM

Derp, I forgot to mention I had a couple of antirootkit and antivirus installed as part of my cleanup, which helped me stabilize, it wasn't just ComboFix. I have Panda Antivirus which I found in the recommended list alongside Malwarebytes free. But after I installed the firewall, I only did a full scan, and forgot to use the Cloudcleaner which checks for PUPs and clears registry, idk why I thought full was enough.

The reply reminded me I forgot registries, but I came here to learn about new tools to use, and it helped, so thanks a lot. AdwCleaner fixed a problem I had for weeks but kind of went when I had the comp more sanitized and then was still around lately: Windows startup gave some error saying it created a temporary paging file because there was an error with the first one, even though the limit was large, and this temp file always had some different size but enough to cut a large percentage of my available disk space.

Also, after Malawarebytes finished scanning, I turned Panda back on and it apparently blocked a malaware that isn't in the log. Seems something corrupted Panda not to notice it. Q.Q

Here are the logs...

# AdwCleaner v3.311 - Report created 03/11/2014 at 16:16:27
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Iuliu - RAMONA-PC
# Running from : C:\Zerg\The War!\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\GreuatSavee4U
Folder Deleted : C:\ProgramData\SAverExtensiona
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\GreuatSavee4U

***** [ Scheduled Tasks ] *****

Task Deleted : GoforFilesUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateKozaka_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateKozaka_RASMANCS
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v

[ File : C:\Users\Iuliu\AppData\Roaming\Mozilla\Firefox\Profiles\ii47zk5e.default\prefs.js ]

-\\ Google Chrome v

*************************

AdwCleaner[R1].txt - [10485 octets] - [07/06/2014 19:16:22]
AdwCleaner[R2].txt - [1755 octets] - [03/11/2014 16:12:37]
AdwCleaner[S1].txt - [9582 octets] - [07/06/2014 19:18:01]
AdwCleaner[S2].txt - [1655 octets] - [03/11/2014 16:16:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1715 octets] ##########

-----------------------------------------------------------------------------------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Ultimate x64
Ran by Iuliu on 03.11.2014 at 17:52:27,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Iuliu\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.11.2014 at 17:57:35,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03.11.2014
Scan Time: 20:10:12
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.03.08
Rootkit Database: v2014.11.01.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Iuliu

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372309
Time Elapsed: 28 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
Trojan.Agent, HKU\S-1-5-21-3781310032-3316471014-4203319439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|Run, "C:\Users\Iuliu\AppData\Roaming\Microsoft\Windows\IEUpdate\verclsid.exe", Quarantined, [68fccf6896e6da5cc946f03d15ee6e92]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Trojan.MalPack, C:\Users\Iuliu\AppData\Local\YhPack\tmp515A.exe, Quarantined, [6ff5a5925d1f46f07a0241eb9570d32d],
Trojan.Miuref, C:\Users\Iuliu\AppData\Local\YhPack\tmp5773.exe, Quarantined, [f074ee49e5972610a7bf9c3cbb4631cf],

Physical Sectors: 0
(No malicious items detected)

(end)

#6 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 03 November 2014 - 03:04 PM

Please download TDSSKiller.zip

Extract it to your desktop

Double click TDSSKiller.exe

Press Start Scan

Only if Malicious objects are found then ensure Cure is selected

Then click Continue > Reboot now

Copy and paste the log in your next reply

A copy of the log will be saved automatically to the root of the drive (typically C:\)

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#7 Nare

Authentic Member

Authentic Member
50 posts

Posted 04 November 2014 - 10:54 AM

No threats found. Also that paging file error is still here it seems, only when AdwCleaner restarted the comp for the final clean did it disappear. And this is something that got blocked just as I was typing this message. Svchost? O.o

jpg images

And the log...

16:54:36.0985 0x17fc TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:55:05.0954 0x17fc ============================================================
16:55:05.0954 0x17fc Current date / time: 2014/11/04 16:55:05.0954
16:55:05.0954 0x17fc SystemInfo:
16:55:05.0954 0x17fc
16:55:05.0954 0x17fc OS Version: 6.1.7601 ServicePack: 1.0
16:55:05.0954 0x17fc Product type: Workstation
16:55:05.0954 0x17fc ComputerName: RAMONA-PC
16:55:05.0954 0x17fc UserName: Iuliu
16:55:05.0954 0x17fc Windows directory: C:\Windows
16:55:05.0954 0x17fc System windows directory: C:\Windows
16:55:05.0954 0x17fc Running under WOW64
16:55:05.0954 0x17fc Processor architecture: Intel x64
16:55:05.0954 0x17fc Number of processors: 2
16:55:05.0954 0x17fc Page size: 0x1000
16:55:05.0954 0x17fc Boot type: Normal boot
16:55:05.0954 0x17fc ============================================================
16:55:06.0344 0x17fc KLMD registered as C:\Windows\system32\drivers\65936855.sys
16:55:06.0874 0x17fc System UUID: {45499FBB-C7F0-06FE-2F3C-AE54F18C161F}
16:55:07.0764 0x17fc Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:55:07.0764 0x17fc ============================================================
16:55:07.0764 0x17fc \Device\Harddisk0\DR0:
16:55:07.0764 0x17fc MBR partitions:
16:55:07.0764 0x17fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:55:07.0764 0x17fc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x12F04000
16:55:07.0764 0x17fc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12F36800, BlocksNum 0x124F7800
16:55:07.0764 0x17fc ============================================================
16:55:07.0795 0x17fc C: <-> \Device\Harddisk0\DR0\Partition2
16:55:07.0873 0x17fc D: <-> \Device\Harddisk0\DR0\Partition3
16:55:07.0873 0x17fc ============================================================
16:55:07.0873 0x17fc Initialize success
16:55:07.0873 0x17fc ============================================================
16:55:27.0498 0x13a8 ============================================================
16:55:27.0498 0x13a8 Scan started
16:55:27.0498 0x13a8 Mode: Manual;
16:55:27.0498 0x13a8 ============================================================
16:55:27.0498 0x13a8 KSN ping started
16:56:33.0158 0x13a8 KSN ping finished: false
16:56:34.0188 0x13a8 ================ Scan system memory ========================
16:56:34.0188 0x13a8 System memory - ok
16:56:34.0188 0x13a8 ================ Scan services =============================
16:56:34.0328 0x13a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:56:34.0344 0x13a8 1394ohci - ok
16:56:34.0422 0x13a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:56:34.0437 0x13a8 ACPI - ok
16:56:34.0453 0x13a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:56:34.0453 0x13a8 AcpiPmi - ok
16:56:34.0531 0x13a8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:56:34.0546 0x13a8 AdobeARMservice - ok
16:56:34.0687 0x13a8 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:56:34.0718 0x13a8 AdobeFlashPlayerUpdateSvc - ok
16:56:34.0765 0x13a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:56:34.0780 0x13a8 adp94xx - ok
16:56:34.0827 0x13a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:56:34.0827 0x13a8 adpahci - ok
16:56:34.0890 0x13a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:56:34.0890 0x13a8 adpu320 - ok
16:56:34.0936 0x13a8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:56:34.0952 0x13a8 AeLookupSvc - ok
16:56:34.0983 0x13a8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:56:35.0014 0x13a8 AFD - ok
16:56:35.0046 0x13a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:56:35.0046 0x13a8 agp440 - ok
16:56:35.0092 0x13a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:56:35.0092 0x13a8 ALG - ok
16:56:35.0139 0x13a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:56:35.0139 0x13a8 aliide - ok
16:56:35.0170 0x13a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:56:35.0170 0x13a8 amdide - ok
16:56:35.0217 0x13a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:56:35.0217 0x13a8 AmdK8 - ok
16:56:35.0248 0x13a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:56:35.0264 0x13a8 AmdPPM - ok
16:56:35.0295 0x13a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:56:35.0311 0x13a8 amdsata - ok
16:56:35.0358 0x13a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:56:35.0358 0x13a8 amdsbs - ok
16:56:35.0389 0x13a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:56:35.0389 0x13a8 amdxata - ok
16:56:35.0420 0x13a8 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
16:56:35.0420 0x13a8 AppID - ok
16:56:35.0451 0x13a8 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:56:35.0451 0x13a8 AppIDSvc - ok
16:56:35.0482 0x13a8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:56:35.0482 0x13a8 Appinfo - ok
16:56:35.0514 0x13a8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:56:35.0529 0x13a8 AppMgmt - ok
16:56:35.0576 0x13a8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:56:35.0592 0x13a8 arc - ok
16:56:35.0623 0x13a8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:56:35.0623 0x13a8 arcsas - ok
16:56:35.0685 0x13a8 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:56:35.0685 0x13a8 ASLDRService - ok
16:56:35.0701 0x13a8 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:56:35.0716 0x13a8 ASMMAP64 - ok
16:56:35.0732 0x13a8 [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:56:35.0748 0x13a8 asmthub3 - ok
16:56:35.0794 0x13a8 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:56:35.0810 0x13a8 asmtxhci - ok
16:56:35.0919 0x13a8 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:35.0935 0x13a8 aspnet_state - ok
16:56:35.0966 0x13a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:35.0966 0x13a8 AsyncMac - ok
16:56:35.0997 0x13a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:56:35.0997 0x13a8 atapi - ok
16:56:36.0153 0x13a8 [ 0A780D84FC9C82E16E2037BE1896C022, 3CA4C3C339D853CACD699A439AC3628D068E73A0172D7E9C6BE9C1F649C1B567 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:56:36.0247 0x13a8 athr - ok
16:56:36.0262 0x13a8 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:56:36.0278 0x13a8 ATKGFNEXSrv - ok
16:56:36.0309 0x13a8 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
16:56:36.0309 0x13a8 ATKWMIACPIIO - ok
16:56:36.0372 0x13a8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:56:36.0403 0x13a8 AudioEndpointBuilder - ok
16:56:36.0434 0x13a8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:56:36.0465 0x13a8 AudioSrv - ok
16:56:36.0543 0x13a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:56:36.0559 0x13a8 AxInstSV - ok
16:56:36.0621 0x13a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:56:36.0652 0x13a8 b06bdrv - ok
16:56:36.0684 0x13a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:36.0715 0x13a8 b57nd60a - ok
16:56:36.0746 0x13a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:56:36.0746 0x13a8 BDESVC - ok
16:56:36.0777 0x13a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:56:36.0777 0x13a8 Beep - ok
16:56:36.0840 0x13a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:56:36.0855 0x13a8 BFE - ok
16:56:36.0933 0x13a8 BITCOMET_HELPER_SERVICE - ok
16:56:37.0011 0x13a8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
16:56:37.0152 0x13a8 BITS - ok
16:56:37.0167 0x13a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:56:37.0183 0x13a8 blbdrive - ok
16:56:37.0214 0x13a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:56:37.0214 0x13a8 bowser - ok
16:56:37.0245 0x13a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:56:37.0245 0x13a8 BrFiltLo - ok
16:56:37.0276 0x13a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:56:37.0276 0x13a8 BrFiltUp - ok
16:56:37.0292 0x13a8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:56:37.0292 0x13a8 BridgeMP - ok
16:56:37.0354 0x13a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:56:37.0370 0x13a8 Browser - ok
16:56:37.0401 0x13a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:56:37.0417 0x13a8 Brserid - ok
16:56:37.0464 0x13a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:37.0464 0x13a8 BrSerWdm - ok
16:56:37.0479 0x13a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:37.0479 0x13a8 BrUsbMdm - ok
16:56:37.0510 0x13a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:37.0510 0x13a8 BrUsbSer - ok
16:56:37.0557 0x13a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:56:37.0573 0x13a8 BTHMODEM - ok
16:56:37.0604 0x13a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:56:37.0620 0x13a8 bthserv - ok
16:56:37.0776 0x13a8 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:56:37.0822 0x13a8 c2cautoupdatesvc - ok
16:56:37.0947 0x13a8 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:56:38.0010 0x13a8 c2cpnrsvc - ok
16:56:38.0010 0x13a8 catchme - ok
16:56:38.0041 0x13a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:56:38.0041 0x13a8 cdfs - ok
16:56:38.0072 0x13a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:56:38.0088 0x13a8 cdrom - ok
16:56:38.0103 0x13a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:56:38.0103 0x13a8 CertPropSvc - ok
16:56:38.0134 0x13a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:56:38.0134 0x13a8 circlass - ok
16:56:38.0197 0x13a8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:56:38.0212 0x13a8 CLFS - ok
16:56:38.0290 0x13a8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:38.0290 0x13a8 clr_optimization_v2.0.50727_32 - ok
16:56:38.0353 0x13a8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:38.0368 0x13a8 clr_optimization_v2.0.50727_64 - ok
16:56:38.0446 0x13a8 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:38.0524 0x13a8 clr_optimization_v4.0.30319_32 - ok
16:56:38.0556 0x13a8 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:38.0556 0x13a8 clr_optimization_v4.0.30319_64 - ok
16:56:38.0602 0x13a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:56:38.0602 0x13a8 CmBatt - ok
16:56:38.0649 0x13a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:56:38.0649 0x13a8 cmdide - ok
16:56:38.0712 0x13a8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:56:38.0743 0x13a8 CNG - ok
16:56:38.0758 0x13a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:56:38.0758 0x13a8 Compbatt - ok
16:56:38.0790 0x13a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:56:38.0790 0x13a8 CompositeBus - ok
16:56:38.0790 0x13a8 COMSysApp - ok
16:56:38.0805 0x13a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:56:38.0821 0x13a8 crcdisk - ok
16:56:38.0852 0x13a8 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:56:38.0852 0x13a8 CryptSvc - ok
16:56:38.0914 0x13a8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:56:38.0946 0x13a8 CSC - ok
16:56:38.0977 0x13a8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:56:39.0008 0x13a8 CscService - ok
16:56:39.0055 0x13a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:56:39.0070 0x13a8 DcomLaunch - ok
16:56:39.0148 0x13a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:56:39.0164 0x13a8 defragsvc - ok
16:56:39.0195 0x13a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:56:39.0195 0x13a8 DfsC - ok
16:56:39.0242 0x13a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:56:39.0258 0x13a8 Dhcp - ok
16:56:39.0273 0x13a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:56:39.0289 0x13a8 discache - ok
16:56:39.0304 0x13a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:56:39.0304 0x13a8 Disk - ok
16:56:39.0336 0x13a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:56:39.0351 0x13a8 Dnscache - ok
16:56:39.0398 0x13a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:56:39.0414 0x13a8 dot3svc - ok
16:56:39.0445 0x13a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:56:39.0460 0x13a8 DPS - ok
16:56:39.0523 0x13a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:56:39.0523 0x13a8 drmkaud - ok
16:56:39.0616 0x13a8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:56:39.0663 0x13a8 DXGKrnl - ok
16:56:39.0663 0x13a8 EagleX64 - ok
16:56:39.0694 0x13a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:56:39.0694 0x13a8 EapHost - ok
16:56:39.0897 0x13a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:56:40.0069 0x13a8 ebdrv - ok
16:56:40.0116 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
16:56:40.0116 0x13a8 EFS - ok
16:56:40.0194 0x13a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:56:40.0225 0x13a8 ehRecvr - ok
16:56:40.0256 0x13a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:56:40.0256 0x13a8 ehSched - ok
16:56:40.0303 0x13a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:56:40.0334 0x13a8 elxstor - ok
16:56:40.0365 0x13a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:56:40.0365 0x13a8 ErrDev - ok
16:56:40.0412 0x13a8 [ 4C120D2B2EA269EAE7A5744794EB6DB1, 11CD724908CB6327E4E8CFBC908B090AFC33B929FF0DBDC08D8368771E4AA0C9 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
16:56:40.0412 0x13a8 ETD - ok
16:56:40.0474 0x13a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:56:40.0474 0x13a8 EventSystem - ok
16:56:40.0521 0x13a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:56:40.0537 0x13a8 exfat - ok
16:56:40.0568 0x13a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:56:40.0584 0x13a8 fastfat - ok
16:56:40.0630 0x13a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:56:40.0662 0x13a8 Fax - ok
16:56:40.0693 0x13a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:56:40.0693 0x13a8 fdc - ok
16:56:40.0740 0x13a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:56:40.0740 0x13a8 fdPHost - ok
16:56:40.0755 0x13a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:56:40.0771 0x13a8 FDResPub - ok
16:56:40.0786 0x13a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:56:40.0786 0x13a8 FileInfo - ok
16:56:40.0802 0x13a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:56:40.0818 0x13a8 Filetrace - ok
16:56:40.0849 0x13a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:56:40.0849 0x13a8 flpydisk - ok
16:56:40.0896 0x13a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:56:40.0896 0x13a8 FltMgr - ok
16:56:40.0989 0x13a8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:56:41.0036 0x13a8 FontCache - ok
16:56:41.0083 0x13a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:41.0083 0x13a8 FontCache3.0.0.0 - ok
16:56:41.0130 0x13a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:56:41.0130 0x13a8 FsDepends - ok
16:56:41.0161 0x13a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:56:41.0161 0x13a8 Fs_Rec - ok
16:56:41.0208 0x13a8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:56:41.0208 0x13a8 fvevol - ok
16:56:41.0239 0x13a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:56:41.0239 0x13a8 gagp30kx - ok
16:56:41.0270 0x13a8 [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
16:56:41.0270 0x13a8 gfibto - ok
16:56:41.0332 0x13a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:56:41.0364 0x13a8 gpsvc - ok
16:56:41.0457 0x13a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:41.0473 0x13a8 gupdate - ok
16:56:41.0488 0x13a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:41.0488 0x13a8 gupdatem - ok
16:56:41.0551 0x13a8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:56:41.0598 0x13a8 gusvc - ok
16:56:41.0629 0x13a8 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
16:56:41.0629 0x13a8 hamachi - ok
16:56:41.0676 0x13a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:56:41.0676 0x13a8 hcw85cir - ok
16:56:41.0738 0x13a8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:56:41.0754 0x13a8 HdAudAddService - ok
16:56:41.0785 0x13a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:56:41.0785 0x13a8 HDAudBus - ok
16:56:41.0816 0x13a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:56:41.0816 0x13a8 HidBatt - ok
16:56:41.0863 0x13a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:56:41.0878 0x13a8 HidBth - ok
16:56:41.0894 0x13a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:56:41.0894 0x13a8 HidIr - ok
16:56:41.0941 0x13a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
16:56:41.0956 0x13a8 hidserv - ok
16:56:41.0972 0x13a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:56:41.0988 0x13a8 HidUsb - ok
16:56:42.0034 0x13a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:56:42.0034 0x13a8 hkmsvc - ok
16:56:42.0097 0x13a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:56:42.0112 0x13a8 HomeGroupListener - ok
16:56:42.0144 0x13a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:56:42.0159 0x13a8 HomeGroupProvider - ok
16:56:42.0206 0x13a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:56:42.0206 0x13a8 HpSAMD - ok
16:56:42.0284 0x13a8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:56:42.0315 0x13a8 HTTP - ok
16:56:42.0331 0x13a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:56:42.0331 0x13a8 hwpolicy - ok
16:56:42.0362 0x13a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:56:42.0378 0x13a8 i8042prt - ok
16:56:42.0409 0x13a8 [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:56:42.0424 0x13a8 iaStor - ok
16:56:42.0456 0x13a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:56:42.0471 0x13a8 iaStorV - ok
16:56:42.0565 0x13a8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:42.0596 0x13a8 idsvc - ok
16:56:42.0627 0x13a8 IEEtwCollectorService - ok
16:56:43.0173 0x13a8 [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:56:43.0719 0x13a8 igfx - ok
16:56:43.0797 0x13a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:56:43.0797 0x13a8 iirsp - ok
16:56:43.0906 0x13a8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:56:43.0938 0x13a8 IKEEXT - ok
16:56:44.0109 0x13a8 [ 651972B4061F940DC154C6F7B948B76A, CF171B7A9AD3B906754E87E3A1EFB8B5ACD7E58E284797F0C90A9AB2ACFEA9CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:56:44.0203 0x13a8 IntcAzAudAddService - ok
16:56:44.0250 0x13a8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:56:44.0250 0x13a8 IntcDAud - ok
16:56:44.0265 0x13a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:56:44.0265 0x13a8 intelide - ok
16:56:44.0296 0x13a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:56:44.0296 0x13a8 intelppm - ok
16:56:44.0343 0x13a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:56:44.0343 0x13a8 IPBusEnum - ok
16:56:44.0374 0x13a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:44.0390 0x13a8 IpFilterDriver - ok
16:56:44.0437 0x13a8 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:56:44.0452 0x13a8 iphlpsvc - ok
16:56:44.0484 0x13a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:56:44.0484 0x13a8 IPMIDRV - ok
16:56:44.0515 0x13a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:56:44.0530 0x13a8 IPNAT - ok
16:56:44.0562 0x13a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:56:44.0562 0x13a8 IRENUM - ok
16:56:44.0609 0x13a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:56:44.0609 0x13a8 isapnp - ok
16:56:44.0655 0x13a8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:56:44.0671 0x13a8 iScsiPrt - ok
16:56:44.0718 0x13a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:56:44.0718 0x13a8 kbdclass - ok
16:56:44.0749 0x13a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:56:44.0749 0x13a8 kbdhid - ok
16:56:44.0780 0x13a8 [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
16:56:44.0780 0x13a8 kbfiltr - ok
16:56:44.0796 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
16:56:44.0796 0x13a8 KeyIso - ok
16:56:44.0827 0x13a8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:56:44.0843 0x13a8 KSecDD - ok
16:56:44.0858 0x13a8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:56:44.0858 0x13a8 KSecPkg - ok
16:56:44.0889 0x13a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:56:44.0905 0x13a8 ksthunk - ok
16:56:44.0936 0x13a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:56:44.0952 0x13a8 KtmRm - ok
16:56:44.0983 0x13a8 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:56:44.0983 0x13a8 L1C - ok
16:56:45.0030 0x13a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:56:45.0045 0x13a8 LanmanServer - ok
16:56:45.0077 0x13a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:56:45.0077 0x13a8 LanmanWorkstation - ok
16:56:45.0123 0x13a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:56:45.0123 0x13a8 lltdio - ok
16:56:45.0170 0x13a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:56:45.0201 0x13a8 lltdsvc - ok
16:56:45.0233 0x13a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:56:45.0233 0x13a8 lmhosts - ok
16:56:45.0311 0x13a8 [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:56:45.0342 0x13a8 LMS - ok
16:56:45.0357 0x13a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:56:45.0357 0x13a8 LSI_FC - ok
16:56:45.0420 0x13a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:56:45.0420 0x13a8 LSI_SAS - ok
16:56:45.0435 0x13a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:56:45.0435 0x13a8 LSI_SAS2 - ok
16:56:45.0467 0x13a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:56:45.0467 0x13a8 LSI_SCSI - ok
16:56:45.0498 0x13a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:56:45.0498 0x13a8 luafv - ok
16:56:45.0529 0x13a8 [ 23488767CB18FC3FF39E3AF1DB3FB02C, F526B80EDA5309162239741CF1C77957E2F9EDEB223AB3DB6FF0DEA3D473590B ] massfilter      C:\Windows\system32\drivers\massfilter.sys
16:56:45.0529 0x13a8 massfilter - ok
16:56:45.0591 0x13a8 [ 5C3669B71657F22E67A1D4BD49D2CBE7, 7CAE59AA6CA9CBBD70BBD707A155FB169BF3F71096275BF7C0F415B6A092C671 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:56:45.0591 0x13a8 MBAMProtector - ok
16:56:45.0732 0x13a8 [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
16:56:45.0794 0x13a8 MBAMScheduler - ok
16:56:45.0888 0x13a8 [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:56:45.0935 0x13a8 MBAMService - ok
16:56:45.0981 0x13a8 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:56:45.0997 0x13a8 MBAMSwissArmy - ok
16:56:46.0028 0x13a8 [ 95EF63A7827D4E3A229CBBCB42619E93, FA38DD035B2C4FC82B60868F49D45A39FBBC96096AAD5A2C8BD752A250255BA7 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:56:46.0028 0x13a8 MBAMWebAccessControl - ok
16:56:46.0075 0x13a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:56:46.0091 0x13a8 Mcx2Svc - ok
16:56:46.0122 0x13a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:56:46.0137 0x13a8 megasas - ok
16:56:46.0169 0x13a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:56:46.0184 0x13a8 MegaSR - ok
16:56:46.0231 0x13a8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:56:46.0231 0x13a8 MEIx64 - ok
16:56:46.0309 0x13a8 [ D70476AD02D6FD75282B196D3B58831D, F93565261EC57F43445C082DBCE5CE0D4B121A5C34B818A09AB5B311457588FD ] MEMSWEEP2       C:\Windows\system32\6EF9.tmp
16:56:46.0309 0x13a8 MEMSWEEP2 - ok
16:56:46.0387 0x13a8 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:56:46.0403 0x13a8 Microsoft Office Groove Audit Service - ok
16:56:46.0449 0x13a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:56:46.0449 0x13a8 MMCSS - ok
16:56:46.0496 0x13a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:56:46.0496 0x13a8 Modem - ok
16:56:46.0527 0x13a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:56:46.0527 0x13a8 monitor - ok
16:56:46.0574 0x13a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:56:46.0590 0x13a8 mouclass - ok
16:56:46.0621 0x13a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:56:46.0621 0x13a8 mouhid - ok
16:56:46.0668 0x13a8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:56:46.0668 0x13a8 mountmgr - ok
16:56:46.0715 0x13a8 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:56:46.0730 0x13a8 MpFilter - ok
16:56:46.0777 0x13a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:56:46.0777 0x13a8 mpio - ok
16:56:46.0824 0x13a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:56:46.0824 0x13a8 mpsdrv - ok
16:56:46.0917 0x13a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:56:46.0949 0x13a8 MpsSvc - ok
16:56:46.0995 0x13a8 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:56:46.0995 0x13a8 MRxDAV - ok
16:56:47.0042 0x13a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:47.0058 0x13a8 mrxsmb - ok
16:56:47.0073 0x13a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:47.0089 0x13a8 mrxsmb10 - ok
16:56:47.0105 0x13a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:47.0120 0x13a8 mrxsmb20 - ok
16:56:47.0136 0x13a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:56:47.0136 0x13a8 msahci - ok
16:56:47.0167 0x13a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:56:47.0167 0x13a8 msdsm - ok
16:56:47.0198 0x13a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:56:47.0198 0x13a8 MSDTC - ok
16:56:47.0245 0x13a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:56:47.0245 0x13a8 Msfs - ok
16:56:47.0261 0x13a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:56:47.0276 0x13a8 mshidkmdf - ok
16:56:47.0276 0x13a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:56:47.0292 0x13a8 msisadrv - ok
16:56:47.0323 0x13a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:56:47.0323 0x13a8 MSiSCSI - ok
16:56:47.0323 0x13a8 msiserver - ok
16:56:47.0354 0x13a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:56:47.0354 0x13a8 MSKSSRV - ok
16:56:47.0432 0x13a8 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:56:47.0432 0x13a8 MsMpSvc - ok
16:56:47.0448 0x13a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:47.0463 0x13a8 MSPCLOCK - ok
16:56:47.0495 0x13a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:56:47.0495 0x13a8 MSPQM - ok
16:56:47.0541 0x13a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:56:47.0557 0x13a8 MsRPC - ok
16:56:47.0588 0x13a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:56:47.0588 0x13a8 mssmbios - ok
16:56:47.0619 0x13a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:56:47.0635 0x13a8 MSTEE - ok
16:56:47.0651 0x13a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:56:47.0651 0x13a8 MTConfig - ok
16:56:47.0666 0x13a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:56:47.0682 0x13a8 Mup - ok
16:56:47.0775 0x13a8 [ 0FC64133A8FB5342C6876982B01FA37F, FCF8CE0D3095ECB25242E1A18F16A70BA1D0BC64C6525D4497672AF1F0043C9E ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
16:56:47.0791 0x13a8 NanoServiceMain - ok
16:56:47.0900 0x13a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:56:47.0916 0x13a8 napagent - ok
16:56:47.0947 0x13a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:56:47.0947 0x13a8 NativeWifiP - ok
16:56:48.0025 0x13a8 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:56:48.0056 0x13a8 NDIS - ok
16:56:48.0103 0x13a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:48.0103 0x13a8 NdisCap - ok
16:56:48.0119 0x13a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:48.0134 0x13a8 NdisTapi - ok
16:56:48.0165 0x13a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:48.0181 0x13a8 Ndisuio - ok
16:56:48.0212 0x13a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:48.0228 0x13a8 NdisWan - ok
16:56:48.0259 0x13a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:56:48.0259 0x13a8 NDProxy - ok
16:56:48.0290 0x13a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:56:48.0290 0x13a8 NetBIOS - ok
16:56:48.0337 0x13a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:56:48.0337 0x13a8 NetBT - ok
16:56:48.0353 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
16:56:48.0353 0x13a8 Netlogon - ok
16:56:48.0415 0x13a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:56:48.0431 0x13a8 Netman - ok
16:56:48.0477 0x13a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:48.0477 0x13a8 NetMsmqActivator - ok
16:56:48.0493 0x13a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:48.0493 0x13a8 NetPipeActivator - ok
16:56:48.0618 0x13a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:56:48.0633 0x13a8 netprofm - ok
16:56:48.0680 0x13a8 [ 81B8D0C1CE44A7FDBD596B693783950C, 9F47ACECFE32E935FE03D0134018A9C03698D9E25E6FC9B8A525A4FE4A880642 ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
16:56:48.0711 0x13a8 netr7364 - ok
16:56:48.0727 0x13a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:48.0743 0x13a8 NetTcpActivator - ok
16:56:48.0743 0x13a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:48.0758 0x13a8 NetTcpPortSharing - ok
16:56:48.0805 0x13a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:56:48.0805 0x13a8 nfrd960 - ok
16:56:48.0867 0x13a8 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:56:48.0867 0x13a8 NisDrv - ok
16:56:48.0899 0x13a8 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
16:56:48.0914 0x13a8 NisSrv - ok
16:56:48.0961 0x13a8 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:56:48.0977 0x13a8 NlaSvc - ok
16:56:49.0023 0x13a8 [ ACC47D60E202EBA0A8A80768EC5D3C97, 3A26BA0A97201B55151D649DBCF048E0D72A933D4DDBE5FD415AB772C7C6C250 ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
16:56:49.0023 0x13a8 NNSALPC - ok
16:56:49.0055 0x13a8 [ 4C7EAD79B914ADE44D68171AFEEF2AB3, 78D805FFC0DF4EB3D36B43CFD05CF7F5AFCC81B196224A09834EB17FA4D29838 ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
16:56:49.0070 0x13a8 NNSHTTP - ok
16:56:49.0117 0x13a8 [ B40C57451477334E8A66F4823BE04AE3, B3E52FA1570D569F2C40716ED925E3D588489DF37D9639E3BA5B5C0AAFE91543 ] NNSHTTPS        C:\Windows\system32\DRIVERS\NNSHttps.sys
16:56:49.0133 0x13a8 NNSHTTPS - ok
16:56:49.0148 0x13a8 [ 222CF23D6FCEB616CA48BBA55FC4D5C0, DB61FEA4126005A226E88FD6590BC57B440047DFAC6531B3C91AFFEFB0AD6F6C ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
16:56:49.0164 0x13a8 NNSIDS - ok
16:56:49.0195 0x13a8 [ 735143727C4438A72490A2432E7D5CEA, 23FE6DCAFCD7E2B63FA0F14BCBBEC0BCEA220D2BAAAA57FB6E9810C2758A93A7 ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
16:56:49.0195 0x13a8 NNSNAHSL - ok
16:56:49.0242 0x13a8 [ C5332A1FB751B8D5FD9D424D330BC91B, B2FEBEA06252457FF87B74D693E75B29CCF6839EA6FFD60007996B23A6D80154 ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
16:56:49.0257 0x13a8 NNSPICC - ok
16:56:49.0304 0x13a8 [ AA1A311C019288FFCCF3661B5EA27A99, BC91048E82C820CECBBDEDD9D9F7EDDBF6CBC88CE1D9C83A12C4A0E59CFAAC76 ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
16:56:49.0320 0x13a8 NNSPIHSW - ok
16:56:49.0335 0x13a8 [ EB153B4FA5200D1D3352D6C3FB7C9C38, 306805080F8FDB5D9299E93C7074F3B46F8E4B6623A3A75A83E98E6EB0E5BDC5 ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
16:56:49.0351 0x13a8 NNSPOP3 - ok
16:56:49.0382 0x13a8 [ 425356A7A3657174C206AA3FDB3DDD35, 9634D9A2271C57051BBEC58020082B4CCF2A6583B8FB3C6AC22E9C81728E10F8 ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
16:56:49.0398 0x13a8 NNSPROT - ok
16:56:49.0429 0x13a8 [ FFDF3257F83A094941005EE607B8A905, D3E676A13175D329E2F3677D9B56ED7B4DCDCE6794C96025171B24140B543EDC ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
16:56:49.0429 0x13a8 NNSPRV - ok
16:56:49.0460 0x13a8 [ DE87A11CB1767ABDDE223D4CC0F7C221, 3D24BC83E4D88174CA08281C0B3E3E7BC44218F4C6950D28D37029AE39F68E50 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
16:56:49.0476 0x13a8 NNSSMTP - ok
16:56:49.0507 0x13a8 [ 537FB2F711E65475562FE29877F108E1, D2B486CBF3D4CF4AB5D6CCF34CAA57725C3027A2C3E0A1CF628D33546ACBF072 ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
16:56:49.0523 0x13a8 NNSSTRM - ok
16:56:49.0601 0x13a8 [ 4F37DC4420A00BC6E9D22E3590806BFC, C65CEE11AFA68F9B870FB256AB53A04C32C1F73F6F4F209944815CC96F8FEB17 ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
16:56:49.0601 0x13a8 NNSTLSC - ok
16:56:49.0632 0x13a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:56:49.0632 0x13a8 Npfs - ok
16:56:49.0663 0x13a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:56:49.0663 0x13a8 nsi - ok
16:56:49.0694 0x13a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:56:49.0694 0x13a8 nsiproxy - ok
16:56:49.0866 0x13a8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:56:49.0928 0x13a8 Ntfs - ok
16:56:49.0959 0x13a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:56:49.0975 0x13a8 Null - ok
16:56:49.0991 0x13a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:56:49.0991 0x13a8 nvraid - ok
16:56:50.0037 0x13a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:56:50.0037 0x13a8 nvstor - ok
16:56:50.0069 0x13a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:56:50.0084 0x13a8 nv_agp - ok
16:56:50.0178 0x13a8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:56:50.0240 0x13a8 odserv - ok
16:56:50.0271 0x13a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:56:50.0287 0x13a8 ohci1394 - ok
16:56:50.0303 0x13a8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:50.0318 0x13a8 ose - ok
16:56:50.0365 0x13a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:56:50.0381 0x13a8 p2pimsvc - ok
16:56:50.0412 0x13a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:56:50.0427 0x13a8 p2psvc - ok
16:56:50.0490 0x13a8 [ A6B78F395F57E927A0F981D51A00CC5D, D06BFDCF435F80F64F97D225159AFCD3BD77D7D0D9FD6C90E7B89FF47BAC47F0 ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
16:56:50.0490 0x13a8 PandaAgent - ok
16:56:50.0537 0x13a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:56:50.0537 0x13a8 Parport - ok
16:56:50.0583 0x13a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:56:50.0583 0x13a8 partmgr - ok
16:56:50.0630 0x13a8 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:56:50.0646 0x13a8 PcaSvc - ok
16:56:50.0677 0x13a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:56:50.0693 0x13a8 pci - ok
16:56:50.0724 0x13a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:56:50.0724 0x13a8 pciide - ok
16:56:50.0771 0x13a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:56:50.0786 0x13a8 pcmcia - ok
16:56:50.0817 0x13a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:56:50.0817 0x13a8 pcw - ok
16:56:50.0864 0x13a8 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:56:50.0895 0x13a8 PEAUTH - ok
16:56:50.0973 0x13a8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:56:51.0020 0x13a8 PeerDistSvc - ok
16:56:51.0114 0x13a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:56:51.0114 0x13a8 PerfHost - ok
16:56:51.0254 0x13a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:56:51.0301 0x13a8 pla - ok
16:56:51.0379 0x13a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:56:51.0410 0x13a8 PlugPlay - ok
16:56:51.0426 0x13a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:56:51.0426 0x13a8 PNRPAutoReg - ok
16:56:51.0457 0x13a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:56:51.0473 0x13a8 PNRPsvc - ok
16:56:51.0535 0x13a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:56:51.0551 0x13a8 PolicyAgent - ok
16:56:51.0597 0x13a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:56:51.0613 0x13a8 Power - ok
16:56:51.0644 0x13a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:56:51.0644 0x13a8 PptpMiniport - ok
16:56:51.0691 0x13a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:56:51.0691 0x13a8 Processor - ok
16:56:51.0785 0x13a8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:56:51.0800 0x13a8 ProfSvc - ok
16:56:51.0831 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:56:51.0831 0x13a8 ProtectedStorage - ok
16:56:51.0878 0x13a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:56:51.0878 0x13a8 Psched - ok
16:56:51.0925 0x13a8 [ C6FBFC8B41D51A80433D97337515DA39, 10B0DF9E476FE5DED6ABD42372A9F38288207AB11606C03C814FCEF457D4F9BC ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
16:56:51.0925 0x13a8 PSINAflt - ok
16:56:51.0956 0x13a8 [ 65D5DB4FA4C17795860DC736B1054EA2, 422B6FF6588355D1774803293EF77F2B8BF22F769244DD575675430C7116EAA7 ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
16:56:51.0956 0x13a8 PSINFile - ok
16:56:51.0972 0x13a8 [ 305FCF2F725B806BC5E69AC95340A271, FCA0EF28DE5F4DAF8E3E4BB70C7668A0E1990CC080D52BA711DFB9CC5C369230 ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
16:56:51.0987 0x13a8 PSINKNC - ok
16:56:52.0019 0x13a8 [ ED6B1CDE5B178B057F64B2AF682EB45A, BDD46380BF51A48982E81F1D5EDAC2D9B16D2C03E886144279F4505ADA247EE2 ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
16:56:52.0019 0x13a8 PSINProc - ok
16:56:52.0050 0x13a8 [ 171F1C6F49142F2D1C174B817F46EC0F, 96F6B021CBEA2F0787A01E323EED626B380DAD13FC91EE4552F4DEEEC95DBD2C ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
16:56:52.0050 0x13a8 PSINProt - ok
16:56:52.0097 0x13a8 [ E962316E38ABC537821C3651AAC0B7CC, 80821A37A035F662CC20C5E8EA8D06E1106F24EA0B6DB35995C6174601E21AFD ] PSINReg         C:\Windows\system32\DRIVERS\PSINReg.sys
16:56:52.0112 0x13a8 PSINReg - ok
16:56:52.0143 0x13a8 [ 105ACC469DF34C8BD0D5E68A70C774E5, 983A759339E058AAE779EB9476EC2AEE8B379F0C60E5E2FD73826155827F5518 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
16:56:52.0159 0x13a8 PSKMAD - ok
16:56:52.0190 0x13a8 [ 586823A8CF9F975CE994EA5E05569156, B4AFA337417001CCE867EB809D3F766B2C6B14C53D1C59DE649068557702F88E ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
16:56:52.0190 0x13a8 PSUAService - ok
16:56:52.0206 0x13a8 pumoymyv - ok
16:56:52.0315 0x13a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:56:52.0377 0x13a8 ql2300 - ok
16:56:52.0424 0x13a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:56:52.0440 0x13a8 ql40xx - ok
16:56:52.0518 0x13a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:56:52.0533 0x13a8 QWAVE - ok
16:56:52.0565 0x13a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:56:52.0565 0x13a8 QWAVEdrv - ok
16:56:52.0596 0x13a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:56:52.0596 0x13a8 RasAcd - ok
16:56:52.0627 0x13a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:56:52.0627 0x13a8 RasAgileVpn - ok
16:56:52.0658 0x13a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:56:52.0674 0x13a8 RasAuto - ok
16:56:52.0705 0x13a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:56:52.0705 0x13a8 Rasl2tp - ok
16:56:52.0752 0x13a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:56:52.0767 0x13a8 RasMan - ok
16:56:52.0799 0x13a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:56:52.0799 0x13a8 RasPppoe - ok
16:56:52.0814 0x13a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:56:52.0814 0x13a8 RasSstp - ok
16:56:52.0861 0x13a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:56:52.0861 0x13a8 rdbss - ok
16:56:52.0908 0x13a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:56:52.0908 0x13a8 rdpbus - ok
16:56:52.0923 0x13a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:56:52.0923 0x13a8 RDPCDD - ok
16:56:52.0970 0x13a8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:56:52.0986 0x13a8 RDPDR - ok
16:56:53.0017 0x13a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:56:53.0017 0x13a8 RDPENCDD - ok
16:56:53.0033 0x13a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:56:53.0033 0x13a8 RDPREFMP - ok
16:56:53.0111 0x13a8 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:56:53.0142 0x13a8 RdpVideoMiniport - ok
16:56:53.0204 0x13a8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:56:53.0220 0x13a8 RDPWD - ok
16:56:53.0251 0x13a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:56:53.0267 0x13a8 rdyboost - ok
16:56:53.0313 0x13a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:56:53.0313 0x13a8 RemoteAccess - ok
16:56:53.0376 0x13a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:56:53.0391 0x13a8 RemoteRegistry - ok
16:56:53.0407 0x13a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:56:53.0423 0x13a8 RpcEptMapper - ok
16:56:53.0438 0x13a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:56:53.0454 0x13a8 RpcLocator - ok
16:56:53.0501 0x13a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
16:56:53.0516 0x13a8 RpcSs - ok
16:56:53.0547 0x13a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:56:53.0563 0x13a8 rspndr - ok
16:56:53.0625 0x13a8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:56:53.0641 0x13a8 s3cap - ok
16:56:53.0672 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
16:56:53.0672 0x13a8 SamSs - ok
16:56:53.0688 0x13a8 SAVRKBootTasks - ok
16:56:53.0735 0x13a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:56:53.0735 0x13a8 sbp2port - ok
16:56:53.0735 0x13a8 SBRE - ok
16:56:53.0813 0x13a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:56:53.0828 0x13a8 SCardSvr - ok
16:56:53.0875 0x13a8 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D, 64A07303E538A1EE439D4AAD0DEBBD6037219D37B884026701A06E59A729E9C9 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
16:56:53.0891 0x13a8 SCDEmu - ok
16:56:53.0922 0x13a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:56:53.0922 0x13a8 scfilter - ok
16:56:54.0047 0x13a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:56:54.0093 0x13a8 Schedule - ok
16:56:54.0109 0x13a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:56:54.0125 0x13a8 SCPolicySvc - ok
16:56:54.0171 0x13a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:56:54.0187 0x13a8 SDRSVC - ok
16:56:54.0218 0x13a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:56:54.0234 0x13a8 secdrv - ok
16:56:54.0249 0x13a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:56:54.0265 0x13a8 seclogon - ok
16:56:54.0281 0x13a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
16:56:54.0296 0x13a8 SENS - ok
16:56:54.0312 0x13a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:56:54.0312 0x13a8 SensrSvc - ok
16:56:54.0327 0x13a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:56:54.0327 0x13a8 Serenum - ok
16:56:54.0390 0x13a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:56:54.0390 0x13a8 Serial - ok
16:56:54.0421 0x13a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:56:54.0421 0x13a8 sermouse - ok
16:56:54.0483 0x13a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:56:54.0499 0x13a8 SessionEnv - ok
16:56:54.0530 0x13a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:56:54.0546 0x13a8 sffdisk - ok
16:56:54.0561 0x13a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:56:54.0561 0x13a8 sffp_mmc - ok
16:56:54.0577 0x13a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:56:54.0577 0x13a8 sffp_sd - ok
16:56:54.0624 0x13a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:56:54.0639 0x13a8 sfloppy - ok
16:56:54.0702 0x13a8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:56:54.0717 0x13a8 SharedAccess - ok
16:56:54.0764 0x13a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:56:54.0780 0x13a8 ShellHWDetection - ok
16:56:54.0827 0x13a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:56:54.0827 0x13a8 SiSRaid2 - ok
16:56:54.0858 0x13a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:56:54.0873 0x13a8 SiSRaid4 - ok
16:56:54.0983 0x13a8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:56:54.0998 0x13a8 SkypeUpdate - ok
16:56:55.0029 0x13a8 slb - ok
16:56:55.0076 0x13a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:56:55.0092 0x13a8 Smb - ok
16:56:55.0139 0x13a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:56:55.0154 0x13a8 SNMPTRAP - ok
16:56:55.0185 0x13a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:56:55.0185 0x13a8 spldr - ok
16:56:55.0248 0x13a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:56:55.0263 0x13a8 Spooler - ok
16:56:55.0451 0x13a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:56:55.0622 0x13a8 sppsvc - ok
16:56:55.0685 0x13a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:56:55.0700 0x13a8 sppuinotify - ok
16:56:55.0747 0x13a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:56:55.0763 0x13a8 srv - ok
16:56:55.0809 0x13a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:56:55.0825 0x13a8 srv2 - ok
16:56:55.0856 0x13a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:56:55.0872 0x13a8 srvnet - ok
16:56:55.0934 0x13a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:56:55.0950 0x13a8 SSDPSRV - ok
16:56:55.0997 0x13a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:56:55.0997 0x13a8 SstpSvc - ok
16:56:56.0043 0x13a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:56:56.0043 0x13a8 stexstor - ok
16:56:56.0121 0x13a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:56:56.0137 0x13a8 stisvc - ok
16:56:56.0184 0x13a8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:56:56.0184 0x13a8 storflt - ok
16:56:56.0215 0x13a8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:56:56.0215 0x13a8 storvsc - ok
16:56:56.0246 0x13a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:56:56.0246 0x13a8 swenum - ok
16:56:56.0293 0x13a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:56:56.0309 0x13a8 swprv - ok
16:56:56.0324 0x13a8 Synth3dVsc - ok
16:56:56.0465 0x13a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:56:56.0527 0x13a8 SysMain - ok
16:56:56.0589 0x13a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:56:56.0589 0x13a8 TabletInputService - ok
16:56:56.0636 0x13a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:56:56.0652 0x13a8 TapiSrv - ok
16:56:56.0714 0x13a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:56:56.0714 0x13a8 TBS - ok
16:56:56.0839 0x13a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:56:56.0901 0x13a8 Tcpip - ok
16:56:56.0979 0x13a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:56:57.0042 0x13a8 TCPIP6 - ok
16:56:57.0089 0x13a8 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:56:57.0089 0x13a8 tcpipreg - ok
16:56:57.0135 0x13a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:56:57.0135 0x13a8 TDPIPE - ok
16:56:57.0167 0x13a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:56:57.0182 0x13a8 TDTCP - ok
16:56:57.0213 0x13a8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:56:57.0229 0x13a8 tdx - ok
16:56:57.0260 0x13a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:56:57.0260 0x13a8 TermDD - ok
16:56:57.0354 0x13a8 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
16:56:57.0369 0x13a8 TermService - ok
16:56:57.0401 0x13a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:56:57.0416 0x13a8 Themes - ok
16:56:57.0447 0x13a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:56:57.0463 0x13a8 THREADORDER - ok
16:56:57.0479 0x13a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:56:57.0479 0x13a8 TrkWks - ok
16:56:57.0557 0x13a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:56:57.0557 0x13a8 TrustedInstaller - ok
16:56:57.0619 0x13a8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:56:57.0619 0x13a8 tssecsrv - ok
16:56:57.0650 0x13a8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:56:57.0666 0x13a8 TsUsbFlt - ok
16:56:57.0666 0x13a8 tsusbhub - ok
16:56:57.0853 0x13a8 [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
16:56:57.0931 0x13a8 TuneUp.UtilitiesSvc - ok
16:56:57.0993 0x13a8 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
16:56:58.0009 0x13a8 TuneUpUtilitiesDrv - ok
16:56:58.0056 0x13a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:56:58.0071 0x13a8 tunnel - ok
16:56:58.0103 0x13a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:56:58.0118 0x13a8 uagp35 - ok
16:56:58.0181 0x13a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:56:58.0181 0x13a8 udfs - ok
16:56:58.0259 0x13a8 [ 5FFB3DBF534A94BC452222B720E8B98A, CABDF03D89201B068BF0683E641D750BBD03F9A918D35E87DC2C364D752C2A10 ] UI Assistant Service C:\Program Files (x86)\Join Air\AssistantServices.exe
16:56:58.0274 0x13a8 UI Assistant Service - ok
16:56:58.0337 0x13a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:56:58.0337 0x13a8 UI0Detect - ok
16:56:58.0383 0x13a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:56:58.0399 0x13a8 uliagpkx - ok
16:56:58.0430 0x13a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
16:56:58.0446 0x13a8 umbus - ok
16:56:58.0477 0x13a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:56:58.0493 0x13a8 UmPass - ok
16:56:58.0539 0x13a8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:56:58.0555 0x13a8 UmRdpService - ok
16:56:58.0758 0x13a8 [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:56:58.0851 0x13a8 UNS - ok
16:56:58.0898 0x13a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:56:58.0914 0x13a8 upnphost - ok
16:56:58.0929 0x13a8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:56:58.0945 0x13a8 usbaudio - ok
16:56:58.0961 0x13a8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:56:58.0976 0x13a8 usbccgp - ok
16:56:59.0007 0x13a8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:56:59.0023 0x13a8 usbcir - ok
16:56:59.0070 0x13a8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:56:59.0070 0x13a8 usbehci - ok
16:56:59.0117 0x13a8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:56:59.0132 0x13a8 usbhub - ok
16:56:59.0179 0x13a8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:56:59.0179 0x13a8 usbohci - ok
16:56:59.0226 0x13a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:56:59.0226 0x13a8 usbprint - ok
16:56:59.0273 0x13a8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
16:56:59.0273 0x13a8 usbscan - ok
16:56:59.0335 0x13a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:56:59.0351 0x13a8 USBSTOR - ok
16:56:59.0382 0x13a8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:56:59.0397 0x13a8 usbuhci - ok
16:56:59.0429 0x13a8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:56:59.0444 0x13a8 usbvideo - ok
16:56:59.0475 0x13a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:56:59.0491 0x13a8 UxSms - ok
16:56:59.0538 0x13a8 [ 97BCD40E27C46B398524DF9B4DC88A6F, D1466C414B6044B65D63138B3C42B54B3B6E54AD40613E171F980D0E0D9627B5 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
16:56:59.0553 0x13a8 UxTuneUp - ok
16:56:59.0585 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
16:56:59.0585 0x13a8 VaultSvc - ok
16:56:59.0631 0x13a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:56:59.0631 0x13a8 vdrvroot - ok
16:56:59.0725 0x13a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:56:59.0741 0x13a8 vds - ok
16:56:59.0803 0x13a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:56:59.0819 0x13a8 vga - ok
16:56:59.0850 0x13a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:56:59.0850 0x13a8 VgaSave - ok
16:56:59.0865 0x13a8 VGPU - ok
16:56:59.0928 0x13a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:56:59.0943 0x13a8 vhdmp - ok
16:56:59.0990 0x13a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:56:59.0990 0x13a8 viaide - ok
16:57:00.0037 0x13a8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:57:00.0037 0x13a8 vmbus - ok
16:57:00.0068 0x13a8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:57:00.0084 0x13a8 VMBusHID - ok
16:57:00.0115 0x13a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:57:00.0115 0x13a8 volmgr - ok
16:57:00.0146 0x13a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:57:00.0162 0x13a8 volmgrx - ok
16:57:00.0193 0x13a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:57:00.0193 0x13a8 volsnap - ok
16:57:00.0287 0x13a8 [ 8F1E531D36D95B0586DA00D546AB8B9A, 206C568E3698096D2C2C2E5BAB53382B74DEF2B354E6029E7C34912A55A0897C ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
16:57:00.0318 0x13a8 Vsdatant - ok
16:57:00.0583 0x13a8 [ 21D22AC9B8B33AF6EEEBDB10D1661C37, 56C7A8E5C3084163342A433FD20DE8E9931C1C293B49C0F9CD9C8F45A56D135B ] vsmon           C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
16:57:00.0677 0x13a8 vsmon - ok
16:57:00.0739 0x13a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:57:00.0755 0x13a8 vsmraid - ok
16:57:00.0879 0x13a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:57:00.0942 0x13a8 VSS - ok
16:57:00.0957 0x13a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:00.0957 0x13a8 vwifibus - ok
16:57:00.0989 0x13a8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:00.0989 0x13a8 vwififlt - ok
16:57:01.0051 0x13a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:57:01.0067 0x13a8 W32Time - ok
16:57:01.0113 0x13a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:57:01.0113 0x13a8 WacomPen - ok
16:57:01.0160 0x13a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:57:01.0176 0x13a8 WANARP - ok
16:57:01.0191 0x13a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:57:01.0207 0x13a8 Wanarpv6 - ok
16:57:01.0316 0x13a8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:01.0363 0x13a8 WatAdminSvc - ok
16:57:01.0472 0x13a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:57:01.0519 0x13a8 wbengine - ok
16:57:01.0566 0x13a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:57:01.0581 0x13a8 WbioSrvc - ok
16:57:01.0644 0x13a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:57:01.0675 0x13a8 wcncsvc - ok
16:57:01.0722 0x13a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:57:01.0722 0x13a8 WcsPlugInService - ok
16:57:01.0769 0x13a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:57:01.0769 0x13a8 Wd - ok
16:57:01.0847 0x13a8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:57:01.0862 0x13a8 Wdf01000 - ok
16:57:01.0893 0x13a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:57:01.0893 0x13a8 WdiServiceHost - ok
16:57:01.0909 0x13a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:57:01.0909 0x13a8 WdiSystemHost - ok
16:57:01.0956 0x13a8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
16:57:01.0956 0x13a8 WebClient - ok
16:57:02.0018 0x13a8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:57:02.0034 0x13a8 Wecsvc - ok
16:57:02.0065 0x13a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:57:02.0065 0x13a8 wercplsupport - ok
16:57:02.0096 0x13a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:57:02.0096 0x13a8 WerSvc - ok
16:57:02.0127 0x13a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:02.0127 0x13a8 WfpLwf - ok
16:57:02.0174 0x13a8 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:57:02.0190 0x13a8 WimFltr - ok
16:57:02.0221 0x13a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:57:02.0221 0x13a8 WIMMount - ok
16:57:02.0252 0x13a8 WinDefend - ok
16:57:02.0268 0x13a8 WinHttpAutoProxySvc - ok
16:57:02.0361 0x13a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:57:02.0377 0x13a8 Winmgmt - ok
16:57:02.0486 0x13a8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:57:02.0564 0x13a8 WinRM - ok
16:57:02.0627 0x13a8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:57:02.0627 0x13a8 WinUsb - ok
16:57:02.0720 0x13a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:57:02.0751 0x13a8 Wlansvc - ok
16:57:02.0783 0x13a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:57:02.0798 0x13a8 WmiAcpi - ok
16:57:02.0845 0x13a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:57:02.0861 0x13a8 wmiApSrv - ok
16:57:02.0892 0x13a8 WMPNetworkSvc - ok
16:57:02.0923 0x13a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:57:02.0923 0x13a8 WPCSvc - ok
16:57:02.0954 0x13a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:57:02.0970 0x13a8 WPDBusEnum - ok
16:57:03.0001 0x13a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:57:03.0001 0x13a8 ws2ifsl - ok
16:57:03.0048 0x13a8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
16:57:03.0063 0x13a8 wscsvc - ok
16:57:03.0079 0x13a8 WSearch - ok
16:57:03.0251 0x13a8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:57:03.0329 0x13a8 wuauserv - ok
16:57:03.0375 0x13a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:57:03.0375 0x13a8 WudfPf - ok
16:57:03.0438 0x13a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:03.0453 0x13a8 WUDFRd - ok
16:57:03.0500 0x13a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:57:03.0500 0x13a8 wudfsvc - ok
16:57:03.0547 0x13a8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:57:03.0609 0x13a8 WwanSvc - ok
16:57:03.0625 0x13a8 X6va008 - ok
16:57:03.0641 0x13a8 X6va009 - ok
16:57:03.0641 0x13a8 X6va010 - ok
16:57:03.0656 0x13a8 X6va011 - ok
16:57:03.0719 0x13a8 X6va012 - ok
16:57:03.0843 0x13a8 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:57:03.0875 0x13a8 YahooAUService - ok
16:57:03.0953 0x13a8 [ CEC8ED565F3663F0B8A862561BF08D79, FDDBEDC79C7061B20AA450BB3D09EDADEDD5F531D8EA100BBF542A63BDFCE593 ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
16:57:03.0953 0x13a8 ZAPrivacyService - ok
16:57:04.0015 0x13a8 [ F98415E5B83742C901D0A336972509A0, 12AA44AC32404744B0F19F1F01DA29F66436860E47257A2BF63F2293E0B9FE14 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
16:57:04.0015 0x13a8 ZTEusbmdm6k - ok
16:57:04.0031 0x13a8 [ F98415E5B83742C901D0A336972509A0, 12AA44AC32404744B0F19F1F01DA29F66436860E47257A2BF63F2293E0B9FE14 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
16:57:04.0046 0x13a8 ZTEusbnmea - ok
16:57:04.0077 0x13a8 [ F98415E5B83742C901D0A336972509A0, 12AA44AC32404744B0F19F1F01DA29F66436860E47257A2BF63F2293E0B9FE14 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
16:57:04.0077 0x13a8 ZTEusbser6k - ok
16:57:04.0093 0x13a8 ================ Scan global ===============================
16:57:04.0171 0x13a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:57:04.0218 0x13a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:57:04.0249 0x13a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:57:04.0296 0x13a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:57:04.0327 0x13a8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:57:04.0327 0x13a8 [ Global ] - ok
16:57:04.0327 0x13a8 ================ Scan MBR ==================================
16:57:04.0343 0x13a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:57:05.0076 0x13a8 \Device\Harddisk0\DR0 - ok
16:57:05.0076 0x13a8 ================ Scan VBR ==================================
16:57:05.0091 0x13a8 [ 4A7FCD48906E0266193D0D06684B5746 ] \Device\Harddisk0\DR0\Partition1
16:57:05.0091 0x13a8 \Device\Harddisk0\DR0\Partition1 - ok
16:57:05.0107 0x13a8 [ 468E6996FD83B916D5983749C7924B19 ] \Device\Harddisk0\DR0\Partition2
16:57:05.0107 0x13a8 \Device\Harddisk0\DR0\Partition2 - ok
16:57:05.0138 0x13a8 [ 89D22A73C6F9634C0AB2EF42241A4BF9 ] \Device\Harddisk0\DR0\Partition3
16:57:05.0138 0x13a8 \Device\Harddisk0\DR0\Partition3 - ok
16:57:05.0138 0x13a8 ================ Scan generic autorun ======================
16:57:05.0185 0x13a8 [ C67DF16A1E07EA4776E6CBD6CA862110, 66D2D0CBA70476225FABA5C7BFF9EAB3C5AF0DA1841A4078FD3066A310C9A658 ] C:\Windows\system32\igfxtray.exe
16:57:05.0185 0x13a8 IgfxTray - ok
16:57:05.0232 0x13a8 [ E92B6F3A5950E2F12230E1924CCE2238, F5FD40E34AE98D34D8BA6AE5ABB11214D4B091B9AB44C999D7E6C8C56975AC41 ] C:\Windows\system32\hkcmd.exe
16:57:05.0247 0x13a8 HotKeysCmds - ok
16:57:05.0263 0x13a8 ETDCtrl - ok
16:57:05.0325 0x13a8 [ 4490896F4491FD5F1BE601BA9C8245BD, 53709493AFDDE795A08F5E54FCF210479304B998522A06054AA9FAF514C8F1C6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
16:57:05.0357 0x13a8 AmIcoSinglun64 - ok
16:57:05.0481 0x13a8 [ E897F9B62E611D59FDFAB82FC829B93A, E11E1A488D461105104E7FFD9F8219BDD231807FE33600233BEF11A432E138FD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:57:05.0544 0x13a8 RtHDVBg - ok
16:57:05.0591 0x13a8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:57:05.0591 0x13a8 B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll - ok
16:57:05.0591 0x13a8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:57:05.0606 0x13a8 B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll - ok
16:57:05.0606 0x13a8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:57:05.0606 0x13a8 B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll - ok
16:57:05.0622 0x13a8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:57:05.0622 0x13a8 B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll - ok
16:57:05.0934 0x13a8 [ 6CB991E0323CE1901C0DD5857418E0F2, 70A52109C9A5DB932F0AEA60CBF7F5AF7747F5433446CBE133B236F9F0AB7A4D ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe
16:57:06.0246 0x13a8 Messenger (Yahoo!) - ok
16:57:06.0355 0x13a8 [ C8BC9A2DC599F1A52DC6B42FDD47B01E, F32F869EFA1E8ACECC9BDE7D0C9460EF3C85482629A22C4C7BEABE644B9C7E97 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe
16:57:06.0386 0x13a8 FlashPlayerUpdate - ok
16:57:06.0417 0x13a8 AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71000 ( enabled : updated )
16:57:06.0433 0x13a8 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
16:57:06.0464 0x13a8 FW detected via SS2: ZoneAlarm Free Firewall Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.3.209.0 ), 0x40010 ( disabled )
16:57:06.0464 0x13a8 FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x70010 ( disabled )
16:57:06.0480 0x13a8 Win FW state via NFP2: enabled
16:57:06.0480 0x13a8 ============================================================
16:57:06.0480 0x13a8 Scan finished
16:57:06.0480 0x13a8 ============================================================
16:57:06.0495 0x0ea0 Detected object count: 0
16:57:06.0495 0x0ea0 Actual detected object count: 0

#8 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 04 November 2014 - 11:09 AM

Go ahead and run a new scan with FRST, be sure to checkmark Additions and post both logs

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#9 Nare

Authentic Member

Authentic Member
50 posts

Posted 04 November 2014 - 11:42 AM

Here they are...Also I forgot about it, but I assume translation is not a problem?

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Iuliu (administrator) on RAMONA-PC on 04-11-2014 19:32:46
Running from C:\Users\Iuliu\Desktop
Loaded Profile: Iuliu (Available profiles: Ramona & Iuliu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Română (România)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Join Air\UIExec.exe [139088 2011-02-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-10-30] (Filefacts.net)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3781310032-3316471014-4203319439-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe [851632 2014-07-09] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * lsdeletePCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyUsers\S-1-5-21-3781310032-3316471014-4203319439-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nyaa.se/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ro-RO
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x75506ACFAEDBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://utw.me/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3781310032-3316471014-4203319439-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: 127.0.0.1 localhost

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [261456 2011-02-14] ()
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-02-19] (GFI Software)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\6EF9.tmp [6144 2010-05-26] (Sophos Plc) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S1 pumoymyv; No ImagePath
S1 SAVRKBootTasks; C:\Windows\SysWOW64\SAVRKBootTasks.sys [18816 2010-05-26] (Sophos Plc) [File not signed]
S1 SBRE; No ImagePath
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va010; No ImagePath
S3 X6va011; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 slb; \??\D:\Aeria\ScarletBlade\avital\scarlb64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 19:32 - 2014-11-04 19:34 - 00023229 _____ () C:\Users\Iuliu\Desktop\FRST.txt
2014-11-04 16:53 - 2014-10-28 18:00 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Iuliu\Desktop\TDSSKiller.exe
2014-11-03 20:07 - 2014-11-04 18:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-03 20:06 - 2014-11-03 20:06 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-03 20:06 - 2014-11-03 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-03 20:06 - 2014-11-03 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-03 20:06 - 2014-11-03 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-03 20:06 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-03 20:06 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-03 20:06 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-03 17:57 - 2014-11-03 17:57 - 00000903 _____ () C:\Users\Iuliu\Desktop\JRT.txt
2014-11-03 16:45 - 2014-11-03 16:45 - 01706359 _____ (Thisisu) C:\Users\Iuliu\Desktop\JRT.exe
2014-11-03 16:17 - 2014-11-04 09:36 - 00001508 _____ () C:\Windows\PFRO.log
2014-11-03 13:56 - 2014-11-04 19:32 - 00000000 ____D () C:\FRST
2014-11-03 13:55 - 2014-11-03 13:55 - 02114560 _____ (Farbar) C:\Users\Iuliu\Desktop\FRST64.exe
2014-11-02 09:26 - 2014-11-02 09:26 - 00456624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 20:37 - 2014-11-01 20:37 - 05192704 _____ (AVAST Software) C:\Users\Iuliu\Desktop\aswMBR.exe
2014-11-01 15:30 - 2014-11-01 15:30 - 00109672 _____ () C:\Users\Iuliu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-01 09:46 - 2014-11-04 19:27 - 00000728 _____ () C:\Windows\setupact.log
2014-11-01 09:46 - 2014-11-01 09:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-30 07:55 - 2014-03-25 15:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-10-29 20:00 - 2014-10-29 20:00 - 00021075 _____ () C:\ComboFix.txt
2014-10-29 18:38 - 2014-10-29 18:39 - 00870336 _____ (Opera Software) C:\Users\Iuliu\Downloads\Opera_NI_stable.exe
2014-10-29 18:36 - 2014-10-29 18:36 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\Opera Software
2014-10-29 18:36 - 2014-10-29 18:36 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\Opera Software
2014-10-29 18:35 - 2014-10-31 09:46 - 00003836 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414600540
2014-10-29 18:35 - 2014-10-31 09:46 - 00000964 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 25.lnk
2014-10-29 18:35 - 2014-10-29 18:35 - 00001139 _____ () C:\Users\Public\Desktop\Opera 25.lnk
2014-10-29 16:16 - 2014-10-29 16:16 - 00001225 _____ () C:\Users\Iuliu\Desktop\TreeSize Free.lnk
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\JAM Software
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2014-10-29 16:16 - 2014-10-29 16:16 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2014-10-29 16:15 - 2014-10-29 16:15 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\ImgBurn
2014-10-29 16:05 - 2014-10-29 16:05 - 00001881 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-10-29 16:05 - 2014-10-29 16:05 - 00001869 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-10-29 16:05 - 2014-10-29 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-10-29 16:05 - 2014-10-29 16:05 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-10-28 12:06 - 2014-10-28 15:01 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\Uzixso
2014-10-26 15:21 - 2014-10-26 15:23 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-10-26 15:21 - 2014-10-26 15:21 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-10-26 15:21 - 2014-10-26 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-10-26 15:20 - 2014-10-26 15:21 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-10-26 15:19 - 2014-10-26 15:19 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-10-26 10:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-26 10:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-26 10:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-26 10:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-25 16:12 - 2014-10-25 16:13 - 05583977 ____R (Swearware) C:\Users\Iuliu\Desktop\ComboFix.exe
2014-10-24 23:41 - 2014-10-24 23:41 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-10-24 14:31 - 2014-10-24 14:31 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-10-16 12:08 - 2014-10-16 12:08 - 00033568 _____ () C:\Users\Iuliu\AppData\Local\2ete64.vas
2014-10-15 20:23 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 20:23 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 20:23 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 20:23 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 20:23 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 20:23 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 20:23 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 20:23 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 20:23 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 20:23 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 20:23 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 20:23 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 20:23 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 20:23 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 20:23 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 20:23 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 20:23 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 20:23 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 20:23 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 20:23 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 20:23 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 20:23 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 20:23 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 20:23 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 20:23 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 20:23 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 20:23 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 20:23 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 20:23 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 20:23 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 20:23 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 20:23 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 20:23 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 20:23 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 20:23 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 20:23 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 20:23 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 20:23 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 20:23 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 20:23 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 20:23 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 20:23 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 20:23 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 20:23 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 20:23 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 20:23 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 20:23 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 20:23 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 20:23 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 20:23 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 20:23 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 20:23 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 20:23 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 20:23 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 20:23 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 20:23 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 20:22 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 20:22 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 20:22 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 20:22 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 20:22 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 20:22 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 20:22 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 20:22 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 20:22 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 20:22 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 20:22 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 20:22 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 20:22 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 20:22 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 20:22 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 20:22 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 20:22 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 20:22 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 20:21 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 20:21 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 20:21 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 20:21 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 20:21 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 20:21 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 20:21 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 20:21 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 20:21 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 20:21 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 20:21 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 20:21 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 20:21 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 20:21 - 2014-07-17 04:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 20:21 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 20:21 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 20:21 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 20:21 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 20:21 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 20:21 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 20:21 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 20:21 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 20:21 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 20:21 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 20:21 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 20:21 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 20:21 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 20:21 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 20:21 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 20:21 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 20:21 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 20:21 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 20:21 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 20:21 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 20:21 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 20:21 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-15 20:21 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-15 20:20 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 20:20 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 10:17 - 2014-10-17 20:25 - 00003036 _____ () C:\Windows\SysWOW64\BroomData.bit

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 19:33 - 2013-11-11 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-04 19:31 - 2012-07-06 18:37 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\BitComet
2014-11-04 19:03 - 2012-09-10 13:42 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-04 18:47 - 2013-09-14 09:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-04 16:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-11-04 15:08 - 2012-05-05 18:56 - 02006769 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 14:56 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 14:56 - 2009-07-14 06:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 11:03 - 2012-09-10 13:42 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 09:36 - 2013-01-03 00:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-11-04 09:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-03 21:04 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\YhPack
2014-11-03 16:16 - 2014-06-07 19:16 - 00000000 ____D () C:\AdwCleaner
2014-11-03 16:09 - 2012-07-02 17:54 - 00000000 ____D () C:\Zerg
2014-11-03 13:08 - 2014-09-25 17:48 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-03 12:59 - 2012-07-06 01:56 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\vlc
2014-11-03 12:39 - 2014-08-15 23:02 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\CrashDumps
2014-11-02 09:31 - 2009-07-14 07:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 19:45 - 2012-10-19 16:12 - 00000000 ____D () C:\Users\Iuliu\AppData\Roaming\tigerplayer
2014-10-31 09:46 - 2012-08-29 20:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-30 13:25 - 2012-05-05 14:42 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 20:00 - 2014-09-25 18:02 - 00000000 ____D () C:\Qoobox
2014-10-29 19:55 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-29 18:44 - 2012-10-21 21:52 - 00007669 _____ () C:\Users\Iuliu\AppData\Local\Resmon.ResmonCfg
2014-10-29 17:03 - 2014-08-29 09:41 - 00000282 _____ () C:\Users\Iuliu\AppData\Roaming\burnaware.ini
2014-10-28 12:58 - 2014-09-22 07:55 - 00000000 ____D () C:\Users\Iuliu\Desktop\####### cleanup!
2014-10-27 13:17 - 2014-09-06 22:51 - 00000000 ____D () C:\Users\Iuliu\AppData\Local\Efbtion
2014-10-26 19:44 - 2014-02-05 12:08 - 00000000 ____D () C:\Users\Iuliu\Desktop\ST
2014-10-25 21:13 - 2012-07-02 19:45 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-10-23 11:52 - 2014-10-02 11:14 - 00003134 _____ () C:\Windows\system32\.crusader
2014-10-16 20:56 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-16 02:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 02:06 - 2012-05-05 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-08 08:10 - 2009-07-14 07:08 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Iuliu\AppData\Local\Temp\Bit99BA.tmp.exe
C:\Users\Iuliu\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Iuliu\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2014-10-26 13:52

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by Iuliu at 2014-11-04 19:34:52
Running from C:\Users\Iuliu\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 1.62b (HKLM-x32\...\AC3Filter_is1) (Version: 1.62b - Alexander Vigovsky)
AChat v0.150 (HKLM-x32\...\AChat_is1) (Version: 0.150 - SourceForge.NET)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
AML Free Registry Cleaner 4.22 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.16 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0034 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitComet 1.32 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.32 - CometNetwork)
BurnAware Free 4.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
Combined Community Codec Pack 2013-05-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.05.30.0 - CCCP Project)
Dawngate (HKLM-x32\...\{E20BD715-3CAF-4A6C-A7F5-8F2216710B90}) (Version: 174.83.27.0 - Electronic Arts, Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
eMule (HKLM-x32\...\eMule) (Version: - )
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.4.3607.2246 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.135 - Google Inc.) Hidden
Hero Editor V1.04 (HKLM-x32\...\ST6UNST #1) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.5 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
K-Lite Codec Pack 9.5.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Media Player Codec Pack 4.2.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.8 - Media Player Codec Pack)
MediaInfo 0.7.61 (HKLM\...\MediaInfo) (Version: 0.7.61 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MpcStar 5.4 (HKLM-x32\...\MpcStar) (Version: 5.4 - www.mpcstar.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
One Finger Death Punch 1.0 (HKLM-x32\...\One Finger Death Punch 1.0) (Version: 1.0 - Cat-A-Cat)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.104 - Panda Security)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.2.0.10 - Panda Security)
Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.1.4 - Panda Security)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.8-1.0.8500.20 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)
Registration Code Creator (HKCU\...\Registration Code Creator) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart File Advisor 1.1.3 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.1.3 - Filefacts.net)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Sophos Anti-Rootkit 1.5.4 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.4 - Sophos Plc)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 0.0.66.192 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.9.0 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden