kelro

Followed all of the above, bar Chrome because it isn't installed but the problems still remain,

Results of screen317's Security Check version 0.99.94 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` CCleaner Adobe Flash Player 16.0.0.257 Mozilla Firefox (35.0) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbam.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log``````````````````````

Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 20/01/2015 Scan Time: 17:31:46 Logfile: Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.01.20.08 Rootkit Database: v2015.01.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x86 File System: NTFS User: Alex Scan Type: Threat Scan Result: Completed Objects Scanned: 406330 Time Elapsed: 50 min, 13 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

There we go. Addition.txt FRST.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-01-2015 Ran by Alex at 2015-01-20 17:09:23 Run:2 Running from C:\Users\kelly_000\Desktop Loaded Profiles: Alex & kelly_000 (Available profiles: Alex & kelly_000) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\...\Run: [Gyazo] => [X]ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User: Group Policy restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User: Group Policy restriction detected <======= ATTENTION DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab Task: {382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {F8C8F035-3F9F-4A16-B087-AF71FAA940EE} - \Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 No Task File <==== ATTENTION C:\WINDOWS\Tasks\Adobe Flash Player Updater.job C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties AlternateDataStreams: C:\Users\kelly_000\SkyDrive:ms-properties EmptyTemp: Reboot: ***************** HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully. HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully. HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully. "HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully. "HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully. "HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User" => File/Directory not found. C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User => Moved successfully. "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully. HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key not found. "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}" => Key deleted successfully. "HKCR\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully. HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7}" => Key deleted successfully. C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8C8F035-3F9F-4A16-B087-AF71FAA940EE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8C8F035-3F9F-4A16-B087-AF71FAA940EE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005" => Key deleted successfully. "C:\WINDOWS\Tasks\Adobe Flash Player Updater.job" => File/Directory not found. "C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job" => File/Directory not found. "C:\Users\Alex\SkyDrive" => ":ms-properties" ADS not found. "C:\Users\kelly_000\SkyDrive" => ":ms-properties" ADS not found. EmptyTemp: => Removed 301.3 MB temporary data. The system needed a reboot. ==== End of Fixlog 17:09:59 ====

Ah apologies, I didn't realise it needed to be done as Administrator. To confirm, I need to run the Fix again or the scan again?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-01-2015 01 Ran by kelly_000 at 2015-01-17 11:41:17 Run:1 Running from C:\Users\kelly_000\Desktop Loaded Profiles: kelly_000 (Available profiles: Alex & kelly_000) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\...\Run: [Gyazo] => [X]ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.) GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User: Group Policy restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User: Group Policy restriction detected <======= ATTENTION DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab Task: {382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {F8C8F035-3F9F-4A16-B087-AF71FAA940EE} - \Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 No Task File <==== ATTENTION C:\WINDOWS\Tasks\Adobe Flash Player Updater.job C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties AlternateDataStreams: C:\Users\kelly_000\SkyDrive:ms-properties EmptyTemp: Reboot: ***************** HKU\S-1-5-21-4264348289-3241612886-2336119300-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => Value not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => Key could not be deleted. Access denied. HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => Key could not be deleted. Access denied. HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => Key could not be deleted. Access denied. HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => Key could not be deleted. Access denied. HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => Key could not be deleted. Access denied. HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Key not found. "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User" directory move: Could not move "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User\Registry.pol" => Scheduled to move on reboot. Could not move "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1004\User" directory. => Scheduled to move on reboot. "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4264348289-3241612886-2336119300-1001\User" => File/Directory not found. HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key could not be deleted. Access denied. HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key not found. HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} => Key could not be deleted. Access denied. HKCR\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} => Key not found. HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key could not be deleted. Access denied. HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382BDB8C-C6D7-4F9A-BF8F-CF5F711F68B7} => Key could not be deleted. Access denied. Could not move "C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate" => Scheduled to move on reboot. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key could not be deleted. Access denied. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8C8F035-3F9F-4A16-B087-AF71FAA940EE} => Key could not be deleted. Access denied. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 => Key could not be deleted. Access denied. Could not move "C:\WINDOWS\Tasks\Adobe Flash Player Updater.job" => Scheduled to move on reboot. "C:\WINDOWS\Tasks\User_Feed_Synchronization-{3CD877CF-0AFB-472B-BB81-29A2DA5A8569}.job" => File/Directory not found. C:\Users\Alex\SkyDrive => ":ms-properties" ADS removed successfully. "C:\Users\kelly_000\SkyDrive" => ":ms-properties" ADS not found. EmptyTemp: => Removed 119.6 MB temporary data.

Found it in the end. C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application C:\Users\kelly_000\Downloads\dfsetup218.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

The ESET log seems to have gone missing. I don't know how but I'll redo it and post the FRST logs now. Addition.txt FRST.txt

I'm still unable to download files or then run files that were downloaded in safe mode, when not in safe mode. I'll get the other logs for you this evening. Apologies for the long gaps with repsonses.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.0 (11.29.2014:1) OS: Windows 8.1 Pro x86 Ran by Alex on 23/12/2014 at 15:56:57.93 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1001 Successfully deleted: [File] C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1004 Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERCTRL.EXE-9039C83D.pf ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 23/12/2014 at 15:58:31.63 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The file was far too long and was forcing me to post multiples times so I've attached the full .txt Adware shows as enabled even though I have disabled it. TDSSKiller.3.0.0.42_20.12.2014_16.47.58_log.txt

Unfortunately nothing found. The problem has now got worse. I am only able to download files when in Safe Mode and Task Manager shows 5 instances of Internet Explorer that, when I click End Task reappear immediately. 16:47:58.0482 0x0cf4 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20 16:47:58.0607 0x0cf4 ============================================================ 16:47:58.0607 0x0cf4 Current date / time: 2014/12/20 16:47:58.0607 16:47:58.0607 0x0cf4 SystemInfo: 16:47:58.0607 0x0cf4 16:47:58.0607 0x0cf4 OS Version: 6.3.9600 ServicePack: 0.0 16:47:58.0607 0x0cf4 Product type: Workstation 16:47:58.0607 0x0cf4 ComputerName: LAPTOP 16:47:58.0607 0x0cf4 UserName: Alex 16:47:58.0607 0x0cf4 Windows directory: C:\WINDOWS 16:47:58.0607 0x0cf4 System windows directory: C:\WINDOWS 16:47:58.0607 0x0cf4 Processor architecture: Intel x86 16:47:58.0607 0x0cf4 Number of processors: 2 16:47:58.0607 0x0cf4 Page size: 0x1000 16:47:58.0607 0x0cf4 Boot type: Normal boot 16:47:58.0607 0x0cf4 ============================================================ 16:47:58.0607 0x0cf4 BG loaded 16:48:03.0564 0x0cf4 System UUID: {0F194E7A-3D33-CFC3-BDC7-A6B3D9F1C5E9} 16:48:06.0049 0x0cf4 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:48:06.0143 0x0cf4 ============================================================ 16:48:06.0143 0x0cf4 \Device\Harddisk0\DR0: 16:48:06.0190 0x0cf4 MBR partitions: 16:48:06.0190 0x0cf4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82 16:48:06.0190 0x0cf4 ============================================================ 16:48:08.0160 0x0cf4 C: <-> \Device\Harddisk0\DR0\Partition1 16:48:08.0160 0x0cf4 ============================================================ 16:48:08.0160 0x0cf4 Initialize success 16:48:08.0160 0x0cf4 ============================================================ 16:48:41.0817 0x0400 ============================================================ 16:48:41.0817 0x0400 Scan started 16:48:41.0817 0x0400 Mode: Manual; SigCheck; TDLFS; 16:48:41.0817 0x0400 ============================================================ 16:48:41.0817 0x0400 KSN ping started 16:48:44.0146 0x0400 KSN ping finished: true 16:49:14.0381 0x0400 ================ Scan system memory ======================== 16:49:14.0381 0x0400 System memory - ok 16:49:14.0381 0x0400 ================ Scan services ============================= 16:49:23.0649 0x0400 [ F7B9F821CF1C31B266F60A5733F8119A, F6CD1745CCE5F3023AA71BEBDD90ABF53AAB7BAC30FE6D28EB0CE73A46346875 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 16:49:25.0539 0x0400 1394ohci - ok 16:49:25.0821 0x0400 [ 57F7923ACC5009218F6591B3C0F62E07, 2C55C3C05063A87AA3B8B4E229F473104DE3643B1905214F75643332F60AD77F ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 16:49:25.0852 0x0400 3ware - ok 16:49:26.0774 0x0400 [ 97E855ABBF94A5B979BB3070833AE71C, 1BE118C8E9DE6C37D4B64980824B01552B18F468E710C5313CBBBAC4458F3CED ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 16:49:27.0258 0x0400 ACPI - ok 16:49:27.0383 0x0400 [ DCA3C5F55150B3AEB8B75A5E8D1156DC, 5BECBA14872511E9195B66F5BA290C80978C0DFFB08FABB8C5502D6F4B2927B9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 16:49:27.0415 0x0400 acpiex - ok 16:49:27.0649 0x0400 [ EE103776F838AE570EDBB2C1FB1356AF, 893FE536EEC3E9FBF08FBF3491DD96939DD92879E321A24E1AB4C6F7C5C84961 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 16:49:28.0696 0x0400 acpipagr - ok 16:49:28.0884 0x0400 [ AC1BAD06E47D090C553FDEEAD1A7C463, FF4A46E0811B6857DDF1C8FB35E1D99CF2C13D7139FEC574B797F09CA0DC95CA ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 16:49:29.0821 0x0400 AcpiPmi - ok 16:49:30.0040 0x0400 [ 519FA16CFE54F107861501D852322AEF, AC81AEAABF7C97F90769A8EE789449DB413815C2634999AE0C5825BF40656505 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 16:49:30.0993 0x0400 acpitime - ok 16:49:31.0993 0x0400 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 16:49:32.0150 0x0400 AdobeFlashPlayerUpdateSvc - ok 16:49:33.0212 0x0400 [ D614199DF507F1047D2C9ADB89BDD49E, F858794161F40660CDFEDA895A3B924364F74F8D6165947A7605A3C695D9EE7D ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 16:49:40.0541 0x0400 ADP80XX - ok 16:49:40.0854 0x0400 [ 38ED16BD714BD8AB7A1D78568E2C5B22, D03E82A895DC9F47488D4DDF4C47D241364F2FAFCA9C76576C934403BEFC046B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 16:49:42.0119 0x0400 AeLookupSvc - ok 16:49:43.0010 0x0400 [ D75FB05E8DBF21FA0EF313C7503243F1, A9D9B5A6B26D114319B16605D47BDD27D4B13B72D2661DDDCD711AC48D46DB4E ] AFD C:\WINDOWS\system32\drivers\afd.sys 16:49:44.0338 0x0400 AFD - ok 16:49:45.0041 0x0400 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 16:49:45.0557 0x0400 AgereSoftModem - ok 16:49:45.0807 0x0400 [ 7A706DCF874214097A30694D3B686866, C565B0A0F59A79259D0D3958FF3FAAE252FCC2BF3964C426B37F8C3830A0C216 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 16:49:46.0012 0x0400 agp440 - ok 16:49:46.0231 0x0400 [ 25815816E0032A26D2FE5FDA7F9A2BB7, F10F59CE1EB099BA7D6923BA7C8712E1D2E03C31A194F47A6B4CC824B479104B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 16:49:46.0887 0x0400 ahcache - ok 16:49:46.0934 0x0400 [ F0393267267B7E0EFD1E987781783B9F, 90BC0B0FA5DE930650104C9D3ED76A90EDB99DCAD097FAF964B1705BD2BE6825 ] ALG C:\WINDOWS\System32\alg.exe 16:49:47.0325 0x0400 ALG - ok 16:49:47.0575 0x0400 [ E7E154969EEDB8E8FC2C80DF690A175A, 3015D83058BF9B018473823B596F4F9F1A348E3ED2724C51CB9776E76082C479 ] amdagp C:\WINDOWS\system32\drivers\amdagp.sys 16:49:47.0793 0x0400 amdagp - ok 16:49:48.0021 0x0400 [ D9707ECC59834964EBA0D9D6C87305F6, EEC61004B16B4E1582D55D00C7A6DF497E72EC2B81A301B383584F5D6DFADCF0 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 16:49:48.0459 0x0400 AmdK8 - ok 16:49:48.0537 0x0400 [ 7E4E0841365A02F77BD8497CCE347179, 915506A214730851CD789A4E0D1AC6501706D56929CD8AFB30BF77E4618AE574 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 16:49:48.0893 0x0400 AmdPPM - ok 16:49:49.0096 0x0400 [ 5558A0EB3082EAC88C0578ABCE0C707D, 46DDFFE4E3DC5E98B06CA6DCF508C8B7BBCD1C9BED8DFA74B48AA08498E76EF2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 16:49:49.0206 0x0400 amdsata - ok 16:49:49.0315 0x0400 [ FB1A73A850C812F63BA9D174AB97BFB6, D15ECB48ECC459E564386101178E4E698B84B7763ABBC022F6D617CC5623F755 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 16:49:49.0690 0x0400 amdsbs - ok 16:49:49.0737 0x0400 [ 43352B9C7917984404F893AD10468F63, 26270C5FBECF1D2E91ABB589196F3B57C46D5C941594D12EEA1A6BAD60B2E28A ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 16:49:49.0831 0x0400 amdxata - ok 16:49:50.0018 0x0400 [ 744F52D39EE8B38B85A047B6AFFE8696, 67594BD57863C48559B690D0C6FB2376B9ACBF7645232EE259464D54B786C5A8 ] AppID C:\WINDOWS\system32\drivers\appid.sys 16:49:50.0483 0x0400 AppID - ok 16:49:50.0546 0x0400 [ 74A94E7CE70DAABD1929F605392F3632, 4434B89229E220B35E071E63A478C67F9607AF5F17A4C2C0FEB8DA5E8E77C11E ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 16:49:51.0046 0x0400 AppIDSvc - ok 16:49:51.0374 0x0400 [ 9D5E46CD2BC57BE26F9A1E58F61D5D3E, 8411A17227201A3FF302C761716F3D8816E166369256764C4D9046796191202F ] Appinfo C:\WINDOWS\System32\appinfo.dll 16:49:51.0764 0x0400 Appinfo - ok 16:49:52.0905 0x0400 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:49:52.0937 0x0400 Apple Mobile Device - ok 16:49:53.0452 0x0400 [ D45B9E7A13866AEEF0AAD9E60A24C604, 87911A658343575579F63A50CF93A8A69EEB64AC9E1EF692787CB1509E89CAF4 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 16:49:53.0640 0x0400 AppMgmt - ok 16:49:53.0874 0x0400 [ 0016BF6CCFCBEE39188861476B700D8B, 8E90B8BA4C94E7CF4E970C2ACE34FD510E2A1643AC041F4C51D8CF1EE1A0DA4E ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 16:49:54.0640 0x0400 AppReadiness - ok 16:49:55.0265 0x0400 [ D07789299DA4D79B123336534E960F62, E98CD0B2B80A71D8B7BCD152196B4D8B2B56EE39C798C35CB33C6D82C5C314A5 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 16:49:55.0702 0x0400 AppXSvc - ok 16:49:55.0765 0x0400 [ 0554DE27A3B4527C000073CEA0E84D1B, 526AA2C3B88AB21331C6DAA40F0443AE3437D673DECC330E7433F9FDC7ADDB54 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 16:49:55.0905 0x0400 arcsas - ok 16:49:56.0093 0x0400 [ 437EAC134721F0BA2D856FA3B2622F7B, 0B07CEB94C9F5FA86996A031E054AD3C7177C6185D946398A9FF9E57CF10D0AE ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16:49:56.0405 0x0400 AsyncMac - ok 16:49:56.0577 0x0400 [ 72FCAE2CE6DFEAB2AB072435017F3417, 1081DAD1DEC8956D7A0D2CE9AF5DCDC56620436B161A7D749EDE769AAE73F2D6 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 16:49:56.0671 0x0400 atapi - ok 16:49:57.0101 0x0400 [ D49C81814DBA6E1E01031A4FFC7637AF, 5F511BEE6888F8C661AA706C2638363841675EEF6240C85F5CAFAEC8D39249DB ] athr C:\WINDOWS\system32\DRIVERS\athwn.sys 16:49:57.0601 0x0400 athr - ok 16:49:57.0804 0x0400 [ 54678389CB17820F846B9FD35A6BD913, 587F6168C084674E2FA82606D4E19A5456F2094BA587E43BD906C64379130BE4 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 16:49:57.0962 0x0400 AudioEndpointBuilder - ok 16:49:58.0040 0x0400 [ 652B38B656F0C91E0160AF96039E38FC, 3C57F12BA34ADE9117B5237C612AD62C32BE63645E4F6638AEDA3C32691A4C63 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 16:49:58.0243 0x0400 Audiosrv - ok 16:49:58.0384 0x0400 [ E8EB0D954F852612B5558A2FA48141EF, 9EAFADF021D18BF7EBB9A0F3D7896EE4C4D144FE471447BECE1555FB3FF4148E ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 16:49:58.0509 0x0400 AxInstSV - ok 16:49:58.0712 0x0400 [ 235EAE5E6E5F3F0DD49DA9204F86976E, 6F29B9E36C54717E94DBF346FEF5145A2CAEBA4C1BB336E4023C5A7FE09B5290 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 16:49:59.0009 0x0400 BasicDisplay - ok 16:49:59.0290 0x0400 [ 363392A3AF1630C9D3A7B9A31267B5B3, C1F084BFCC05EE56585860DF4729198C72475AC75A2A38FD4D1551D8CA3A9EA3 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 16:49:59.0507 0x0400 BasicRender - ok 16:49:59.0616 0x0400 [ 596DB7E4D0DB6AC32DF142C861001979, D7E2C2334F286778A485391C0E0BA19DE2A7D2C3B94A74563C57D55EB0A8E858 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 16:49:59.0710 0x0400 bcmfn2 - ok 16:49:59.0882 0x0400 [ BB66D3F11B9D1A71C14AA9175BA308E1, C110DA0892A6C4507D22537CD83DC8D923935624507F8C04B89D41367DD61ADC ] BDESVC C:\WINDOWS\System32\bdesvc.dll 16:50:00.0116 0x0400 BDESVC - ok 16:50:00.0210 0x0400 [ 56C52B62E1955E8BE0B8BF2297D5F948, F7ABFA2B132DA9983A64E66FD260056EC52C5D1338900192230010A4A1E0C77F ] BdfNdisf C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys 16:50:00.0476 0x0400 BdfNdisf - ok 16:50:00.0507 0x0400 [ A858ED8F06ADD083907FB20AB4A4E82D, 8C74F8E417E961402D0B91C19DA61BD7A732A5D7E8419F9831E00D7085263964 ] bdfwfpf C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys 16:50:00.0554 0x0400 bdfwfpf - ok 16:50:00.0632 0x0400 [ 38058AF65F15D0E9E1A5A9B8E75B0757, C7855B39DEAF8AE6E87FBF44FADD3344D69AC71AAC8737EA6FF21435685189F7 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:50:00.0882 0x0400 Beep - ok 16:50:00.0976 0x0400 [ B865A96B787A813F5D66665B2B62AB11, 667D7916EC00D5F57B3F527C68AEB0AED147D5D62B25DCA2ACD78B509C36EAA6 ] BFE C:\WINDOWS\System32\bfe.dll 16:50:01.0148 0x0400 BFE - ok 16:50:01.0242 0x0400 [ CF61A9210872D1C98FA82593A5A3EFA1, E4732961BB3D9220E692646D1B16984B375D8BD65B1881B25F9BD35FB1B0AFD2 ] BITS C:\WINDOWS\System32\qmgr.dll 16:50:02.0132 0x0400 BITS - ok 16:50:02.0476 0x0400 [ 686045905787B68D829CE647A6DFAD2B, 09B925A3E02B3BA45D5D408B59A279D3255AC854B3B696E243DCD14EF18CEC92 ] Blackberry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe 16:50:02.0632 0x0400 Blackberry Device Manager - detected UnsignedFile.Multi.Generic ( 1 ) 16:50:04.0945 0x0400 Detect skipped due to KSN trusted 16:50:04.0945 0x0400 Blackberry Device Manager - ok 16:50:05.0273 0x0400 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 16:50:05.0367 0x0400 Bonjour Service - ok 16:50:05.0382 0x0400 [ BC1FC15A5B1FAE717CE441537590FDD3, B16A29C37AAFD8BB63E96211A7B01A206E3370904F942DE0D85AAFE8EF49A8E9 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 16:50:05.0648 0x0400 bowser - ok 16:50:05.0742 0x0400 [ 0693FAE9B475E1C079C6EEB52C0AC986, 314480AF3678726D2E55E2DD942C742275F0ECF019F1189F61EE5AAA0934223B ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 16:50:06.0008 0x0400 BrokerInfrastructure - ok 16:50:06.0039 0x0400 [ 2EADB0E147F439FDEF21E3153D0EB3FF, 905048A3C3B44EB9983040046A1AC358D167308D00AF707CDAA9755AAFCABD2A ] Browser C:\WINDOWS\System32\browser.dll 16:50:06.0289 0x0400 Browser - ok 16:50:06.0461 0x0400 [ 48590B2DBCE55AC0DF0F7A3F23204CBF, CA57095FD6979A937FC26E9E4D804C8FA7248B36D84159D746F9FC8BADF08365 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 16:50:06.0539 0x0400 BthAvrcpTg - ok 16:50:06.0726 0x0400 [ 84CF99F7190D54D4C72E0F5D008BF88C, 585A87EC0A57057727D58A8D9B9ACDE90861AFB4BF4FBEF07C451A7EDF5DB96F ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 16:50:06.0789 0x0400 BthHFEnum - ok 16:50:06.0820 0x0400 [ 1C0791BC4DC2AE0B41F8E84CD3154929, FEA1FF46493C6638E08FC2FBBFB66B9922680BB649B99695ADACF05713962A78 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 16:50:06.0883 0x0400 bthhfhid - ok 16:50:06.0914 0x0400 [ 34915F2B5A85B46E5B9033634C937CCA, 3A6B32C55712581CEAC5E7159A302D8CC36AB69E6702A77F1B4F20D5DFF13574 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 16:50:06.0992 0x0400 BTHMODEM - ok 16:50:07.0086 0x0400 [ D0AD9879CC58ABB122EC0BF0F7B3925C, 09B3ECE40AA008B4E11955CE15453AC9F9262895E0568CEE2A169A0FE9526080 ] bthserv C:\WINDOWS\system32\bthserv.dll 16:50:07.0133 0x0400 bthserv - ok 16:50:07.0180 0x0400 [ CE232BB0965C0C0B786C3F976CCBFB7D, B3EF33018585A1B0B560E774C6127354E45805F01779C5931C345853F9EFD48C ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 16:50:07.0383 0x0400 cdfs - ok 16:50:07.0398 0x0400 [ E2FC132D48EA4E8B04432C33EFB77801, 732BCDFA8975FB54DD0EAF0D208CBD361CA2E9C68B82212481C843E2ED1C5237 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 16:50:07.0461 0x0400 cdrom - ok 16:50:07.0508 0x0400 [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 16:50:07.0680 0x0400 CertPropSvc - ok 16:50:07.0851 0x0400 [ 98294CE233DE8687CEEC29BD632107D0, 91DCAD303EB49A0321E3991A7B77E77672A87B32B55656A6D9471F10F1C2EE27 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 16:50:07.0930 0x0400 circlass - ok 16:50:08.0133 0x0400 [ 7559018F0024F00AC00198F18C6A0426, 29280C458A1C0F43D410E8582811D61A2ED5D7D8104FA5B17BB15E02DB080964 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 16:50:08.0289 0x0400 CLFS - ok 16:50:08.0945 0x0400 [ C7956CBF421C955167CC574C3D0630B1, E835EF27A73683155F257EB3A53EC6DB2A4140E6B96BF3848AF5EDB973227659 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe 16:50:09.0039 0x0400 ClickToRunSvc - ok 16:50:09.0117 0x0400 [ 6D46D1CCDA47E9B76F2D7FF4417D31AD, 8AA40C74C284EBF78FB60D64614BC87BD8C1592AD0EFB03D0DEE7F0265050019 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 16:50:09.0195 0x0400 CmBatt - ok 16:50:09.0430 0x0400 [ F95674904DA29C10A67FCC33C0D9AE19, 2140044BA3100D4613C6CB8D945DA0184F9733DD03924DB433ADBB7897E1C5BD ] CNG C:\WINDOWS\system32\Drivers\cng.sys 16:50:09.0492 0x0400 CNG - ok 16:50:09.0555 0x0400 [ EC086CEEC479CEDAD294D64D819CAABE, 07202C26C0691CE1C83112439FFDD9F4151B3FB16AE63A3B8F35D235C59D005B ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 16:50:09.0602 0x0400 cnghwassist - ok 16:50:09.0633 0x0400 [ F89853991E6A03526E17E4AE5239FD98, E10FBF25FCFA42D7D495B013B327E090517797E654FFAEA0A4D4F212A6A5D5CC ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 16:50:09.0711 0x0400 CompositeBus - ok 16:50:09.0711 0x0400 COMSysApp - ok 16:50:09.0742 0x0400 [ C8A7949EBAC42923D59B2C2630D2AD84, F5828C42AC40B873A09879F80B8C5F51ED36F9633A11A2A34846BBB890A416B9 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 16:50:09.0992 0x0400 condrv - ok 16:50:10.0055 0x0400 [ 1D0EF66A01276C2562A84E4C23C19F61, 791DC91B3348A24728165DC8E571FB02D068AF3E80D77DC32194DE083087BB48 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 16:50:10.0180 0x0400 CryptSvc - ok 16:50:10.0305 0x0400 [ 0B74231D179C53D34158554C65821D3B, 38157084D67FA80AAE526E5ABF1241FA3FA83185068B39C31670F12DD7E4B247 ] CSC C:\WINDOWS\system32\drivers\csc.sys 16:50:10.0461 0x0400 CSC - ok 16:50:10.0836 0x0400 [ 4192B0B338B00B6E36A942287D68CF1E, 7075263FCE163F0AC2D2F6EA4C3F12D324CDC835EC9C677BEB72A4208916E45B ] CscService C:\WINDOWS\System32\cscsvc.dll 16:50:11.0024 0x0400 CscService - ok 16:50:11.0071 0x0400 [ 2ECC9D6E0104409B441EA7095233F323, 82F9340A98DEF7CA4DDDBF27EAF23C9E829F87863C11E81445A776B366A00CA8 ] dam C:\WINDOWS\system32\drivers\dam.sys 16:50:11.0133 0x0400 dam - ok 16:50:11.0196 0x0400 [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:50:11.0289 0x0400 DcomLaunch - ok 16:50:11.0336 0x0400 [ 0557BE4F764B2AA6041C26711D595126, 8256FC71122226D98D50E3581917267BEAF1A7A7AEC5C7339D2531D3A0EB0556 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 16:50:11.0493 0x0400 defragsvc - ok 16:50:11.0618 0x0400 [ CB7581E95D45B89503D6290277B3AEBA, E6645951628600EA62CE52CBF1CC2BFA46AFD429072B8CAB52530D93306CFCC0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 16:50:11.0696 0x0400 DeviceAssociationService - ok 16:50:11.0743 0x0400 [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 16:50:12.0055 0x0400 DeviceInstall - ok 16:50:12.0086 0x0400 [ 55758EBBC45E1628161121D7CFEAD4A1, 566B90D1600B5B0F71B85B7B5F775D3E77C3B8C73CE13A848784A9EC74478C80 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 16:50:12.0368 0x0400 Dfsc - ok 16:50:12.0415 0x0400 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 16:50:12.0493 0x0400 dg_ssudbus - ok 16:50:12.0649 0x0400 [ E28501E3A241DDC5DC65382E55661B1D, 3D7C1D55BF377C38A02CBF46C8B3E5D87B71936E0C14CF57FF626C473E313F32 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 16:50:12.0930 0x0400 Dhcp - ok 16:50:12.0993 0x0400 [ 832BDA661E26792B5512FC641A177F26, 10D4E4D2AE0974A48D6B5E8A294B4B53250B0BC6CA00EBBFE1F6119DD67509F8 ] disk C:\WINDOWS\system32\drivers\disk.sys 16:50:13.0040 0x0400 disk - ok 16:50:13.0133 0x0400 [ 0357F5F7C542249D8EAA4E6FCC69EE91, E23B6657E1126603D195145BED77AA239625057A28378AF535E5A3A7A4D1F36D ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 16:50:13.0258 0x0400 dmvsc - ok 16:50:13.0336 0x0400 [ A47341D3C4D2FB3984BDCAF00AE4A6C7, E612CE37EF1C1F1090A95452349BA47CA9580A3928C7B3E1C5784117018F3E76 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:50:13.0586 0x0400 Dnscache - ok 16:50:13.0665 0x0400 [ EB46660185B04E24A66344699B5A3866, ADBF72CE72982D4C4F7D7DAC4DF0511FED3D7C936B9A1152E91C83ED6ADBEC51 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 16:50:13.0743 0x0400 dot3svc - ok 16:50:13.0946 0x0400 [ F57ECB784590B2C7A974EE22EA16BE5F, 5A252316036C9A0DAAF27008D2C139A225E21736464E32C85709C39FC63DC2B1 ] DPS C:\WINDOWS\system32\dps.dll 16:50:14.0071 0x0400 DPS - ok 16:50:14.0102 0x0400 [ 115B0BCB58F274B46A9C6A5615C4B925, 2F66228A3BC128FDA2356CE5BE7386E91AB9CA155F4E4B45B8BC7D4D02361589 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 16:50:14.0149 0x0400 drmkaud - ok 16:50:14.0290 0x0400 [ 57B0E7924571AFC1F4617749D17C7BFF, 7A1E4E7B5AC1849D020B2DA67B07CAC86CD5D378727AC340376558FDCE1A1C7F ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 16:50:14.0368 0x0400 DsmSvc - ok 16:50:14.0868 0x0400 [ 27FA5460CE08F69FE536399214E0ABBB, 4B68384F6405D16776BA828BF06E59B671A7D5C007CF834179C421D08552662A ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 16:50:15.0149 0x0400 DXGKrnl - ok 16:50:15.0196 0x0400 [ BC17CF644AD174F7558D1DCB7D1D488E, 66DC5F0E4619F95674E553A09DA5558F1545B98F042D3D0298288D071F998B00 ] EapHost C:\WINDOWS\System32\eapsvc.dll 16:50:15.0352 0x0400 EapHost - ok 16:50:15.0477 0x0400 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] EFS C:\WINDOWS\System32\lsass.exe 16:50:15.0524 0x0400 EFS - ok 16:50:15.0634 0x0400 [ AECFDE05D120822452BA8F606841B3FE, DC89D894C9C25E164DD409C31937D6E85824F504D3F834BE8B9DAC61819BC844 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 16:50:15.0680 0x0400 EhStorClass - ok 16:50:15.0727 0x0400 [ BFDF5BA2B770B358CA607109240A739D, 20007ED67456BF90F080B4FC4BBA699CB0F2F10216B63350C0B6F9F4D7C5D1CB ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 16:50:15.0790 0x0400 EhStorTcgDrv - ok 16:50:15.0993 0x0400 [ 6E7FD164E20C50F5A2D49AD0218FF4AE, 0625C6875E703AC0059B5DE55AE6BF725D337C168C499F79D2E772EBAC107EA6 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 16:50:16.0087 0x0400 ErrDev - ok 16:50:16.0165 0x0400 [ BC4E13AFEE0B35D87CE8F49EF5DF5634, EA6E7C135EE660070AD823F3D2BB940124FF7EDA599DAF7B7B86CCC58DC0BE5A ] EventSystem C:\WINDOWS\system32\es.dll 16:50:16.0446 0x0400 EventSystem - ok 16:50:16.0790 0x0400 [ 630E4FAFAE692F2D2D3835A4F37A583C, 282C2051F4BDA060958529E4A1F799DB91CA0855B804FF2F6E19EFF913533FE1 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 16:50:16.0946 0x0400 exfat - ok 16:50:17.0149 0x0400 [ 2B731E0CF73B392B1923078F464D96DB, 741AE561704A0EF464EB6184C3353188AD6150A5B10130DF0E96D31CE821AD0C ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 16:50:17.0227 0x0400 fastfat - ok 16:50:17.0556 0x0400 [ 1FE12BBB957D8D74DDACF51F40B1358F, E8E565E332EADEDB543AE451CD446BE6CDC1079798A9598B868943A434416E84 ] Fax C:\WINDOWS\system32\fxssvc.exe 16:50:17.0821 0x0400 Fax - ok 16:50:18.0009 0x0400 [ F2D60D87B15FF8ABBDA27371EBBEFE0B, EC2B48A3E259449E7C388C31BEF8ECF8B3CA9CB851CBE90E97673CE093CB4863 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 16:50:18.0071 0x0400 fdc - ok 16:50:18.0150 0x0400 [ D6AEDD0E959AC11665BEABA0EC470A2B, 731295F996D1AD143FF788E3041B0D8E21C5F6C3ACDAE6662A1598E86545C84B ] fdPHost C:\WINDOWS\system32\fdPHost.dll 16:50:18.0368 0x0400 fdPHost - ok 16:50:18.0384 0x0400 [ A04078C96EDF2D475B76B23D35967344, BB37D73D2899EF60080B5CBCA6FFB14E82933C717F9316025757EB17A0A64E00 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 16:50:18.0462 0x0400 FDResPub - ok 16:50:18.0493 0x0400 [ 472A9FFB696FD557828DEBD606FBD819, 5F8C8C5E5DF762A5E9CD4D82933F5BD881C6768194125A53FFBF81F8E8E5AC29 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 16:50:18.0540 0x0400 fhsvc - ok 16:50:18.0650 0x0400 [ 878BE2CD1B68000D4BEEE293267B19CB, 136480B18E145E681C756792B57163349D49521A6DDEA78745E896F1EAB24B17 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 16:50:18.0696 0x0400 FileInfo - ok 16:50:18.0862 0x0400 [ 5C427FD4AFAEAC08882A70EDA5013AF8, 74FDB9218D18154D6C541A835A54F17A88C6BE4EFA0A0C94BD642A752A500B0A ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 16:50:18.0980 0x0400 Filetrace - ok 16:50:19.0168 0x0400 [ BB2091E613F6F06F24FF9507E0FAA20B, EFACAE4F4E586120C30C48EA503EC679E37D3BDE9052FE7392D6C81E8AE5010C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 16:50:19.0230 0x0400 flpydisk - ok 16:50:19.0496 0x0400 [ 0E647295EA5573F06DDD42F0FDFF254A, 5051F269A431ED83B8DB70E4945C1CDC4D74481AFA71E30D389B47E1093D306F ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 16:50:19.0621 0x0400 FltMgr - ok 16:50:19.0840 0x0400 [ ED4BA3B6CD98646F392858C8110307FF, 853BD974F62DD580AB7172F99B81EBA4BFFC39C294F927DABF4BF4118F3736EB ] FontCache C:\WINDOWS\system32\FntCache.dll 16:50:20.0152 0x0400 FontCache - ok 16:50:20.0340 0x0400 [ 7B47332931E0B083D09F1E7FBDD3F147, D7812D0109291BCB5268913498E66F817009E8262050F546AD16B5FAC47F8CCA ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 16:50:20.0402 0x0400 FontCache3.0.0.0 - ok 16:50:20.0637 0x0400 [ 73F944AA04157781172CAD535AB6E172, 6C2FB6C0D4A10924A845A1CF18A98206EEAAB8243A0B36AEEC78B047BFFCDDAF ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 16:50:20.0793 0x0400 FsDepends - ok 16:50:20.0902 0x0400 [ 6496F5E84CBC8C6D697939D6518D9B7A, 1E518FC7B478356E997E86FDD06A01A6833407C25F67A85CC91A49EC6F2EAEB1 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:50:21.0012 0x0400 Fs_Rec - ok 16:50:21.0090 0x0400 [ A58318CA9F98AAB207D4C84868490D1D, E57DEF96B69A7ED25EC37DE41BF5F1F3A57A5B2729BC615E9785F0EDF5E75346 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 16:50:21.0574 0x0400 fvevol - ok 16:50:21.0668 0x0400 [ B3CDDF19F6201210B8785FFD642A1632, 35A664BD1C51F9F448CADA2B82276F378BA65188D175C00515EBBD06E91641AC ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 16:50:21.0918 0x0400 FxPPM - ok 16:50:21.0949 0x0400 [ 2DC88A077B783AFD416CDEE7BDE63868, C016325071D88371753C4049749C26C8D58FE8D787533B3289DB1D523E6F076B ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 16:50:22.0027 0x0400 gagp30kx - ok 16:50:22.0246 0x0400 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 16:50:22.0324 0x0400 GEARAspiWDM - ok 16:50:22.0500 0x0400 [ 2156802A56276A97FB6892412A0B899D, F97F253D7EE992A427D2A4F12601893FCEA93975547A7CE5D8C2DF25ABD23A97 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 16:50:22.0773 0x0400 gencounter - ok 16:50:23.0007 0x0400 [ 73EFE8A2747BB87F66B5646AA2262AE4, 368AAFA38F214D474206B914A4258B3679CB0B1C9080D32DFB3BF890BD5611A8 ] GPIO C:\WINDOWS\System32\drivers\iaiogpio.sys 16:50:23.0054 0x0400 GPIO - ok 16:50:23.0257 0x0400 [ FB1DB2A2663D59FEB04F4311861C7022, B9571C1B80ED150DC41E200ED20B8C289E2011548A12ECF4DB55234075B60E02 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 16:50:23.0382 0x0400 GPIOClx0101 - ok 16:50:23.0632 0x0400 [ 5BC3330FF8373962CE005942DDC2AEC5, 22977DD6D32AAB84562CFE4DCADDFFCB2CDF86E3EF667DE9F8960E554C599154 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 16:50:24.0148 0x0400 gpsvc - ok 16:50:24.0320 0x0400 [ 3B5CA8EB6748D234F117AB203491F6F9, C554FC454214599831FB73448A0044ED145CB19B8F3008A78448B25145AEDA6E ] gzflt C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys 16:50:24.0351 0x0400 gzflt - ok 16:50:24.0491 0x0400 [ 449688B15D29787C8A440D6ECA9925B5, 7E1C88106F3F39394843B8B2B5921A8F5B215AC1538F46F151B9F4FAAC7AE1DE ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 16:50:24.0648 0x0400 HdAudAddService - ok 16:50:24.0851 0x0400 [ 7E0EDA9EE53E344D1604EB2A7E8DED47, 9335E54D0D464216AE2C15118B0C2E1D671AD9FD09ED3166B6961280EDF8C8F2 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 16:50:24.0929 0x0400 HDAudBus - ok 16:50:25.0054 0x0400 [ 5C5BF3E47BB6B07FAD8EA4565159659E, E8C52CC743408093B118D3E1E8C0E7E1E7EED7234422341C8B666C03A9FA0CC4 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 16:50:25.0257 0x0400 HidBatt - ok 16:50:25.0304 0x0400 [ 4A59C5DAF29CC28DA966C57DB863655E, 6A164BEB000AF2A8FBCBF8A15C8BF9D999CDCF90EAFDD748D4F7FAA27E67CD12 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 16:50:25.0445 0x0400 HidBth - ok 16:50:25.0476 0x0400 [ 4AC33C5E591F9845E34DA8681E558A58, 4FC04C7EF2736D63CF77756566C5710764671EC54085FC035B4752377CABDDE7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 16:50:25.0538 0x0400 hidi2c - ok 16:50:25.0726 0x0400 [ 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1, 69FD8513F4E0C1E8C78D01D007D90DC33D3C4DEAED05FEECD634A15334202D62 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 16:50:25.0788 0x0400 HidIr - ok 16:50:25.0851 0x0400 [ 06692FEB8EBC5AD53AC6C610BC72F1C6, 4C2754E0F3FBCF147D7D7F9D1F433C85B6AB59922F9DA754B31CB57A90CDC175 ] hidserv C:\WINDOWS\system32\hidserv.dll 16:50:25.0929 0x0400 hidserv - ok 16:50:25.0991 0x0400 [ 71E4AD300E86C0754D6070FB92475CF7, 110AF2389CFC8AB481B6A8706F436BB600D10063669C2A6ABB5A63FB9E3A3495 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 16:50:26.0116 0x0400 HidUsb - ok 16:50:26.0491 0x0400 [ 622B08BD041DE4B0B8F34D4F0F5A018C, 4EA4DB15CE5DD44FF30B5AE0D7EBEDAF3DDE8761D7633FED52CE7D022E0980E6 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 16:50:26.0585 0x0400 hkmsvc - ok 16:50:26.0632 0x0400 [ D331E843F66501F57978F85FE695CEEE, CB2B23E3191DDE105A47D7C7361880DE968D79D55A16B371DA16456F047B7FE2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 16:50:26.0804 0x0400 HomeGroupListener - ok 16:50:26.0882 0x0400 [ 4FC945E08AF63491AFCC902C99046735, 3F62C132B8C8A35C09D1ED7C602658EC901ED6284550B0A8E9E6FE0AACB7A511 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 16:50:27.0197 0x0400 HomeGroupProvider - ok 16:50:27.0353 0x0400 [ BA073FD7F6C94FF18F97DF8F0297ED62, 132611011C0AEB1E529453A4FA983587D7F1CE286C04AC0B952F4D964B72BEC1 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 16:50:27.0415 0x0400 HpSAMD - ok 16:50:27.0743 0x0400 [ 4196BBF0725EF4E4F220D5E1539EF553, EE78E340C8DE4256567A5D0589CE5B3C182EE80A7D6F663CB971651391BA3F92 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 16:50:27.0837 0x0400 HTTP - ok 16:50:27.0900 0x0400 [ FAEB94F3ACCDFDA16E5FA585369FDEC4, 12A41592EEC9CEB5C8C10AAF2C09E7262E2AC28B615D181F9BCCA0DEC12648F3 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 16:50:27.0962 0x0400 hwpolicy - ok 16:50:28.0040 0x0400 [ 2DDC60AD29D845A745C9ECAAE35FC477, 1A4670D10744B36FFCDC5068C824315200F9D9BD24E5F2A111B2019C13CD59BE ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 16:50:28.0134 0x0400 hyperkbd - ok 16:50:28.0181 0x0400 [ D360FFBA289307976BE1BBE7BE792F58, 6A787C493D226D6AB5A933B3EAF9D6EE4B18BDB2D07D1CAE59CE1EFA729B1B2D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 16:50:28.0244 0x0400 HyperVideo - ok 16:50:28.0322 0x0400 [ 5043E69532392A43549E5D41E22638AA, DC5186117FC60036A70CD6065810F090BD3EFFA24B59C760ECB6B7FB9C43F174 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 16:50:29.0916 0x0400 i8042prt - ok 16:50:29.0978 0x0400 [ 646D3B416BC970C3CD2F53844FD156A5, 045CBA642382B33DB1E222302B14DD46838895A73CE50426FD180B4CA918253A ] iaioi2c C:\WINDOWS\System32\drivers\iaioi2c.sys 16:50:30.0025 0x0400 iaioi2c - ok 16:50:30.0244 0x0400 [ 387637FC01BA30E95A2330DA3FFD0919, 836A100F766044B431D2263A57CB3BB3B43AA0C3E58220F31A2EF89E1BB8CB55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 16:50:30.0322 0x0400 iaStorAV - ok 16:50:30.0447 0x0400 [ D2E7F3611BB8F1C2661B8F7858D33A35, EFA7B2E8433AB6DE739EB12792154B64DF29B61C8BB2F467C95C393A40D84E1A ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 16:50:30.0494 0x0400 iaStorV - ok 16:50:30.0494 0x0400 IEEtwCollectorService - ok 16:50:32.0603 0x0400 [ D771E3D5E0ECE091FF9244BDF1303D6F, 4404A7857AD53234EEB19E7B3516226ADF342BF722C8D81B232D2C909F85DAC5 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd32.sys 16:50:33.0697 0x0400 igfx - ok 16:50:33.0989 0x0400 [ 36A36F1059D559F9D64660F6845FDD63, 529FD025F28F2C56041FDD77A5DEC6382B1F798B0EE92C46A7AB14CE04C51428 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 16:50:34.0052 0x0400 IKEEXT - ok 16:50:34.0958 0x0400 [ 8434A1BFF7BE3A29EA24FFA2FB2BB37B, E26991D8534A3BA3479D08E948949A8BDD017474B7F706B260F2DBF06F9B6EB6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHDA.sys 16:50:35.0427 0x0400 IntcAzAudAddService - ok 16:50:35.0567 0x0400 [ B0F92A795C7E48E2C5F908265C655458, 6F6606C3F36FD3E603CF9FCFDD1213A108E4B1CF9936E4FE851E6FD5FEA5FEEC ] intelide C:\WINDOWS\system32\drivers\intelide.sys 16:50:35.0755 0x0400 intelide - ok 16:50:35.0802 0x0400 [ 95BD617B467F746553AD1FC523F5D2B6, 2A9686DC5A0FED8B42C0D589B0D73E34965F2E3D8090CA0B19A4F65F81C1511A ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 16:50:35.0895 0x0400 intelpep - ok 16:50:36.0052 0x0400 [ 6DD61D8AFB56C9F853210C49FD4D8C16, DFE299AB383A81BDE531B93645F59076BC2D7E37038DA20649CA08230C043C55 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 16:50:36.0130 0x0400 intelppm - ok 16:50:36.0208 0x0400 [ 23B5C10891B64FB4261F9FCADF24FE28, DCE73864B0BE98DE96C0EC6C88BA62E1BC2878837D6442BCC2220A956E350D0E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:50:36.0302 0x0400 IpFilterDriver - ok 16:50:36.0536 0x0400 [ A61DD1F02DE668A6713822942B876D4C, 22B06518C2CF16D605550C3327BA2FD4AD09410082D4C23ED54AEF307D4AB20D ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 16:50:36.0864 0x0400 iphlpsvc - ok 16:50:36.0895 0x0400 [ 3DC0D272D298B3AC09794E89FFB78BCD, 3D1096655EDCD4B428EF291EF26B9F2F382DA5D812374AC5423EAEFA6984D801 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 16:50:37.0114 0x0400 IPMIDRV - ok 16:50:37.0177 0x0400 [ FA6C94C754A566EA8A61D658932F32DE, AEA11A21F850228B23714CBF981C0D038FF5CC22566594E6995BA0994343A256 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 16:50:37.0552 0x0400 IPNAT - ok 16:50:37.0755 0x0400 [ 33813E4F82AEC696762EAD9EDADC9FE3, D0045D6782523B7B6FCFE4A6C864F081B522E409D9E5F031A7B8584910CEE3F5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 16:50:37.0833 0x0400 iPod Service - ok 16:50:37.0989 0x0400 [ ADF675CF9EB57229E9D13BC2F5D4719D, 1CAE1C71951795D1E650C81D5271EF9DF3482E531AAF0E6E08BE9789DE8C1E5B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 16:50:38.0411 0x0400 IRENUM - ok 16:50:38.0630 0x0400 [ 2A0D17D431F13E87ADCB28DEEC84F252, 87C82734B58896BB71EE0707B70C4618D0E4895BE1409E9B55668F11E1715F30 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 16:50:38.0677 0x0400 isapnp - ok 16:50:38.0833 0x0400 [ 74F452379260EA77CC59905AEDBD5AE7, BCD59690F69FCADC95C7499960F723D584E6E701CB722BA53BE738402BB080E9 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 16:50:38.0911 0x0400 iScsiPrt - ok 16:50:38.0942 0x0400 [ 4504C8B75A6B2E5BE800DE03B26891D3, 4DC5DA3A2CBBB43B0E9CACE094D7EADE458347D134012F9693CAC2014EFE4145 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 16:50:38.0990 0x0400 kbdclass - ok 16:50:39.0052 0x0400 [ 8BAF1904393EACA7178A5EF962256D3F, 7CC026151E96D239C68758A016C206278ED262594C87EB7BFCD73A73631DBBC8 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 16:50:39.0099 0x0400 kbdhid - ok 16:50:39.0130 0x0400 [ 3FF50BD6E481C6690A16D0542A2D818F, C7A87459C770380DFC5CF275382B8AC9F81C65A58131A4FDB7D2C251481BA963 ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys 16:50:39.0177 0x0400 kbldfltr - ok 16:50:39.0224 0x0400 [ 7F896C99637CB0E48262F307FC0F3557, 51B1A2038443F581EAE8057FF487398CBAA4753E7AA854B191E47502F9D7D69B ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 16:50:39.0411 0x0400 kdnic - ok 16:50:39.0427 0x0400 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] KeyIso C:\WINDOWS\system32\lsass.exe 16:50:39.0458 0x0400 KeyIso - ok 16:50:39.0630 0x0400 [ 21719E6D6B4EDEB062F0A9D8F7720FEF, 6BEF2890270D4127EAEA6C627B663495A7576A781EDB4E4623E9C68D2DE3EE22 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 16:50:39.0693 0x0400 KSecDD - ok 16:50:39.0786 0x0400 [ C4A3E653299B5F276DBDEB12C3756553, 484B9D6A75C7E5BC0EB7E13936D4F4B1D72636B7581E4B0DA39C028B0879DC7E ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 16:50:39.0833 0x0400 KSecPkg - ok 16:50:40.0286 0x0400 [ EC89E8C1334D257C27197A52099FA960, 5243DD460A78CBCCF6296C13944ADC0F7FA7BD152BCE9633EB8CA911B055C3F0 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 16:50:40.0599 0x0400 KtmRm - ok 16:50:40.0724 0x0400 [ 154876704DC6FB548E441403CFC0FC31, 7F30BB9C4A40759F6CF7905BF84073D3147A97C457862614E3B7396761A39EC2 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 16:50:41.0005 0x0400 LanmanServer - ok 16:50:41.0052 0x0400 [ B230EE02279BBD757637B3CAE1CF660B, D74B85548818E0C9DAE10076AB00198AAD3838BB3A8C0212762716E5EBC3A3C8 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 16:50:41.0177 0x0400 LanmanWorkstation - ok 16:50:41.0287 0x0400 [ D2107714729C6E2B57729AA1167B498D, 7F949ACE8F73DAEA1386A5C24F996C0A2E026AF87330C4CB4D4F749A6929E3D1 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe 16:50:41.0334 0x0400 LavasoftAdAwareService11 - ok 16:50:41.0537 0x0400 [ A54EB398BC2D792A0C603A97F7975FD8, 5216624129595ADBA24AA07F68350045D4D59B5F8A6FE5FD78FA3BD72646B83B ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 16:50:41.0755 0x0400 lfsvc - ok 16:50:41.0802 0x0400 [ 369ED2626209D245BA1CEBB626F9A376, C28A0B4998DF1027AB3C234742AD51E140889CC065CF2F073665297B61A31F6F ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 16:50:41.0896 0x0400 lltdio - ok 16:50:42.0085 0x0400 [ E7857CCA67A54E265533EF68C7B90A0C, 3CC312DAFD7C539467D5833002D448D62C8B3A2F2894523CBA18C49D2129F609 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 16:50:42.0210 0x0400 lltdsvc - ok 16:50:42.0382 0x0400 [ A44270027BA1C8983CCC414183AD5726, 26F0881DF03F7C521A7CA9FE91432B40313B1ED5A9F2779F4CAA3CF6625219B7 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 16:50:42.0710 0x0400 lmhosts - ok 16:50:42.0867 0x0400 [ 876BA8550E9F1F4EF8A7D056E66678F6, 55937F75D1332923FD348B9931BC28E379DEBC13841E0EE4D1330D3D4E7707DF ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 16:50:42.0960 0x0400 LSI_SAS - ok 16:50:43.0132 0x0400 [ 6FB4E344E66F7243D23F0F52A9610790, 7AAEE5EB222539AD767B0B01FD1F821EE35263699BC4D123E95906C4AE62D3F6 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 16:50:43.0351 0x0400 LSI_SAS2 - ok 16:50:43.0398 0x0400 [ 2E61D97CA19BBECCCF7CDE9C0C7392B5, 237A5739DE9A643CBEE7432522E43DAAB289EAA322FB2E67A66E24D2A0E859E1 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 16:50:43.0460 0x0400 LSI_SAS3 - ok 16:50:43.0570 0x0400 [ 3986C8FAA6E397725024E7189BAC69CE, FD934C8D5E51153D9E69764B628E1A983D96CF223115B4E549FA67BA819A27E8 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 16:50:43.0804 0x0400 LSI_SSS - ok 16:50:44.0179 0x0400 [ 1D5999E703FAA551DFF0E4E7F6AA2150, D73332190244FE2943CE93C298EDBB09290AFDD1B12F286F94E4B67323F1A1F9 ] LSM C:\WINDOWS\System32\lsm.dll 16:50:44.0523 0x0400 LSM - ok 16:50:44.0586 0x0400 [ A1E31C77F407F629F430A070B8747A44, 80E50D95CBDB85DBA2462BF133140AFEAB2D047F70168E87CE95E8D90A83C99E ] luafv C:\WINDOWS\system32\drivers\luafv.sys 16:50:44.0679 0x0400 luafv - ok 16:50:44.0773 0x0400 [ EE038F0B57FD34B872AE2ADD7679C1E2, FC6C352A4EFE659961513B131B68871AFFAD8174672C3D5BF955D83BA1F9CEA0 ] megasas C:\WINDOWS\system32\drivers\megasas.sys 16:50:44.0867 0x0400 megasas - ok 16:50:44.0929 0x0400 [ 2E3BE5DA8078B170DA14CE3181C5D3AC, F4E8251C554A47682F00FCE7A0F3B0D0FD0F3D74970BA501F63860A7C824407E ] megasr C:\WINDOWS\system32\drivers\megasr.sys 16:50:45.0039 0x0400 megasr - ok 16:50:45.0148 0x0400 [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] MMCSS C:\WINDOWS\system32\mmcss.dll 16:50:45.0507 0x0400 MMCSS - ok 16:50:45.0539 0x0400 [ FFE175CCDA4BC0278E88149F183B6C5E, B84F9E1E20B0C0BF64BC8DABC238776A307286ECC5AEFEDD74F6C187F5FD0671 ] Modem C:\WINDOWS\system32\drivers\modem.sys 16:50:45.0804 0x0400 Modem - ok 16:50:45.0820 0x0400 [ 523C526BBB796FC2087C0C8AC2B669BD, 79FAC4B32BD35E140B7FAFC5A58FA039B1FB16EF68A4DCEB25B2B153B1B0FE0D ] monitor C:\WINDOWS\System32\drivers\monitor.sys 16:50:45.0929 0x0400 monitor - ok 16:50:45.0992 0x0400 [ 1B621475FA22B947B60EE004A8EE11F5, EC4BBD6C586686BD3E05F861FF7D9E82E7C787DDBC9BC3CDEEE613BFCAFC34D3 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 16:50:46.0054 0x0400 mouclass - ok 16:50:46.0242 0x0400 [ 64DAA33D69C4442AD4CC52D478895355, 686CD366539D41331ACC41A66B165EF7B659CD8FC0048596E6F38D1FBF3120C8 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 16:50:46.0304 0x0400 mouhid - ok 16:50:46.0351 0x0400 [ 8CF63AB55709A9E415190219C226A855, E061AE50F74F46D9D58E406254515B104B32D7B7DE64C1045E9901942A953FCF ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 16:50:46.0414 0x0400 mountmgr - ok 16:50:46.0539 0x0400 [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 16:50:46.0617 0x0400 MozillaMaintenance - ok 16:50:46.0711 0x0400 [ 4B300E2D06B03410064CF443E1CE6B25, 9B75E288392DBB24C84C573823AB0C94F2CFA6AA8AF3F6D8E3ED93DA57F5ABB8 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 16:50:47.0007 0x0400 mpsdrv - ok 16:50:47.0379 0x0400 [ C67F755D89AE52C7F2249ACE98416265, EA115A4165E3657452CDF69E0C5704BB685A8E0FD451F37EA1FC3D5A8BCE5A9E ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 16:50:47.0504 0x0400 MpsSvc - ok 16:50:47.0738 0x0400 [ 53E370C8ED69C68DFD26BAE4588095F3, C72A759D0C31CF2E6C153D8D008DE03575C5D6A74067C381E580B09850890EBB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 16:50:48.0176 0x0400 MRxDAV - ok 16:50:48.0332 0x0400 [ E11D4B798CF0FF9F739CD9BDC552FF08, 0612806A35E5C054622DA20F5BEB2D4555B889391BDCF66A94D5A7B6C6ADFC3D ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:50:49.0332 0x0400 mrxsmb - ok 16:50:49.0707 0x0400 [ F37F40422662235AB5768C303E829602, B1350AE9827FCF48FDC7BCA83CE5A7E1C54550449F6F56AC39E1E1ECB9EA56DD ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 16:50:51.0202 0x0400 mrxsmb10 - ok 16:50:51.0733 0x0400 [ F35CF1EC831812B3C6B05587734DE8A3, 323B387E9A80CB36B14E390526560538847A8445657A88564E56014DADB0887A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 16:50:53.0077 0x0400 mrxsmb20 - ok 16:50:53.0577 0x0400 [ 1188DC48CB36F31A3624BB9504F77AEE, CE01C4C1DF0F49E89D1C648C7B6D1116833DE31740F5D8BE088B3EA3EA163DC2 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 16:50:54.0062 0x0400 MsBridge - ok 16:50:54.0233 0x0400 [ 18919845004A5A05D69CF5EAE19D0E68, 809FC3AF3CCA004712CE3B841E08BD0D47E2A1C0B938AD68337B642D5D43B0C3 ] MSDTC C:\WINDOWS\System32\msdtc.exe 16:50:54.0468 0x0400 MSDTC - ok 16:50:54.0546 0x0400 [ D99C98D630C34A448A93DE552DC7DD68, B3A216B119737476182B3CD080B3466506D673ED2889C9F8C36F0E92A4657029 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:50:54.0657 0x0400 Msfs - ok 16:50:54.0853 0x0400 [ 22FFBD5F9BCE2E970C617B95103079DC, BD431517B572EC80127881124C697434B31F016BF897382F6D2C5D0FF904C1C6 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 16:50:54.0931 0x0400 msgpiowin32 - ok 16:50:55.0087 0x0400 [ 30DA16E72C4CB4D5F06D35D0DFA16E2C, F8C4073C3AA001FD22087BEBD0CEBDFA8F0BD1965B8F3346BBAEC0E3208F927B ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 16:50:55.0150 0x0400 mshidkmdf - ok 16:50:55.0165 0x0400 [ 26B1961255650B59107FC4990B2CEF34, 273E5E0DD5708BE9E188934CF1A19E63946179280F9AC149376053AD863A8239 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 16:50:55.0212 0x0400 mshidumdf - ok 16:50:55.0290 0x0400 [ BF7ABD4461576528028FB86633A7EA24, 3AF39AEA9FEAAE7D79A3691714AD700288411DC594F38A07756F149D6D7463BE ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 16:50:55.0322 0x0400 msisadrv - ok 16:50:55.0572 0x0400 [ A876A975BAF66A8D209240F43AC07A07, 11B26C8004B8F191F9AF7A25C90500DAE344392561DDA9C5516FC0EAB6DDEE26 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 16:50:55.0782 0x0400 MSiSCSI - ok 16:50:55.0787 0x0400 msiserver - ok 16:50:55.0943 0x0400 [ 02238D563EDB7DFE17BF8AE12D9F3D30, 77BB0671B7B9150E15F7744B8F3D83375948694C1612198CB24D93842FE1A32B ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll 16:50:56.0099 0x0400 MsKeyboardFilter - ok 16:50:56.0381 0x0400 [ 0B2A5AB2591D7F6E8E64A0516325F2AD, 083775925CA8B4677029B5FDF4F60F08E325CF05486FAE63D311B40C7EF3786F ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:50:56.0584 0x0400 MSKSSRV - ok 16:50:56.0599 0x0400 [ 2B1E1DA9C5FA25DB8DAC2F34BCF10196, AE346D5711E4EA9C6365D55411E907683147064B34192B88EEAA9E871DECE2B0 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 16:50:56.0693 0x0400 MsLldp - ok 16:50:56.0724 0x0400 [ 86729EC40EB28DBBAB6A672B138B4DC5, 13F097572A8BE21EC9FA44C950F143BF0AFEEF09131DCD115B951AB5EF13BA13 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:50:56.0787 0x0400 MSPCLOCK - ok 16:50:56.0865 0x0400 [ 4E5FB5BD76165A81EE181A82EB665C8A, 16C50027D92F059C07CCB28FDE339C3E35DE9BF1752B0F16577845C38B77B776 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 16:50:56.0943 0x0400 MSPQM - ok 16:50:56.0974 0x0400 [ C90BB8C3DC3F50FBA1A668B844C84315, 4ABA28B0047B2038E881583DB0F1A6A78FAB8ACF3759ECCB7A835D7F8944CC83 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 16:50:57.0053 0x0400 MsRPC - ok 16:50:57.0084 0x0400 [ CF61A813430B7F12452BCED287135676, D5400E8C47D6441830EA48E153BDB2CC70672176B69E90D89EC3DD6D17BCFAFA ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 16:50:57.0116 0x0400 mssmbios - ok 16:50:57.0225 0x0400 [ C323F63D61AD8CEC79B3CF4B8463B208, FE1E91267B1050EDF05E89B33AFBEE2F6A5912251024A2130D756DE53C93BD81 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 16:50:57.0272 0x0400 MSTEE - ok 16:50:57.0303 0x0400 [ 06442D8CA4425EFF66F47D8F82493450, 82D3698938B2CA169C0564F90941423FC4F87261CCD1A214517DA95605671A32 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 16:50:57.0350 0x0400 MTConfig - ok 16:50:57.0366 0x0400 [ 6CD6189DFA649EEBFCBE81CB30030355, 7F50DD0ACDFC2AFFF1FA8BA5065B7B232C491D7AE7E67AE833BB02105AB7AF77 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 16:50:57.0413 0x0400 Mup - ok 16:50:57.0647 0x0400 [ 8122A46E9A5EBD2E001FF5FB34A12A47, 8CC747B11E77AB0F15A7F08D48160FB66AD26C81021D25A10335ECE967A847F4 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 16:50:57.0709 0x0400 mvumis - ok 16:50:57.0819 0x0400 [ E5B61DB218E01A850C7A92616E97F5EB, 26EA66D8EB058EB9CE8D2913D5A1397D26653E26AB0261119B802D8DFC11AE87 ] napagent C:\WINDOWS\system32\qagentRT.dll 16:50:58.0241 0x0400 napagent - ok 16:50:58.0366 0x0400 [ 11CC93A3FBCD7339EE316B3E7A870D77, E946781352C3F56BD9B086B11A439139554253060CAAF0E40488E149394F95F4 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 16:50:58.0491 0x0400 NativeWifiP - ok 16:50:58.0632 0x0400 [ 54C905054922B43A91521D075E34024B, 4B2DF68DF11B26D2A224930CE2B8FAF40B19D960BCFDF5D523B52A82125B487A ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 16:50:58.0694 0x0400 NcaSvc - ok 16:50:58.0757 0x0400 [ F81A77CF6B0C9513AC20A24DD2997E26, 756818D6DEB6B7D036C2BF6B442EC8C435F9FB3E384E109FCCD9740F7651B3AB ] NcbService C:\WINDOWS\System32\ncbservice.dll 16:50:58.0866 0x0400 NcbService - ok 16:50:58.0882 0x0400 [ 10A61CCF540D1E2260D3AE76377810F5, DFF0F1EAF03518220500C70BCC52286CA599EA2E00D3AB97D88D9BF15F1E26AD ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 16:50:59.0053 0x0400 NcdAutoSetup - ok 16:50:59.0382 0x0400 [ F0FB15EEEA93526ACE6D7CF042FC3144, 6BED6893097A1D85D3FFF7F08EFBA45077F34C6CAE2ABAF9EBCAB2C9F96E75CA ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 16:50:59.0491 0x0400 NDIS - ok 16:50:59.0632 0x0400 [ 9FA562E35A0263FBD01D44559224D46B, 9C8CBDDFA09EA86B025BD7F04F63C5517296FF7EDAC9E87C096766054C448F1E ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 16:50:59.0710 0x0400 NdisCap - ok 16:50:59.0757 0x0400 [ 873FCE0E787BC74059941D597BE630E0, CDAA103A896219C75B502A67A25F2ABBB0BF5DF18D11CBF686A387D16EFBBB99 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 16:50:59.0819 0x0400 NdisImPlatform - ok 16:50:59.0991 0x0400 [ BD856EB36898EFA1B11346996ECA764C, 52CF7CC4DEB3CC0F3B09E8A4D83E20538765C44DD04FE0746BD17B09C67AC78C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:51:00.0147 0x0400 NdisTapi - ok 16:51:00.0179 0x0400 [ 1D34650E97E74DF51BD86E0A102DB241, B4B6A2C073348C3829E5CD0565A0B44CA6A0AD05E3744767FA8D89134ED8002E ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:51:00.0241 0x0400 Ndisuio - ok 16:51:00.0272 0x0400 [ 53D21FFC20728406A20BCCF145DC2AD4, 116B06A3827C6EB584C8DC13FE2554EFC1CE5A96BA298C4C7766B700E56C282F ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 16:51:00.0335 0x0400 NdisVirtualBus - ok 16:51:00.0366 0x0400 [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:51:00.0460 0x0400 NdisWan - ok 16:51:00.0476 0x0400 [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:51:00.0507 0x0400 NdisWanLegacy - ok 16:51:00.0554 0x0400 [ 9F76B41778F62A7E582ADA902E8D149E, 140A62ACA0B198A23A4236AE28CD4E32D5378F4D21CBE55FD05684EEE91C1B4E ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 16:51:00.0757 0x0400 NDProxy - ok 16:51:00.0772 0x0400 [ C6003C8BB723B4D7FCDFB4C419D676A1, 9D2639A104D962C899CC9EBB40BF8AA6FB9E440AD5DB6861C9723BDB4B9361FE ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 16:51:00.0851 0x0400 Ndu - ok 16:51:00.0882 0x0400 [ F0F2377D72E48EBCA9B9BE5F3DE3F355, 89C05AB573C0F97FD3F0C43024212A0A55BFA3698598DABFD33FC481D5D58E3C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 16:51:00.0929 0x0400 NetBIOS - ok 16:51:01.0038 0x0400 [ BC242922B0D08F61CF7C87FD08FAFA8B, D9E96D9C01FD9FFF80C60E76950B31E5D010EDE1A6CF0E4B5A85BD5E7A5DB715 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:51:01.0148 0x0400 NetBT - ok 16:51:01.0163 0x0400 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] Netlogon C:\WINDOWS\system32\lsass.exe 16:51:01.0194 0x0400 Netlogon - ok 16:51:01.0335 0x0400 [ B587D8BBD8FB55FEA7C6CCE86D98DDA7, AC0EFCECF14B680A260D32BA13AA29E94663171E6EE2B9E1F3BD6BFD7997FE3D ] Netman C:\WINDOWS\System32\netman.dll 16:51:01.0398 0x0400 Netman - ok 16:51:01.0538 0x0400 [ 9C005769C00F380DBEB33C0164BBB7F8, C67498DBB6EB1B71CCA11E29D5CFDE77748201A3B3AB68770E43B82F221FCEC6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 16:51:01.0648 0x0400 netprofm - ok 16:51:02.0038 0x0400 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 16:51:02.0351 0x0400 NetTcpPortSharing - ok 16:51:02.0491 0x0400 [ 6A90783186DA0F93D21C805F6FAFD9CE, EABCD828F1BB745E80AA6B8FDCD32BD644F63FDD724809D8B94CBB90EE16F48E ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys 16:51:02.0585 0x0400 netvsc - ok 16:51:02.0835 0x0400 [ 6DF13740F8E98AD840B13D056CA86511, 08C2491C82E1733C4317E565298BD8C19508F415A9B544044D57CC1C3E596590 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 16:51:03.0054 0x0400 NlaSvc - ok 16:51:03.0116 0x0400 [ D8F75DC28A480E1BA288F217CC7144D2, 36838F9BC402DF26B19919EC6A616BC35A336F9E8B47868F01C71C64F290FAC7 ] nm3 C:\WINDOWS\system32\DRIVERS\nm3.sys 16:51:03.0179 0x0400 nm3 - ok 16:51:03.0195 0x0400 [ 6CB2336E1C247A8164ADFF8A0D2FBCA4, 2EEE5E0754E01615D56EA9FC3A76195B3A9B7E32536F67C9394B452FC64697CD ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:51:03.0273 0x0400 Npfs - ok 16:51:03.0304 0x0400 [ 1B134DECC25E59D0C8AD95B64D475297, 7656D18FF1BBC83900109039F78DBC156A8E651638DBE3C6A6189408A0DF4511 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 16:51:03.0710 0x0400 npsvctrig - ok 16:51:03.0726 0x0400 [ 4763A0EC9B205B32E1194024E50F0C32, 10DCC2099B971661045F9D9224316E7D72D96E0DB642DC65FA8FA546CEE98FC8 ] nsi C:\WINDOWS\system32\nsisvc.dll 16:51:03.0788 0x0400 nsi - ok 16:51:03.0820 0x0400 [ 3D383D0C64FFC3D3DDE2ED4EF828CFAB, 3F24F3E1874C5B1A1426C85D531580A30073CFCFA180DAFAD655BC6BC58428A5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 16:51:03.0882 0x0400 nsiproxy - ok 16:51:04.0476 0x0400 [ CE53EAE5F11E8546058AF20C39E5F259, 61BA526CF8E0C998384BD3A69C62E7D85838D26344B59D06BE6A0AFDB7532801 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 16:51:04.0945 0x0400 Ntfs - ok 16:51:05.0086 0x0400 [ C68CBBB69A8C611EFA668FA36DE542D9, 2026BA1505619F62DBD06B293DD061A53B824FFD962D18B89297353F48D88017 ] Null C:\WINDOWS\system32\drivers\Null.sys 16:51:05.0148 0x0400 Null - ok 16:51:05.0336 0x0400 [ CE9BC6B9B2D5A9782B20B8EF1D48FC6E, D91145F57A4E2A6F03523C215B211BB5B431D29D3B8E0D15685967A01EC33D95 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 16:51:05.0383 0x0400 nvraid - ok 16:51:05.0633 0x0400 [ 8BC42FC48C9DB301025D7A5C6B20ECD9, 97A79CB628F1F806E7874CEAA3B9232DC56C2171AD1A50C07FE8246E3799C013 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 16:51:05.0695 0x0400 nvstor - ok 16:51:05.0852 0x0400 [ 5FC39F8B065128F2A59F92EE9AE3F286, 0BDA69197BAD4151DF895E3869E310D1E1C513332C0BADDF99D4C40E02232F46 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 16:51:05.0914 0x0400 nv_agp - ok 16:51:06.0445 0x0400 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:51:06.0539 0x0400 ose - ok 16:51:06.0852 0x0400 [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 16:51:07.0242 0x0400 p2pimsvc - ok 16:51:07.0336 0x0400 [ 2F3FD70DBD4CA80C20E0354E1B71FCF2, 66B31A2FC594C9B61806A550E5D28AD9EEAE220D6FBB684A64AAEF9468BBE403 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 16:51:07.0524 0x0400 p2psvc - ok 16:51:07.0664 0x0400 [ 4F30970F15ADCC382544B31D5D7E368E, F8A66D12796887A60015466A6EC1932EE9F63C5C7F83E1F0E65D338D23F89602 ] Parport C:\WINDOWS\System32\drivers\parport.sys 16:51:07.0789 0x0400 Parport - ok 16:51:07.0820 0x0400 [ C503DA12698E7F775F8252F7A6FEA47F, F85664D23549B6485A6CDEFDC9362A13A688EBB8998F7A1A4AEE6E95C0EB3229 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 16:51:07.0867 0x0400 partmgr - ok 16:51:08.0024 0x0400 [ 60450D9CA16603770DFCA15E68D8EAD3, 37DAC10DC550D0A1A2F44A95E9C4E0EDE69E29F6162C4C17BD356E6FAF10D9F6 ] Parvdm C:\WINDOWS\System32\drivers\parvdm.sys 16:51:08.0070 0x0400 Parvdm - ok 16:51:08.0336 0x0400 [ 81F10577DBE53F1F6990280D1926DAC9, 9FC674CADAC6DCD40F8AD9891199B8ADF7873667377BA12F67EB9EF2156A5561 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 16:51:08.0617 0x0400 PcaSvc - ok 16:51:08.0680 0x0400 [ 0A2BBE5E87374A32E4B1A5EEE582AE6C, 8A2689E73ECAE8A135207EF0EA305A7996D45D4D0DBE8A13D5F6405B0440675E ] pci C:\WINDOWS\system32\drivers\pci.sys 16:51:08.0742 0x0400 pci - ok 16:51:08.0946 0x0400 [ 05C7426981598F0E45824BC912D5177B, 46559C2A0EF523E89AAAB0670700263A2D5580D8A35BBA5404BB4E2BFBA29B4F ] pciide C:\WINDOWS\system32\drivers\pciide.sys 16:51:08.0992 0x0400 pciide - ok 16:51:09.0086 0x0400 [ F404AA7E499C83117C7442C2C2801C03, 4E30D0B41550FECECD7957822398E0E1897B5DB12A6799B7E1119CC7626E6959 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 16:51:09.0180 0x0400 pcmcia - ok 16:51:09.0211 0x0400 [ E0F759702BBA5095CB0AE570333B194B, BC8882F24038A83487C88569EFDD1407A55FA45778E4AF630167F4B2EB927DB5 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 16:51:09.0258 0x0400 pcw - ok 16:51:09.0305 0x0400 [ C4F65F945BB7B014DDB28B1254F6787D, ECD91D95AEC71AB564F7131841497BA37874973313A7361BCBABF183AEBCF2A5 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 16:51:09.0352 0x0400 pdc - ok 16:51:09.0555 0x0400 [ 1A9DFE5854BD66E28178431E9C96E77D, 8731CAB4C426FC641864A868AADC33EAED00E08A2E2F9B9F31484EE3852C1D6D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 16:51:09.0695 0x0400 PEAUTH - ok 16:51:10.0336 0x0400 [ DCB79C8D79D46BF6E9B46ED7CE388D93, 52BFECDA9CB1043FB3E7E6565E3B675340D7B4F70EE2F40593947334C74581FC ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 16:51:11.0602 0x0400 PeerDistSvc - ok 16:51:11.0805 0x0400 [ 685A51594574DA70A4305C7ADE6F9649, FA3C9F383DC4A89473F7EA09C3FE71C13739291883D1EF5C9746808F903503FE ] pla C:\WINDOWS\system32\pla.dll 16:51:11.0993 0x0400 pla - ok 16:51:12.0118 0x0400 [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 16:51:12.0165 0x0400 PlugPlay - ok 16:51:12.0227 0x0400 [ 7A232CD15E6DF06044C8782FC6532B58, C46D1C5ACE232592380E87E0D5D5735082A4E977AD92A06EF927BA553713D3C0 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 16:51:12.0321 0x0400 PNRPAutoReg - ok 16:51:12.0415 0x0400 [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 16:51:12.0462 0x0400 PNRPsvc - ok 16:51:12.0587 0x0400 [ CABCC1083EC2BD8503385080F02C1901, 6A602FD80D10EC1E68ECA1194B1A46E0CC073ACBFA8CF8C0D4BD6D539930A702 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 16:51:12.0680 0x0400 PolicyAgent - ok 16:51:12.0758 0x0400 [ A35DF6D1C00783CEFA0ADC975B09BE7E, 1C137583E2669081FDA43186DFB7896BCAB3AC92B7185EE717FD5FBE28173671 ] Power C:\WINDOWS\system32\umpo.dll 16:51:13.0237 0x0400 Power - ok 16:51:13.0549 0x0400 [ AB94C4DC37785915FF3F18DB9C55638F, CFA13FB68F803EB4315DE334D3664E613163AC1827B361C201D98F497B0C6922 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 16:51:13.0627 0x0400 PptpMiniport - ok 16:51:14.0096 0x0400 [ 7B90821B8384201C706A19ABE901B72D, A5D9F3B398FCC3067817834EFDB529606393C3502CAAF1BD231BF11426EE92B6 ] PrintNotify C:\WINDOWS\system32\spool\drivers\W32X86\3\PrintConfig.dll 16:51:14.0518 0x0400 PrintNotify - ok 16:51:14.0580 0x0400 [ 0BE3706EE01AA76D1583E82AE2E680D6, 05B86010B88BA13ADE4A9A3ECDEC376D833C7FB6BAC61ACD9E3B406CF007E46E ] Processor C:\WINDOWS\System32\drivers\processr.sys 16:51:14.0627 0x0400 Processor - ok 16:51:14.0690 0x0400 [ 77DA1E59A8970D2B63A662983B5FE257, C3531B79ED57EC7CB428DFCB62C053E7B993BD8E46E805D2CB4C2CE7A67CB0A4 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 16:51:14.0737 0x0400 ProfSvc - ok 16:51:14.0799 0x0400 [ 9F6173E6F8E4034C008FCE29BFD4FBB2, E91251433567035F0EDA5971A8D154E9FC911222365C3BAD16DC10A5CDC38860 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 16:51:14.0846 0x0400 Psched - ok 16:51:14.0987 0x0400 [ 053A608BCFEB5A4D0CECDDA703B08C83, 58DA926B0F885A31CACA55E2D9F9CA014B19A7C5374B861CE3E4A11C55F4EB5C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 16:51:15.0034 0x0400 PxHelp20 - ok 16:51:15.0175 0x0400 [ BC63CB1761AEC25186C4E707C4A23ED4, D12F55F1445AF325A247B02B016A4F321CDDB8616D9A5432479085F3B10FE365 ] QWAVE C:\WINDOWS\system32\qwave.dll 16:51:15.0441 0x0400 QWAVE - ok 16:51:15.0456 0x0400 [ C619F26983C63B2BB1F6FDD6B52490E0, D35D7AF400133D6E6CE75C963285E13DABCD1F7EE46E96629EED9466DC999048 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 16:51:15.0534 0x0400 QWAVEdrv - ok 16:51:15.0722 0x0400 [ 91D50E991F182B40E10E06A9D21D8779, 00F584B07BD3366D4DB6AD80A9AE6BC61572B163C74888A399DF85940D2F9A50 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:51:15.0800 0x0400 RasAcd - ok 16:51:15.0862 0x0400 [ BD066C3A7DDDA2BB7F06384DB05A3AE8, AB104A2094F166916E848AF6805C8D2F797126208B9C60F00158031E8B735ACF ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 16:51:16.0175 0x0400 RasAgileVpn - ok 16:51:16.0222 0x0400 [ 13867EC172CDA1E4278EF98F3822B5E1, BD5BF2E622F1B075758D29EEBFA779807244545E3BEFFD7A4E4AD36FD9DF4EE9 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:51:16.0347 0x0400 RasAuto - ok 16:51:16.0472 0x0400 [ C51AB62AB41A2E8560D12472B204CC00, 7304FCB45E0EB374A3D8DBF05D4AA4A83E1E4B1C1735D68A42C72694D2425C78 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 16:51:16.0534 0x0400 Rasl2tp - ok 16:51:16.0831 0x0400 [ 80812558CF8E87F248B9BA0C4825945B, 4DA89447C31A5EC8B5C21941D47EECB767673201859B72B33E3145E6D3B6DA26 ] RasMan C:\WINDOWS\System32\rasmans.dll 16:51:16.0941 0x0400 RasMan - ok 16:51:16.0988 0x0400 [ 1B6351227867FBD8917769479F7D84A3, E38EF2291CE47956DC1A3F0C7D98E5FF97CA1EB515267A451ED99AA22370DC8E ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:51:17.0066 0x0400 RasPppoe - ok 16:51:17.0097 0x0400 [ 8381166CCC89EB6875DEFDA4A3B8CE37, BA59E2A18B568B8310396636372F42E38C0514FDE963DB674B019917A4F02794 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 16:51:17.0300 0x0400 RasSstp - ok 16:51:17.0441 0x0400 [ 8810FA3D36B8922B7BD1935378CD1667, 483DBA29212149D14E6EF873CF71B32A89C36E018E6F424C67699735B233858A ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:51:17.0753 0x0400 rdbss - ok 16:51:17.0769 0x0400 [ 4E3C895DB9831A925CAFAF9F04FE89CC, 9F518A1A046082FFDC6E171385B36EEBBE8A7C6D0234660D00A69CB327B2D869 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 16:51:17.0847 0x0400 rdpbus - ok 16:51:17.0878 0x0400 [ 67E91843B0344411820A012063E876B2, BFD92EEB961BDE9AE4324F8FDB01597B5D334FAAD6990324E2839687DC3A4E0E ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 16:51:17.0987 0x0400 RDPDR - ok 16:51:18.0097 0x0400 [ C47CB2108AA791890FDD997CDCB6609D, DDD72A3F9375B37CE52EA2AD75CCB317299A486F65E79E24F4C60963422421F3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 16:51:18.0160 0x0400 RdpVideoMiniport - ok 16:51:18.0269 0x0400 [ ED5DA057B5C00042CDF0E705C59B3CB1, 195F37E7C6D748C4190C3E55594B4E48BD87F0BE6C3F4D0F2E316F6C7696027F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 16:51:18.0332 0x0400 rdyboost - ok 16:51:18.0410 0x0400 [ FE591904131230C3FB98E9F97AAABE4A, C7C108E384F2F27A9AA58DDC0CCDC63D32629E11AEC7E2FC2F1A3F609BC94390 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:51:18.0457 0x0400 RemoteAccess - ok 16:51:18.0660 0x0400 [ 148CA6950C5F9385B67F18C0584376B3, 1EC021529C15420E5E1646520FC78119236FD01FA1065FBA16672D07D53BD7CB ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 16:51:18.0863 0x0400 RemoteRegistry - ok 16:51:18.0910 0x0400 [ C4F4FCD5AE48BDD31648981DDF8EF993, B2C8586D5F09AB2FBCE8BBACC9B1C74D6E1A25A8264A4218E80354C4470C750F ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys 16:51:19.0128 0x0400 RimVSerPort - ok 16:51:19.0160 0x0400 [ 67138062CED5A0E30DC42EBC087EA76C, F43FBCA3475A63145DB487C8852CB0AB7C5EB844303C7565E5F4FE238AC5E2DC ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 16:51:19.0207 0x0400 RpcEptMapper - ok 16:51:19.0253 0x0400 [ 56C6CFC3375CAA49E0DAE65472FD028F, CE19E793E7ACDBCC5C8486361E14BFC86458BCC55C8E56BE31CDA442BB76FEBE ] RpcLocator C:\WINDOWS\system32\locator.exe 16:51:19.0300 0x0400 RpcLocator - ok 16:51:19.0394 0x0400 [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] RpcSs C:\WINDOWS\system32\rpcss.dll 16:51:19.0441 0x0400 RpcSs - ok 16:51:19.0738 0x0400 [ A7B0D780D365635525B8A2B10CE493C4, D27F12DAB4B6BD7BE2E72650ED5BD48790E706B290A838882C6A34123B67D70E ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 16:51:19.0785 0x0400 rspndr - ok 16:51:19.0816 0x0400 [ 14FC57F255EB705ECA023FB85D70BF7B, C05CEF9583C5EC04E291F65293E843FAEFE8BA1FC6B4EC0C26789ACB39BBD5C6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 16:51:19.0878 0x0400 s3cap - ok 16:51:19.0894 0x0400 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] SamSs C:\WINDOWS\system32\lsass.exe 16:51:19.0925 0x0400 SamSs - ok 16:51:20.0066 0x0400 [ F2BF19FE48D9B8ADF8F5A0A6F17FD6BA, 4215E6D93946E5E038118DA7A80C93A567DD907F2CB04C6D37AC2175A185B527 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys 16:51:20.0113 0x0400 SbieDrv - ok 16:51:20.0300 0x0400 [ 72A63DB72D3DE34B880CE90464069E7E, 321FCAA7AD1BC0D805828C08AEA3CA1A81ACE20BE88FAF115D3DE8B009C5221B ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe 16:51:20.0347 0x0400 SbieSvc - ok 16:51:20.0691 0x0400 [ 98A297A744DDF9B2E14B05E511439ABC, E1399BC222E02F5EBCB00F6A6C4FD52BFAD10F70F42063C7C8BAB55ED33D1F3A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 16:51:20.0769 0x0400 sbp2port - ok 16:51:20.0878 0x0400 [ 54F017E5C8B7B5DDEA1878F4A0CF3B9C, 91B676F4371BE1FECE630BA97C341D2B15F56939E806F26842A9997A38B700C9 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 16:51:20.0972 0x0400 SCardSvr - ok 16:51:21.0019 0x0400 [ 8FD232296FA71EF605DE50B41CE537DF, 8D64B2A4CCA63A4530DE89B064DD85498B7A830265E0AD88D770A6248FEED611 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys 16:51:21.0156 0x0400 SCDEmu - ok 16:51:21.0187 0x0400 [ BC673C31F2665788938F85073BEBEDEA, 90F96D1FFA9D269CA198DD79576C468204D263257F68FF0FB4DB2541AE4EA234 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 16:51:21.0250 0x0400 ScDeviceEnum - ok 16:51:21.0406 0x0400 [ 631F9D546CD6D206F2D1273EFDA8B048, 2C7BBF8EA6D45D0B5456102E83B54BD126D443D7BEB8BAC8F4E4FFA5D9DCF1B0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 16:51:21.0453 0x0400 scfilter - ok 16:51:21.0562 0x0400 [ AECDD11299C9814382A259E18385C927, CEDAACBECC452A135D78D715DE6F50B8A5E9C7996FE0588432498AE27DA975AB ] Schedule C:\WINDOWS\system32\schedsvc.dll

JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Dec 11 23:01:56 2014 There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. ------------------------------------ Finished reporting.

Thank you very much for taking over. I was unable to get online in the last few days due to another DDOS but I'll carry out what you suggested right now.

Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24/11/2014 Scan Time: 19:32:31 Logfile: Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.24.07 Rootkit Database: v2014.11.22.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x86 File System: NTFS User: Alex Scan Type: Threat Scan Result: Completed Objects Scanned: 390504 Time Elapsed: 2 hr, 16 min, 36 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) ESET C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application C:\Users\kelly_000\AppData\Local\Microsoft\Windows\INetCache\IE\1B3V6BV3\ccsetup419pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\kelly_000\Downloads\dfsetup218.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01 Ran by Alex at 2014-11-24 18:36:20 Running from C:\Users\Alex\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft) AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated) AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.79 - ASUSTeK Computer Inc.) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0001 - Asmedia Technology) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.18 - ASUSTeK Computer Inc.) ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.00.06 - ASUSTeK Computer Inc.) ASUS HomeCloud Server 1.0.14.039 (HKLM\...\ASUS HomeCloud) (Version: 1.0.14.039 - ASUS Cloud Corporation) ASUS HomeCloud Server 1.0.17.059 (HKLM\...\ASUS HomeCloudServer) (Version: 1.0.17.059 - ASUS Cloud Corporation) ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.26 - ASUSTeK Computer Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon) CPUID ROG CPU-Z 1.69 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.69 - CPUID, Inc.) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0387 - Disc Soft Ltd) Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan) Dell System Detect (HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\73f463568823ebbe) (Version: 5.11.0.3 - Dell) ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) f.lux (HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Flux) (Version: - ) GoPro Studio 2.5.3 (HKLM-x32\...\GoPro Studio) (Version: 2.5.3 - GoPro, Inc.) GoToMeeting 6.4.5.1865 (HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\GoToMeeting) (Version: 6.4.5.1865 - CitrixOnline) Gyazo 2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) HomeCloud Drive 1.0.0.082 (HKLM-x32\...\HomeCloud Drive) (Version: 1.0.0.082 - ASUS Cloud Corporation) Intel® Chipset Device Software (x32 Version: 10.0.14 - Intel® Corporation) Hidden Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation) Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle) KeyBot (HKLM-x32\...\{DF53C8ED-1B43-475D-8CEB-9462E7BC2D9C}) (Version: 1.00.11 - ASUSTeK Computer Inc.) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 2.00.09 - ASUSTeK Computer Inc.) MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.) Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 33.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-GB)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation) Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - ) pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7227 - Realtek Semiconductor Corp.) ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.02.03 - ASUSTeK Computer Inc.) Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC) Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VMware vCenter Converter Standalone (HKLM-x32\...\{17C3235A-A4B9-44ED-8794-54D8408F9733}) (Version: 5.1.1.1890470 - VMware, Inc.) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.4 - VMware, Inc) VMware Workstation (Version: 10.0.4 - VMware, Inc.) Hidden WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3591367604-1146184651-4490953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-3591367604-1146184651-4490953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Alex\AppData\Local\Citrix\GoToMeeting\1440\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Restore Points ========================= 30-10-2014 15:19:35 Scheduled Checkpoint 09-11-2014 15:14:42 Scheduled Checkpoint 13-11-2014 08:08:08 Windows Update 15-11-2014 14:15:55 Installed Java 7 Update 71 19-11-2014 18:20:45 Windows Update 21-11-2014 15:11:09 Removed Oracle VM VirtualBox 4.3.14 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1EBD0802-63E4-4801-9B73-753B2DE1F09B} - System32\Tasks\KMS Server Daily Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL) Task: {1ECAB667-ED0D-4784-8B41-D2EDA0E3F400} - System32\Tasks\G2MUpdateTask-S-1-5-21-3591367604-1146184651-4490953-1001 => C:\Users\Alex\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe [2014-10-30] (Citrix Online, a division of Citrix Systems, Inc.) Task: {23F0514B-BE1F-489A-8495-44F70A9C4728} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-04-02] (TODO: <Company name>) Task: {25356406-F8BA-444E-AFA9-1866A05CB08F} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2014-03-21] () Task: {6358E86E-E1E4-432B-A0A8-E63D3FED0366} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-01-10] (ASUSTeK Computer Inc.) Task: {636BE7A0-077D-448D-8AAE-5089F332A245} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] () Task: {834E4A0D-A2AA-4DE8-A21F-0A79DA3654C5} - System32\Tasks\KMS Server OnLogon Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL) Task: {8FA07160-504A-4623-8DEC-ED0E0C44A422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd) Task: {B195D752-9F96-4A79-88B6-442B59A3BE6D} - System32\Tasks\ASUS\KeyBot Execute => C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe [2014-04-15] () Task: {B5970C74-20EE-41D9-B82C-AA751CEF9D67} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {BE3ACC5E-3D81-40DC-B986-AB695EB26F7C} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2014-03-07] () Task: {C64B8079-34DA-4B15-A462-07E8CD940EF5} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-04-14] () Task: {D0366C1B-028E-4791-994D-8E30C15B4CAB} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-04-09] (ASUSTeK Computer Inc.) Task: {DA5F7E2D-0034-4DF1-AF86-C8F102D1334C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-13] (Microsoft Corporation) Task: {E00DB613-6CB9-4DEF-9514-946D2C4B6CE1} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.) Task: {ED8E78B2-76DC-45A7-AB03-DA1375A05089} - System32\Tasks\ASUS\RamDisk => C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe [2013-09-26] () Task: {EE0E3EDB-407B-4AFE-B012-02ECC23EB024} - System32\Tasks\AsushomeCloudStart => C:\Program Files\ASUS\HomeCloud\ServerConsole\ASUS HomeCloud.exe [2014-11-07] () Task: {FD0E9159-F577-43C9-B7EA-C14F41235653} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-09-12] () Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3591367604-1146184651-4490953-1001.job => C:\Users\Alex\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-01 19:54 - 2014-01-29 05:26 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2014-09-01 20:06 - 2014-03-21 06:44 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2013-06-26 06:54 - 2013-06-26 06:54 - 00071680 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSWinService.exe 2014-10-15 12:37 - 2014-10-15 12:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe 2014-10-15 13:03 - 2014-10-15 13:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll 2014-10-15 13:04 - 2014-10-15 13:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll 2014-10-06 20:25 - 2014-10-06 20:25 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-09-01 20:16 - 2014-04-15 09:22 - 01615160 _____ () C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe 2014-09-01 20:19 - 2014-03-07 23:28 - 01982744 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe 2014-09-01 20:06 - 2013-09-12 09:35 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 2014-09-01 20:06 - 2014-04-14 18:27 - 01261568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 2014-10-15 13:03 - 2014-10-15 13:03 - 02753360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareShellExtension.dll 2014-05-12 09:49 - 2014-05-12 09:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2014-09-21 11:01 - 2014-09-21 11:01 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll 2014-09-01 20:12 - 2014-03-21 14:44 - 00295936 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe 2014-09-01 20:06 - 2014-04-11 08:53 - 01045304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe 2014-09-01 20:06 - 2014-04-11 09:53 - 00037176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe 2014-11-07 11:19 - 2014-11-07 11:19 - 02138432 _____ () C:\Program Files\ASUS\HomeCloud\ServerConsole\ASUS HomeCloud.exe 2014-10-15 13:03 - 2014-10-15 13:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe 2014-10-15 13:03 - 2014-10-15 13:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll 2014-10-15 13:03 - 2014-10-15 13:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll 2014-09-01 20:12 - 2014-03-21 14:44 - 01232384 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe 2014-04-14 19:41 - 2014-04-14 19:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2014-09-01 20:12 - 2014-03-21 14:44 - 01243136 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe 2014-09-01 20:12 - 2014-03-31 15:39 - 00072704 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe 2014-09-01 20:12 - 2014-03-21 14:44 - 00067072 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe 2014-09-01 20:06 - 2014-04-02 15:23 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe 2014-09-01 19:54 - 2014-11-24 17:44 - 00037376 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2014-09-01 19:54 - 2013-10-11 06:32 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2014-06-10 20:56 - 2014-06-10 20:56 - 00086744 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll 2014-06-10 20:55 - 2014-06-10 20:55 - 01297624 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll 2014-06-10 20:54 - 2014-06-10 20:54 - 00542936 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll 2014-10-29 15:01 - 2014-10-29 15:01 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll 2014-09-01 20:16 - 2014-01-16 10:20 - 00462848 _____ () C:\Program Files (x86)\ASUS\KeyBot\Macro_HookKey.dll 2014-09-01 20:16 - 2010-08-09 20:23 - 00175616 _____ () C:\Program Files (x86)\ASUS\KeyBot\AsusService.dll 2014-09-01 20:16 - 2013-09-03 09:49 - 00253952 _____ () C:\Program Files (x86)\ASUS\KeyBot\pngio.dll 2014-09-01 20:16 - 2012-02-02 20:26 - 00208896 _____ () C:\Program Files (x86)\ASUS\KeyBot\ImageHelper.dll 2014-09-01 20:19 - 2014-01-21 19:34 - 00179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll 2014-09-01 20:19 - 2014-01-21 19:34 - 00470016 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccHelper.dll 2014-09-01 20:06 - 2014-01-28 10:16 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll 2014-09-01 20:06 - 2014-01-28 10:16 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2014-09-01 20:06 - 2014-04-14 19:10 - 04033024 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 2014-09-01 20:06 - 2014-03-07 09:46 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll 2014-09-01 20:06 - 2013-08-29 14:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2014-09-01 20:06 - 2014-02-14 17:54 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll 2014-09-01 20:06 - 2014-03-07 00:46 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Exeio.dll 2014-09-01 20:06 - 2014-04-07 07:57 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.17\Vender.dll 2014-09-01 20:06 - 2014-01-28 01:16 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2014-09-01 20:06 - 2014-03-07 09:45 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll 2014-09-01 20:06 - 2012-01-19 08:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll 2014-09-01 20:06 - 2014-01-28 10:16 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll 2014-09-01 20:06 - 2014-01-28 10:16 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll 2014-09-01 20:06 - 2010-09-23 10:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll 2014-09-01 20:06 - 2010-02-25 13:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll 2014-09-01 20:06 - 2013-09-12 17:01 - 05773368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2014-09-01 20:06 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2014-09-01 20:06 - 2014-03-07 09:46 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2014-09-01 20:06 - 2014-04-02 15:29 - 00859136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2014-09-01 20:06 - 2014-04-07 15:57 - 00801280 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2014-09-01 20:06 - 2014-03-27 15:56 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2014-09-01 20:06 - 2014-03-07 09:46 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll 2014-09-01 20:06 - 2013-11-20 09:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll 2014-09-01 20:06 - 2013-07-02 09:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll 2014-11-07 10:33 - 2014-11-07 10:33 - 00160768 _____ () C:\Program Files\ASUS\HomeCloud\ServerConsole\ASUSWSHomeCloudAPI.dll 2014-05-09 08:35 - 2014-05-09 08:35 - 00012800 _____ () C:\Program Files\ASUS\HomeCloud\ServerConsole\CWoWFuncInterface.dll 2014-05-27 10:09 - 2014-05-27 10:09 - 00018432 _____ () C:\Program Files\ASUS\HomeCloud\ServerConsole\IntelRemoteWakeAPI.dll 2014-03-11 01:51 - 2014-03-11 01:51 - 00065024 _____ () C:\Program Files\ASUS\HomeCloud\ServerConsole\AsWoWDLL.dll 2014-09-01 20:12 - 2014-03-21 14:44 - 00253952 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\pngio.dll 2014-11-12 20:01 - 2014-11-12 20:01 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-09-01 20:06 - 2014-04-02 15:29 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll 2014-09-01 20:06 - 2014-04-07 15:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll 2014-09-01 20:06 - 2014-04-10 14:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll 2014-03-20 10:43 - 2014-03-20 10:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Alex\OneDrive:ms-properties AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "GoPro Importer.lnk" HKLM\...\StartupApproved\Run32: => "HomeCloud Drive" HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent" ========================= Accounts: ========================== Administrator (S-1-5-21-3591367604-1146184651-4490953-500 - Administrator - Disabled) Alex (S-1-5-21-3591367604-1146184651-4490953-1001 - Administrator - Enabled) => C:\Users\Alex Guest (S-1-5-21-3591367604-1146184651-4490953-501 - Limited - Disabled) ___VMware_Conv_SA___ (S-1-5-21-3591367604-1146184651-4490953-1007 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: VMware Virtual Ethernet Adapter for VMnet1 Description: VMware Virtual Ethernet Adapter for VMnet1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: High Definition Audio Device Description: High Definition Audio Device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HdAudAddService Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/24/2014 06:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 19.11.2014.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1328 Start Time: 01d00815518f9927 Termination Time: 2 Application Path: C:\Users\Alex\Downloads\FRST64.exe Report Id: a0c96708-7408-11e4-828a-40167ea94dfc Faulting package full name: Faulting package-relative application ID: Error: (11/24/2014 06:33:46 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (11/24/2014 06:11:04 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (11/24/2014 06:11:03 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (11/24/2014 06:11:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (11/24/2014 06:11:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (11/24/2014 05:45:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: DipAwayMode.exe, version: 0.0.0.0, time stamp: 0x00000000 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460 Exception code: 0x40010006 Fault offset: 0x00012f71 Faulting process id: 0x1160 Faulting application start time: 0xDipAwayMode.exe0 Faulting application path: DipAwayMode.exe1 Faulting module path: DipAwayMode.exe2 Report Id: DipAwayMode.exe3 Faulting package full name: DipAwayMode.exe4 Faulting package-relative application ID: DipAwayMode.exe5 System errors: ============= Error: (11/24/2014 05:44:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The VMware vCenter Converter Standalone Worker service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Apache Tomcat service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Integrated Clock Controller Service - Intel® ICCS service terminated unexpectedly. It has done this 1 time(s). Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/24/2014 05:44:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (11/24/2014 06:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST64.exe19.11.2014.0132801d00815518f99272C:\Users\Alex\Downloads\FRST64.exea0c96708-7408-11e4-828a-40167ea94dfc Error: (11/24/2014 06:33:46 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu.exe Error: (11/24/2014 06:11:04 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu.exe Error: (11/24/2014 06:11:03 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu.exe Error: (11/24/2014 06:11:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu.exe Error: (11/24/2014 06:11:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu.exe Error: (11/24/2014 05:45:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f71116001d0080e680795baC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dlla9c128e5-7401-11e4-828a-40167ea94dfc ==================== Memory info =========================== Processor: Intel® Core i7-4790K CPU @ 4.00GHz Percentage of memory in use: 20% Total physical RAM: 16260.91 MB Available physical RAM: 12889.51 MB Total Pagefile: 18692.91 MB Available Pagefile: 14501.33 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:134.89 GB) (Free:54.46 GB) NTFS Drive m: (Mac) (Fixed) (Total:97.66 GB) (Free:97.51 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 701CABE5) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=134.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ All steps done!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01 Ran by Alex (administrator) on HENRY on 24-11-2014 18:36:06 Running from C:\Users\Alex\Downloads Loaded Profile: Alex (Available profiles: Alex) Platform: Windows 8.1 Enterprise (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe () C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSWinService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe () C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe () C:\Program Files\ASUS\HomeCloud\ServerConsole\ASUS HomeCloud.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Flux Software LLC) C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe (Dell) C:\Users\Alex\AppData\Local\Apps\2.0\P6QD129X.3P2\N88ETEY1.ANT\dell..tion_e30b47f5d4a30e9e_0005.000b_1df8a3cb60a9209e\DellSystemDetect.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe () C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe (Apache Software Foundation) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] () HKLM-x32\...\Run: [ASUS Media Streamer ShareEdit] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe [1232384 2014-03-21] () HKLM-x32\...\Run: [ASUS Media Streamer DMS] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe [1243136 2014-03-21] () HKLM-x32\...\Run: [ASUS Media Streamer WSAgent] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe [72704 2014-03-31] () HKLM-x32\...\Run: [ASUS Media Streamer RelayHelpAgent] => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe [67072 2014-03-21] () HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\ASUSWSLoader.exe [56640 2013-06-26] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HomeCloud Drive] => C:\Program Files (x86)\ASUS\LocalDrive\LocalDrive.exe [2316608 2014-09-26] (ASUS Cloud Corporation) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-10-29] (VMware, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3128408 2014-03-13] (Disc Soft Ltd) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [sandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [f.lux] => C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\...\Run: [DellSystemDetect] => C:\Users\Alex\AppData\Local\Apps\2.0\P6QD129X.3P2\N88ETEY1.ANT\dell..tion_e30b47f5d4a30e9e_0005.000b_1df8a3cb60a9209e\DellSystemDetect.exe [264488 2014-10-06] (Dell) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3591367604-1146184651-4490953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3591367604-1146184651-4490953-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/ HKU\S-1-5-21-3591367604-1146184651-4490953-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D9779C614C6CF01 HKU\S-1-5-21-3591367604-1146184651-4490953-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default FF SelectedSearchEngine: Google FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3591367604-1146184651-4490953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Alex\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Extension: iMacros for Firefox - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-11-12] FF Extension: Bloody Vikings! - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\bloodyvikings@ffs.bplaced.net.xpi [2014-10-07] FF Extension: Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\firebug@software.joehewitt.com.xpi [2014-10-07] FF Extension: MEGA - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\firefox@mega.co.nz.xpi [2014-09-04] FF Extension: Multifox - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\multifox@hultmann.xpi [2014-10-07] FF Extension: MozBar - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\toolbar@seomoz.org.xpi [2014-10-07] FF Extension: URL Lister - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\urllister@binnyva.com.xpi [2014-11-12] FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fcn7t8lb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-22] Chrome: ======= CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-29] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-03-21] () R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSWinService.exe [71680 2013-06-26] () [File not signed] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe [382776 2014-04-09] (ASUSTeK Computer Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] () R2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-06] () R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC) S4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation) R3 tomcat6; C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe [80896 2013-04-29] (Apache Software Foundation) [File not signed] R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [480472 2014-06-10] (VMware, Inc.) R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.) R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [480472 2014-06-10] (VMware, Inc.) S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-10-29] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R2 AsRamDisk; C:\Windows\system32\DRIVERS\asramdisk.sys [111928 2013-12-13] (Asus) R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-03-14] (Asmedia Technology) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) S3 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21304 2013-10-05] (Olof Lagerkvist) S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75344 2013-02-22] (VMware, Inc.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-01] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC) R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-03-07] (ASUSTeK Computer Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-24 18:35 - 2014-11-24 18:35 - 00000000 ____D () C:\Users\Alex\Downloads\FRST-OlderVersion 2014-11-24 18:11 - 2014-11-24 18:11 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-11-24 18:10 - 2014-11-24 18:10 - 02347384 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_enu.exe 2014-11-24 17:43 - 2014-11-24 17:44 - 00000000 ____D () C:\AdwCleaner 2014-11-24 17:39 - 2014-11-24 17:39 - 02148864 _____ () C:\Users\Alex\Desktop\AdwCleaner.exe 2014-11-24 17:38 - 2014-11-24 17:38 - 00002571 _____ () C:\Users\Alex\Desktop\JRT.txt 2014-11-24 17:37 - 2014-11-24 17:37 - 00000000 ____D () C:\Windows\ERUNT 2014-11-24 17:36 - 2014-11-24 17:36 - 01707532 _____ (Thisisu) C:\Users\Alex\Desktop\JRT.exe 2014-11-24 17:29 - 2014-03-07 00:46 - 00024824 ____R (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys 2014-11-22 13:55 - 2014-11-22 13:55 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2014-11-22 13:55 - 2014-11-22 13:55 - 00000000 ____D () C:\Users\Alex\AppData\Local\FluxSoftware 2014-11-22 13:54 - 2014-11-22 13:54 - 00597304 _____ () C:\Users\Alex\Downloads\flux-setup.exe 2014-11-22 11:13 - 2014-11-22 11:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-11-22 11:12 - 2014-11-22 11:25 - 00000000 ____D () C:\Users\Alex\Desktop\mbar 2014-11-22 11:12 - 2014-11-22 11:12 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Alex\Downloads\mbar-1.08.2.1001.exe 2014-11-21 23:11 - 2014-11-21 23:11 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-11-21 23:11 - 2014-11-21 23:11 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-11-21 23:10 - 2014-11-21 23:11 - 18310232 _____ () C:\Users\Alex\Downloads\RogueKillerX64.exe 2014-11-21 23:00 - 2014-11-21 23:00 - 00000932 _____ () C:\Users\Alex\Desktop\NTREGOPT.lnk 2014-11-21 23:00 - 2014-11-21 23:00 - 00000913 _____ () C:\Users\Alex\Desktop\ERUNT.lnk 2014-11-21 23:00 - 2014-11-21 23:00 - 00000000 ____D () C:\Windows\ERDNT 2014-11-21 23:00 - 2014-11-21 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-11-21 23:00 - 2014-11-21 23:00 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-11-21 22:59 - 2014-11-21 22:59 - 00791393 _____ (Lars Hederer ) C:\Users\Alex\Downloads\erunt-setup.exe 2014-11-21 22:58 - 2014-11-21 22:58 - 00002226 _____ () C:\Users\Alex\Desktop\Rkill.txt 2014-11-21 22:57 - 2014-11-21 22:57 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Alex\Desktop\rkill.exe 2014-11-21 22:56 - 2014-11-21 22:56 - 00007608 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg 2014-11-21 19:17 - 2014-11-21 19:17 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images 2014-11-21 18:58 - 2014-11-21 18:58 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Apple Computer 2014-11-21 17:39 - 2014-11-21 17:39 - 00001857 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-11-21 17:39 - 2014-11-21 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-11-21 17:39 - 2014-11-21 17:39 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-11-21 17:38 - 2014-11-21 17:38 - 42096984 _____ (Apple Inc.) C:\Users\Alex\Downloads\QuickTimeInstaller.exe 2014-11-21 17:38 - 2014-11-21 17:38 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-11-21 17:38 - 2014-11-21 17:38 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-11-21 17:38 - 2014-11-21 17:38 - 00000000 ____D () C:\Users\Alex\AppData\Local\Apple 2014-11-21 17:38 - 2014-11-21 17:38 - 00000000 ____D () C:\ProgramData\Apple 2014-11-21 17:38 - 2014-11-21 17:38 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-11-21 17:37 - 2014-11-21 17:41 - 00000000 ____D () C:\Users\Public\CineForm 2014-11-21 17:37 - 2014-11-21 17:41 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\GoPro 2014-11-21 17:37 - 2014-11-21 17:39 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-11-21 17:37 - 2014-11-21 17:37 - 00004422 _____ () C:\Windows\DPINST.LOG 2014-11-21 17:37 - 2014-11-21 17:37 - 00001120 _____ () C:\Users\Alex\Desktop\GoPro Studio.lnk 2014-11-21 17:37 - 2014-11-21 17:37 - 00000000 ____D () C:\Users\Alex\AppData\Local\GoPro 2014-11-21 17:37 - 2014-11-21 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro 2014-11-21 17:37 - 2014-11-21 17:37 - 00000000 ____D () C:\Program Files\DIFX 2014-11-21 17:37 - 2014-11-21 17:37 - 00000000 ____D () C:\Program Files (x86)\GoPro 2014-11-21 17:37 - 2014-11-21 17:37 - 00000000 ____D () C:\Program Files (x86)\CineForm 2014-11-21 17:09 - 2014-11-21 17:10 - 163882760 _____ () C:\Users\Alex\Downloads\GoProStudioPC-2.5.3.400.exe 2014-11-21 16:49 - 2014-11-21 17:40 - 00001675 _____ () C:\Windows\setupact.log 2014-11-21 16:49 - 2014-11-21 16:49 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-21 15:21 - 2014-11-21 15:23 - 00000000 ____D () C:\Users\Alex\Documents\Virtual Machines 2014-11-21 15:20 - 2014-11-21 15:20 - 00001310 _____ () C:\Users\Public\Desktop\VMware vCenter Converter Standalone Client.lnk 2014-11-21 15:20 - 2014-11-21 15:20 - 00001024 _____ () C:\.rnd 2014-11-21 15:19 - 2014-11-21 16:33 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VMware 2014-11-21 15:19 - 2014-11-21 16:33 - 00000000 ____D () C:\Users\Alex\AppData\Local\VMware 2014-11-21 15:16 - 2014-11-24 17:44 - 00000000 ____D () C:\ProgramData\VMware 2014-11-21 15:16 - 2014-11-21 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-11-21 15:16 - 2014-11-21 15:19 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-11-21 15:16 - 2014-11-21 15:16 - 00002143 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk 2014-11-21 15:16 - 2014-11-21 15:16 - 00001024 _____ () C:\Windows\SysWOW64\%TMP% 2014-11-21 15:16 - 2014-11-21 15:16 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines 2014-11-21 15:16 - 2014-11-21 15:16 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-11-21 15:16 - 2014-10-29 15:01 - 00931032 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll 2014-11-21 15:16 - 2014-10-29 15:01 - 00437976 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe 2014-11-21 15:16 - 2014-10-29 15:01 - 00359128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe 2014-11-21 15:16 - 2014-10-29 15:01 - 00064728 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys 2014-11-21 15:16 - 2014-10-29 15:01 - 00031448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys 2014-11-21 15:16 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys 2014-11-21 15:16 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys 2014-11-21 15:16 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll 2014-11-21 15:16 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll 2014-11-21 15:11 - 2014-11-21 15:13 - 514992056 _____ (VMware, Inc.) C:\Users\Alex\Downloads\VMware-workstation-full-10.0.4-2249910.exe 2014-11-20 22:02 - 2014-11-20 22:16 - 3053371392 _____ () C:\Users\Alex\Downloads\kali-linux-1.0.9a-amd64.iso 2014-11-19 21:32 - 2014-11-24 18:36 - 00019012 _____ () C:\Users\Alex\Downloads\FRST.txt 2014-11-19 21:32 - 2014-11-24 18:36 - 00000000 ____D () C:\FRST 2014-11-19 21:32 - 2014-11-19 21:33 - 00038104 _____ () C:\Users\Alex\Downloads\Addition.txt 2014-11-19 21:31 - 2014-11-24 18:35 - 02118144 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe 2014-11-19 20:51 - 2014-11-24 17:44 - 00001256 _____ () C:\Windows\PFRO.log 2014-11-19 18:11 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-19 18:11 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-19 18:11 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-19 18:11 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-11-18 18:05 - 2014-11-18 18:05 - 00000789 _____ () C:\Users\Alex\Desktop\tobbe license.txt 2014-11-17 21:04 - 2014-11-17 21:04 - 00205107 _____ () C:\Users\Alex\Downloads\The UK Productivity Puzzle AK Added.pptx 2014-11-16 14:28 - 2014-11-24 18:18 - 01158024 _____ () C:\Windows\WindowsUpdate.log 2014-11-16 13:57 - 2014-11-16 13:57 - 04976136 _____ (Piriform Ltd) C:\Users\Alex\Downloads\ccsetup419pro.exe 2014-11-15 14:18 - 2014-11-15 14:18 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-15 14:16 - 2014-11-15 14:16 - 00004685 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log 2014-11-15 14:16 - 2014-11-15 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-15 14:00 - 2014-11-15 14:00 - 05127536 _____ () C:\Windows\PE_File.dll 2014-11-13 07:16 - 2014-11-13 07:16 - 00000000 ____D () C:\Users\Alex\Documents\Fax 2014-11-13 06:55 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-13 06:55 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-11-13 06:55 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-11-13 06:55 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-13 06:55 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-13 06:55 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-11-13 06:55 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2014-11-13 06:55 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2014-11-13 06:55 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-13 06:55 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-13 06:55 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2014-11-13 06:55 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-13 06:55 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-11-13 06:55 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2014-11-13 06:55 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2014-11-13 06:55 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-13 06:55 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2014-11-13 06:55 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-13 06:54 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-13 06:54 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-13 06:54 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-13 06:54 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-11-13 06:54 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2014-11-13 06:54 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-13 06:54 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-13 06:54 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-13 06:54 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-11-13 06:54 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-13 06:54 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-13 06:54 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-13 06:54 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-11-13 06:54 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-11-13 06:54 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-11-13 06:54 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-11-13 06:54 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-13 06:54 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-13 06:54 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-11-13 06:54 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-13 06:54 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-13 06:54 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-11-13 06:54 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-11-13 06:54 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-11-13 06:54 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-11-13 06:54 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-11-13 06:53 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-11-13 06:53 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-11-13 06:53 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2014-11-13 06:53 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-11-13 06:53 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2014-11-13 06:53 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2014-11-13 06:53 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2014-11-13 06:52 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-13 06:52 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-11-13 06:52 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-11-13 06:52 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-11-13 06:52 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-11-13 06:52 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-11-13 06:52 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-13 06:52 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-11-13 06:52 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-13 06:52 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-13 06:52 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-13 06:52 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-11-13 06:52 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-13 06:52 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-13 06:52 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-13 06:52 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-11-13 06:52 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-13 06:52 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2014-11-13 06:52 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-11-13 06:52 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-13 06:52 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-13 06:52 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-13 06:52 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-13 06:52 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-11-13 06:52 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-13 06:52 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-13 06:52 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-11-13 06:52 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-11-13 06:52 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-11-13 06:52 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-13 06:52 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-13 06:52 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-11-13 06:52 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-11-13 06:52 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-13 06:52 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-11-13 06:52 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-11-13 06:52 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-11-13 06:52 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-13 06:52 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-13 06:52 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-13 06:52 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-13 06:52 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-13 06:52 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-13 06:52 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-11-13 06:52 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-13 06:52 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-11-13 06:52 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-13 06:52 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-11-13 06:52 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-11-13 06:52 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-11-13 06:52 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-11-13 06:52 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-11-13 06:52 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-13 06:52 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-11-13 06:52 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-13 06:52 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-11-13 06:52 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-13 06:52 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-13 06:52 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-13 06:52 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-13 06:52 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-13 06:52 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-13 06:52 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-11-13 06:52 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-13 06:52 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2014-11-13 06:52 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-11-13 06:52 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-13 06:52 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-13 06:52 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-11-13 06:52 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-13 06:52 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-13 06:52 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-11-13 06:52 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-11-13 06:52 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-11-13 06:52 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-13 06:52 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-11-13 06:52 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-13 06:52 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-11-13 06:52 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-13 06:52 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-11-13 06:52 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-13 06:52 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2014-11-13 06:52 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-11-13 06:52 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-13 06:52 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-13 06:52 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-13 06:52 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-13 06:52 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2014-11-13 06:52 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-11-13 06:52 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-13 06:52 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-13 06:52 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-13 06:52 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-13 06:52 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-13 06:52 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-13 06:52 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-13 06:52 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-13 06:52 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-11-13 06:52 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-13 06:52 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-13 06:52 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-13 06:52 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-13 06:52 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-13 06:52 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2014-11-13 06:52 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-13 06:52 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-11-13 06:52 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-11-13 06:52 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-11-13 06:52 - 2014-09-07 22:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml 2014-11-13 06:52 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-11-13 06:52 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-11-13 06:52 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2014-11-13 06:52 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2014-11-13 06:52 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2014-11-13 06:52 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2014-11-13 06:52 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-11-13 06:52 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-11-13 06:52 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-11-13 06:52 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll 2014-11-13 06:52 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll 2014-11-13 06:52 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2014-11-13 06:52 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll 2014-11-13 06:52 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2014-11-13 06:52 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-11-13 06:52 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-11-13 06:52 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-11-13 06:52 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-13 06:52 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-11-13 06:52 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-11-13 06:52 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-13 06:52 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2014-11-13 06:52 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2014-11-13 06:52 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2014-11-12 23:24 - 2014-11-12 23:24 - 00000616 _____ () C:\Users\Alex\Desktop\Quotes.txt 2014-11-12 20:01 - 2014-11-13 06:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-11 18:50 - 2014-11-15 15:09 - 00000049 _____ () C:\Users\Alex\Desktop\New Text Document.txt 2014-11-11 17:57 - 2014-11-11 17:57 - 00000000 __SHD () C:\Users\Alex\AppData\Local\EmieUserList 2014-11-11 17:57 - 2014-11-11 17:57 - 00000000 __SHD () C:\Users\Alex\AppData\Local\EmieSiteList 2014-11-05 00:18 - 2014-11-05 00:18 - 01462272 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll 2014-11-05 00:15 - 2014-11-05 00:15 - 01490944 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll 2014-10-30 17:03 - 2014-10-30 17:04 - 01085336 _____ (EnTech Taiwan ) C:\Users\Alex\Downloads\ddmsetup1500.exe 2014-10-29 15:00 - 2014-10-29 15:00 - 00080464 _____ (VMware, Inc.) C:\Windows\system32\vmnetbridge.dll 2014-10-29 15:00 - 2014-10-29 15:00 - 00049232 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll 2014-10-29 15:00 - 2014-10-29 15:00 - 00046160 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetbridge.sys 2014-10-29 15:00 - 2014-10-29 15:00 - 00024656 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnet.sys 2014-10-29 15:00 - 2014-10-29 15:00 - 00020560 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetadapter.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-24 18:35 - 2014-10-06 18:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype 2014-11-24 18:24 - 2014-10-10 19:52 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3591367604-1146184651-4490953-1001.job 2014-11-24 18:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru 2014-11-24 17:51 - 2014-09-01 20:25 - 00000000 _____ () C:\Windows\Path.idx 2014-11-24 17:51 - 2014-09-01 13:28 - 00961644 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-24 17:47 - 2014-10-18 17:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-24 17:47 - 2014-09-01 19:52 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log 2014-11-24 17:46 - 2014-09-01 20:09 - 01048576 _____ () C:\Windows\PE_Rom.dll 2014-11-24 17:45 - 2014-10-18 18:21 - 00002329 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2014-11-24 17:45 - 2014-10-08 12:36 - 00000000 ___DO () C:\Users\Alex\OneDrive 2014-11-24 17:45 - 2014-09-01 21:04 - 00005617 _____ () C:\Windows\SysWOW64\IntelRemoteWakeAgent.ini 2014-11-24 17:45 - 2014-09-01 20:14 - 00000000 ____D () C:\Users\Alex\AppData\Local\asushomecloud 2014-11-24 17:44 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-24 17:44 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-11-24 07:22 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-23 15:46 - 2014-09-21 10:44 - 00001490 _____ () C:\Windows\Sandboxie.ini 2014-11-22 14:07 - 2014-09-01 14:08 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3591367604-1146184651-4490953-1001 2014-11-22 12:34 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-11-22 11:12 - 2014-10-18 17:54 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-21 23:36 - 2014-09-01 13:28 - 00000000 ____D () C:\Users\Alex 2014-11-21 22:25 - 2014-10-06 17:15 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-11-21 17:37 - 2014-09-01 19:48 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-21 15:16 - 2014-09-01 19:54 - 00965990 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-11-21 15:07 - 2014-09-04 18:01 - 00000000 ____D () C:\Users\Alex\.VirtualBox 2014-11-21 00:18 - 2014-09-04 22:44 - 00000000 ____D () C:\Users\Alex\VirtualBox VMs 2014-11-20 21:51 - 2014-09-01 20:19 - 00000000 ____D () C:\ProgramData\WinZip 2014-11-19 18:20 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-11-16 13:58 - 2014-10-08 12:38 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-16 13:57 - 2014-10-08 12:38 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-11-15 14:16 - 2014-09-01 20:12 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-15 13:56 - 2014-09-01 20:12 - 00001134 _____ () C:\Users\Public\Desktop\ASUS HomeCloudServer.lnk 2014-11-15 13:56 - 2014-09-01 18:46 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-11-15 13:51 - 2014-09-05 16:15 - 00000000 ____D () C:\ProgramData\asushomecloud 2014-11-15 13:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache 2014-11-13 08:12 - 2013-08-22 14:44 - 00372872 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-13 08:11 - 2014-09-01 20:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-13 08:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData 2014-11-13 08:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-11-13 08:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 08:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 08:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-13 08:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-13 08:09 - 2014-09-05 16:15 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-13 08:08 - 2014-09-05 16:15 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-13 07:18 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-30 22:33 - 2014-10-10 19:52 - 00003560 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3591367604-1146184651-4490953-1001 2014-10-30 17:05 - 2014-10-06 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Display Manager 2014-10-30 03:50 - 2014-09-04 17:44 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-30 00:55 - 2013-08-22 15:38 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-30 00:55 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Alex\AppData\Local\Temp\dllnt_dump.dll C:\Users\Alex\AppData\Local\Temp\Quarantine.exe C:\Users\Alex\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-24 07:12 ==================== End Of Log ============================

C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application C:\Users\Alex\Downloads\ccsetup419pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Windows\Installer\1d918.msi a variant of Win32/Systweak.L potentially unwanted application

Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24/11/2014 Scan Time: 17:47:59 Logfile: Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.24.07 Rootkit Database: v2014.11.22.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Alex Scan Type: Threat Scan Result: Completed Objects Scanned: 326708 Time Elapsed: 5 min, 37 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

# AdwCleaner v4.102 - Report created 24/11/2014 at 17:44:25 # Updated 23/11/2014 by Xplode # Database : 2014-11-24.1 [Live] # Operating System : Windows 8.1 Enterprise (64 bits) # Username : Alex - HENRY # Running from : C:\Users\Alex\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Alex\AppData\LocalLow\adawaretb ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C} Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb Key Deleted : HKLM\SOFTWARE\adawaretb Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v33.1 (x86 en-GB) -\\ Google Chrome v ************************* AdwCleaner[R0].txt - [2333 octets] - [24/11/2014 17:43:26] AdwCleaner[s0].txt - [2268 octets] - [24/11/2014 17:44:25] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2328 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.3.9 (11.15.2014:2) OS: Windows 8.1 Enterprise x64 Ran by Alex on 24/11/2014 at 17:37:11.79 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Alex\appdata\locallow\adawaretb" Successfully deleted: [Folder] "C:\Program Files (x86)\toolbar cleaner" Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" ~~~ FireFox Successfully deleted the following from C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\fcn7t8lb.default\prefs.js user_pref("keyword.URL", "hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q="); Emptied folder: C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\fcn7t8lb.default\minidumps [3 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 24/11/2014 at 17:38:11.08 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I will do those all now. Yesterday i suffered a DDOS attack and despite actions by my ISP it continues. I am receiving about 4 million packets a minute with only the fourm open. Yesterday in 17 minutes of having my PC on and connected, I recived over 865million. I am assuming they are all in the same.

Found the JRT.txt ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.3.9 (11.15.2014:2) OS: Windows 8.1 Pro x86 Ran by Alex on 23/11/2014 at 16:19:58.79 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ad-aware browsing protection ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c} ~~~ Files Successfully deleted: [File] C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1001 Successfully deleted: [File] C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1004 Successfully deleted: [File] C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4264348289-3241612886-2336119300-1005 ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\ad-aware browsing protection" Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars" Successfully deleted: [Folder] "C:\Users\Alex\appdata\locallow\adawaretb" Successfully deleted: [Folder] "C:\Program Files\toolbar cleaner" ~~~ FireFox Successfully deleted: [Folder] C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\bvydsf94.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} Successfully deleted the following from C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\bvydsf94.default\prefs.js user_pref("keyword.URL", "hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q="); Emptied folder: C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\bvydsf94.default\minidumps [25 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 23/11/2014 at 16:22:42.14 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v4.101 - Report created 23/11/2014 at 17:05:19 # Updated 09/11/2014 by Xplode # Database : 2014-11-23.4 [Live] # Operating System : Windows 8.1 Pro (32 bits) # Username : Alex - LAPTOP # Running from : C:\Users\kelly_000\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Alex\Desktop\Genesis Folder Deleted : C:\Users\Alex\Documents\Online Folder Deleted : C:\Users\kelly_000\AppData\LocalLow\adawaretb ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** [#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb Key Deleted : HKLM\SOFTWARE\adawaretb Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v32.0.3 (x86 en-US) ************************* AdwCleaner[R0].txt - [2028 octets] - [23/11/2014 16:34:50] AdwCleaner[s0].txt - [1987 octets] - [23/11/2014 17:05:19] ########## EOF - \AdwCleaner\AdwCleaner[s0].txt - [2047 octets] ########## The JRT.txt is no where to be found and it didn't open when I restarted. Should I run the scan again?