Jump to content

Search the Community

Showing results for tags 'No Internet'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. My browser says it’s not connect to server or there is no internet yet I’m connected. This all happened after I restarted my laptop after pressing quarantine on what MalwareBytes found. Did I do something wrong? How do I fix it? I’m not an I.T so I don’t know what to do, can someone please help me?!
  2. I unintentionally delete the files which were Quarantine. And now I'm not able to connect to the internet. Thanks in advance. 😊
  3. Hello, My wifi has since disappeared, after i performed a malwarebytes scan and quarantined the malware this was done back in april of 2018. when the restart after the quarantine was complete my wifi option had disappeared as if i dont have that capability anymore, my internet works fine with a hard wire via Ethernet. I have performed the following actions. I have done a factory reset of my computer, absolutely deleting everything and have had no success. attached are the initial scans from malwarebytes that i performed the day my wifi disappeared and about a week later (april12th and april 18th scans) also the initial farbar scan from the same time frame is attached, then secondly i have attached my scans from malwarebytes from after my complete system restore as well as the farbar report and malware adware report Addition (1) initial scan april 2018.txt 5ad92cc239972_malwarebytesapril12th.txt 5ad92cd69a955_malwarebytesapril18th.txt malwarebytes scan march 19th 2019.txt malwarebytes scan with roots march 19th 2019.txt AdwCleaner[C00] march 19th 2019.txt FSS march 19th 2019.txt
  4. Hi, I know this problem is common, from what I've seen. I have no internet access after using Malwarebytes. I have scanned with Farbar, and below are the files from that. Please help. FRST.txt Addition.txt
  5. ok so my computer still has no internet after i tried the fix it steps that were previously posted in my first topic chat, those steps included downloading the adware scan and restart then i went in to my premium version of malwarebytes and checked the root scan and restarted then i ran another scan and restarted all without luck. attached are my most recent reports malwarebytes april 22.txt Addition april 22.txt mb-check-results.zip
  6. Hello! So I completed multiple scans of malwarebytes antimalware to get rid of a trojan malware that's been copying files everywhere, and I've now come up with the result of the internet being blocked when safe mode is off, and windows defender doesn't seem to work. A file or two comes up on every new scan, but doesn't seem to be going away. The file attached is the latest scan, which caught a few files. Looking at task manager on regular boot, an application called "Spine" seems to come up a lot, and any change I got at deleting it ended up in it replacing itself with every reboot. Help with this would be greatly appreciated! Thank you! log.txt
  7. Hello. I seem to have a rather serious infection. I have no internet access. I can't turn on system restore, so no restore points. I can't reboot from usb or cd/dvd. Every attempt I have tried to fix issue has been blocked. Any help is appreciated. Thanks, Jim
  8. I downloaded and used Malwarebytes for the first time today. After my scan came up with 17 possible threats I went ahead and quarantined them. After the restart of the device i noticed I no longer was able to connect to any wifi network. The computer won't even show network options to connect via wireless. I am able to get online via Ethernet. After I noticed the issue I decided to restore the threats from quarantine but still no wifi. Then I went ahead and deleted the software and reinstalled. I ran the scan again to get the report to post on the forum. I also went ahead and followed other procedures to get other reports using software recommended on the pinned posts of site. (attached to post) I do have Avast Premier installed and have been using for over a year now. Addition.txt AdwCleaner[C0].txt FRST.txt Malwarebytes scan.txt
  9. My parents were experiencing some problems with their web browser where some pages weren't loading properly. It looked like they had accidentally downloaded some toolbars so I decided to use MalwareBytes to scan their computer for malware. After the scan, it detected 110 errors and I decided to clean it all out. After quarantining those files, their WiFi no longer could detect the house router. What went wrong? Below is a report of the files quarantined: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/27/17 Scan Time: 8:57 PM Log File: 27ad4e26-a401-11e7-8cf7-6cf0497502cc.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.188 Update Package Version: 1.0.2902 License: Trial -System Information- OS: Windows 10 (Build 15063.608) CPU: x64 File System: NTFS User: Chung-PC\Chung -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 442467 Threats Detected: 110 Threats Quarantined: 110 Time Elapsed: 12 min, 29 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 9 PUP.Optional.DriverAgentPlus, HKU\S-1-5-21-2567253433-1902044193-3519266185-1000\SOFTWARE\ESUPPORT.COM\DriverAgent, Quarantined, [2259], [262210],1.0.2902 Adware.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}, Quarantined, [151], [382579],1.0.2902 Adware.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}, Quarantined, [151], [382579],1.0.2902 Adware.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}, Quarantined, [151], [382579],1.0.2902 PUP.Optional.SmartPCPrivacyCleanerPro, HKLM\SOFTWARE\WOW6432NODE\SmartPCFixer, Quarantined, [1960], [344212],1.0.2902 Adware.Yontoo, HKLM\SOFTWARE\Tarma Installer, Quarantined, [151], [382206],1.0.2902 PUP.Optional.SmartPCPrivacyCleanerPro, HKLM\SOFTWARE\WOW6432NODE\SMARTPCFIXER\Param, Quarantined, [1960], [344212],1.0.2902 PUP.Optional.ASK, HKU\S-1-5-21-2567253433-1902044193-3519266185-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Quarantined, [521], [306571],1.0.2902 PUP.Optional.ASK, HKU\S-1-5-21-2567253433-1902044193-3519266185-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Quarantined, [521], [306571],1.0.2902 Registry Value: 3 Adware.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}|, Quarantined, [151], [382579],1.0.2902 Adware.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}|, Quarantined, [151], [382579],1.0.2902 Adware.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}|, Quarantined, [151], [382579],1.0.2902 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 17 PUP.Optional.MindSpark, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\RadioRage_4j, Quarantined, [259], [240302],1.0.2902 PUP.Optional.RegCurePro, C:\PROGRAMDATA\PARETOLOGIC\REGCURE PRO, Quarantined, [1551], [334940],1.0.2902 PUP.Optional.RegCurePro, C:\USERS\CHUNG\APPDATA\ROAMING\PARETOLOGIC\REGCURE PRO, Quarantined, [1551], [334940],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\html\popup, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\_metadata, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\popup, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\react, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\content, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\newtab, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\html, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\css, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\USERS\CHUNG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MLPFMCJPKBIJCPEGDBKPLCDDGACJLGPF, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\META-INF, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\chrome, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\EXTENSIONS\_4JMEMBERS_@WWW.RADIORAGE.COM, Quarantined, [838], [371671],1.0.2902 File: 81 PUP.Optional.MindSpark, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\RadioRage_4j\2F060688-76B9-4F3C-B795-641D8701AB56.sqlite, Quarantined, [259], [240302],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\PREFS.JS, Replaced, [838], [319354],1.0.2902 PUP.Optional.Spigot.Generic, C:\USERS\CHUNG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\MLPFMCJPKBIJCPEGDBKPLCDDGACJLGPF\1.6_0\BACKGROUND.JS, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\content\body.png, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\content\border.png, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\css\description.css, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\css\popup.css, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\html\popup\description.html, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\html\popup\popup.html, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\popup\popup-dom.js, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\popup\popup.js, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\react\react-dom.js, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\react\react.js, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\js\userNewTab.js, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\newtab\newtab.html, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\_metadata\computed_hashes.json, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\_metadata\verified_contents.json, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\icon.png, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.Spigot.Generic, C:\Users\Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpfmcjpkbijcpegdbkplcddgacjlgpf\1.6_0\manifest.json, Quarantined, [1968], [362981],1.0.2902 PUP.Optional.MindSpark.Generic, C:\USERS\CHUNG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BD95Z10V.DEFAULT\EXTENSIONS\_4JMEMBERS_@WWW.RADIORAGE.COM\BOOTSTRAP.JS, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\chrome\ffxtbr.jar, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\META-INF\manifest.mf, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\META-INF\mozilla.rsa, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\META-INF\mozilla.sf, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\chrome.manifest, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\chrome.manifest.restartless, Quarantined, [838], [371671],1.0.2902 PUP.Optional.MindSpark.Generic, C:\Users\Chung\AppData\Roaming\Mozilla\Firefox\Profiles\bd95z10v.default\extensions\_4jMembers_@www.radiorage.com\install.rdf, Quarantined, [838], [371671],1.0.2902 PUP.Optional.RegCurePro, C:\USERS\CHUNG\DOWNLOADS\REGCUREPROSETUP_RW(1).EXE, Quarantined, [1551], [336305],1.0.2902 PUP.Optional.383Media, C:\USERS\CHUNG\DOWNLOADS\DRIVERRESTORE.EXE, Quarantined, [7304], [120647],1.0.2902 PUP.Optional.RegCurePro, C:\USERS\CHUNG\DOWNLOADS\REGCUREPROSETUP_RW.EXE, Quarantined, [1551], [336305],1.0.2902 Adware.Solimba, C:\USERS\CHUNG\DOWNLOADS\SKYPE.EXE, Quarantined, [4215], [378334],1.0.2902 Adware.Solimba, C:\USERS\CHUNG\DOWNLOADS\SKYPE(1).EXE, Quarantined, [4215], [378334],1.0.2902 Physical Sector: 0 (No malicious items detected) (end)
  10. Hello, I downloaded Malwarebytes, ran a scan, and removed quarantined files. Afterwards, I was unable to use any service involving internet connection. I have reset my router, used command prompt to reset connections, and still no progress. I went into my connections, ipv4 is connected to internet, however ipv6 is not. Let me also state that I am new to this process of fixing this.
  11. hello everybody from malwarebytes, i got a (another) problem but this time with my laptop and i had this for ages but i need to start school agian so it needs to be fixed. the first problem i have that it is extremely slow. starting up a program like google chrome serato DJ (i am a semi professional DJ) takes Ages. when trying to create a file or map on desktop it takes a very long time to load the index screen when i right-click on my mouse. this bothers me alot in many ways and the startup is also very slow. the second problem is that it probably infected/infested with maleware/adware as i cant even browse internet. everytime i try to open up google chrome i get the warning: Your connection is not private Attackers may attempt to steal your information from furoms.malwarebytes.com (eg, warden, messages, or credit card details). NET :: ERR_CERT_WEAK_SIGNATURE_ALGORITHM because i keep getting this error i cant go online or even do something online. it bothers me alot because of the warning that my info could get stealed. the third problem is that after i finnaly got some anti-malware scanners on my pc (malwarebytes, malwarebytes ANTI-ROOTKIT, hitman pro,ADWCleaner, RogueKiller, RKILL,FRST64, and Sophos virus removal tool.) sophos virus removal tool found a virus: mal/ASFD`dr-A . as it turns out this virus came when i downloaded some music (did it for a friend of me, stupid thing to do from me). i let sophos do its thing and it should be gone (for as far as i know) i still dont trust this because of the google chrome warning the fourth problem is that something keep shutting down my Active virus management, Firewall and Burglar detection system(against keylog-attempts DLL injections and installation of malware). i have updated to manually and it ''says'' its up-to-date but i think its not (it is still bitdefender total security 2015) and i cant directly download it agian because i need to call my dad for it because he has the codes for bitdefender. fifth problem is that when i tried to scan with Commandprompt(administrator) i got the following error: Windows Recource Protection could not peform the requested operation. i dont know if this is the cause of malware of something deeper, but i will need my laptop around augsust alot (and next month for my DJ side-job) so i desperately need help if this is possible. i hope this can solve my problem because it will take ALOT of time to rebuild my music laptop system if i have to do the thing that is listed down here. if the things i tried already is the maximum i will go to my local pc experts and let them destroy the current harddrive and replace it with a SSD and a complete fresh windows 8.1 pro version. hopefully thanks and i hope for a reaction soon! Alexander ~Thejoindemand (EDIT: this topic is placed from another computer! next problem is the infected pieces of music also are on my external Backup HDD, so i think that one is also infected!)
  12. Hey ! I recently used malwarebytes and Adwcleaner to remove weather chicken and other malware, but after the removal my internet stopped working( though it is connected and working on other devices). The system I'am working on is Windows 7 service pack 1, 32 bit. Please help !! ASAP !
  13. Hi, I recently ran a full Malwarebytes scan of my Windows work computer to remove malware after noticing a decline in performance as well as experiencing unwanted ads in Chrome. As a result of the scan and subsequent removal of the malware, the internet stopped working entirely. I would approach IT at my job, however I'm an English teacher in Korea and my "IT" guy doesn't speak a lick of English so i'm at a loss. I've gone ahead and followed certain instructions as they pertain to this issue from other forums/websites, but am not entirely confident that doing everything on my own (not the most computer literate person) is best. I went ahead and took the initiative to run a scan with the Farbar Recovery Scan Tool and have the resulting logs, which are attached to this thread. I was hoping somebody could guide me in recovering whatever it is I lost to reinstate my internet! Thanks, Addition.txt FRST.txt
  14. After using Malwarebytes (Windows 8) I cannot get on the Internet. My laptop shows that I'm connected to the wireless connection, but nothing will come up. I've seen other posts where you ask for files to be zipped and sent to you. I would need assistance on these steps as 1. I don't know how to zip a file, and 2. I can't get onto the internet on my laptop. Please! Your help is GREATLY appreciated.
  15. Recently I began getting these Bad Image errors, error status 0xc000012f, C:\windows\system32\fwpuclnt. It also says i have limited internet access with ethernet plugged in, so no web access, im on my second computer currently. Skype will randomley start sometimes aswell, the following are TDSS and MBAM logs from the scans i just performed, 15:51:14.0653 0976 TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33 15:51:14.0653 0976 UEFI system 15:51:14.0684 0976 ============================================================ 15:51:14.0684 0976 Current date / time: 2016/04/09 15:51:14.0684 15:51:14.0684 0976 SystemInfo: 15:51:14.0684 0976 15:51:14.0684 0976 OS Version: 6.2.9200 ServicePack: 0.0 15:51:14.0684 0976 Product type: Workstation 15:51:14.0684 0976 ComputerName: HAMBLASTER 15:51:14.0684 0976 UserName: Pablow 15:51:14.0684 0976 Windows directory: C:\WINDOWS 15:51:14.0684 0976 System windows directory: C:\WINDOWS 15:51:14.0684 0976 Running under WOW64 15:51:14.0684 0976 Processor architecture: Intel x64 15:51:14.0684 0976 Number of processors: 2 15:51:14.0684 0976 Page size: 0x1000 15:51:14.0684 0976 Boot type: Normal boot 15:51:14.0684 0976 ============================================================ 15:51:15.0543 0976 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:51:15.0543 0976 ============================================================ 15:51:15.0543 0976 \Device\Harddisk0\DR0: 15:51:15.0543 0976 GPT partitions: 15:51:15.0543 0976 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A5AE06FF-A49B-496D-ABCF-15C14B333E4D}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000 15:51:15.0543 0976 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D3771C10-8C58-4841-A05A-C18565BF8918}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000 15:51:15.0543 0976 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {37E1B908-51AA-45F7-BD61-E45CA5C6BB5F}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000 15:51:15.0543 0976 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2C5011BE-E540-4841-836F-AD146A81F8DB}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x36B8C000 15:51:15.0543 0976 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F1E0CFDD-F2B0-4439-82A4-62867C3C2A21}, Name: , StartLBA 0x36D16800, BlocksNum 0xE1000 15:51:15.0543 0976 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2AC6C54A-6A0C-4F39-9251-71D6440EF0EE}, Name: Basic data partition, StartLBA 0x36DF7800, BlocksNum 0x358E800 15:51:15.0543 0976 MBR partitions: 15:51:15.0543 0976 ============================================================ 15:51:15.0559 0976 C: <-> \Device\Harddisk0\DR0\Partition4 15:51:15.0668 0976 D: <-> \Device\Harddisk0\DR0\Partition6 15:51:15.0668 0976 ============================================================ 15:51:15.0668 0976 Initialize success 15:51:15.0668 0976 ============================================================ 16:48:16.0935 1872 ============================================================ 16:48:16.0935 1872 Scan started 16:48:16.0935 1872 Mode: Manual; 16:48:16.0935 1872 ============================================================ 16:48:18.0482 1872 ================ Scan system memory ======================== 16:48:18.0482 1872 System memory - ok 16:48:18.0482 1872 ================ Scan services ============================= 16:48:18.0654 1872 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 16:48:18.0654 1872 1394ohci - ok 16:48:18.0685 1872 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 16:48:18.0685 1872 3ware - ok 16:48:18.0717 1872 [ BE14A19386CC6711D2225D2B242AAC53 ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys 16:48:18.0717 1872 Accelerometer - ok 16:48:18.0748 1872 [ E796AE43DDD1844281DB4D57294D17C0 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 16:48:18.0748 1872 ACPI - ok 16:48:18.0779 1872 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 16:48:18.0779 1872 acpiex - ok 16:48:18.0795 1872 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 16:48:18.0810 1872 acpipagr - ok 16:48:18.0826 1872 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 16:48:18.0826 1872 AcpiPmi - ok 16:48:18.0842 1872 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 16:48:18.0842 1872 acpitime - ok 16:48:18.0920 1872 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:48:18.0920 1872 AdobeARMservice - ok 16:48:19.0014 1872 [ A9D55370A0CBADD1E1E2B4796ACD26DF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:48:19.0014 1872 AdobeFlashPlayerUpdateSvc - ok 16:48:19.0060 1872 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 16:48:19.0076 1872 ADP80XX - ok 16:48:19.0154 1872 [ CAC04FF26BD3D6521BE79B5B4EB2E53A ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe 16:48:19.0170 1872 AdvancedSystemCareService7 - ok 16:48:19.0217 1872 [ BCD58DACAA1EAAADC115EDD940478F6D ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 16:48:19.0217 1872 AeLookupSvc - ok 16:48:19.0248 1872 [ 374E27295F0A9DCAA8FC96370F9BEEA5 ] AFD C:\WINDOWS\system32\drivers\afd.sys 16:48:19.0264 1872 AFD - ok 16:48:19.0295 1872 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 16:48:19.0295 1872 agp440 - ok 16:48:19.0326 1872 [ FE14D249D39368CA62D8DA6BC94AC694 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 16:48:19.0326 1872 ahcache - ok 16:48:19.0357 1872 [ 14A45BE6F5678339F0EC5752D9849410 ] ALG C:\WINDOWS\System32\alg.exe 16:48:19.0357 1872 ALG - ok 16:48:19.0389 1872 [ 6CF81DD5083D7F94A7E76E50429A949C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe 16:48:19.0404 1872 AMD External Events Utility - ok 16:48:19.0451 1872 AMD FUEL Service - ok 16:48:19.0467 1872 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 16:48:19.0482 1872 AmdK8 - ok 16:48:19.0732 1872 [ 71F8D8B977ACC5973FA042BF906E709F ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys 16:48:19.0967 1872 amdkmdag - ok 16:48:20.0029 1872 [ 4AA027F91A8093B1CDF453B5394F6715 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 16:48:20.0045 1872 amdkmdap - ok 16:48:20.0092 1872 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 16:48:20.0092 1872 AmdPPM - ok 16:48:20.0092 1872 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 16:48:20.0092 1872 amdsata - ok 16:48:20.0123 1872 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 16:48:20.0123 1872 amdsbs - ok 16:48:20.0139 1872 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 16:48:20.0139 1872 amdxata - ok 16:48:20.0170 1872 [ 283299C3941DB5B7B35A7D28F186E9E1 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys 16:48:20.0170 1872 amd_sata - ok 16:48:20.0185 1872 [ 7E4FB65206BBBEAEA5F61FB003B1D8C7 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys 16:48:20.0185 1872 amd_xata - ok 16:48:20.0217 1872 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 16:48:20.0217 1872 AODDriver4.2 - ok 16:48:20.0264 1872 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll 16:48:20.0264 1872 AppHostSvc - ok 16:48:20.0295 1872 [ 415DD71628795197F7AFC176CBADC74E ] AppID C:\WINDOWS\system32\drivers\appid.sys 16:48:20.0295 1872 AppID - ok 16:48:20.0326 1872 [ 88358135810B9DFD830A9D3A8C3D149A ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 16:48:20.0342 1872 AppIDSvc - ok 16:48:20.0373 1872 [ 734622FBA766DBD65B1803549B24A04A ] Appinfo C:\WINDOWS\System32\appinfo.dll 16:48:20.0373 1872 Appinfo - ok 16:48:20.0420 1872 [ 35E28923A23ADABAA5A1B43256D0AB58 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 16:48:20.0420 1872 AppReadiness - ok 16:48:20.0482 1872 [ 573542B5E97772021B73E854DA861DAA ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 16:48:20.0498 1872 AppXSvc - ok 16:48:20.0529 1872 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 16:48:20.0529 1872 arcsas - ok 16:48:20.0639 1872 [ AA2E8C6B8D7EA7BAF04C988801927F48 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:48:20.0639 1872 aspnet_state - ok 16:48:20.0686 1872 [ 25863B5A3AC02DD35063D77C1F1415FF ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys 16:48:20.0686 1872 aswHwid - ok 16:48:20.0701 1872 [ 2894AC8C6159201940C8CD5B33CC5203 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys 16:48:20.0701 1872 aswMonFlt - ok 16:48:20.0717 1872 [ C384DC3DDF65F3E011DFBDFDB500F89A ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys 16:48:20.0717 1872 aswRdr - ok 16:48:20.0732 1872 [ 7F5ADFD9CA8EF06D020273B81BFFD731 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys 16:48:20.0732 1872 aswRvrt - ok 16:48:20.0779 1872 [ D8AED327929029227447ADA450AA3AE8 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 16:48:20.0795 1872 aswSnx - ok 16:48:20.0810 1872 [ D96A7EE9F5E25A7941F2A2A2BED46339 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 16:48:20.0810 1872 aswSP - ok 16:48:20.0842 1872 [ 82F2525A22A380AA977428490AA849E3 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys 16:48:20.0857 1872 aswStm - ok 16:48:20.0889 1872 [ 2F3F0B08EBF741FE22745BECC794CE34 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys 16:48:20.0889 1872 aswVmm - ok 16:48:20.0904 1872 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys 16:48:20.0904 1872 atapi - ok 16:48:21.0029 1872 [ 93A6671EC2DC01378F2CF481A0026DEB ] athr C:\WINDOWS\system32\DRIVERS\athwbx.sys 16:48:21.0092 1872 athr - ok 16:48:21.0170 1872 [ EF2EC92C4E449CD065B9E892E05D47BE ] AtiDCM C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys 16:48:21.0170 1872 AtiDCM - ok 16:48:21.0217 1872 [ 51A7233DEBE0648F8069F73867475F64 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys 16:48:21.0217 1872 AtiHDAudioService - ok 16:48:21.0264 1872 [ 431FE56F5A2F5937994CB2DA330B47DB ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 16:48:21.0264 1872 AudioEndpointBuilder - ok 16:48:21.0295 1872 [ 0F03CC00645D7F841879A048787D6AC7 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 16:48:21.0310 1872 Audiosrv - ok 16:48:21.0342 1872 [ A97E144E84A665B22AE6E6A93E4DD465 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 16:48:21.0342 1872 avast! Antivirus - ok 16:48:21.0373 1872 [ 3C6ED74AF41DD1A5585CE5EF3D00915F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 16:48:21.0389 1872 AxInstSV - ok 16:48:21.0420 1872 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 16:48:21.0435 1872 b06bdrv - ok 16:48:21.0451 1872 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 16:48:21.0451 1872 BasicDisplay - ok 16:48:21.0451 1872 [ 38A82F4EE8C416A6744B6D30381ED768 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 16:48:21.0451 1872 BasicRender - ok 16:48:21.0498 1872 [ 2C969095C2827EF4536C7D6FA434F993 ] BazisVirtualCDBus C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys 16:48:21.0498 1872 BazisVirtualCDBus - ok 16:48:21.0514 1872 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 16:48:21.0529 1872 bcmfn2 - ok 16:48:21.0576 1872 [ 4B6F61BD394DCEDA9B06D702836531C2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 16:48:21.0576 1872 BDESVC - ok 16:48:21.0623 1872 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:48:21.0623 1872 Beep - ok 16:48:21.0670 1872 [ 48554994279BFE17A3D2B00076D0CB1A ] BITS C:\WINDOWS\System32\qmgr.dll 16:48:21.0685 1872 BITS - ok 16:48:21.0701 1872 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 16:48:21.0701 1872 bowser - ok 16:48:21.0732 1872 [ FA601515FF2B59F25FDD8EDB1D2A1104 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 16:48:21.0748 1872 BrokerInfrastructure - ok 16:48:21.0764 1872 [ BC111AADACD0BF59D56547461D13AB6E ] Browser C:\WINDOWS\System32\browser.dll 16:48:21.0779 1872 Browser - ok 16:48:21.0795 1872 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 16:48:21.0795 1872 BthAvrcpTg - ok 16:48:21.0826 1872 [ 272A62B660A48AEF366F8A1836CED19F ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 16:48:21.0826 1872 BthHFEnum - ok 16:48:21.0842 1872 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 16:48:21.0842 1872 bthhfhid - ok 16:48:21.0873 1872 [ 9307A4B743D277C499CDA8E19E5687AC ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 16:48:21.0873 1872 BthHFSrv - ok 16:48:21.0904 1872 [ EF4B9E7C9AD88C00C18A12B0D22D1894 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 16:48:21.0920 1872 BTHMODEM - ok 16:48:21.0951 1872 [ 043A0F37631BF453F16D478B71320F46 ] bthserv C:\WINDOWS\system32\bthserv.dll 16:48:21.0951 1872 bthserv - ok 16:48:22.0045 1872 [ 52AE2CDD37AB735FBDA52263EFD524AA ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe 16:48:22.0076 1872 c2cautoupdatesvc - ok 16:48:22.0123 1872 [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 16:48:22.0139 1872 c2cpnrsvc - ok 16:48:22.0170 1872 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 16:48:22.0170 1872 cdfs - ok 16:48:22.0185 1872 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 16:48:22.0185 1872 cdrom - ok 16:48:22.0217 1872 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E ] CertPropSvc C:\WINDOWS\System32\certprop.dll 16:48:22.0217 1872 CertPropSvc - ok 16:48:22.0248 1872 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys 16:48:22.0248 1872 circlass - ok 16:48:22.0264 1872 [ 8EB7E70C2D348FE2476A2E3F2D585E3D ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 16:48:22.0279 1872 CLFS - ok 16:48:22.0326 1872 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\WINDOWS\system32\DRIVERS\clwvd.sys 16:48:22.0326 1872 clwvd - ok 16:48:22.0342 1872 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 16:48:22.0357 1872 CmBatt - ok 16:48:22.0389 1872 [ 0DE32A0BB1FE2A773666572F79584520 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 16:48:22.0389 1872 CNG - ok 16:48:22.0404 1872 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 16:48:22.0404 1872 CompositeBus - ok 16:48:22.0420 1872 COMSysApp - ok 16:48:22.0435 1872 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 16:48:22.0435 1872 condrv - ok 16:48:22.0467 1872 [ 6324F0D18FB52833BA64BC828E29054C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 16:48:22.0467 1872 CryptSvc - ok 16:48:22.0514 1872 [ 389C998C64319CD97625B0550E52ECFA ] dam C:\WINDOWS\system32\drivers\dam.sys 16:48:22.0514 1872 dam - ok 16:48:22.0560 1872 [ A6F17C299A03BAFEFB9257C462A19E00 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:48:22.0560 1872 DcomLaunch - ok 16:48:22.0592 1872 [ 95E1ABFB27F8A62ED764805775F0D2F3 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 16:48:22.0607 1872 defragsvc - ok 16:48:22.0639 1872 [ FF086DEF5995558CCB1B5AAC2110195D ] DeviceAssociationService C:\WINDOWS\system32\das.dll 16:48:22.0654 1872 DeviceAssociationService - ok 16:48:22.0670 1872 [ 2C02AFF8383D893F8DBEB07A84F6E77C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 16:48:22.0686 1872 DeviceInstall - ok 16:48:22.0732 1872 [ A03F362C5557E238CBFA914689C77248 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 16:48:22.0732 1872 Dfsc - ok 16:48:22.0764 1872 [ CFBB4907C7542180B5E0282301240006 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys 16:48:22.0764 1872 DgiVecp - ok 16:48:22.0795 1872 [ 3EEAADA3125431980E5804ED7143458A ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 16:48:22.0810 1872 Dhcp - ok 16:48:22.0873 1872 [ 21EDAD8188372C912B7BB9B1C6CB0D38 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 16:48:22.0889 1872 DiagTrack - ok 16:48:22.0920 1872 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys 16:48:22.0920 1872 disk - ok 16:48:22.0951 1872 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 16:48:22.0951 1872 dmvsc - ok 16:48:22.0982 1872 [ E9AE4FAE83FB38A2962F9032B24CEB3C ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:48:22.0998 1872 Dnscache - ok 16:48:23.0029 1872 [ 811EACBCC7C51A03AE11F13CC27B2AB6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 16:48:23.0029 1872 dot3svc - ok 16:48:23.0060 1872 [ B99CB575986789A93A683DCF292A43A1 ] DPS C:\WINDOWS\system32\dps.dll 16:48:23.0060 1872 DPS - ok 16:48:23.0092 1872 [ 00C594D5A1DBD22AD8B2902B9F6EFF94 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 16:48:23.0092 1872 drmkaud - ok 16:48:23.0107 1872 [ 263625A4F616538EB867B6306A6590DB ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 16:48:23.0123 1872 DsmSvc - ok 16:48:23.0170 1872 [ E1BB0B6F00F470B451AB45EA13EBA0B3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 16:48:23.0185 1872 DXGKrnl - ok 16:48:23.0217 1872 [ E253530BD5EDE28F1FF6AF93C4D8034D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 16:48:23.0217 1872 Eaphost - ok 16:48:23.0310 1872 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 16:48:23.0342 1872 ebdrv - ok 16:48:23.0373 1872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] EFS C:\WINDOWS\System32\lsass.exe 16:48:23.0373 1872 EFS - ok 16:48:23.0404 1872 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 16:48:23.0404 1872 EhStorClass - ok 16:48:23.0436 1872 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 16:48:23.0436 1872 EhStorTcgDrv - ok 16:48:23.0451 1872 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 16:48:23.0451 1872 ErrDev - ok 16:48:23.0498 1872 [ F00C593994D57C75273F820653440536 ] EventSystem C:\WINDOWS\system32\es.dll 16:48:23.0498 1872 EventSystem - ok 16:48:23.0545 1872 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 16:48:23.0545 1872 exfat - ok 16:48:23.0560 1872 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 16:48:23.0576 1872 fastfat - ok 16:48:23.0607 1872 [ 304B6AEC4639A7CCCCF544C6BA6177B2 ] Fax C:\WINDOWS\system32\fxssvc.exe 16:48:23.0607 1872 Fax - ok 16:48:23.0623 1872 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys 16:48:23.0623 1872 fdc - ok 16:48:23.0654 1872 [ 020D2F29009F893ADEFF4405B4B44565 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 16:48:23.0670 1872 fdPHost - ok 16:48:23.0686 1872 [ E80D2EDD2F88B6E20076A0A4F5A5A245 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 16:48:23.0686 1872 FDResPub - ok 16:48:23.0717 1872 [ 47AB7D16EDE434B934AA4D661456C2D5 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 16:48:23.0717 1872 fhsvc - ok 16:48:23.0764 1872 [ BCFD8B149B3ADF92D0DB1E909CAF0265 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 16:48:23.0764 1872 FileInfo - ok 16:48:23.0779 1872 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 16:48:23.0779 1872 Filetrace - ok 16:48:23.0795 1872 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 16:48:23.0795 1872 flpydisk - ok 16:48:23.0826 1872 [ C1FB505A73FA2E9019D32444AB33B75A ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 16:48:23.0826 1872 FltMgr - ok 16:48:23.0889 1872 [ 2F225BC85B84C04EA01BAB8D8DACFA83 ] FontCache C:\WINDOWS\system32\FntCache.dll 16:48:23.0904 1872 FontCache - ok 16:48:23.0951 1872 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:48:23.0951 1872 FontCache3.0.0.0 - ok 16:48:23.0982 1872 [ A7C31B168F371E8E6796219F23E354DB ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 16:48:23.0982 1872 FsDepends - ok 16:48:23.0998 1872 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:48:23.0998 1872 Fs_Rec - ok 16:48:24.0045 1872 [ F152D55E497E12256290C43B31C7D0CE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 16:48:24.0045 1872 fvevol - ok 16:48:24.0060 1872 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 16:48:24.0060 1872 FxPPM - ok 16:48:24.0092 1872 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 16:48:24.0092 1872 gagp30kx - ok 16:48:24.0123 1872 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 16:48:24.0123 1872 gencounter - ok 16:48:24.0154 1872 [ 8DF1254093B5C354CE725EB6B9B0DE19 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 16:48:24.0154 1872 GPIOClx0101 - ok 16:48:24.0201 1872 [ 0D03F87D4FF4ADBAF8336DD80548155A ] gpsvc C:\WINDOWS\System32\gpsvc.dll 16:48:24.0232 1872 gpsvc - ok 16:48:24.0279 1872 [ 56F69F7C25FB67C970997D7066DBC593 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 16:48:24.0279 1872 HdAudAddService - ok 16:48:24.0311 1872 [ D4B7ED39C7900384D9E5C1283F1E7926 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 16:48:24.0311 1872 HDAudBus - ok 16:48:24.0326 1872 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 16:48:24.0326 1872 HidBatt - ok 16:48:24.0342 1872 [ 42F88B57CAE42FC10059C887B3FCFCEA ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 16:48:24.0342 1872 HidBth - ok 16:48:24.0373 1872 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 16:48:24.0373 1872 hidi2c - ok 16:48:24.0404 1872 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 16:48:24.0404 1872 HidIr - ok 16:48:24.0436 1872 [ EA85B5093DF7B5C3E80362B053740AE2 ] hidserv C:\WINDOWS\system32\hidserv.dll 16:48:24.0436 1872 hidserv - ok 16:48:24.0451 1872 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 16:48:24.0451 1872 HidUsb - ok 16:48:24.0467 1872 [ 93C4315F47F8D635C6DB0DF49FCE10EE ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 16:48:24.0482 1872 hkmsvc - ok 16:48:24.0514 1872 [ AC49522ED106BD4B545D6614D71C2445 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 16:48:24.0514 1872 HomeGroupListener - ok 16:48:24.0545 1872 [ 99932E30CE0283B73BB6E5019E150394 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 16:48:24.0560 1872 HomeGroupProvider - ok 16:48:24.0623 1872 [ 4F88FA114D15504E1B17978A8DA4165E ] HPConnectedRemote C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe 16:48:24.0623 1872 HPConnectedRemote - ok 16:48:24.0654 1872 [ 0C28C65207A2BD4C737A5BCDAB26A430 ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys 16:48:24.0654 1872 hpdskflt - ok 16:48:24.0717 1872 [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 16:48:24.0732 1872 hpqwmiex - ok 16:48:24.0764 1872 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 16:48:24.0764 1872 HpSAMD - ok 16:48:24.0779 1872 [ 81E3EF01D1883394BDA9B8687B3BFE23 ] hpsrv C:\WINDOWS\system32\Hpservice.exe 16:48:24.0779 1872 hpsrv - ok 16:48:24.0826 1872 [ 1878A79551F2EDAE7EBD110AAE6D33AD ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe 16:48:24.0826 1872 HPSupportSolutionsFrameworkService - ok 16:48:24.0873 1872 [ 3C5B2067338E4EFDADE94E4A72728F23 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 16:48:24.0873 1872 HPWMISVC - ok 16:48:24.0904 1872 [ E87A6D3B8FECD5B93BC0CFBB48C27970 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 16:48:24.0920 1872 HTTP - ok 16:48:24.0998 1872 [ E5805896A55D4166C20F216249F40FA3 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS 16:48:24.0998 1872 HWiNFO32 - ok 16:48:25.0029 1872 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 16:48:25.0045 1872 hwpolicy - ok 16:48:25.0092 1872 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 16:48:25.0092 1872 hyperkbd - ok 16:48:25.0123 1872 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 16:48:25.0123 1872 HyperVideo - ok 16:48:25.0154 1872 [ 49EE0AE9E5B64FFBBD06D55C4984B598 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 16:48:25.0170 1872 i8042prt - ok 16:48:25.0201 1872 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16:48:25.0201 1872 iaLPSSi_GPIO - ok 16:48:25.0217 1872 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 16:48:25.0217 1872 iaLPSSi_I2C - ok 16:48:25.0248 1872 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 16:48:25.0264 1872 iaStorAV - ok 16:48:25.0295 1872 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 16:48:25.0295 1872 iaStorV - ok 16:48:25.0373 1872 [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 16:48:25.0404 1872 IconMan_R - ok 16:48:25.0420 1872 IEEtwCollectorService - ok 16:48:25.0467 1872 [ E40F92893FE59FE50D16A9547D1B662D ] IKEEXT C:\WINDOWS\System32\ikeext.dll 16:48:25.0482 1872 Suspicious file (Forged): C:\WINDOWS\System32\ikeext.dll. Real md5: E40F92893FE59FE50D16A9547D1B662D, Fake md5: 85913B101B2C9CC50B223D281F10D53C 16:48:25.0482 1872 IKEEXT ( ForgedFile.Multi.Generic ) - warning 16:48:25.0482 1872 IKEEXT - detected ForgedFile.Multi.Generic (1) 16:48:25.0498 1872 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 16:48:25.0498 1872 intelide - ok 16:48:25.0529 1872 [ 7AA01AB1C110916825E6E1389F1B9AF2 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 16:48:25.0529 1872 intelpep - ok 16:48:25.0545 1872 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 16:48:25.0545 1872 intelppm - ok 16:48:25.0560 1872 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:48:25.0560 1872 IpFilterDriver - ok 16:48:25.0607 1872 [ A5800036E4EA06697A34742A24ACFBE1 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 16:48:25.0623 1872 iphlpsvc - ok 16:48:25.0654 1872 [ C800DCD904016B2BF6AB541083770A3A ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 16:48:25.0654 1872 IPMIDRV - ok 16:48:25.0686 1872 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 16:48:25.0686 1872 IPNAT - ok 16:48:25.0717 1872 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 16:48:25.0717 1872 IRENUM - ok 16:48:25.0732 1872 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 16:48:25.0732 1872 isapnp - ok 16:48:25.0764 1872 [ D90AB68D0FAC9F357F663670FDBB511E ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 16:48:25.0764 1872 iScsiPrt - ok 16:48:25.0779 1872 [ 5917AFE4A3F695A54B99C1849C8207FE ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 16:48:25.0779 1872 kbdclass - ok 16:48:25.0811 1872 [ 8CD840A062F6BDF41DDE3ACB96164B72 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 16:48:25.0811 1872 kbdhid - ok 16:48:25.0826 1872 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 16:48:25.0826 1872 kdnic - ok 16:48:25.0826 1872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] KeyIso C:\WINDOWS\system32\lsass.exe 16:48:25.0842 1872 KeyIso - ok 16:48:25.0857 1872 [ 4E829B18D5BAEC29893792A3C671A847 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 16:48:25.0857 1872 KSecDD - ok 16:48:25.0889 1872 [ 35C19AF2116F67914712D7C4CBE47B8C ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 16:48:25.0904 1872 KSecPkg - ok 16:48:25.0936 1872 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 16:48:25.0936 1872 ksthunk - ok 16:48:25.0951 1872 [ C1591A66028C71147A3E2EAB0B1CCB7E ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 16:48:25.0967 1872 KtmRm - ok 16:48:25.0982 1872 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 16:48:25.0998 1872 LanmanServer - ok 16:48:26.0029 1872 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 16:48:26.0060 1872 LanmanWorkstation - ok 16:48:26.0170 1872 [ D186AAAE72691136BDE00BBB41F48D12 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 16:48:26.0185 1872 LBTServ - ok 16:48:26.0232 1872 [ 015BABFCD2E911C505204257DAB5ADC5 ] LEqdUsb C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys 16:48:26.0232 1872 LEqdUsb - ok 16:48:26.0264 1872 [ 8B9F3796EC1762CF255BDB324E5529C8 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 16:48:26.0279 1872 lfsvc - ok 16:48:26.0311 1872 [ 20A23B8863AAA8A23EEB9E2919F529FD ] LHidEqd C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys 16:48:26.0311 1872 LHidEqd - ok 16:48:26.0326 1872 [ 77D5786C6A7765503884E38706C9FD5E ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 16:48:26.0326 1872 LHidFilt - ok 16:48:26.0451 1872 [ 337FA50FFDED5E2BC94B36BF625AB681 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 16:48:26.0467 1872 LiveUpdateSvc - ok 16:48:26.0514 1872 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 16:48:26.0514 1872 lltdio - ok 16:48:26.0560 1872 [ DAE98CC96C5EE308BF4EA7B18F226CB8 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 16:48:26.0560 1872 lltdsvc - ok 16:48:26.0576 1872 [ 1E2662D847B7D9995C65D90D254A7E0F ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 16:48:26.0592 1872 lmhosts - ok 16:48:26.0607 1872 [ F84023FB2E3DEA06103501974A2EDB44 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 16:48:26.0607 1872 LMouFilt - ok 16:48:26.0639 1872 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 16:48:26.0639 1872 LSI_SAS - ok 16:48:26.0654 1872 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 16:48:26.0654 1872 LSI_SAS2 - ok 16:48:26.0670 1872 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 16:48:26.0670 1872 LSI_SAS3 - ok 16:48:26.0701 1872 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 16:48:26.0701 1872 LSI_SSS - ok 16:48:26.0732 1872 [ 9A7A7E45DAED2E8C2816716D8D28236A ] LSM C:\WINDOWS\System32\lsm.dll 16:48:26.0732 1872 LSM - ok 16:48:26.0764 1872 [ DDEE191AB32DFC22C6465002ECDF5EE4 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 16:48:26.0764 1872 luafv - ok 16:48:26.0779 1872 Suspicious service (Hidden): MBAMSwissArmy 16:48:26.0857 1872 [ 78488AF2AB2111D67B3C4044707A519B ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 16:48:26.0857 1872 MBAMSwissArmy ( HiddenService.Multi.Generic ) - warning 16:48:26.0857 1872 MBAMSwissArmy - detected HiddenService.Multi.Generic (1) 16:48:26.0904 1872 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys 16:48:26.0904 1872 megasas - ok 16:48:26.0951 1872 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 16:48:26.0951 1872 megasr - ok 16:48:26.0998 1872 [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] MMCSS C:\WINDOWS\system32\mmcss.dll 16:48:26.0998 1872 MMCSS - ok 16:48:27.0029 1872 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys 16:48:27.0029 1872 Modem - ok 16:48:27.0045 1872 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 16:48:27.0045 1872 monitor - ok 16:48:27.0076 1872 [ 08374E4E5B8914DE6067CBA99F61E930 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 16:48:27.0076 1872 mouclass - ok 16:48:27.0092 1872 [ 5FCBAB60598AE119E02B4C27DE6B99EA ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 16:48:27.0092 1872 mouhid - ok 16:48:27.0123 1872 [ 9A788037D768809DFD677F4BA08A224A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 16:48:27.0123 1872 mountmgr - ok 16:48:27.0185 1872 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:48:27.0185 1872 MozillaMaintenance - ok 16:48:27.0217 1872 [ 6FC047578785B0435F4E2660946D1ADC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 16:48:27.0217 1872 mpsdrv - ok 16:48:27.0248 1872 [ C18AA14126ADC66478E8E962B2DFAA98 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 16:48:27.0264 1872 MpsSvc - ok 16:48:27.0295 1872 [ D2AC8F07995CE6CD18848C129435B481 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 16:48:27.0310 1872 MRxDAV - ok 16:48:27.0342 1872 [ 61000E7155E92342D0D5338CE05D102A ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:48:27.0342 1872 mrxsmb - ok 16:48:27.0373 1872 [ BCBD64220AD85C26823453FF1DC3EFBD ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 16:48:27.0389 1872 mrxsmb10 - ok 16:48:27.0435 1872 [ B0A106352DEF6D52332EA39E00462EA7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 16:48:27.0435 1872 mrxsmb20 - ok 16:48:27.0467 1872 [ F3C060444777A59FC63D920719E43CCD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 16:48:27.0467 1872 MsBridge - ok 16:48:27.0498 1872 [ 915747E010A9414B069173284A9B93F4 ] MSDTC C:\WINDOWS\System32\msdtc.exe 16:48:27.0498 1872 MSDTC - ok 16:48:27.0529 1872 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:48:27.0545 1872 Msfs - ok 16:48:27.0560 1872 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 16:48:27.0560 1872 msgpiowin32 - ok 16:48:27.0576 1872 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 16:48:27.0576 1872 mshidkmdf - ok 16:48:27.0592 1872 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 16:48:27.0592 1872 mshidumdf - ok 16:48:27.0607 1872 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 16:48:27.0607 1872 msisadrv - ok 16:48:27.0639 1872 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 16:48:27.0654 1872 MSiSCSI - ok 16:48:27.0654 1872 msiserver - ok 16:48:27.0670 1872 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:48:27.0670 1872 MSKSSRV - ok 16:48:27.0685 1872 [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 16:48:27.0685 1872 MsLldp - ok 16:48:27.0717 1872 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:48:27.0717 1872 MSPCLOCK - ok 16:48:27.0732 1872 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 16:48:27.0732 1872 MSPQM - ok 16:48:27.0779 1872 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 16:48:27.0779 1872 MsRPC - ok 16:48:27.0795 1872 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 16:48:27.0795 1872 mssmbios - ok 16:48:27.0795 1872 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 16:48:27.0810 1872 MSTEE - ok 16:48:27.0826 1872 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 16:48:27.0826 1872 MTConfig - ok 16:48:27.0842 1872 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 16:48:27.0842 1872 Mup - ok 16:48:27.0857 1872 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 16:48:27.0857 1872 mvumis - ok 16:48:27.0889 1872 [ 8DF30698BDD9492A9D45A4B94FB4A82A ] napagent C:\WINDOWS\system32\qagentRT.dll 16:48:27.0889 1872 napagent - ok 16:48:27.0920 1872 [ 008F7CED69FD5B30CBDE1E03C6F36A27 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 16:48:27.0935 1872 NativeWifiP - ok 16:48:27.0967 1872 [ BFCE1225D10619029E68946929CEB64C ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 16:48:27.0967 1872 NcaSvc - ok 16:48:28.0014 1872 [ 267C97373110B7AFD3B46DF60B6CBB85 ] NcbService C:\WINDOWS\System32\ncbservice.dll 16:48:28.0014 1872 NcbService - ok 16:48:28.0045 1872 [ 0813B71EAF097208DC76CE0605B48AF0 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 16:48:28.0045 1872 NcdAutoSetup - ok 16:48:28.0092 1872 [ 97DC5967F65503213FD1F1B3E4A6F983 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 16:48:28.0107 1872 NDIS - ok 16:48:28.0139 1872 [ 8CECC8DA55F3274181FD1EA28AD76664 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 16:48:28.0139 1872 NdisCap - ok 16:48:28.0170 1872 [ 269882812E9A68FFF1AFE1283D428322 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 16:48:28.0170 1872 NdisImPlatform - ok 16:48:28.0185 1872 [ DC1D9F692C2AD84C214584C28501C1F7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:48:28.0185 1872 NdisTapi - ok 16:48:28.0217 1872 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:48:28.0217 1872 Ndisuio - ok 16:48:28.0232 1872 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 16:48:28.0232 1872 NdisVirtualBus - ok 16:48:28.0264 1872 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:48:28.0264 1872 NdisWan - ok 16:48:28.0264 1872 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:48:28.0279 1872 NdisWanLegacy - ok 16:48:28.0295 1872 [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 16:48:28.0295 1872 NDProxy - ok 16:48:28.0326 1872 [ 3083926D1CC5B56EA0786527B557DD1B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 16:48:28.0326 1872 Ndu - ok 16:48:28.0342 1872 [ 42FF4975D032CAE558AE4BB8448F6E5A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 16:48:28.0342 1872 NetBIOS - ok 16:48:28.0357 1872 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:48:28.0373 1872 NetBT - ok 16:48:28.0373 1872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] Netlogon C:\WINDOWS\system32\lsass.exe 16:48:28.0389 1872 Netlogon - ok 16:48:28.0420 1872 [ 8F074B62E66B6117D9598C62A12069C5 ] Netman C:\WINDOWS\System32\netman.dll 16:48:28.0420 1872 Netman - ok 16:48:28.0467 1872 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 16:48:28.0482 1872 netprofm - ok 16:48:28.0561 1872 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:48:28.0561 1872 NetTcpPortSharing - ok 16:48:28.0607 1872 [ D4DCE03870314D3354F3501F9DDD4123 ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 16:48:28.0607 1872 netvsc - ok 16:48:28.0639 1872 [ E94EB2A95D7D016E119C4D6868788831 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 16:48:28.0639 1872 NlaSvc - ok 16:48:28.0670 1872 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:48:28.0670 1872 Npfs - ok 16:48:28.0717 1872 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 16:48:28.0717 1872 npsvctrig - ok 16:48:28.0764 1872 [ 0F12A72A753CFD7FB0631EE8D08FE983 ] nsi C:\WINDOWS\system32\nsisvc.dll 16:48:28.0779 1872 nsi - ok 16:48:28.0810 1872 [ 0E046FF5823B95326D10CF1B4AF23541 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 16:48:28.0810 1872 nsiproxy - ok 16:48:28.0889 1872 [ 9980B262DBE439AE6BDC91AA985F19EE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 16:48:28.0904 1872 Ntfs - ok 16:48:28.0935 1872 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys 16:48:28.0935 1872 Null - ok 16:48:28.0951 1872 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 16:48:28.0951 1872 nvraid - ok 16:48:28.0967 1872 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 16:48:28.0982 1872 nvstor - ok 16:48:28.0998 1872 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 16:48:28.0998 1872 nv_agp - ok 16:48:29.0045 1872 [ 26657F3B4F39A0E64AF859278B599C4E ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 16:48:29.0045 1872 p2pimsvc - ok 16:48:29.0092 1872 [ FD8F61F0D1F64BBB3D835F39A3F979C9 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 16:48:29.0092 1872 p2psvc - ok 16:48:29.0123 1872 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys 16:48:29.0139 1872 Parport - ok 16:48:29.0154 1872 [ BAFF6122CFC9F95CA175AD8C348179A4 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 16:48:29.0154 1872 partmgr - ok 16:48:29.0201 1872 [ ABE95ABE27A8BD9701782BBCD82C9925 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 16:48:29.0217 1872 PcaSvc - ok 16:48:29.0232 1872 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4 ] pci C:\WINDOWS\system32\drivers\pci.sys 16:48:29.0248 1872 pci - ok 16:48:29.0264 1872 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 16:48:29.0264 1872 pciide - ok 16:48:29.0295 1872 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 16:48:29.0295 1872 pcmcia - ok 16:48:29.0326 1872 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys 16:48:29.0326 1872 pcw - ok 16:48:29.0342 1872 [ ED54A75050211DC77F9B98C41E026858 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 16:48:29.0357 1872 pdc - ok 16:48:29.0389 1872 [ 0ECEE590F2E2EF969FB74A6FC583A1E6 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 16:48:29.0389 1872 PEAUTH - ok 16:48:29.0482 1872 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 16:48:29.0482 1872 PerfHost - ok 16:48:29.0545 1872 [ 70B39E7241F750A248798CE82C44596D ] pla C:\WINDOWS\system32\pla.dll 16:48:29.0576 1872 pla - ok 16:48:29.0592 1872 [ 2C02AFF8383D893F8DBEB07A84F6E77C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 16:48:29.0607 1872 PlugPlay - ok 16:48:29.0639 1872 [ 4570F8A37D221660F3A09D6F4DD4BA94 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 16:48:29.0639 1872 PNRPAutoReg - ok 16:48:29.0670 1872 [ 26657F3B4F39A0E64AF859278B599C4E ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 16:48:29.0685 1872 PNRPsvc - ok 16:48:29.0717 1872 [ BDD52AB4AEBB8B1904568DBD0CCB70CB ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 16:48:29.0732 1872 PolicyAgent - ok 16:48:29.0764 1872 [ C8DD82C3035E60D671B8CC5DF128D3A9 ] Power C:\WINDOWS\system32\umpo.dll 16:48:29.0779 1872 Power - ok 16:48:29.0904 1872 [ 3C96A45CA3403A276B0F045C448EC27B ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 16:48:29.0982 1872 PrintNotify - ok 16:48:30.0014 1872 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys 16:48:30.0014 1872 Processor - ok 16:48:30.0045 1872 [ 6E409D818C6B342544EAE741B1422B85 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 16:48:30.0045 1872 ProfSvc - ok 16:48:30.0076 1872 [ FC0141B4A5AD6D637D883C1A89FC45C5 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 16:48:30.0076 1872 Psched - ok 16:48:30.0107 1872 [ 32812415CE18075BF98BC9A43E26E234 ] ptumlcmsvc C:\Windows\system32\ptumlcmsvc64.exe 16:48:30.0123 1872 ptumlcmsvc - ok 16:48:30.0232 1872 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5 ] QWAVE C:\WINDOWS\system32\qwave.dll 16:48:30.0232 1872 QWAVE - ok 16:48:30.0248 1872 [ 83868EB2924E6BC21A54337C65D614D1 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 16:48:30.0248 1872 QWAVEdrv - ok 16:48:30.0295 1872 [ 16327C2B25A82ABD16F92DD72B26489D ] RadeonPro Support Service C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe 16:48:30.0295 1872 RadeonPro Support Service - ok 16:48:30.0326 1872 [ B337B1F1E82A83E20A1743E008E25C0F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:48:30.0342 1872 RasAcd - ok 16:48:30.0373 1872 [ 044638489B4A5FE5334F46C5314A0826 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:48:30.0389 1872 RasAuto - ok 16:48:30.0435 1872 [ F83B38FCD4F69157B3D158433FA149CC ] RasMan C:\WINDOWS\System32\rasmans.dll 16:48:30.0451 1872 RasMan - ok 16:48:30.0482 1872 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:48:30.0482 1872 RasPppoe - ok 16:48:30.0514 1872 [ 41F631007A158FEBB67F0E2AD1601BBA ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 16:48:30.0514 1872 RasSstp - ok 16:48:30.0545 1872 [ A1A5E79C0D1352AFDC08328A623DA051 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:48:30.0545 1872 rdbss - ok 16:48:30.0576 1872 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 16:48:30.0576 1872 rdpbus - ok 16:48:30.0592 1872 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 16:48:30.0592 1872 RDPDR - ok 16:48:30.0639 1872 [ BC8A79C625568DDB7DCA49D0C2741A64 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 16:48:30.0639 1872 RdpVideoMiniport - ok 16:48:30.0654 1872 [ A26AEC49F318FEE141DDDB2C5F99B3E6 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 16:48:30.0654 1872 rdyboost - ok 16:48:30.0701 1872 [ 615DFD97DEA56CE1C3A52185A3038FF8 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 16:48:30.0701 1872 ReFS - ok 16:48:30.0748 1872 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:48:30.0764 1872 RemoteAccess - ok 16:48:30.0795 1872 [ AC8785B53F8436058C90450DA1840AE7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 16:48:30.0795 1872 RemoteRegistry - ok 16:48:30.0810 1872 [ 65B9FDE300A6DECC03BA44C4616DCAD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 16:48:30.0826 1872 RpcEptMapper - ok 16:48:30.0842 1872 [ A737B433ABAF3F2DCB2BD7B4CC582B26 ] RpcLocator C:\WINDOWS\system32\locator.exe 16:48:30.0842 1872 RpcLocator - ok 16:48:30.0889 1872 [ A6F17C299A03BAFEFB9257C462A19E00 ] RpcSs C:\WINDOWS\system32\rpcss.dll 16:48:30.0904 1872 RpcSs - ok 16:48:30.0935 1872 [ 6737F13C9CDC0C76BBBCD382E5B3B507 ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys 16:48:30.0935 1872 RSP2STOR - ok 16:48:30.0982 1872 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 16:48:30.0982 1872 rspndr - ok 16:48:30.0998 1872 [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 16:48:31.0014 1872 RTL8168 - ok 16:48:31.0029 1872 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 16:48:31.0029 1872 s3cap - ok 16:48:31.0045 1872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] SamSs C:\WINDOWS\system32\lsass.exe 16:48:31.0045 1872 SamSs - ok 16:48:31.0076 1872 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 16:48:31.0092 1872 sbp2port - ok 16:48:31.0123 1872 [ 74A3B67F03877D06B09B1B40C5ED582E ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 16:48:31.0139 1872 SCardSvr - ok 16:48:31.0170 1872 [ 8B9C4D55B4A536FB01C360DDB9533574 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 16:48:31.0170 1872 ScDeviceEnum - ok 16:48:31.0201 1872 [ 13BEA6C882D4D877A5A85CA149C86BC1 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 16:48:31.0201 1872 scfilter - ok 16:48:31.0232 1872 [ 3151A020E03DDE31AAC49F35C5EFB4DB ] Schedule C:\WINDOWS\system32\schedsvc.dll 16:48:31.0248 1872 Schedule - ok 16:48:31.0279 1872 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 16:48:31.0279 1872 SCPolicySvc - ok 16:48:31.0310 1872 [ C54B6B2170BF628FD42F799A66956D75 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 16:48:31.0310 1872 sdbus - ok 16:48:31.0357 1872 [ 0B1E929D11A8E358106955603FAC65E8 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 16:48:31.0357 1872 sdstor - ok 16:48:31.0389 1872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 16:48:31.0389 1872 secdrv - ok 16:48:31.0404 1872 [ BA24CEA7152239F42ECD04AFB7C89D24 ] seclogon C:\WINDOWS\system32\seclogon.dll 16:48:31.0420 1872 seclogon - ok 16:48:31.0436 1872 [ 81FE9A81EDF8016816C9E91FBFBF7D35 ] SENS C:\WINDOWS\System32\sens.dll 16:48:31.0451 1872 SENS - ok 16:48:31.0498 1872 [ 6E4012AE67F09F867EF620C8D5524C0B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 16:48:31.0498 1872 SensrSvc - ok 16:48:31.0545 1872 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 16:48:31.0545 1872 SerCx - ok 16:48:31.0561 1872 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 16:48:31.0561 1872 SerCx2 - ok 16:48:31.0576 1872 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 16:48:31.0576 1872 Serenum - ok 16:48:31.0592 1872 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys 16:48:31.0592 1872 Serial - ok 16:48:31.0623 1872 [ 148195AE95D9BC7375A08846439FDAC1 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 16:48:31.0623 1872 sermouse - ok 16:48:31.0654 1872 [ 3A2F1A7472C3B7CC9B89C8516C726488 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 16:48:31.0670 1872 SessionEnv - ok 16:48:31.0701 1872 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 16:48:31.0701 1872 sfloppy - ok 16:48:31.0732 1872 [ 8081FF3DAE8159FE8956B09BC29CE983 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 16:48:31.0748 1872 SharedAccess - ok 16:48:31.0810 1872 [ 7FD9A61A3523A61FC135D61D6E160314 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 16:48:31.0810 1872 ShellHWDetection - ok 16:48:31.0842 1872 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 16:48:31.0842 1872 SiSRaid2 - ok 16:48:31.0873 1872 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 16:48:31.0873 1872 SiSRaid4 - ok 16:48:31.0920 1872 [ 52F7E8603E888E3DB0A8B3D1804098E9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:48:31.0920 1872 SkypeUpdate - ok 16:48:31.0951 1872 [ AF5CC3F9B88F140D78FC967ABF0F4EC7 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys 16:48:31.0951 1872 SmbDrv - ok 16:48:31.0967 1872 [ 19555D03CB179BED8B8AAA239A36BDA4 ] SmbDrvI C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys 16:48:31.0967 1872 SmbDrvI - ok 16:48:32.0014 1872 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3 ] smphost C:\WINDOWS\System32\smphost.dll 16:48:32.0014 1872 smphost - ok 16:48:32.0045 1872 [ D0EB0DF8C603BBA084351A92732B1CBE ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 16:48:32.0045 1872 SNMPTRAP - ok 16:48:32.0076 1872 [ B45AE0970B2D66CCE756DE6989E23EEC ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 16:48:32.0092 1872 spaceport - ok 16:48:32.0123 1872 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 16:48:32.0123 1872 SpbCx - ok 16:48:32.0154 1872 [ 2E3976C857D7230EC8D2B2276E688255 ] Spooler C:\WINDOWS\System32\spoolsv.exe 16:48:32.0170 1872 Spooler - ok 16:48:32.0295 1872 [ 46549AF7CB672BC8138264CC4100E9F8 ] sppsvc C:\WINDOWS\system32\sppsvc.exe 16:48:32.0420 1872 sppsvc - ok 16:48:32.0467 1872 [ 8003E034E3EA0E29DA54215A770FC27C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 16:48:32.0467 1872 srv - ok 16:48:32.0514 1872 [ 00D8AC8E3053290BDE6EA2FB6810D2FC ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 16:48:32.0529 1872 srv2 - ok 16:48:32.0545 1872 [ D047CD668E6277FD80F0C613946F034C ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 16:48:32.0561 1872 srvnet - ok 16:48:32.0607 1872 [ CF6C3037839CF78421A94F9060C2886F ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 16:48:32.0623 1872 SSDPSRV - ok 16:48:32.0654 1872 [ 198A737DBA666F4808D62E9A8277A6B7 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 16:48:32.0670 1872 SstpSvc - ok 16:48:32.0779 1872 [ 00148D28F32FD6A966347FA470A0630D ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 16:48:32.0779 1872 STacSV - ok 16:48:32.0904 1872 [ 3CD16D86B5D613D5BDA9CEDA4DDA4216 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe 16:48:32.0904 1872 StartMenuService - ok 16:48:32.0951 1872 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 16:48:32.0951 1872 stexstor - ok 16:48:32.0998 1872 [ 2A560BCECE25A62075AB13F7BFF4D9EF ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys 16:48:33.0014 1872 STHDA - ok 16:48:33.0076 1872 [ 63E9CE568CF1192771A5F0460DE7D2B9 ] stisvc C:\WINDOWS\System32\wiaservc.dll 16:48:33.0092 1872 stisvc - ok 16:48:33.0107 1872 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 16:48:33.0107 1872 storahci - ok 16:48:33.0154 1872 [ 8B9486B64E5FC17FB9CC04CA10B77A34 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 16:48:33.0154 1872 storflt - ok 16:48:33.0170 1872 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 16:48:33.0170 1872 stornvme - ok 16:48:33.0201 1872 [ A45F5AC9D8069D0EC66E3CA73103073B ] StorSvc C:\WINDOWS\system32\storsvc.dll 16:48:33.0217 1872 StorSvc - ok 16:48:33.0232 1872 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 16:48:33.0232 1872 storvsc - ok 16:48:33.0248 1872 [ E395BE02F80A79A6CF973BA38DBB8135 ] svsvc C:\WINDOWS\system32\svsvc.dll 16:48:33.0264 1872 svsvc - ok 16:48:33.0295 1872 [ 65454187E0F8B6C0DCECB0287D06EC43 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 16:48:33.0295 1872 swenum - ok 16:48:33.0342 1872 [ 1C71D72D4997A284128FBEE770726330 ] swprv C:\WINDOWS\System32\swprv.dll 16:48:33.0357 1872 swprv - ok 16:48:33.0404 1872 [ 1C9BC67929C728DED1091CA19C3F7D41 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 16:48:33.0404 1872 SynTP - ok 16:48:33.0467 1872 [ 7E85DB0463AD2403AE84AD162B162279 ] SysMain C:\WINDOWS\system32\sysmain.dll 16:48:33.0482 1872 SysMain - ok 16:48:33.0514 1872 [ D73DBBB96CEE90C2856164AAD8543425 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 16:48:33.0514 1872 SystemEventsBroker - ok 16:48:33.0561 1872 [ D6A71B95ACF71ACA63B67232059F1BCD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 16:48:33.0576 1872 TabletInputService - ok 16:48:33.0607 1872 [ 5A5BAB1CA9621E73E25EE4744B67CDA6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 16:48:33.0607 1872 TapiSrv - ok 16:48:33.0686 1872 [ 746DDF7D59AB8D721C88D48434597E8D ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 16:48:33.0717 1872 Tcpip - ok 16:48:33.0748 1872 [ 746DDF7D59AB8D721C88D48434597E8D ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:48:33.0779 1872 TCPIP6 - ok 16:48:33.0811 1872 [ 41CF802064F72E55F50CA0A221FD36D4 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 16:48:33.0811 1872 tcpipreg - ok 16:48:33.0857 1872 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 16:48:33.0857 1872 tdx - ok 16:48:33.0873 1872 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 16:48:33.0873 1872 terminpt - ok 16:48:33.0920 1872 [ C50997E282576DA492EBA66B059D4196 ] TermService C:\WINDOWS\System32\termsrv.dll 16:48:33.0935 1872 TermService - ok 16:48:33.0982 1872 [ 2180DBCE75B914E5E5BBFFFAAE97AA21 ] Themes C:\WINDOWS\system32\themeservice.dll 16:48:33.0998 1872 Themes - ok 16:48:34.0029 1872 [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 16:48:34.0045 1872 THREADORDER - ok 16:48:34.0076 1872 [ B5ED9CC61798C7D44BD535D40B89EFB5 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 16:48:34.0092 1872 TimeBroker - ok 16:48:34.0123 1872 [ 80A2FC1A089A71F2DBE5D8394FFB009F ] TPM C:\WINDOWS\system32\drivers\tpm.sys 16:48:34.0123 1872 TPM - ok 16:48:34.0154 1872 [ 884113C2BB703FE806C8608B75F34831 ] TrkWks C:\WINDOWS\System32\trkwks.dll 16:48:34.0154 1872 TrkWks - ok 16:48:34.0232 1872 [ 44A94FB4C76528D2382FFE04B05827C3 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 16:48:34.0232 1872 TrustedInstaller - ok 16:48:34.0264 1872 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 16:48:34.0279 1872 TsUsbFlt - ok 16:48:34.0295 1872 [ 20185BEB7512EDE4EFECDFA148AC9F99 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 16:48:34.0310 1872 TsUsbGD - ok 16:48:34.0342 1872 [ E85916632CD3B9E9B546968DB950BF42 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 16:48:34.0342 1872 tunnel - ok 16:48:34.0373 1872 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 16:48:34.0373 1872 uagp35 - ok 16:48:34.0389 1872 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 16:48:34.0389 1872 UASPStor - ok 16:48:34.0420 1872 [ 807F8CF3E973305FC435C61CBBEE2A49 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 16:48:34.0420 1872 UCX01000 - ok 16:48:34.0435 1872 [ C61EAF8E1E4B2F62BA4FDF457440B2C6 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 16:48:34.0451 1872 udfs - ok 16:48:34.0467 1872 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 16:48:34.0467 1872 UEFI - ok 16:48:34.0498 1872 [ A867F0F978EE64C87FADC3B100869EE4 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 16:48:34.0514 1872 UI0Detect - ok 16:48:34.0545 1872 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 16:48:34.0545 1872 uliagpkx - ok 16:48:34.0560 1872 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 16:48:34.0560 1872 umbus - ok 16:48:34.0592 1872 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 16:48:34.0592 1872 UmPass - ok 16:48:34.0623 1872 [ A023F267A262D5DA6CE1436D9C5E8FD9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 16:48:34.0639 1872 UmRdpService - ok 16:48:34.0670 1872 [ C98493DD8E6A50154FAC75C15E1C36BB ] upnphost C:\WINDOWS\System32\upnphost.dll 16:48:34.0685 1872 upnphost - ok 16:48:34.0717 1872 [ FF78D053A05E5A394F4E3C1816CC65A8 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 16:48:34.0732 1872 usbccgp - ok 16:48:34.0748 1872 [ 0139248F6B95CF0D837B5B46A2722D40 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 16:48:34.0748 1872 usbcir - ok 16:48:34.0779 1872 [ C996CBEF922B5653A01E3F50DDCE2F86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 16:48:34.0795 1872 usbehci - ok 16:48:34.0826 1872 [ 504901430B6E03B99EBB6BF26E0868C6 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys 16:48:34.0826 1872 usbfilter - ok 16:48:34.0857 1872 [ CD81683F4553677B9BF5163A922153EB ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 16:48:34.0873 1872 usbhub - ok 16:48:34.0904 1872 [ 5C90D5379B53590FBB24BBAD4FA682EE ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 16:48:34.0904 1872 USBHUB3 - ok 16:48:34.0951 1872 [ A0F0484C97D6441ED6A75D7426ECCC9E ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 16:48:34.0951 1872 usbohci - ok 16:48:34.0998 1872 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 16:48:34.0998 1872 usbprint - ok 16:48:35.0014 1872 [ 66732C13628BDB1AB0D6FD46027327C2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 16:48:35.0014 1872 USBSTOR - ok 16:48:35.0029 1872 [ FC974B03C8B87455F44F734C8F31A3C8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 16:48:35.0029 1872 usbuhci - ok 16:48:35.0076 1872 [ 5C8F604F6DC74177CDD8372D7B1ADFF0 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 16:48:35.0107 1872 usbvideo - ok 16:48:35.0154 1872 [ 44603DA5A87FB491EF59C889EBBB4DDB ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 16:48:35.0154 1872 USBXHCI - ok 16:48:35.0186 1872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] VaultSvc C:\WINDOWS\system32\lsass.exe 16:48:35.0186 1872 VaultSvc - ok 16:48:35.0217 1872 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 16:48:35.0217 1872 vdrvroot - ok 16:48:35.0357 1872 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A ] vds C:\WINDOWS\System32\vds.exe 16:48:35.0389 1872 vds - ok 16:48:35.0404 1872 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 16:48:35.0404 1872 VerifierExt - ok 16:48:35.0451 1872 [ 34CAF69BF4166AB40BFF0ED068FF6F91 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 16:48:35.0451 1872 vhdmp - ok 16:48:35.0498 1872 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 16:48:35.0498 1872 viaide - ok 16:48:35.0529 1872 [ 511AD3FF957A0127E6BD336FF6F89C38 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 16:48:35.0529 1872 vmbus - ok 16:48:35.0561 1872 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 16:48:35.0561 1872 VMBusHID - ok 16:48:35.0607 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 16:48:35.0623 1872 vmicguestinterface - ok 16:48:35.0639 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 16:48:35.0639 1872 vmicheartbeat - ok 16:48:35.0654 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 16:48:35.0654 1872 vmickvpexchange - ok 16:48:35.0670 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 16:48:35.0670 1872 vmicrdv - ok 16:48:35.0685 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 16:48:35.0701 1872 vmicshutdown - ok 16:48:35.0701 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 16:48:35.0717 1872 vmictimesync - ok 16:48:35.0732 1872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 16:48:35.0732 1872 vmicvss - ok 16:48:35.0764 1872 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 16:48:35.0764 1872 volmgr - ok 16:48:35.0779 1872 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 16:48:35.0779 1872 volmgrx - ok 16:48:35.0826 1872 [ D537962695CAFEC1301F3EB7C8C3A1D2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 16:48:35.0826 1872 volsnap - ok 16:48:35.0842 1872 [ EF31713EE4C7CCFE4049F7E7F15645A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 16:48:35.0857 1872 vpci - ok 16:48:35.0889 1872 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 16:48:35.0889 1872 vsmraid - ok 16:48:35.0936 1872 [ 3B7F9612439EA47151EC5EAB232C1C3F ] VSS C:\WINDOWS\system32\vssvc.exe 16:48:35.0951 1872 VSS - ok 16:48:35.0982 1872 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 16:48:35.0982 1872 VSTXRAID - ok 16:48:36.0029 1872 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 16:48:36.0029 1872 vwifibus - ok 16:48:36.0061 1872 [ 35BF5C5F5E3C9902C98978C7640574DA ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 16:48:36.0061 1872 vwififlt - ok 16:48:36.0061 1872 [ 65ED7B9CFEA893DF7748D5FF692690DE ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 16:48:36.0061 1872 vwifimp - ok 16:48:36.0107 1872 [ DC821E811EFBB65CDD77FBB8B6ECA385 ] W32Time C:\WINDOWS\system32\w32time.dll 16:48:36.0123 1872 W32Time - ok 16:48:36.0186 1872 [ A22546B0093EBBDE03C52E56C3391373 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll 16:48:36.0186 1872 w3logsvc - ok 16:48:36.0232 1872 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 16:48:36.0232 1872 WacomPen - ok 16:48:36.0279 1872 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll 16:48:36.0295 1872 WAS - ok 16:48:36.0342 1872 [ 139D842E5FB75A1E2F0212FBD7B0E457 ] wbengine C:\WINDOWS\system32\wbengine.exe 16:48:36.0373 1872 wbengine - ok 16:48:36.0404 1872 [ 0F1DFA2FED73FA78B8C3CDE332A870F6 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 16:48:36.0420 1872 WbioSrvc - ok 16:48:36.0436 1872 [ 0EAEC313B24837613621B4A2536ED382 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 16:48:36.0451 1872 Wcmsvc - ok 16:48:36.0467 1872 [ F6B4C2280FF7C7156AC8A4687B9DA35E ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 16:48:36.0482 1872 wcncsvc - ok 16:48:36.0529 1872 [ B7BF1D783F5B2484E8CE1C0C78257F16 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 16:48:36.0529 1872 WcsPlugInService - ok 16:48:36.0560 1872 [ 81285DDC994F03379DB46419300B2DCB ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 16:48:36.0560 1872 WdBoot - ok 16:48:36.0592 1872 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 16:48:36.0607 1872 Wdf01000 - ok 16:48:36.0623 1872 [ 26B8FED3F3B85F5F0C4BD03FD00B9941 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 16:48:36.0639 1872 WdFilter - ok 16:48:36.0670 1872 [ F581F9C9D6953FABFA24E67105F0B614 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 16:48:36.0670 1872 WdiServiceHost - ok 16:48:36.0686 1872 [ F581F9C9D6953FABFA24E67105F0B614 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 16:48:36.0686 1872 WdiSystemHost - ok 16:48:36.0717 1872 [ CE67080F00E0AF32755096CEA6430ABA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 16:48:36.0717 1872 WdNisDrv - ok 16:48:36.0748 1872 WdNisSvc - ok 16:48:36.0779 1872 [ 40F83492DB9ABBA59773A45FB487C8B2 ] WebClient C:\WINDOWS\System32\webclnt.dll 16:48:36.0779 1872 WebClient - ok 16:48:36.0826 1872 [ 384E1D04FE20845B2559D292F17A9FA1 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 16:48:36.0826 1872 Wecsvc - ok 16:48:36.0857 1872 [ 455014F4E48B67EBE0F032E2B0E06BF2 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 16:48:36.0857 1872 WEPHOSTSVC - ok 16:48:36.0889 1872 [ F13DBA57CEA9B7074B95EDCA6AD2635E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 16:48:36.0904 1872 wercplsupport - ok 16:48:36.0951 1872 [ FD7E58B6AA3EABF2D12B9762A20E11E4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 16:48:36.0951 1872 WerSvc - ok 16:48:36.0998 1872 [ 715ABA3DD164D06457A2A3C92F6EA9D5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 16:48:36.0998 1872 WFPLWFS - ok 16:48:37.0045 1872 [ 8C840E1FD7584E74BD0CC1EA581EC187 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 16:48:37.0045 1872 WiaRpc - ok 16:48:37.0061 1872 [ 5F66B7BB330AA80067FC66149A692620 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 16:48:37.0061 1872 WIMMount - ok 16:48:37.0076 1872 WinDefend - ok 16:48:37.0139 1872 [ 10DAD6A7FC617A221313BD584E3C3A00 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 16:48:37.0139 1872 WinHttpAutoProxySvc - ok 16:48:37.0201 1872 [ FC8BD690321216C32BB58B035B6D5674 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 16:48:37.0217 1872 Winmgmt - ok 16:48:37.0264 1872 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 16:48:37.0264 1872 WinRing0_1_2_0 - ok 16:48:37.0373 1872 [ 75436315AA383CF527695C6D49D0CA59 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 16:48:37.0404 1872 WinRM - ok 16:48:37.0436 1872 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13 ] WinUsb C:\WINDOWS\System32\drivers\WinUSB.SYS 16:48:37.0436 1872 WinUsb - ok 16:48:37.0467 1872 [ 4F2A80D65AE6F845776E2F06AE6782ED ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys 16:48:37.0482 1872 WirelessButtonDriver - ok 16:48:37.0529 1872 [ DC079BA8390089E4EBCA63D27EEA3ECB ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 16:48:37.0561 1872 WlanSvc - ok 16:48:37.0623 1872 [ 06BF5897949A8F24893F792E876B71F5 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 16:48:37.0654 1872 wlidsvc - ok 16:48:37.0686 1872 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 16:48:37.0686 1872 WmiAcpi - ok 16:48:37.0717 1872 [ B96F7A1236C3F21212DE2C40A3DDB005 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 16:48:37.0732 1872 wmiApSrv - ok 16:48:37.0748 1872 WMPNetworkSvc - ok 16:48:37.0779 1872 [ 7FC5667DF73D4B04AA457CC3A4180E09 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 16:48:37.0779 1872 Wof - ok 16:48:37.0826 1872 [ EDFA5CEDBE174FAAA4A09A6B297AEA42 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 16:48:37.0857 1872 workfolderssvc - ok 16:48:37.0873 1872 [ A2468CC3509394A33C4C32F99563D845 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 16:48:37.0873 1872 wpcfltr - ok 16:48:37.0904 1872 [ 19F4DF69876DA7E9C4965351560FE6B7 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 16:48:37.0904 1872 WPCSvc - ok 16:48:37.0935 1872 [ 2ADE11F3D84709C5F6781E4C59F11683 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 16:48:37.0951 1872 WPDBusEnum - ok 16:48:37.0982 1872 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 16:48:37.0982 1872 WpdUpFltr - ok 16:48:37.0998 1872 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 16:48:37.0998 1872 ws2ifsl - ok 16:48:38.0014 1872 [ 501D5EFAB9711039479AE48401386D2B ] wscsvc C:\WINDOWS\System32\wscsvc.dll 16:48:38.0029 1872 wscsvc - ok 16:48:38.0029 1872 WSearch - ok 16:48:38.0123 1872 [ 6B2D71124C1EA86B74412F414C42431D ] WSService C:\WINDOWS\System32\WSService.dll 16:48:38.0170 1872 WSService - ok 16:48:38.0310 1872 [ 020F47C655ED1F63BBA834AA53575D5C ] wuauserv C:\WINDOWS\system32\wuaueng.dll 16:48:38.0404 1872 wuauserv - ok 16:48:38.0451 1872 [ 481286719402E4BAEFEA0604AB1B5113 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 16:48:38.0451 1872 WudfPf - ok 16:48:38.0482 1872 [ D7B4859227B02BCC1055B279A63C937F ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 16:48:38.0498 1872 WUDFRd - ok 16:48:38.0529 1872 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 16:48:38.0529 1872 wudfsvc - ok 16:48:38.0545 1872 [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 16:48:38.0545 1872 WUDFWpdFs - ok 16:48:38.0561 1872 [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 16:48:38.0561 1872 WUDFWpdMtp - ok 16:48:38.0592 1872 [ A0900F8F628B5AF6841414EB3CF11E50 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 16:48:38.0607 1872 WwanSvc - ok 16:48:38.0623 1872 ================ Scan global =============================== 16:48:38.0670 1872 [ 05B08C20B8428ECE088CB5635696A48D ] C:\WINDOWS\system32\basesrv.dll 16:48:38.0701 1872 [ EAB311B0A7A8EA0346F14F08D4BC8F46 ] C:\WINDOWS\system32\winsrv.dll 16:48:38.0732 1872 [ 3600ED7EA8AED849E20700551C0BD63B ] C:\WINDOWS\system32\sxssrv.dll 16:48:38.0764 1872 [ E0C7813A97CA7947FF5C18A8F3B61A45 ] C:\WINDOWS\system32\services.exe 16:48:38.0764 1872 [Global] - ok 16:48:38.0764 1872 ================ Scan MBR ================================== 16:48:38.0779 1872 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 16:48:38.0779 1872 \Device\Harddisk0\DR0 - ok 16:48:38.0779 1872 ================ Scan VBR ================================== 16:48:38.0795 1872 [ 8F42959367AED58D194462AA507C615F ] \Device\Harddisk0\DR0\Partition1 16:48:38.0795 1872 \Device\Harddisk0\DR0\Partition1 - ok 16:48:38.0810 1872 [ F9346BB4385351192D84CA7072E62157 ] \Device\Harddisk0\DR0\Partition2 16:48:38.0810 1872 \Device\Harddisk0\DR0\Partition2 - ok 16:48:38.0810 1872 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 16:48:38.0826 1872 \Device\Harddisk0\DR0\Partition3 - ok 16:48:38.0826 1872 [ FB304DACB6F4DDF5AEA00877FED37ACD ] \Device\Harddisk0\DR0\Partition4 16:48:38.0826 1872 \Device\Harddisk0\DR0\Partition4 - ok 16:48:38.0857 1872 [ F372DE9EF51DDE4BAB273ABA83894539 ] \Device\Harddisk0\DR0\Partition5 16:48:38.0857 1872 \Device\Harddisk0\DR0\Partition5 - ok 16:48:38.0873 1872 [ E1CF300B3165879C17F8D3DE22F343E9 ] \Device\Harddisk0\DR0\Partition6 16:48:38.0873 1872 \Device\Harddisk0\DR0\Partition6 - ok 16:48:38.0873 1872 ============================================================ 16:48:38.0873 1872 Scan finished 16:48:38.0873 1872 ============================================================ 16:48:38.0889 0864 Detected object count: 2 16:48:38.0889 0864 Actual detected object count: 2 16:49:00.0451 0864 C:\WINDOWS\System32\ikeext.dll - copied to quarantine 16:49:00.0451 0864 IKEEXT ( ForgedFile.Multi.Generic ) - User select action: Quarantine 16:49:00.0498 0864 C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys - copied to quarantine 16:49:00.0498 0864 MBAMSwissArmy ( HiddenService.Multi.Generic ) - User select action: Quarantine 16:49:10.0936 4872 ============================================================ 16:49:10.0936 4872 Scan started 16:49:10.0936 4872 Mode: Manual; 16:49:10.0936 4872 ============================================================ 16:49:11.0342 4872 ================ Scan system memory ======================== 16:49:11.0342 4872 System memory - ok 16:49:11.0342 4872 ================ Scan services ============================= 16:49:11.0498 4872 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 16:49:11.0498 4872 1394ohci - ok 16:49:11.0529 4872 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 16:49:11.0529 4872 3ware - ok 16:49:11.0561 4872 [ BE14A19386CC6711D2225D2B242AAC53 ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys 16:49:11.0561 4872 Accelerometer - ok 16:49:11.0623 4872 [ E796AE43DDD1844281DB4D57294D17C0 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 16:49:11.0623 4872 ACPI - ok 16:49:11.0654 4872 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 16:49:11.0654 4872 acpiex - ok 16:49:11.0686 4872 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 16:49:11.0686 4872 acpipagr - ok 16:49:11.0701 4872 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 16:49:11.0732 4872 AcpiPmi - ok 16:49:11.0748 4872 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 16:49:11.0748 4872 acpitime - ok 16:49:11.0826 4872 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:49:11.0842 4872 AdobeARMservice - ok 16:49:11.0936 4872 [ A9D55370A0CBADD1E1E2B4796ACD26DF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:49:11.0936 4872 AdobeFlashPlayerUpdateSvc - ok 16:49:11.0983 4872 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 16:49:11.0998 4872 ADP80XX - ok 16:49:12.0061 4872 [ CAC04FF26BD3D6521BE79B5B4EB2E53A ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe 16:49:12.0076 4872 AdvancedSystemCareService7 - ok 16:49:12.0123 4872 [ BCD58DACAA1EAAADC115EDD940478F6D ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 16:49:12.0123 4872 AeLookupSvc - ok 16:49:12.0170 4872 [ 374E27295F0A9DCAA8FC96370F9BEEA5 ] AFD C:\WINDOWS\system32\drivers\afd.sys 16:49:12.0170 4872 AFD - ok 16:49:12.0186 4872 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 16:49:12.0186 4872 agp440 - ok 16:49:12.0217 4872 [ FE14D249D39368CA62D8DA6BC94AC694 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 16:49:12.0217 4872 ahcache - ok 16:49:12.0248 4872 [ 14A45BE6F5678339F0EC5752D9849410 ] ALG C:\WINDOWS\System32\alg.exe 16:49:12.0248 4872 ALG - ok 16:49:12.0279 4872 [ 6CF81DD5083D7F94A7E76E50429A949C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe 16:49:12.0279 4872 AMD External Events Utility - ok 16:49:12.0342 4872 AMD FUEL Service - ok 16:49:12.0389 4872 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 16:49:12.0389 4872 AmdK8 - ok 16:49:12.0670 4872 [ 71F8D8B977ACC5973FA042BF906E709F ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys 16:49:12.0764 4872 amdkmdag - ok 16:49:12.0795 4872 [ 4AA027F91A8093B1CDF453B5394F6715 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 16:49:12.0811 4872 amdkmdap - ok 16:49:12.0842 4872 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 16:49:12.0842 4872 AmdPPM - ok 16:49:12.0857 4872 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 16:49:12.0857 4872 amdsata - ok 16:49:12.0873 4872 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 16:49:12.0873 4872 amdsbs - ok 16:49:12.0889 4872 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 16:49:12.0889 4872 amdxata - ok 16:49:12.0920 4872 [ 283299C3941DB5B7B35A7D28F186E9E1 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys 16:49:12.0920 4872 amd_sata - ok 16:49:12.0936 4872 [ 7E4FB65206BBBEAEA5F61FB003B1D8C7 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys 16:49:12.0936 4872 amd_xata - ok 16:49:12.0951 4872 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 16:49:12.0951 4872 AODDriver4.2 - ok 16:49:13.0014 4872 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll 16:49:13.0014 4872 AppHostSvc - ok 16:49:13.0045 4872 [ 415DD71628795197F7AFC176CBADC74E ] AppID C:\WINDOWS\system32\drivers\appid.sys 16:49:13.0045 4872 AppID - ok 16:49:13.0076 4872 [ 88358135810B9DFD830A9D3A8C3D149A ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 16:49:13.0076 4872 AppIDSvc - ok 16:49:13.0108 4872 [ 734622FBA766DBD65B1803549B24A04A ] Appinfo C:\WINDOWS\System32\appinfo.dll 16:49:13.0108 4872 Appinfo - ok 16:49:13.0154 4872 [ 35E28923A23ADABAA5A1B43256D0AB58 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 16:49:13.0170 4872 AppReadiness - ok 16:49:13.0248 4872 [ 573542B5E97772021B73E854DA861DAA ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 16:49:13.0264 4872 AppXSvc - ok 16:49:13.0295 4872 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 16:49:13.0295 4872 arcsas - ok 16:49:13.0373 4872 [ AA2E8C6B8D7EA7BAF04C988801927F48 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:49:13.0373 4872 aspnet_state - ok 16:49:13.0420 4872 [ 25863B5A3AC02DD35063D77C1F1415FF ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys 16:49:13.0420 4872 aswHwid - ok 16:49:13.0436 4872 [ 2894AC8C6159201940C8CD5B33CC5203 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys 16:49:13.0436 4872 aswMonFlt - ok 16:49:13.0451 4872 [ C384DC3DDF65F3E011DFBDFDB500F89A ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys 16:49:13.0451 4872 aswRdr - ok 16:49:13.0467 4872 [ 7F5ADFD9CA8EF06D020273B81BFFD731 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys 16:49:13.0467 4872 aswRvrt - ok 16:49:13.0529 4872 [ D8AED327929029227447ADA450AA3AE8 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 16:49:13.0545 4872 aswSnx - ok 16:49:13.0561 4872 [ D96A7EE9F5E25A7941F2A2A2BED46339 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 16:49:13.0576 4872 aswSP - ok 16:49:13.0607 4872 [ 82F2525A22A380AA977428490AA849E3 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys 16:49:13.0607 4872 aswStm - ok 16:49:13.0639 4872 [ 2F3F0B08EBF741FE22745BECC794CE34 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys 16:49:13.0639 4872 aswVmm - ok 16:49:13.0654 4872 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys 16:49:13.0654 4872 atapi - ok 16:49:13.0764 4872 [ 93A6671EC2DC01378F2CF481A0026DEB ] athr C:\WINDOWS\system32\DRIVERS\athwbx.sys 16:49:13.0795 4872 athr - ok 16:49:13.0889 4872 [ EF2EC92C4E449CD065B9E892E05D47BE ] AtiDCM C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys 16:49:13.0889 4872 AtiDCM - ok 16:49:13.0936 4872 [ 51A7233DEBE0648F8069F73867475F64 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys 16:49:13.0936 4872 AtiHDAudioService - ok 16:49:13.0983 4872 [ 431FE56F5A2F5937994CB2DA330B47DB ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 16:49:13.0983 4872 AudioEndpointBuilder - ok 16:49:14.0014 4872 [ 0F03CC00645D7F841879A048787D6AC7 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 16:49:14.0029 4872 Audiosrv - ok 16:49:14.0076 4872 [ A97E144E84A665B22AE6E6A93E4DD465 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 16:49:14.0076 4872 avast! Antivirus - ok 16:49:14.0108 4872 [ 3C6ED74AF41DD1A5585CE5EF3D00915F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 16:49:14.0123 4872 AxInstSV - ok 16:49:14.0154 4872 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 16:49:14.0170 4872 b06bdrv - ok 16:49:14.0186 4872 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 16:49:14.0186 4872 BasicDisplay - ok 16:49:14.0201 4872 [ 38A82F4EE8C416A6744B6D30381ED768 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 16:49:14.0201 4872 BasicRender - ok 16:49:14.0233 4872 [ 2C969095C2827EF4536C7D6FA434F993 ] BazisVirtualCDBus C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys 16:49:14.0233 4872 BazisVirtualCDBus - ok 16:49:14.0248 4872 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 16:49:14.0248 4872 bcmfn2 - ok 16:49:14.0295 4872 [ 4B6F61BD394DCEDA9B06D702836531C2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 16:49:14.0311 4872 BDESVC - ok 16:49:14.0342 4872 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:49:14.0342 4872 Beep - ok 16:49:14.0389 4872 [ 48554994279BFE17A3D2B00076D0CB1A ] BITS C:\WINDOWS\System32\qmgr.dll 16:49:14.0404 4872 BITS - ok 16:49:14.0420 4872 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 16:49:14.0420 4872 bowser - ok 16:49:14.0451 4872 [ FA601515FF2B59F25FDD8EDB1D2A1104 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 16:49:14.0451 4872 BrokerInfrastructure - ok 16:49:14.0498 4872 [ BC111AADACD0BF59D56547461D13AB6E ] Browser C:\WINDOWS\System32\browser.dll 16:49:14.0498 4872 Browser - ok 16:49:14.0529 4872 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 16:49:14.0529 4872 BthAvrcpTg - ok 16:49:14.0561 4872 [ 272A62B660A48AEF366F8A1836CED19F ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 16:49:14.0576 4872 BthHFEnum - ok 16:49:14.0592 4872 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 16:49:14.0592 4872 bthhfhid - ok 16:49:14.0639 4872 [ 9307A4B743D277C499CDA8E19E5687AC ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 16:49:14.0639 4872 BthHFSrv - ok 16:49:14.0654 4872 [ EF4B9E7C9AD88C00C18A12B0D22D1894 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 16:49:14.0654 4872 BTHMODEM - ok 16:49:14.0686 4872 [ 043A0F37631BF453F16D478B71320F46 ] bthserv C:\WINDOWS\system32\bthserv.dll 16:49:14.0686 4872 bthserv - ok 16:49:14.0764 4872 [ 52AE2CDD37AB735FBDA52263EFD524AA ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe 16:49:14.0764 4872 c2cautoupdatesvc - ok 16:49:14.0811 4872 [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 16:49:14.0826 4872 c2cpnrsvc - ok 16:49:14.0858 4872 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 16:49:14.0858 4872 cdfs - ok 16:49:14.0873 4872 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 16:49:14.0873 4872 cdrom - ok 16:49:14.0904 4872 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E ] CertPropSvc C:\WINDOWS\System32\certprop.dll 16:49:14.0904 4872 CertPropSvc - ok 16:49:14.0936 4872 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys 16:49:14.0936 4872 circlass - ok 16:49:14.0967 4872 [ 8EB7E70C2D348FE2476A2E3F2D585E3D ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 16:49:14.0967 4872 CLFS - ok 16:49:15.0014 4872 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\WINDOWS\system32\DRIVERS\clwvd.sys 16:49:15.0014 4872 clwvd - ok 16:49:15.0045 4872 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 16:49:15.0045 4872 CmBatt - ok 16:49:15.0092 4872 [ 0DE32A0BB1FE2A773666572F79584520 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 16:49:15.0092 4872 CNG - ok 16:49:15.0123 4872 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 16:49:15.0123 4872 CompositeBus - ok 16:49:15.0123 4872 COMSysApp - ok 16:49:15.0139 4872 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 16:49:15.0139 4872 condrv - ok 16:49:15.0186 4872 [ 6324F0D18FB52833BA64BC828E29054C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 16:49:15.0186 4872 CryptSvc - ok 16:49:15.0217 4872 [ 389C998C64319CD97625B0550E52ECFA ] dam C:\WINDOWS\system32\drivers\dam.sys 16:49:15.0217 4872 dam - ok 16:49:15.0264 4872 [ A6F17C299A03BAFEFB9257C462A19E00 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:49:15.0279 4872 DcomLaunch - ok 16:49:15.0311 4872 [ 95E1ABFB27F8A62ED764805775F0D2F3 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 16:49:15.0311 4872 defragsvc - ok 16:49:15.0342 4872 [ FF086DEF5995558CCB1B5AAC2110195D ] DeviceAssociationService C:\WINDOWS\system32\das.dll 16:49:15.0342 4872 DeviceAssociationService - ok 16:49:15.0373 4872 [ 2C02AFF8383D893F8DBEB07A84F6E77C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 16:49:15.0373 4872 DeviceInstall - ok 16:49:15.0404 4872 [ A03F362C5557E238CBFA914689C77248 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 16:49:15.0404 4872 Dfsc - ok 16:49:15.0436 4872 [ CFBB4907C7542180B5E0282301240006 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys 16:49:15.0436 4872 DgiVecp - ok 16:49:15.0483 4872 [ 3EEAADA3125431980E5804ED7143458A ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 16:49:15.0483 4872 Dhcp - ok 16:49:15.0529 4872 [ 21EDAD8188372C912B7BB9B1C6CB0D38 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 16:49:15.0545 4872 DiagTrack - ok 16:49:15.0561 4872 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys 16:49:15.0561 4872 disk - ok 16:49:15.0608 4872 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 16:49:15.0608 4872 dmvsc - ok 16:49:15.0639 4872 [ E9AE4FAE83FB38A2962F9032B24CEB3C ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:49:15.0639 4872 Dnscache - ok 16:49:15.0670 4872 [ 811EACBCC7C51A03AE11F13CC27B2AB6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 16:49:15.0670 4872 dot3svc - ok 16:49:15.0701 4872 [ B99CB575986789A93A683DCF292A43A1 ] DPS C:\WINDOWS\system32\dps.dll 16:49:15.0701 4872 DPS - ok 16:49:15.0733 4872 [ 00C594D5A1DBD22AD8B2902B9F6EFF94 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 16:49:15.0733 4872 drmkaud - ok 16:49:15.0764 4872 [ 263625A4F616538EB867B6306A6590DB ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 16:49:15.0764 4872 DsmSvc - ok 16:49:15.0826 4872 [ E1BB0B6F00F470B451AB45EA13EBA0B3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 16:49:15.0826 4872 DXGKrnl - ok 16:49:15.0858 4872 [ E253530BD5EDE28F1FF6AF93C4D8034D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 16:49:15.0858 4872 Eaphost - ok 16:49:15.0936 4872 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 16:49:15.0967 4872 ebdrv - ok 16:49:15.0998 4872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] EFS C:\WINDOWS\System32\lsass.exe 16:49:15.0998 4872 EFS - ok 16:49:16.0045 4872 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 16:49:16.0045 4872 EhStorClass - ok 16:49:16.0061 4872 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 16:49:16.0061 4872 EhStorTcgDrv - ok 16:49:16.0076 4872 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 16:49:16.0076 4872 ErrDev - ok 16:49:16.0123 4872 [ F00C593994D57C75273F820653440536 ] EventSystem C:\WINDOWS\system32\es.dll 16:49:16.0123 4872 EventSystem - ok 16:49:16.0154 4872 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 16:49:16.0154 4872 exfat - ok 16:49:16.0170 4872 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 16:49:16.0170 4872 fastfat - ok 16:49:16.0201 4872 [ 304B6AEC4639A7CCCCF544C6BA6177B2 ] Fax C:\WINDOWS\system32\fxssvc.exe 16:49:16.0217 4872 Fax - ok 16:49:16.0233 4872 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys 16:49:16.0233 4872 fdc - ok 16:49:16.0264 4872 [ 020D2F29009F893ADEFF4405B4B44565 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 16:49:16.0264 4872 fdPHost - ok 16:49:16.0279 4872 [ E80D2EDD2F88B6E20076A0A4F5A5A245 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 16:49:16.0279 4872 FDResPub - ok 16:49:16.0326 4872 [ 47AB7D16EDE434B934AA4D661456C2D5 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 16:49:16.0326 4872 fhsvc - ok 16:49:16.0358 4872 [ BCFD8B149B3ADF92D0DB1E909CAF0265 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 16:49:16.0358 4872 FileInfo - ok 16:49:16.0373 4872 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 16:49:16.0373 4872 Filetrace - ok 16:49:16.0389 4872 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 16:49:16.0389 4872 flpydisk - ok 16:49:16.0420 4872 [ C1FB505A73FA2E9019D32444AB33B75A ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 16:49:16.0420 4872 FltMgr - ok 16:49:16.0498 4872 [ 2F225BC85B84C04EA01BAB8D8DACFA83 ] FontCache C:\WINDOWS\system32\FntCache.dll 16:49:16.0529 4872 FontCache - ok 16:49:16.0561 4872 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:49:16.0576 4872 FontCache3.0.0.0 - ok 16:49:16.0592 4872 [ A7C31B168F371E8E6796219F23E354DB ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 16:49:16.0592 4872 FsDepends - ok 16:49:16.0670 4872 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:49:16.0670 4872 Fs_Rec - ok 16:49:16.0717 4872 [ F152D55E497E12256290C43B31C7D0CE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 16:49:16.0717 4872 fvevol - ok 16:49:16.0748 4872 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 16:49:16.0748 4872 FxPPM - ok 16:49:16.0764 4872 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 16:49:16.0764 4872 gagp30kx - ok 16:49:16.0795 4872 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 16:49:16.0795 4872 gencounter - ok 16:49:16.0826 4872 [ 8DF1254093B5C354CE725EB6B9B0DE19 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 16:49:16.0826 4872 GPIOClx0101 - ok 16:49:16.0873 4872 [ 0D03F87D4FF4ADBAF8336DD80548155A ] gpsvc C:\WINDOWS\System32\gpsvc.dll 16:49:16.0873 4872 gpsvc - ok 16:49:16.0904 4872 [ 56F69F7C25FB67C970997D7066DBC593 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 16:49:16.0920 4872 HdAudAddService - ok 16:49:16.0936 4872 [ D4B7ED39C7900384D9E5C1283F1E7926 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 16:49:16.0936 4872 HDAudBus - ok 16:49:16.0936 4872 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 16:49:16.0936 4872 HidBatt - ok 16:49:16.0967 4872 [ 42F88B57CAE42FC10059C887B3FCFCEA ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 16:49:16.0967 4872 HidBth - ok 16:49:16.0983 4872 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 16:49:16.0998 4872 hidi2c - ok 16:49:17.0029 4872 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 16:49:17.0029 4872 HidIr - ok 16:49:17.0061 4872 [ EA85B5093DF7B5C3E80362B053740AE2 ] hidserv C:\WINDOWS\system32\hidserv.dll 16:49:17.0061 4872 hidserv - ok 16:49:17.0092 4872 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 16:49:17.0092 4872 HidUsb - ok 16:49:17.0123 4872 [ 93C4315F47F8D635C6DB0DF49FCE10EE ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 16:49:17.0123 4872 hkmsvc - ok 16:49:17.0170 4872 [ AC49522ED106BD4B545D6614D71C2445 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 16:49:17.0170 4872 HomeGroupListener - ok 16:49:17.0201 4872 [ 99932E30CE0283B73BB6E5019E150394 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 16:49:17.0217 4872 HomeGroupProvider - ok 16:49:17.0264 4872 [ 4F88FA114D15504E1B17978A8DA4165E ] HPConnectedRemote C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe 16:49:17.0279 4872 HPConnectedRemote - ok 16:49:17.0311 4872 [ 0C28C65207A2BD4C737A5BCDAB26A430 ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys 16:49:17.0311 4872 hpdskflt - ok 16:49:17.0373 4872 [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 16:49:17.0373 4872 hpqwmiex - ok 16:49:17.0404 4872 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 16:49:17.0404 4872 HpSAMD - ok 16:49:17.0420 4872 [ 81E3EF01D1883394BDA9B8687B3BFE23 ] hpsrv C:\WINDOWS\system32\Hpservice.exe 16:49:17.0420 4872 hpsrv - ok 16:49:17.0483 4872 [ 1878A79551F2EDAE7EBD110AAE6D33AD ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe 16:49:17.0483 4872 HPSupportSolutionsFrameworkService - ok 16:49:17.0514 4872 [ 3C5B2067338E4EFDADE94E4A72728F23 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 16:49:17.0514 4872 HPWMISVC - ok 16:49:17.0561 4872 [ E87A6D3B8FECD5B93BC0CFBB48C27970 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 16:49:17.0561 4872 HTTP - ok 16:49:17.0639 4872 [ E5805896A55D4166C20F216249F40FA3 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS 16:49:17.0639 4872 HWiNFO32 - ok 16:49:17.0686 4872 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 16:49:17.0686 4872 hwpolicy - ok 16:49:17.0717 4872 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 16:49:17.0717 4872 hyperkbd - ok 16:49:17.0733 4872 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 16:49:17.0733 4872 HyperVideo - ok 16:49:17.0764 4872 [ 49EE0AE9E5B64FFBBD06D55C4984B598 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 16:49:17.0779 4872 i8042prt - ok 16:49:17.0826 4872 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16:49:17.0826 4872 iaLPSSi_GPIO - ok 16:49:17.0873 4872 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 16:49:17.0873 4872 iaLPSSi_I2C - ok 16:49:17.0920 4872 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 16:49:17.0920 4872 iaStorAV - ok 16:49:17.0951 4872 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 16:49:17.0951 4872 iaStorV - ok 16:49:18.0045 4872 [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 16:49:18.0061 4872 IconMan_R - ok 16:49:18.0076 4872 IEEtwCollectorService - ok 16:49:18.0123 4872 [ E40F92893FE59FE50D16A9547D1B662D ] IKEEXT C:\WINDOWS\System32\ikeext.dll 16:49:18.0154 4872 Suspicious file (Forged): C:\WINDOWS\System32\ikeext.dll. Real md5: E40F92893FE59FE50D16A9547D1B662D, Fake md5: 85913B101B2C9CC50B223D281F10D53C 16:49:18.0154 4872 IKEEXT ( ForgedFile.Multi.Generic ) - warning 16:49:18.0154 4872 IKEEXT - detected ForgedFile.Multi.Generic (1) 16:49:18.0170 4872 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 16:49:18.0186 4872 intelide - ok 16:49:18.0201 4872 [ 7AA01AB1C110916825E6E1389F1B9AF2 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 16:49:18.0201 4872 intelpep - ok 16:49:18.0217 4872 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 16:49:18.0217 4872 intelppm - ok 16:49:18.0248 4872 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:49:18.0248 4872 IpFilterDriver - ok 16:49:18.0295 4872 [ A5800036E4EA06697A34742A24ACFBE1 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 16:49:18.0295 4872 iphlpsvc - ok 16:49:18.0326 4872 [ C800DCD904016B2BF6AB541083770A3A ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 16:49:18.0326 4872 IPMIDRV - ok 16:49:18.0373 4872 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 16:49:18.0373 4872 IPNAT - ok 16:49:18.0389 4872 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 16:49:18.0389 4872 IRENUM - ok 16:49:18.0420 4872 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 16:49:18.0420 4872 isapnp - ok 16:49:18.0436 4872 [ D90AB68D0FAC9F357F663670FDBB511E ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 16:49:18.0436 4872 iScsiPrt - ok 16:49:18.0451 4872 [ 5917AFE4A3F695A54B99C1849C8207FE ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 16:49:18.0467 4872 kbdclass - ok 16:49:18.0483 4872 [ 8CD840A062F6BDF41DDE3ACB96164B72 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 16:49:18.0483 4872 kbdhid - ok 16:49:18.0498 4872 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 16:49:18.0498 4872 kdnic - ok 16:49:18.0514 4872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] KeyIso C:\WINDOWS\system32\lsass.exe 16:49:18.0514 4872 KeyIso - ok 16:49:18.0545 4872 [ 4E829B18D5BAEC29893792A3C671A847 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 16:49:18.0545 4872 KSecDD - ok 16:49:18.0576 4872 [ 35C19AF2116F67914712D7C4CBE47B8C ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 16:49:18.0576 4872 KSecPkg - ok 16:49:18.0608 4872 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 16:49:18.0608 4872 ksthunk - ok 16:49:18.0623 4872 [ C1591A66028C71147A3E2EAB0B1CCB7E ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 16:49:18.0639 4872 KtmRm - ok 16:49:18.0670 4872 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 16:49:18.0670 4872 LanmanServer - ok 16:49:18.0701 4872 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 16:49:18.0717 4872 LanmanWorkstation - ok 16:49:18.0811 4872 [ D186AAAE72691136BDE00BBB41F48D12 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 16:49:18.0826 4872 LBTServ - ok 16:49:18.0873 4872 [ 015BABFCD2E911C505204257DAB5ADC5 ] LEqdUsb C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys 16:49:18.0873 4872 LEqdUsb - ok 16:49:18.0904 4872 [ 8B9F3796EC1762CF255BDB324E5529C8 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 16:49:18.0904 4872 lfsvc - ok 16:49:18.0936 4872 [ 20A23B8863AAA8A23EEB9E2919F529FD ] LHidEqd C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys 16:49:18.0951 4872 LHidEqd - ok 16:49:18.0967 4872 [ 77D5786C6A7765503884E38706C9FD5E ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 16:49:18.0967 4872 LHidFilt - ok 16:49:19.0092 4872 [ 337FA50FFDED5E2BC94B36BF625AB681 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 16:49:19.0123 4872 LiveUpdateSvc - ok 16:49:19.0154 4872 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 16:49:19.0154 4872 lltdio - ok 16:49:19.0201 4872 [ DAE98CC96C5EE308BF4EA7B18F226CB8 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 16:49:19.0217 4872 lltdsvc - ok 16:49:19.0233 4872 [ 1E2662D847B7D9995C65D90D254A7E0F ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 16:49:19.0233 4872 lmhosts - ok 16:49:19.0264 4872 [ F84023FB2E3DEA06103501974A2EDB44 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 16:49:19.0264 4872 LMouFilt - ok 16:49:19.0295 4872 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 16:49:19.0295 4872 LSI_SAS - ok 16:49:19.0311 4872 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 16:49:19.0342 4872 LSI_SAS2 - ok 16:49:19.0358 4872 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 16:49:19.0373 4872 LSI_SAS3 - ok 16:49:19.0389 4872 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 16:49:19.0389 4872 LSI_SSS - ok 16:49:19.0420 4872 [ 9A7A7E45DAED2E8C2816716D8D28236A ] LSM C:\WINDOWS\System32\lsm.dll 16:49:19.0420 4872 LSM - ok 16:49:19.0451 4872 [ DDEE191AB32DFC22C6465002ECDF5EE4 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 16:49:19.0451 4872 luafv - ok 16:49:19.0451 4872 Suspicious service (Hidden): MBAMSwissArmy 16:49:19.0483 4872 [ 78488AF2AB2111D67B3C4044707A519B ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 16:49:19.0483 4872 MBAMSwissArmy ( HiddenService.Multi.Generic ) - warning 16:49:19.0483 4872 MBAMSwissArmy - detected HiddenService.Multi.Generic (1) 16:49:19.0514 4872 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys 16:49:19.0514 4872 megasas - ok 16:49:19.0545 4872 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 16:49:19.0545 4872 megasr - ok 16:49:19.0576 4872 [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] MMCSS C:\WINDOWS\system32\mmcss.dll 16:49:19.0592 4872 MMCSS - ok 16:49:19.0623 4872 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys 16:49:19.0623 4872 Modem - ok 16:49:19.0639 4872 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 16:49:19.0639 4872 monitor - ok 16:49:19.0654 4872 [ 08374E4E5B8914DE6067CBA99F61E930 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 16:49:19.0654 4872 mouclass - ok 16:49:19.0686 4872 [ 5FCBAB60598AE119E02B4C27DE6B99EA ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 16:49:19.0686 4872 mouhid - ok 16:49:19.0717 4872 [ 9A788037D768809DFD677F4BA08A224A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 16:49:19.0717 4872 mountmgr - ok 16:49:19.0779 4872 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:49:19.0779 4872 MozillaMaintenance - ok 16:49:19.0811 4872 [ 6FC047578785B0435F4E2660946D1ADC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 16:49:19.0811 4872 mpsdrv - ok 16:49:19.0873 4872 [ C18AA14126ADC66478E8E962B2DFAA98 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 16:49:19.0889 4872 MpsSvc - ok 16:49:19.0920 4872 [ D2AC8F07995CE6CD18848C129435B481 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 16:49:19.0920 4872 MRxDAV - ok 16:49:19.0951 4872 [ 61000E7155E92342D0D5338CE05D102A ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:49:19.0967 4872 mrxsmb - ok 16:49:19.0998 4872 [ BCBD64220AD85C26823453FF1DC3EFBD ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 16:49:19.0998 4872 mrxsmb10 - ok 16:49:20.0014 4872 [ B0A106352DEF6D52332EA39E00462EA7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 16:49:20.0014 4872 mrxsmb20 - ok 16:49:20.0061 4872 [ F3C060444777A59FC63D920719E43CCD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 16:49:20.0061 4872 MsBridge - ok 16:49:20.0092 4872 [ 915747E010A9414B069173284A9B93F4 ] MSDTC C:\WINDOWS\System32\msdtc.exe 16:49:20.0092 4872 MSDTC - ok 16:49:20.0123 4872 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:49:20.0123 4872 Msfs - ok 16:49:20.0154 4872 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 16:49:20.0154 4872 msgpiowin32 - ok 16:49:20.0170 4872 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 16:49:20.0170 4872 mshidkmdf - ok 16:49:20.0170 4872 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 16:49:20.0170 4872 mshidumdf - ok 16:49:20.0186 4872 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 16:49:20.0186 4872 msisadrv - ok 16:49:20.0217 4872 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 16:49:20.0217 4872 MSiSCSI - ok 16:49:20.0232 4872 msiserver - ok 16:49:20.0248 4872 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:49:20.0248 4872 MSKSSRV - ok 16:49:20.0264 4872 [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 16:49:20.0264 4872 MsLldp - ok 16:49:20.0279 4872 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:49:20.0279 4872 MSPCLOCK - ok 16:49:20.0295 4872 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 16:49:20.0295 4872 MSPQM - ok 16:49:20.0342 4872 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 16:49:20.0342 4872 MsRPC - ok 16:49:20.0357 4872 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 16:49:20.0357 4872 mssmbios - ok 16:49:20.0373 4872 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 16:49:20.0373 4872 MSTEE - ok 16:49:20.0373 4872 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 16:49:20.0389 4872 MTConfig - ok 16:49:20.0389 4872 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 16:49:20.0389 4872 Mup - ok 16:49:20.0404 4872 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 16:49:20.0404 4872 mvumis - ok 16:49:20.0451 4872 [ 8DF30698BDD9492A9D45A4B94FB4A82A ] napagent C:\WINDOWS\system32\qagentRT.dll 16:49:20.0467 4872 napagent - ok 16:49:20.0498 4872 [ 008F7CED69FD5B30CBDE1E03C6F36A27 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 16:49:20.0498 4872 NativeWifiP - ok 16:49:20.0545 4872 [ BFCE1225D10619029E68946929CEB64C ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 16:49:20.0545 4872 NcaSvc - ok 16:49:20.0592 4872 [ 267C97373110B7AFD3B46DF60B6CBB85 ] NcbService C:\WINDOWS\System32\ncbservice.dll 16:49:20.0607 4872 NcbService - ok 16:49:20.0623 4872 [ 0813B71EAF097208DC76CE0605B48AF0 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 16:49:20.0639 4872 NcdAutoSetup - ok 16:49:20.0686 4872 [ 97DC5967F65503213FD1F1B3E4A6F983 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 16:49:20.0701 4872 NDIS - ok 16:49:20.0717 4872 [ 8CECC8DA55F3274181FD1EA28AD76664 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 16:49:20.0717 4872 NdisCap - ok 16:49:20.0732 4872 [ 269882812E9A68FFF1AFE1283D428322 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 16:49:20.0748 4872 NdisImPlatform - ok 16:49:20.0779 4872 [ DC1D9F692C2AD84C214584C28501C1F7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:49:20.0779 4872 NdisTapi - ok 16:49:20.0811 4872 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:49:20.0811 4872 Ndisuio - ok 16:49:20.0826 4872 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 16:49:20.0826 4872 NdisVirtualBus - ok 16:49:20.0842 4872 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:49:20.0857 4872 NdisWan - ok 16:49:20.0857 4872 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:49:20.0857 4872 NdisWanLegacy - ok 16:49:20.0889 4872 [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 16:49:20.0889 4872 NDProxy - ok 16:49:20.0920 4872 [ 3083926D1CC5B56EA0786527B557DD1B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 16:49:20.0920 4872 Ndu - ok 16:49:20.0936 4872 [ 42FF4975D032CAE558AE4BB8448F6E5A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 16:49:20.0936 4872 NetBIOS - ok 16:49:20.0951 4872 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:49:20.0951 4872 NetBT - ok 16:49:20.0967 4872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] Netlogon C:\WINDOWS\system32\lsass.exe 16:49:20.0967 4872 Netlogon - ok 16:49:20.0998 4872 [ 8F074B62E66B6117D9598C62A12069C5 ] Netman C:\WINDOWS\System32\netman.dll 16:49:21.0014 4872 Netman - ok 16:49:21.0061 4872 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 16:49:21.0076 4872 netprofm - ok 16:49:21.0170 4872 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:49:21.0170 4872 NetTcpPortSharing - ok 16:49:21.0201 4872 [ D4DCE03870314D3354F3501F9DDD4123 ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 16:49:21.0201 4872 netvsc - ok 16:49:21.0233 4872 [ E94EB2A95D7D016E119C4D6868788831 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 16:49:21.0248 4872 NlaSvc - ok 16:49:21.0279 4872 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:49:21.0279 4872 Npfs - ok 16:49:21.0326 4872 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 16:49:21.0326 4872 npsvctrig - ok 16:49:21.0342 4872 [ 0F12A72A753CFD7FB0631EE8D08FE983 ] nsi C:\WINDOWS\system32\nsisvc.dll 16:49:21.0342 4872 nsi - ok 16:49:21.0373 4872 [ 0E046FF5823B95326D10CF1B4AF23541 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 16:49:21.0373 4872 nsiproxy - ok 16:49:21.0436 4872 [ 9980B262DBE439AE6BDC91AA985F19EE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 16:49:21.0451 4872 Ntfs - ok 16:49:21.0483 4872 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys 16:49:21.0483 4872 Null - ok 16:49:21.0498 4872 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 16:49:21.0498 4872 nvraid - ok 16:49:21.0514 4872 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 16:49:21.0514 4872 nvstor - ok 16:49:21.0545 4872 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 16:49:21.0545 4872 nv_agp - ok 16:49:21.0623 4872 [ 26657F3B4F39A0E64AF859278B599C4E ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 16:49:21.0623 4872 p2pimsvc - ok 16:49:21.0686 4872 [ FD8F61F0D1F64BBB3D835F39A3F979C9 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 16:49:21.0701 4872 p2psvc - ok 16:49:21.0748 4872 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys 16:49:21.0748 4872 Parport - ok 16:49:21.0764 4872 [ BAFF6122CFC9F95CA175AD8C348179A4 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 16:49:21.0764 4872 partmgr - ok 16:49:21.0795 4872 [ ABE95ABE27A8BD9701782BBCD82C9925 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 16:49:21.0811 4872 PcaSvc - ok 16:49:21.0842 4872 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4 ] pci C:\WINDOWS\system32\drivers\pci.sys 16:49:21.0842 4872 pci - ok 16:49:21.0858 4872 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 16:49:21.0858 4872 pciide - ok 16:49:21.0904 4872 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 16:49:21.0904 4872 pcmcia - ok 16:49:21.0936 4872 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys 16:49:21.0936 4872 pcw - ok 16:49:21.0967 4872 [ ED54A75050211DC77F9B98C41E026858 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 16:49:21.0967 4872 pdc - ok 16:49:22.0029 4872 [ 0ECEE590F2E2EF969FB74A6FC583A1E6 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 16:49:22.0029 4872 PEAUTH - ok 16:49:22.0108 4872 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 16:49:22.0108 4872 PerfHost - ok 16:49:22.0186 4872 [ 70B39E7241F750A248798CE82C44596D ] pla C:\WINDOWS\system32\pla.dll 16:49:22.0201 4872 pla - ok 16:49:22.0217 4872 [ 2C02AFF8383D893F8DBEB07A84F6E77C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 16:49:22.0232 4872 PlugPlay - ok 16:49:22.0264 4872 [ 4570F8A37D221660F3A09D6F4DD4BA94 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 16:49:22.0264 4872 PNRPAutoReg - ok 16:49:22.0279 4872 [ 26657F3B4F39A0E64AF859278B599C4E ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 16:49:22.0295 4872 PNRPsvc - ok 16:49:22.0326 4872 [ BDD52AB4AEBB8B1904568DBD0CCB70CB ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 16:49:22.0342 4872 PolicyAgent - ok 16:49:22.0373 4872 [ C8DD82C3035E60D671B8CC5DF128D3A9 ] Power C:\WINDOWS\system32\umpo.dll 16:49:22.0373 4872 Power - ok 16:49:22.0514 4872 [ 3C96A45CA3403A276B0F045C448EC27B ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 16:49:22.0529 4872 PrintNotify - ok 16:49:22.0576 4872 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys 16:49:22.0576 4872 Processor - ok 16:49:22.0608 4872 [ 6E409D818C6B342544EAE741B1422B85 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 16:49:22.0608 4872 ProfSvc - ok 16:49:22.0639 4872 [ FC0141B4A5AD6D637D883C1A89FC45C5 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 16:49:22.0639 4872 Psched - ok 16:49:22.0670 4872 [ 32812415CE18075BF98BC9A43E26E234 ] ptumlcmsvc C:\Windows\system32\ptumlcmsvc64.exe 16:49:22.0686 4872 ptumlcmsvc - ok 16:49:22.0717 4872 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5 ] QWAVE C:\WINDOWS\system32\qwave.dll 16:49:22.0717 4872 QWAVE - ok 16:49:22.0732 4872 [ 83868EB2924E6BC21A54337C65D614D1 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 16:49:22.0748 4872 QWAVEdrv - ok 16:49:22.0779 4872 [ 16327C2B25A82ABD16F92DD72B26489D ] RadeonPro Support Service C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe 16:49:22.0779 4872 RadeonPro Support Service - ok 16:49:22.0811 4872 [ B337B1F1E82A83E20A1743E008E25C0F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:49:22.0811 4872 RasAcd - ok 16:49:22.0842 4872 [ 044638489B4A5FE5334F46C5314A0826 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:49:22.0858 4872 RasAuto - ok 16:49:22.0904 4872 [ F83B38FCD4F69157B3D158433FA149CC ] RasMan C:\WINDOWS\System32\rasmans.dll 16:49:22.0904 4872 RasMan - ok 16:49:22.0936 4872 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:49:22.0936 4872 RasPppoe - ok 16:49:22.0967 4872 [ 41F631007A158FEBB67F0E2AD1601BBA ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 16:49:22.0967 4872 RasSstp - ok 16:49:22.0998 4872 [ A1A5E79C0D1352AFDC08328A623DA051 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:49:22.0998 4872 rdbss - ok 16:49:23.0029 4872 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 16:49:23.0029 4872 rdpbus - ok 16:49:23.0045 4872 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 16:49:23.0061 4872 RDPDR - ok 16:49:23.0092 4872 [ BC8A79C625568DDB7DCA49D0C2741A64 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 16:49:23.0092 4872 RdpVideoMiniport - ok 16:49:23.0108 4872 [ A26AEC49F318FEE141DDDB2C5F99B3E6 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 16:49:23.0108 4872 rdyboost - ok 16:49:23.0154 4872 [ 615DFD97DEA56CE1C3A52185A3038FF8 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 16:49:23.0154 4872 ReFS - ok 16:49:23.0186 4872 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:49:23.0186 4872 RemoteAccess - ok 16:49:23.0217 4872 [ AC8785B53F8436058C90450DA1840AE7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 16:49:23.0217 4872 RemoteRegistry - ok 16:49:23.0232 4872 [ 65B9FDE300A6DECC03BA44C4616DCAD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 16:49:23.0248 4872 RpcEptMapper - ok 16:49:23.0279 4872 [ A737B433ABAF3F2DCB2BD7B4CC582B26 ] RpcLocator C:\WINDOWS\system32\locator.exe 16:49:23.0295 4872 RpcLocator - ok 16:49:23.0326 4872 [ A6F17C299A03BAFEFB9257C462A19E00 ] RpcSs C:\WINDOWS\system32\rpcss.dll 16:49:23.0342 4872 RpcSs - ok 16:49:23.0373 4872 [ 6737F13C9CDC0C76BBBCD382E5B3B507 ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys 16:49:23.0389 4872 RSP2STOR - ok 16:49:23.0404 4872 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 16:49:23.0404 4872 rspndr - ok 16:49:23.0436 4872 [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 16:49:23.0436 4872 RTL8168 - ok 16:49:23.0451 4872 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 16:49:23.0467 4872 s3cap - ok 16:49:23.0483 4872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] SamSs C:\WINDOWS\system32\lsass.exe 16:49:23.0483 4872 SamSs - ok 16:49:23.0514 4872 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 16:49:23.0514 4872 sbp2port - ok 16:49:23.0545 4872 [ 74A3B67F03877D06B09B1B40C5ED582E ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 16:49:23.0561 4872 SCardSvr - ok 16:49:23.0592 4872 [ 8B9C4D55B4A536FB01C360DDB9533574 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 16:49:23.0592 4872 ScDeviceEnum - ok 16:49:23.0623 4872 [ 13BEA6C882D4D877A5A85CA149C86BC1 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 16:49:23.0623 4872 scfilter - ok 16:49:23.0654 4872 [ 3151A020E03DDE31AAC49F35C5EFB4DB ] Schedule C:\WINDOWS\system32\schedsvc.dll 16:49:23.0670 4872 Schedule - ok 16:49:23.0686 4872 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 16:49:23.0686 4872 SCPolicySvc - ok 16:49:23.0717 4872 [ C54B6B2170BF628FD42F799A66956D75 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 16:49:23.0732 4872 sdbus - ok 16:49:23.0764 4872 [ 0B1E929D11A8E358106955603FAC65E8 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 16:49:23.0764 4872 sdstor - ok 16:49:23.0795 4872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 16:49:23.0795 4872 secdrv - ok 16:49:23.0826 4872 [ BA24CEA7152239F42ECD04AFB7C89D24 ] seclogon C:\WINDOWS\system32\seclogon.dll 16:49:23.0826 4872 seclogon - ok 16:49:23.0858 4872 [ 81FE9A81EDF8016816C9E91FBFBF7D35 ] SENS C:\WINDOWS\System32\sens.dll 16:49:23.0858 4872 SENS - ok 16:49:23.0889 4872 [ 6E4012AE67F09F867EF620C8D5524C0B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 16:49:23.0889 4872 SensrSvc - ok 16:49:23.0936 4872 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 16:49:23.0936 4872 SerCx - ok 16:49:23.0951 4872 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 16:49:23.0951 4872 SerCx2 - ok 16:49:23.0967 4872 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 16:49:23.0967 4872 Serenum - ok 16:49:23.0983 4872 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys 16:49:23.0983 4872 Serial - ok 16:49:23.0998 4872 [ 148195AE95D9BC7375A08846439FDAC1 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 16:49:24.0014 4872 sermouse - ok 16:49:24.0045 4872 [ 3A2F1A7472C3B7CC9B89C8516C726488 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 16:49:24.0061 4872 SessionEnv - ok 16:49:24.0092 4872 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 16:49:24.0092 4872 sfloppy - ok 16:49:24.0123 4872 [ 8081FF3DAE8159FE8956B09BC29CE983 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 16:49:24.0123 4872 SharedAccess - ok 16:49:24.0154 4872 [ 7FD9A61A3523A61FC135D61D6E160314 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 16:49:24.0170 4872 ShellHWDetection - ok 16:49:24.0186 4872 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 16:49:24.0186 4872 SiSRaid2 - ok 16:49:24.0201 4872 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 16:49:24.0201 4872 SiSRaid4 - ok 16:49:24.0248 4872 [ 52F7E8603E888E3DB0A8B3D1804098E9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:49:24.0248 4872 SkypeUpdate - ok 16:49:24.0264 4872 [ AF5CC3F9B88F140D78FC967ABF0F4EC7 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys 16:49:24.0264 4872 SmbDrv - ok 16:49:24.0279 4872 [ 19555D03CB179BED8B8AAA239A36BDA4 ] SmbDrvI C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys 16:49:24.0295 4872 SmbDrvI - ok 16:49:24.0311 4872 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3 ] smphost C:\WINDOWS\System32\smphost.dll 16:49:24.0311 4872 smphost - ok 16:49:24.0342 4872 [ D0EB0DF8C603BBA084351A92732B1CBE ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 16:49:24.0342 4872 SNMPTRAP - ok 16:49:24.0373 4872 [ B45AE0970B2D66CCE756DE6989E23EEC ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 16:49:24.0389 4872 spaceport - ok 16:49:24.0420 4872 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 16:49:24.0420 4872 SpbCx - ok 16:49:24.0451 4872 [ 2E3976C857D7230EC8D2B2276E688255 ] Spooler C:\WINDOWS\System32\spoolsv.exe 16:49:24.0467 4872 Spooler - ok 16:49:24.0608 4872 [ 46549AF7CB672BC8138264CC4100E9F8 ] sppsvc C:\WINDOWS\system32\sppsvc.exe 16:49:24.0654 4872 sppsvc - ok 16:49:24.0717 4872 [ 8003E034E3EA0E29DA54215A770FC27C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 16:49:24.0717 4872 srv - ok 16:49:24.0764 4872 [ 00D8AC8E3053290BDE6EA2FB6810D2FC ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 16:49:24.0779 4872 srv2 - ok 16:49:24.0811 4872 [ D047CD668E6277FD80F0C613946F034C ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 16:49:24.0811 4872 srvnet - ok 16:49:24.0842 4872 [ CF6C3037839CF78421A94F9060C2886F ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 16:49:24.0858 4872 SSDPSRV - ok 16:49:24.0889 4872 [ 198A737DBA666F4808D62E9A8277A6B7 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 16:49:24.0904 4872 SstpSvc - ok 16:49:25.0014 4872 [ 00148D28F32FD6A966347FA470A0630D ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 16:49:25.0014 4872 STacSV - ok 16:49:25.0108 4872 [ 3CD16D86B5D613D5BDA9CEDA4DDA4216 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe 16:49:25.0108 4872 StartMenuService - ok 16:49:25.0139 4872 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 16:49:25.0139 4872 stexstor - ok 16:49:25.0170 4872 [ 2A560BCECE25A62075AB13F7BFF4D9EF ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys 16:49:25.0170 4872 STHDA - ok 16:49:25.0217 4872 [ 63E9CE568CF1192771A5F0460DE7D2B9 ] stisvc C:\WINDOWS\System32\wiaservc.dll 16:49:25.0217 4872 stisvc - ok 16:49:25.0248 4872 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 16:49:25.0248 4872 storahci - ok 16:49:25.0279 4872 [ 8B9486B64E5FC17FB9CC04CA10B77A34 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 16:49:25.0279 4872 storflt - ok 16:49:25.0311 4872 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 16:49:25.0326 4872 stornvme - ok 16:49:25.0342 4872 [ A45F5AC9D8069D0EC66E3CA73103073B ] StorSvc C:\WINDOWS\system32\storsvc.dll 16:49:25.0358 4872 StorSvc - ok 16:49:25.0373 4872 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 16:49:25.0373 4872 storvsc - ok 16:49:25.0389 4872 [ E395BE02F80A79A6CF973BA38DBB8135 ] svsvc C:\WINDOWS\system32\svsvc.dll 16:49:25.0404 4872 svsvc - ok 16:49:25.0436 4872 [ 65454187E0F8B6C0DCECB0287D06EC43 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 16:49:25.0436 4872 swenum - ok 16:49:25.0483 4872 [ 1C71D72D4997A284128FBEE770726330 ] swprv C:\WINDOWS\System32\swprv.dll 16:49:25.0483 4872 swprv - ok 16:49:25.0514 4872 [ 1C9BC67929C728DED1091CA19C3F7D41 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 16:49:25.0529 4872 SynTP - ok 16:49:25.0576 4872 [ 7E85DB0463AD2403AE84AD162B162279 ] SysMain C:\WINDOWS\system32\sysmain.dll 16:49:25.0576 4872 SysMain - ok 16:49:25.0608 4872 [ D73DBBB96CEE90C2856164AAD8543425 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 16:49:25.0623 4872 SystemEventsBroker - ok 16:49:25.0654 4872 [ D6A71B95ACF71ACA63B67232059F1BCD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 16:49:25.0670 4872 TabletInputService - ok 16:49:25.0701 4872 [ 5A5BAB1CA9621E73E25EE4744B67CDA6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 16:49:25.0701 4872 TapiSrv - ok 16:49:25.0779 4872 [ 746DDF7D59AB8D721C88D48434597E8D ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 16:49:25.0811 4872 Tcpip - ok 16:49:25.0842 4872 [ 746DDF7D59AB8D721C88D48434597E8D ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:49:25.0858 4872 TCPIP6 - ok 16:49:25.0904 4872 [ 41CF802064F72E55F50CA0A221FD36D4 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 16:49:25.0904 4872 tcpipreg - ok 16:49:25.0936 4872 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 16:49:25.0936 4872 tdx - ok 16:49:25.0967 4872 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 16:49:25.0967 4872 terminpt - ok 16:49:25.0998 4872 [ C50997E282576DA492EBA66B059D4196 ] TermService C:\WINDOWS\System32\termsrv.dll 16:49:26.0029 4872 TermService - ok 16:49:26.0076 4872 [ 2180DBCE75B914E5E5BBFFFAAE97AA21 ] Themes C:\WINDOWS\system32\themeservice.dll 16:49:26.0076 4872 Themes - ok 16:49:26.0139 4872 [ 4C5179DB61B9E14BEC15CDC4B152B2E9 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 16:49:26.0139 4872 THREADORDER - ok 16:49:26.0186 4872 [ B5ED9CC61798C7D44BD535D40B89EFB5 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 16:49:26.0201 4872 TimeBroker - ok 16:49:26.0232 4872 [ 80A2FC1A089A71F2DBE5D8394FFB009F ] TPM C:\WINDOWS\system32\drivers\tpm.sys 16:49:26.0248 4872 TPM - ok 16:49:26.0264 4872 [ 884113C2BB703FE806C8608B75F34831 ] TrkWks C:\WINDOWS\System32\trkwks.dll 16:49:26.0279 4872 TrkWks - ok 16:49:26.0326 4872 [ 44A94FB4C76528D2382FFE04B05827C3 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 16:49:26.0326 4872 TrustedInstaller - ok 16:49:26.0342 4872 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 16:49:26.0373 4872 TsUsbFlt - ok 16:49:26.0404 4872 [ 20185BEB7512EDE4EFECDFA148AC9F99 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 16:49:26.0404 4872 TsUsbGD - ok 16:49:26.0436 4872 [ E85916632CD3B9E9B546968DB950BF42 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 16:49:26.0436 4872 tunnel - ok 16:49:26.0467 4872 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 16:49:26.0467 4872 uagp35 - ok 16:49:26.0483 4872 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 16:49:26.0483 4872 UASPStor - ok 16:49:26.0514 4872 [ 807F8CF3E973305FC435C61CBBEE2A49 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 16:49:26.0514 4872 UCX01000 - ok 16:49:26.0545 4872 [ C61EAF8E1E4B2F62BA4FDF457440B2C6 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 16:49:26.0545 4872 udfs - ok 16:49:26.0561 4872 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 16:49:26.0561 4872 UEFI - ok 16:49:26.0608 4872 [ A867F0F978EE64C87FADC3B100869EE4 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 16:49:26.0608 4872 UI0Detect - ok 16:49:26.0639 4872 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 16:49:26.0639 4872 uliagpkx - ok 16:49:26.0670 4872 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 16:49:26.0670 4872 umbus - ok 16:49:26.0686 4872 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 16:49:26.0686 4872 UmPass - ok 16:49:26.0811 4872 [ A023F267A262D5DA6CE1436D9C5E8FD9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 16:49:26.0826 4872 UmRdpService - ok 16:49:26.0873 4872 [ C98493DD8E6A50154FAC75C15E1C36BB ] upnphost C:\WINDOWS\System32\upnphost.dll 16:49:26.0889 4872 upnphost - ok 16:49:26.0920 4872 [ FF78D053A05E5A394F4E3C1816CC65A8 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 16:49:26.0920 4872 usbccgp - ok 16:49:26.0951 4872 [ 0139248F6B95CF0D837B5B46A2722D40 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 16:49:26.0951 4872 usbcir - ok 16:49:26.0983 4872 [ C996CBEF922B5653A01E3F50DDCE2F86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 16:49:26.0983 4872 usbehci - ok 16:49:27.0029 4872 [ 504901430B6E03B99EBB6BF26E0868C6 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys 16:49:27.0029 4872 usbfilter - ok 16:49:27.0061 4872 [ CD81683F4553677B9BF5163A922153EB ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 16:49:27.0061 4872 usbhub - ok 16:49:27.0092 4872 [ 5C90D5379B53590FBB24BBAD4FA682EE ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 16:49:27.0092 4872 USBHUB3 - ok 16:49:27.0139 4872 [ A0F0484C97D6441ED6A75D7426ECCC9E ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 16:49:27.0139 4872 usbohci - ok 16:49:27.0186 4872 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 16:49:27.0186 4872 usbprint - ok 16:49:27.0217 4872 [ 66732C13628BDB1AB0D6FD46027327C2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 16:49:27.0217 4872 USBSTOR - ok 16:49:27.0233 4872 [ FC974B03C8B87455F44F734C8F31A3C8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 16:49:27.0233 4872 usbuhci - ok 16:49:27.0279 4872 [ 5C8F604F6DC74177CDD8372D7B1ADFF0 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 16:49:27.0279 4872 usbvideo - ok 16:49:27.0311 4872 [ 44603DA5A87FB491EF59C889EBBB4DDB ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 16:49:27.0311 4872 USBXHCI - ok 16:49:27.0326 4872 [ 382100E75B6F4668AEAEF228C6CEFFAD ] VaultSvc C:\WINDOWS\system32\lsass.exe 16:49:27.0342 4872 VaultSvc - ok 16:49:27.0389 4872 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 16:49:27.0389 4872 vdrvroot - ok 16:49:27.0451 4872 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A ] vds C:\WINDOWS\System32\vds.exe 16:49:27.0482 4872 vds - ok 16:49:27.0498 4872 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 16:49:27.0498 4872 VerifierExt - ok 16:49:27.0545 4872 [ 34CAF69BF4166AB40BFF0ED068FF6F91 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 16:49:27.0545 4872 vhdmp - ok 16:49:27.0576 4872 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 16:49:27.0576 4872 viaide - ok 16:49:27.0608 4872 [ 511AD3FF957A0127E6BD336FF6F89C38 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 16:49:27.0608 4872 vmbus - ok 16:49:27.0623 4872 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 16:49:27.0623 4872 VMBusHID - ok 16:49:27.0654 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 16:49:27.0670 4872 vmicguestinterface - ok 16:49:27.0670 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 16:49:27.0686 4872 vmicheartbeat - ok 16:49:27.0686 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 16:49:27.0701 4872 vmickvpexchange - ok 16:49:27.0717 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 16:49:27.0717 4872 vmicrdv - ok 16:49:27.0732 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 16:49:27.0732 4872 vmicshutdown - ok 16:49:27.0748 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 16:49:27.0748 4872 vmictimesync - ok 16:49:27.0764 4872 [ C42C38E15C0DC39D4B0BDF34F733E468 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 16:49:27.0779 4872 vmicvss - ok 16:49:27.0811 4872 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 16:49:27.0811 4872 volmgr - ok 16:49:27.0826 4872 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 16:49:27.0826 4872 volmgrx - ok 16:49:27.0873 4872 [ D537962695CAFEC1301F3EB7C8C3A1D2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 16:49:27.0873 4872 volsnap - ok 16:49:27.0889 4872 [ EF31713EE4C7CCFE4049F7E7F15645A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 16:49:27.0889 4872 vpci - ok 16:49:27.0920 4872 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 16:49:27.0920 4872 vsmraid - ok 16:49:27.0982 4872 [ 3B7F9612439EA47151EC5EAB232C1C3F ] VSS C:\WINDOWS\system32\vssvc.exe 16:49:27.0998 4872 VSS - ok 16:49:28.0029 4872 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 16:49:28.0029 4872 VSTXRAID - ok 16:49:28.0061 4872 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 16:49:28.0061 4872 vwifibus - ok 16:49:28.0092 4872 [ 35BF5C5F5E3C9902C98978C7640574DA ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 16:49:28.0092 4872 vwififlt - ok 16:49:28.0092 4872 [ 65ED7B9CFEA893DF7748D5FF692690DE ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 16:49:28.0107 4872 vwifimp - ok 16:49:28.0139 4872 [ DC821E811EFBB65CDD77FBB8B6ECA385 ] W32Time C:\WINDOWS\system32\w32time.dll 16:49:28.0154 4872 W32Time - ok 16:49:28.0201 4872 [ A22546B0093EBBDE03C52E56C3391373 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll 16:49:28.0201 4872 w3logsvc - ok 16:49:28.0248 4872 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 16:49:28.0248 4872 WacomPen - ok 16:49:28.0311 4872 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll 16:49:28.0311 4872 WAS - ok 16:49:28.0373 4872 [ 139D842E5FB75A1E2F0212FBD7B0E457 ] wbengine C:\WINDOWS\system32\wbengine.exe 16:49:28.0389 4872 wbengine - ok 16:49:28.0436 4872 [ 0F1DFA2FED73FA78B8C3CDE332A870F6 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 16:49:28.0451 4872 WbioSrvc - ok 16:49:28.0467 4872 [ 0EAEC313B24837613621B4A2536ED382 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 16:49:28.0482 4872 Wcmsvc - ok 16:49:28.0514 4872 [ F6B4C2280FF7C7156AC8A4687B9DA35E ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 16:49:28.0514 4872 wcncsvc - ok 16:49:28.0561 4872 [ B7BF1D783F5B2484E8CE1C0C78257F16 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 16:49:28.0561 4872 WcsPlugInService - ok 16:49:28.0592 4872 [ 81285DDC994F03379DB46419300B2DCB ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 16:49:28.0592 4872 WdBoot - ok 16:49:28.0623 4872 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 16:49:28.0639 4872 Wdf01000 - ok 16:49:28.0670 4872 [ 26B8FED3F3B85F5F0C4BD03FD00B9941 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 16:49:28.0670 4872 WdFilter - ok 16:49:28.0686 4872 [ F581F9C9D6953FABFA24E67105F0B614 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 16:49:28.0701 4872 WdiServiceHost - ok 16:49:28.0701 4872 [ F581F9C9D6953FABFA24E67105F0B614 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 16:49:28.0717 4872 WdiSystemHost - ok 16:49:28.0764 4872 [ CE67080F00E0AF32755096CEA6430ABA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 16:49:28.0764 4872 WdNisDrv - ok 16:49:28.0795 4872 WdNisSvc - ok 16:49:28.0826 4872 [ 40F83492DB9ABBA59773A45FB487C8B2 ] WebClient C:\WINDOWS\System32\webclnt.dll 16:49:28.0842 4872 WebClient - ok 16:49:28.0873 4872 [ 384E1D04FE20845B2559D292F17A9FA1 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 16:49:28.0873 4872 Wecsvc - ok 16:49:28.0920 4872 [ 455014F4E48B67EBE0F032E2B0E06BF2 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 16:49:28.0920 4872 WEPHOSTSVC - ok 16:49:28.0951 4872 [ F13DBA57CEA9B7074B95EDCA6AD2635E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 16:49:28.0951 4872 wercplsupport - ok 16:49:28.0983 4872 [ FD7E58B6AA3EABF2D12B9762A20E11E4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 16:49:28.0983 4872 WerSvc - ok 16:49:29.0014 4872 [ 715ABA3DD164D06457A2A3C92F6EA9D5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 16:49:29.0014 4872 WFPLWFS - ok 16:49:29.0045 4872 [ 8C840E1FD7584E74BD0CC1EA581EC187 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 16:49:29.0061 4872 WiaRpc - ok 16:49:29.0076 4872 [ 5F66B7BB330AA80067FC66149A692620 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 16:49:29.0076 4872 WIMMount - ok 16:49:29.0092 4872 WinDefend - ok 16:49:29.0139 4872 [ 10DAD6A7FC617A221313BD584E3C3A00 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 16:49:29.0154 4872 WinHttpAutoProxySvc - ok 16:49:29.0217 4872 [ FC8BD690321216C32BB58B035B6D5674 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 16:49:29.0217 4872 Winmgmt - ok 16:49:29.0279 4872 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 16:49:29.0279 4872 WinRing0_1_2_0 - ok 16:49:29.0373 4872 [ 75436315AA383CF527695C6D49D0CA59 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 16:49:29.0389 4872 WinRM - ok 16:49:29.0436 4872 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13 ] WinUsb C:\WINDOWS\System32\drivers\WinUSB.SYS 16:49:29.0436 4872 WinUsb - ok 16:49:29.0467 4872 [ 4F2A80D65AE6F845776E2F06AE6782ED ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys 16:49:29.0483 4872 WirelessButtonDriver - ok 16:49:29.0529 4872 [ DC079BA8390089E4EBCA63D27EEA3ECB ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 16:49:29.0545 4872 WlanSvc - ok 16:49:29.0608 4872 [ 06BF5897949A8F24893F792E876B71F5 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 16:49:29.0623 4872 wlidsvc - ok 16:49:29.0654 4872 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 16:49:29.0654 4872 WmiAcpi - ok 16:49:29.0701 4872 [ B96F7A1236C3F21212DE2C40A3DDB005 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 16:49:29.0701 4872 wmiApSrv - ok 16:49:29.0733 4872 WMPNetworkSvc - ok 16:49:29.0748 4872 [ 7FC5667DF73D4B04AA457CC3A4180E09 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 16:49:29.0748 4872 Wof - ok 16:49:29.0811 4872 [ EDFA5CEDBE174FAAA4A09A6B297AEA42 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 16:49:29.0826 4872 workfolderssvc - ok 16:49:29.0842 4872 [ A2468CC3509394A33C4C32F99563D845 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 16:49:29.0842 4872 wpcfltr - ok 16:49:29.0873 4872 [ 19F4DF69876DA7E9C4965351560FE6B7 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 16:49:29.0873 4872 WPCSvc - ok 16:49:29.0904 4872 [ 2ADE11F3D84709C5F6781E4C59F11683 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 16:49:29.0920 4872 WPDBusEnum - ok 16:49:29.0936 4872 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 16:49:29.0951 4872 WpdUpFltr - ok 16:49:29.0951 4872 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 16:49:29.0951 4872 ws2ifsl - ok 16:49:29.0983 4872 [ 501D5EFAB9711039479AE48401386D2B ] wscsvc C:\WINDOWS\System32\wscsvc.dll 16:49:29.0998 4872 wscsvc - ok 16:49:29.0998 4872 WSearch - ok 16:49:30.0092 4872 [ 6B2D71124C1EA86B74412F414C42431D ] WSService C:\WINDOWS\System32\WSService.dll 16:49:30.0123 4872 WSService - ok 16:49:30.0233 4872 [ 020F47C655ED1F63BBA834AA53575D5C ] wuauserv C:\WINDOWS\system32\wuaueng.dll 16:49:30.0264 4872 wuauserv - ok 16:49:30.0311 4872 [ 481286719402E4BAEFEA0604AB1B5113 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 16:49:30.0311 4872 WudfPf - ok 16:49:30.0342 4872 [ D7B4859227B02BCC1055B279A63C937F ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 16:49:30.0342 4872 WUDFRd - ok 16:49:30.0373 4872 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 16:49:30.0389 4872 wudfsvc - ok 16:49:30.0404 4872 [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 16:49:30.0404 4872 WUDFWpdFs - ok 16:49:30.0404 4872 [ D7B4859227B02BCC1055B279A63C937F ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 16:49:30.0404 4872 WUDFWpdMtp - ok 16:49:30.0451 4872 [ A0900F8F628B5AF6841414EB3CF11E50 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 16:49:30.0467 4872 WwanSvc - ok 16:49:30.0483 4872 ================ Scan global =============================== 16:49:30.0514 4872 [ 05B08C20B8428ECE088CB5635696A48D ] C:\WINDOWS\system32\basesrv.dll 16:49:30.0529 4872 [ EAB311B0A7A8EA0346F14F08D4BC8F46 ] C:\WINDOWS\system32\winsrv.dll 16:49:30.0561 4872 [ 3600ED7EA8AED849E20700551C0BD63B ] C:\WINDOWS\system32\sxssrv.dll 16:49:30.0592 4872 [ E0C7813A97CA7947FF5C18A8F3B61A45 ] C:\WINDOWS\system32\services.exe 16:49:30.0592 4872 [Global] - ok 16:49:30.0592 4872 ================ Scan MBR ================================== 16:49:30.0607 4872 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 16:49:30.0623 4872 \Device\Harddisk0\DR0 - ok 16:49:30.0623 4872 ================ Scan VBR ================================== 16:49:30.0623 4872 [ 8F42959367AED58D194462AA507C615F ] \Device\Harddisk0\DR0\Partition1 16:49:30.0639 4872 \Device\Harddisk0\DR0\Partition1 - ok 16:49:30.0639 4872 [ F9346BB4385351192D84CA7072E62157 ] \Device\Harddisk0\DR0\Partition2 16:49:30.0639 4872 \Device\Harddisk0\DR0\Partition2 - ok 16:49:30.0654 4872 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 16:49:30.0654 4872 \Device\Harddisk0\DR0\Partition3 - ok 16:49:30.0670 4872 [ FB304DACB6F4DDF5AEA00877FED37ACD ] \Device\Harddisk0\DR0\Partition4 16:49:30.0670 4872 \Device\Harddisk0\DR0\Partition4 - ok 16:49:30.0701 4872 [ F372DE9EF51DDE4BAB273ABA83894539 ] \Device\Harddisk0\DR0\Partition5 16:49:30.0701 4872 \Device\Harddisk0\DR0\Partition5 - ok 16:49:30.0717 4872 [ E1CF300B3165879C17F8D3DE22F343E9 ] \Device\Harddisk0\DR0\Partition6 16:49:30.0717 4872 \Device\Harddisk0\DR0\Partition6 - ok 16:49:30.0717 4872 ============================================================ 16:49:30.0717 4872 Scan finished 16:49:30.0717 4872 ============================================================ 16:49:30.0795 3892 Detected object count: 2 16:49:30.0795 3892 Actual detected object count: 2 16:49:47.0326 3892 C:\WINDOWS\System32\ikeext.dll - copied to quarantine 16:49:47.0326 3892 HKLM\SYSTEM\ControlSet001\services\IKEEXT - will be deleted on reboot 16:49:47.0358 3892 HKLM\SYSTEM\ControlSet001\control\safeboot\Network\IKEEXT - will be deleted on reboot 16:49:47.0436 3892 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - will be cured on reboot 16:49:47.0483 3892 C:\WINDOWS\System32\ikeext.dll - will be deleted on reboot 16:49:47.0483 3892 IKEEXT ( ForgedFile.Multi.Generic ) - User select action: Delete 16:49:47.0545 3892 C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys - copied to quarantine 16:49:47.0545 3892 HKLM\SYSTEM\ControlSet001\services\MBAMSwissArmy - will be deleted on reboot 16:49:47.0561 3892 C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys - will be deleted on reboot 16:49:47.0561 3892 MBAMSwissArmy ( HiddenService.Multi.Generic ) - User select action: Delete 16:49:54.0670 4184 Deinitialize success Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/9/2016 Scan Time: 3:51 PM Logfile: Malwarebytes Log.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.02.16.06 Rootkit Database: v2016.02.08.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Pablow Scan Type: Threat Scan Result: Completed Objects Scanned: 400624 Time Elapsed: 30 min, 53 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.WinYahoo, HKU\S-1-5-21-1480570552-3409235448-370950039-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{41D5D576-40E7-4BB5-B046-F15C2756050B}, Quarantined, [0561ed745940f3437ce69d7ea06407f9], Registry Values: 2 PUP.Optional.WinYahoo, HKU\S-1-5-21-1480570552-3409235448-370950039-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{41D5D576-40E7-4BB5-B046-F15C2756050B}|URL, http://us.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_28¶m1=1¶m2=fQuarantinedD4%26bQuarantinedDIE%26ccQuarantinedDus%26paQuarantinedDWincy%26cdQuarantinedD2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtD0AtA0D0DtBtA0AyCyEtN0D0Tzu0StCtBzzyEtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDtCzztB0FtAtD0EtGtC0F0EtAtG0FzytCtAtGyEyC0FyCtG0AyEyCzzyB0A0D0FyD0AtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0Bzz0A0B0CtByCtG0D0DyC0BtGyE0FyDtDtG0ByB0D0BtG0Ezz0CzyyE0EyEtByEyDtD0C2QtN0A0LzuyE%26crQuarantinedD823506415%26aQuarantinedDwncy_pwrisofs_15_28%26osQuarantinedDWindows 8.1&p={searchTerms}, [0561ed745940f3437ce69d7ea06407f9], %5 PUP.Optional.WinYahoo, HKU\S-1-5-21-1480570552-3409235448-370950039-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{41D5D576-40E7-4BB5-B046-F15C2756050B}|TopResultURLFallback, http://us.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_28¶m1=1¶m2=fQuarantinedD4%26bQuarantinedDIE%26ccQuarantinedDus%26paQuarantinedDWincy%26cdQuarantinedD2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtD0AtA0D0DtBtA0AyCyEtN0D0Tzu0StCtBzzyEtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDtCzztB0FtAtD0EtGtC0F0EtAtG0FzytCtAtGyEyC0FyCtG0AyEyCzzyB0A0D0FyD0AtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0Bzz0A0B0CtByCtG0D0DyC0BtGyE0FyDtDtG0ByB0D0BtG0Ezz0CzyyE0EyEtByEyDtD0C2QtN0A0LzuyE%26crQuarantinedD823506415%26aQuarantinedDwncy_pwrisofs_15_28%26osQuarantinedDWindows 8.1&p={searchTerms}, [085e223f5742023439293ae152b216ea], %5 Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 PUP.Optional.WinYahoo, C:\Users\Pablow\AppData\Roaming\Mozilla\Firefox\Profiles\7p1smkmr.default\prefs.js, Good: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Bad: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/yhp-ff|http://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy), Replaced,[94d2f36eff9a59dd707483933ec758a8] Physical Sectors: 0 (No malicious items detected) (end)
  16. I installed new windows 10 pro, with the pc clean my first step was install ESET Smart Security 9, Malwarebyte 2.2.1.1043 and CCleaner, all trial versions. No more. only the official pages. my pc is clean and new, no virus. In the moment i installed Malwarebyte I lost my internet conection, the pages show : This site can’t be reached www.youtube.com’s server DNS address could not be found. DNS_PROBE_FINISHED_NXDOMAIN if i turn off the protection in the Malwarebyte icon the internet access come back. How can i fix this issue?
  17. i have no internet after using Malwarebytes and removing a bunch of POP files from my computer below is the log from the removal history malwarebyte.txt
  18. I ran the malwarebytes and I don't have the ability to connect to the internet or open files on my computer. Not even videos, word, or pictures.
  19. Alright so my previous topic was closed due to having a skidrow on it. I'm sorry about that I didn't even remember that I had it but I removed it now and i'd like help again. So I re ran frst and i will attach the logs. And please if it turns out that there is another pirated download on the computer just send a message first so I can delete it. My brother also uses this computer and sometimes he downloads. Addition.txt FRST.txt
  20. Suddenly, on boot, task bar is white instead of blue, cannot get onto Internet. Google dead. Reloading Windows Xp Pro, 32 bit, task bar is blue, all functions normal. IE6. Rebooting computer restores non operations noted above. (No internet +). Have not tried re-installing Google. Cannot get on IE either.
  21. I attempted a disinfection of a PC running Windows 7 Home Premium 64 bit, that is suffering ]from a condition that has the following characterics: Continual messages popping up that claim the program being started (startup and autorun programs) are not appropriate for the system.I was unable to run or install any programs except in safe modeBoth wireless and wired adapters had hard-coded dns settings. I changed those to be auto-configured and confirmed the change.The internet still doesn't connect although the IP settings appear now to be correct.Since i was unable to run FARBAR from Windows (it hung, and would not continue), I ran it from Safe Mode. The report is below. If there is anything else I can do to make this better, please do advise. Thanks! Mark ************************************ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015Ran by Levin (administrator) on LEVIN-PC on 27-03-2015 17:24:51Running from C:\Users\Levin\DesktopLoaded Profiles: Levin (Available profiles: Levin & L2)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: Safe Mode (with Networking)Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)HKLM-x32\...\Run: [shwiconXP6366] => c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe [237568 2009-07-16] (Alcor Micro Corp.)HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-19] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [uCam_Menu] => C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [PCShowServer] => C:\Users\Levin\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1765744 2013-11-17] (NDS Technologies)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [updates Scheduler] => C:\Program Files (x86)\Common Files\lacerte shared\update scheduler\updsched.exe [104768 2014-05-28] ()HKU\S-1-5-21-411477476-3930164457-2768981298-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comSearchScopes: HKLM -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=spSearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchassist.net/search?q={searchTerms}&p=sm=51&c=d&s=spSearchScopes: HKLM -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=spSearchScopes: HKLM -> {CED8DC85-D661-4CA5-9FF4-91CD24E71DED} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_15_02_ff&cd=2XzuyEtN2Y1L1QzuzzyEtB0BtB0BzztDtA0EyCtC0C0DyD0AtN0D0Tzu0StCtCtDtCtN1L2XzutAtFyBtFtCtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0DyCtC0AtAtC0EtGzz0F0E0FtG0AtBtByEtGyE0AtB0DtGtDtC0FyE0BtC0CyE0C0FtBzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtB0AyBtAyBtAzztG0AtAtA0BtGyE0FyEyBtGzzyEzytBtGtCtC0C0AyBtD0A0CtAzz0FyE2Q&cr=2025818252&ir=SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {D570E2AB-2619-440A-9C82-D7557A775154} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=spSearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> 332F101FDCD9428787544141B9948D54 URL = http://www.bing.com/search?FORM=U220DF&PC=U220&q={searchTerms}&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchassist.net/search?q={searchTerms}&p=sm=51&c=d&s=spSearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {4E70BA87-5501-4CA9-93DC-79346E444EF1} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=737SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=spSearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {CED8DC85-D661-4CA5-9FF4-91CD24E71DED} URL = SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {D570E2AB-2619-440A-9C82-D7557A775154} URL = SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)Toolbar: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No FileToolbar: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=972Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)Winsock: Catalog9 01 C:\Windows\SysWOW64\CatWSPrx.dll [330464] ()Winsock: Catalog9 02 C:\Windows\SysWOW64\CatWSPrx.dll [330464] ()Winsock: Catalog9 03 C:\Windows\SysWOW64\CatWSPrx.dll [330464] ()Winsock: Catalog9 04 C:\Windows\SysWOW64\CatWSPrx.dll [330464] ()Winsock: Catalog9 15 C:\Windows\SysWOW64\CatWSPrx.dll [330464] ()Winsock: Catalog9-x64 01 C:\Windows\system32\CatWSPrx64.dll [386224] ()Winsock: Catalog9-x64 02 C:\Windows\system32\CatWSPrx64.dll [386224] ()Winsock: Catalog9-x64 03 C:\Windows\system32\CatWSPrx64.dll [386224] ()Winsock: Catalog9-x64 04 C:\Windows\system32\CatWSPrx64.dll [386224] ()Winsock: Catalog9-x64 15 C:\Windows\system32\CatWSPrx64.dll [386224] ()Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox:========FF ProfilePath: C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.defaultFF DefaultSearchEngine: GoogleFF SelectedSearchEngine: TroviFF Homepage: hxxp://www.comcast.net/FF Keyword.URL: FF DefaultSearchEngine: Search FF SearchEngineOrder.1: Search FF SelectedSearchEngine: Search FF DefaultSearchUrl: hxxp://www.SearchAssist.net/search?p=s&q={searchTerms}&m=51&c=d&s=spFF Homepage: hxxp://www.SearchAssist.net/?p=h&m=51&c=d&s=spFF NewTab: hxxp://www.SearchAssist.net/?p=t&m=51&c=d&s=spFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No FileFF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-411477476-3930164457-2768981298-1000: @nds.com/PlayerPlugin -> C:\Users\Levin\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV)FF Plugin HKU\S-1-5-21-411477476-3930164457-2768981298-1000: NDS.com/PlayerPlugin -> C:\Users\Levin\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV)FF SearchPlugin: C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\searchplugins\searchassist.xml [2014-02-21]FF SearchPlugin: C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\searchplugins\startpointkms.xml [2015-01-07]FF Extension: Zoom It - C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\Extensions\{1a18bf36-5351-f662-9c94-b75ceb521144} [2015-02-03]FF Extension: AllowClipboard Helper - C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\Extensions\{cda6db95-6aab-414b-803c-40cf34f589b5} [2014-10-06]FF Extension: Pin It Button - C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-11-23]FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextensionFF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-03-03]FF HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpiFF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: =======CHR HomePage: Default -> hxxp://xfinity.comcast.net/CHR Profile: C:\Users\Levin\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-17]CHR Extension: (Google Docs) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17]CHR Extension: (Google Drive) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]CHR Extension: (YouTube) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17]CHR Extension: (Google Search) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17]CHR Extension: (Google Sheets) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-17]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]CHR Extension: (Google Wallet) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17]CHR Extension: (Gmail) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17]CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)S2 DellOSDservice; C:\Program Files\Dell\OSD\DellOSDservice.exe [7168 2010-07-05] (Microsoft) [File not signed]S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2015-02-12] (IBM Corp.)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)S2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-02] (Dell Inc.) [File not signed]S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 LMIRfsClientNP; No ImagePathS0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)S3 NPF; C:\Windows\System32\drivers\NPF.sys [47632 2010-02-02] (CACE Technologies, Inc.)S1 RapportCerberus_80128; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [844440 2015-02-25] (IBM Corp.) [File not signed]S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2015-02-12] (IBM Corp.) [File not signed]S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2015-02-12] (IBM Corp.) [File not signed]S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2015-02-12] (IBM Corp.) [File not signed]S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-27 17:24 - 2015-03-27 17:25 - 00019241 _____ () C:\Users\Levin\Desktop\FRST.txt2015-03-27 17:24 - 2015-03-27 17:24 - 00000000 ____D () C:\FRST2015-03-27 17:12 - 2015-03-27 17:11 - 02095616 _____ (Farbar) C:\Users\Levin\Desktop\FRST64.exe2015-03-27 16:56 - 2015-03-27 16:56 - 00000000 ____D () C:\Users\L2\AppData\Roaming\ATI2015-03-27 16:56 - 2015-03-27 16:56 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Apple Computer2015-03-27 16:56 - 2015-03-27 16:56 - 00000000 ____D () C:\Users\L2\AppData\Local\ATI2015-03-27 16:55 - 2015-03-27 16:55 - 00001415 _____ () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2015-03-27 16:55 - 2015-03-27 16:55 - 00000258 __RSH () C:\Users\L2\ntuser.pol2015-03-27 16:55 - 2015-03-27 16:55 - 00000020 ___SH () C:\Users\L2\ntuser.ini2015-03-27 16:55 - 2015-03-27 16:55 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Adobe2015-03-27 16:55 - 2015-03-27 16:55 - 00000000 ____D () C:\Users\L2\AppData\Local\Google2015-03-27 16:55 - 2015-03-27 16:55 - 00000000 ____D () C:\Users\L22015-03-27 16:55 - 2012-06-19 21:58 - 00000000 ____D () C:\Users\L2\AppData\Local\Trusteer2015-03-27 16:55 - 2012-03-21 03:03 - 00000000 ____D () C:\Users\L2\AppData\Local\Microsoft Help2015-03-27 16:55 - 2010-10-23 13:55 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Macromedia2015-03-27 16:55 - 2010-09-16 22:18 - 00000000 ____D () C:\Users\L2\AppData\Local\SoftThinks2015-03-27 16:55 - 2010-09-16 22:05 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell TouchCam2015-03-27 16:55 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2015-03-27 16:55 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2015-03-27 16:24 - 2015-03-27 16:24 - 00251538 _____ () C:\Users\Levin\Documents\cc_20150327_162430.reg2015-03-27 16:23 - 2015-03-27 16:23 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk2015-03-27 16:23 - 2015-03-27 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2015-03-27 16:23 - 2015-03-27 16:23 - 00000000 ____D () C:\Program Files\CCleaner2015-03-27 16:07 - 2015-03-27 16:07 - 00000000 ____D () C:\ProgramData\HitmanPro2015-03-27 08:12 - 2015-03-27 08:16 - 00000000 ____D () C:\inetpub2015-03-18 08:45 - 2015-03-18 08:45 - 00028444 _____ () C:\Users\Levin\Downloads\unknown2015-03-17 18:58 - 2015-03-27 16:21 - 00001298 _____ () C:\Windows\setupact.log2015-03-17 18:58 - 2015-03-17 18:58 - 00000320 _____ () C:\Windows\PFRO.log2015-03-17 18:58 - 2015-03-17 18:58 - 00000000 _____ () C:\Windows\setuperr.log2015-03-17 12:03 - 2015-03-20 05:08 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-03-17 12:03 - 2015-03-17 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-03-17 12:01 - 2015-03-26 02:06 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-03-17 12:01 - 2015-03-25 16:44 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-03-17 12:01 - 2015-03-17 12:01 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-03-17 12:01 - 2015-03-17 12:01 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-03-17 12:00 - 2015-03-17 12:00 - 00880208 _____ (Google Inc.) C:\Users\Levin\Downloads\ChromeSetup.exe2015-03-15 21:22 - 2015-03-24 07:36 - 00000945 _____ () C:\Windows\SysWOW64\debug.log2015-03-14 16:12 - 2015-03-27 16:27 - 00000000 ____D () C:\Program Files (x86)\SweepTools PC Cleaner2015-03-14 16:12 - 2015-03-21 08:38 - 00000000 ____D () C:\Users\Levin\Documents\Add-in Express2015-03-14 16:12 - 2015-03-14 16:12 - 00003980 _____ () C:\Windows\System32\Tasks\SAUpdate2015-03-14 16:12 - 2015-03-14 16:12 - 00003208 _____ () C:\Windows\System32\Tasks\SACheck2015-03-14 16:12 - 2015-03-14 16:12 - 00002796 _____ () C:\Windows\System32\Tasks\SweepTools PC Cleaner2015-03-14 16:12 - 2015-03-14 16:12 - 00000258 __RSH () C:\Users\Levin\ntuser.pol2015-03-14 16:12 - 2015-03-14 16:12 - 00000000 ____D () C:\Users\Levin\AppData\Local\SweepTools2015-03-14 16:12 - 2015-03-14 16:12 - 00000000 ____D () C:\Program Files\SearchAssist2015-03-11 06:06 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2015-03-11 06:06 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2015-03-11 06:06 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-03-11 06:06 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2015-03-11 06:06 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2015-03-11 06:06 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-03-11 06:06 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2015-03-11 06:06 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2015-03-11 06:06 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-03-11 06:06 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-03-11 06:06 - 2015-02-02 22:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-03-11 06:06 - 2015-02-02 22:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2015-03-11 06:06 - 2015-02-02 22:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys2015-03-11 06:06 - 2015-02-02 22:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2015-03-11 06:06 - 2015-02-02 22:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2015-03-11 06:06 - 2015-02-02 22:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll2015-03-11 06:06 - 2015-02-02 22:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll2015-03-11 06:06 - 2015-02-02 22:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll2015-03-11 06:06 - 2015-02-02 22:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-03-11 06:06 - 2015-02-02 22:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll2015-03-11 06:06 - 2015-02-02 22:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2015-03-11 06:06 - 2015-02-02 22:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe2015-03-11 06:06 - 2015-02-02 22:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe2015-03-11 06:06 - 2015-02-02 22:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys2015-03-11 06:06 - 2015-02-02 22:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-03-11 06:06 - 2015-02-02 22:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-03-11 06:06 - 2015-02-02 22:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2015-03-11 06:06 - 2015-02-02 22:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll2015-03-11 06:06 - 2015-02-02 22:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll2015-03-11 06:06 - 2015-02-02 22:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-03-11 06:06 - 2015-02-02 22:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2015-03-11 06:06 - 2015-02-02 22:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-03-11 06:06 - 2015-02-02 22:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe2015-03-11 06:06 - 2015-02-02 22:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe2015-03-11 06:06 - 2014-10-31 17:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe2015-03-11 06:05 - 2015-02-02 22:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll2015-03-11 06:05 - 2015-02-02 22:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx2015-03-11 06:05 - 2015-02-02 22:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll2015-03-11 06:05 - 2015-02-02 22:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2015-03-11 06:05 - 2015-02-02 22:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe2015-03-11 06:05 - 2015-02-02 22:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll2015-03-11 06:05 - 2015-02-02 22:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-03-11 06:05 - 2015-02-02 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll2015-03-11 06:05 - 2015-02-02 22:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll2015-03-11 06:05 - 2015-02-02 22:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx2015-03-11 06:05 - 2015-02-02 22:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll2015-03-11 06:05 - 2015-02-02 22:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2015-03-11 06:05 - 2015-02-02 22:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll2015-03-11 06:05 - 2015-02-02 22:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-03-11 06:05 - 2015-02-02 21:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys2015-03-11 06:04 - 2015-02-13 00:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2015-03-11 06:04 - 2015-02-13 00:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2015-03-11 06:04 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll2015-03-11 06:04 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll2015-03-11 06:04 - 2015-01-30 22:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2015-03-11 06:04 - 2015-01-30 22:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2015-03-11 06:04 - 2015-01-30 18:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2015-03-11 06:03 - 2015-03-06 00:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-03-11 06:03 - 2015-03-06 00:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-03-11 06:03 - 2015-03-06 00:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-03-11 06:03 - 2015-03-06 00:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-03-11 06:03 - 2015-03-06 00:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-03-11 06:03 - 2015-03-06 00:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-03-11 06:03 - 2015-03-06 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-03-11 06:03 - 2015-03-06 00:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-03-11 06:03 - 2015-03-06 00:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-03-11 06:03 - 2015-03-06 00:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-03-11 06:03 - 2015-03-06 00:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-03-11 06:03 - 2015-03-06 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-03-11 06:03 - 2015-03-06 00:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-03-11 06:03 - 2015-03-06 00:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-03-11 06:03 - 2015-03-06 00:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-03-11 06:03 - 2015-02-25 22:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-03-11 06:03 - 2015-02-23 22:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-03-11 06:03 - 2015-02-23 21:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-03-11 06:03 - 2015-02-20 19:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-03-11 06:03 - 2015-02-20 19:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-03-11 06:03 - 2015-02-20 19:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-03-11 06:03 - 2015-02-20 19:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-03-11 06:03 - 2015-02-20 18:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-03-11 06:03 - 2015-02-19 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-03-11 06:03 - 2015-02-19 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-03-11 06:03 - 2015-02-19 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-03-11 06:03 - 2015-02-19 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-03-11 06:03 - 2015-02-19 21:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-03-11 06:03 - 2015-02-19 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-03-11 06:03 - 2015-02-19 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-03-11 06:03 - 2015-02-19 21:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-03-11 06:03 - 2015-02-19 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-03-11 06:03 - 2015-02-19 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-03-11 06:03 - 2015-02-19 21:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-03-11 06:03 - 2015-02-19 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-03-11 06:03 - 2015-02-19 21:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-03-11 06:03 - 2015-02-19 21:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-03-11 06:03 - 2015-02-19 21:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-03-11 06:03 - 2015-02-19 21:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-03-11 06:03 - 2015-02-19 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-03-11 06:03 - 2015-02-19 21:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-03-11 06:03 - 2015-02-19 21:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-03-11 06:03 - 2015-02-19 21:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-03-11 06:03 - 2015-02-19 20:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-03-11 06:03 - 2015-02-19 20:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-03-11 06:03 - 2015-02-19 20:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-03-11 06:03 - 2015-02-19 20:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-03-11 06:03 - 2015-02-19 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-03-11 06:03 - 2015-02-19 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-03-11 06:03 - 2015-02-19 20:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-03-11 06:03 - 2015-02-19 20:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-03-11 06:03 - 2015-02-19 20:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-03-11 06:03 - 2015-02-19 20:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-03-11 06:03 - 2015-02-19 20:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-03-11 06:03 - 2015-02-19 20:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-03-11 06:03 - 2015-02-19 20:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-03-11 06:03 - 2015-02-19 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-03-11 06:03 - 2015-02-19 20:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-03-11 06:03 - 2015-02-19 19:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-03-11 06:03 - 2015-02-19 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-03-11 06:03 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2015-03-11 06:03 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2015-03-11 06:03 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-03-11 06:03 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll2015-03-11 06:03 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll2015-03-11 06:02 - 2015-02-20 20:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-03-11 06:02 - 2015-02-20 18:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-03-11 06:02 - 2015-02-19 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-03-11 06:02 - 2015-02-19 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-03-11 06:02 - 2015-02-19 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-03-11 06:02 - 2015-02-19 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-03-11 06:02 - 2015-02-19 21:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-03-11 06:02 - 2015-02-19 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-03-11 06:02 - 2015-02-19 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-03-11 06:02 - 2015-02-19 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-03-11 06:02 - 2015-02-19 20:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-03-11 06:02 - 2015-02-19 20:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-03-11 06:02 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2015-03-11 06:02 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2015-03-07 10:35 - 2015-03-25 18:03 - 00000000 ____D () C:\Program Files (x86)\Booster-Web2015-03-03 15:17 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll2015-03-03 15:17 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll2015-03-03 15:17 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll2015-03-03 15:17 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll2015-03-03 13:52 - 2015-03-03 13:54 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 22015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\Users\Levin\Documents\PDF Architect 22015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 22015-03-03 13:50 - 2015-03-03 13:50 - 00000000 ____D () C:\Users\Levin\AppData\Local\PDFCreator2015-03-03 13:50 - 2015-03-03 13:50 - 00000000 ____D () C:\ProgramData\PDF Architect 22015-03-03 13:49 - 2015-03-03 13:49 - 00114872 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll2015-03-03 13:49 - 2015-03-03 13:49 - 00000000 ____D () C:\Users\Levin\AppData\Roaming\pdfforge2015-03-03 13:49 - 2015-03-03 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator2015-03-03 13:45 - 2015-03-03 13:46 - 27721680 _____ (pdfforge ) C:\Users\Levin\Downloads\PDFCreator-2_0_2-setup.exe2015-02-25 13:44 - 2015-02-25 13:44 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk2015-02-25 13:44 - 2015-02-25 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-02-25 13:42 - 2015-02-25 13:44 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-02-25 13:42 - 2015-02-25 13:44 - 00000000 ____D () C:\Program Files\iTunes2015-02-25 04:01 - 2015-01-08 18:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls2015-02-25 04:01 - 2015-01-08 18:43 - 00419936 _____ () C:\Windows\system32\locale.nls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-27 17:23 - 2014-12-21 19:51 - 00339024 _____ () C:\Windows\system32\FNTCACHE.DAT2015-03-27 17:13 - 2014-12-17 13:33 - 01114562 _____ () C:\Windows\WindowsUpdate.log2015-03-27 17:12 - 2014-11-05 13:27 - 00000000 ___RD () C:\Users\Levin\iCloudDrive2015-03-27 16:56 - 2014-12-17 20:29 - 00088312 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT2015-03-27 16:56 - 2014-12-17 13:33 - 00088312 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT2015-03-27 16:56 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk2015-03-27 16:44 - 2009-07-14 00:13 - 00006462 _____ () C:\Windows\system32\PerfStringBackup.INI2015-03-27 16:29 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-03-27 16:29 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-03-27 16:27 - 2015-02-03 14:01 - 00088312 _____ () C:\Users\Levin\AppData\Local\GDIPFONTCACHEV1.DAT2015-03-27 16:26 - 2012-10-19 19:40 - 00000000 ____D () C:\ProgramData\LogMeIn2015-03-27 16:26 - 2012-10-19 19:39 - 00000000 ____D () C:\Program Files (x86)\LogMeIn2015-03-27 16:21 - 2009-07-14 00:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2015-03-27 16:21 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-03-27 15:48 - 2014-08-29 18:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-03-27 15:43 - 2014-08-29 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-03-27 15:43 - 2014-08-29 18:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-03-27 15:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF2015-03-27 15:29 - 2014-01-28 21:21 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk2015-03-27 15:29 - 2014-01-28 21:21 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk2015-03-27 14:55 - 2010-10-23 12:16 - 00000000 ____D () C:\Users\Levin2015-03-27 14:53 - 2014-04-18 09:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan2015-03-27 14:53 - 2010-10-23 15:02 - 00000000 ____D () C:\Users\Levin\AppData\Local\Lacerte2015-03-27 14:53 - 2010-09-16 21:41 - 00000000 ____D () C:\Windows\SysWOW64\Macromed2015-03-27 14:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration2015-03-27 14:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared2015-03-27 14:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2015-03-27 08:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv2015-03-27 08:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\inetsrv2015-03-26 20:33 - 2012-06-06 19:47 - 00000000 ____D () C:\Users\Levin\Documents\Outlook Files2015-03-26 02:18 - 2012-04-09 18:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-03-25 19:48 - 2010-12-05 21:38 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDF7A165-D1AE-488A-9423-9F3401AC2F54}2015-03-25 19:33 - 2014-11-10 16:11 - 00000000 ____D () C:\Users\Levin\Desktop\Greenview2015-03-25 16:48 - 2014-08-22 09:36 - 00000000 ____D () C:\Users\Levin\AppData\Local\Adobe2015-03-25 16:47 - 2012-04-09 18:29 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-03-25 16:47 - 2012-04-09 18:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-03-25 16:47 - 2011-05-18 08:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-03-21 07:57 - 2014-12-17 20:49 - 00001573 _____ () C:\Users\Public\Desktop\2014 Lacerte Tax.LNK2015-03-17 12:05 - 2013-01-13 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo2015-03-17 12:03 - 2010-10-23 13:45 - 00000000 ____D () C:\Users\Levin\AppData\Local\Google2015-03-17 12:02 - 2010-10-23 13:45 - 00000000 ____D () C:\Program Files (x86)\Google2015-03-14 16:12 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2015-03-14 16:12 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy2015-03-12 03:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2015-03-12 03:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism2015-03-12 03:37 - 2010-10-23 14:08 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-03-12 03:36 - 2009-07-13 21:34 - 00000545 _____ () C:\Windows\win.ini2015-03-12 03:21 - 2013-07-12 03:00 - 00000000 ____D () C:\Windows\system32\MRT2015-03-12 03:09 - 2010-10-23 16:02 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-03-07 08:51 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system2015-03-07 08:29 - 2014-08-29 18:37 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-03-04 04:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing2015-03-03 14:11 - 2014-01-24 08:53 - 00000000 ____D () C:\Program Files\PDFCreator2015-03-03 09:00 - 2014-12-17 20:36 - 00001924 _____ () C:\Users\Public\Desktop\Lacerte DMS.lnk2015-03-03 08:17 - 2010-10-23 13:23 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2015-02-25 18:51 - 2012-10-19 19:40 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak2015-02-25 18:51 - 2012-10-19 19:40 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll2015-02-25 18:51 - 2012-10-19 19:40 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll2015-02-25 18:51 - 2012-10-19 19:40 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll2015-02-25 13:42 - 2011-09-08 21:28 - 00000000 ____D () C:\Program Files\iPod2015-02-25 13:42 - 2011-09-08 21:28 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-02-25 13:42 - 2010-10-23 14:33 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-02-25 04:23 - 2013-08-29 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection ==================== Files in the root of some directories ======= 2010-11-17 23:00 - 2010-12-21 15:01 - 1984000 ____N () C:\Program Files (x86)\Common Files\clientmgmt.dll2010-11-17 23:00 - 2010-12-20 18:21 - 0002177 ____N () C:\Program Files (x86)\Common Files\default_404.html2013-01-13 12:39 - 2013-01-13 12:41 - 0007168 ___SH () C:\Users\Levin\AppData\Roaming\Thumbs.db2011-10-22 13:23 - 2011-10-22 13:23 - 0039320 _____ () C:\Users\Levin\AppData\Roaming\UserTile.png2014-01-24 08:53 - 2015-01-06 16:10 - 0000238 _____ () C:\Users\Levin\AppData\Roaming\WB.CFG2014-01-24 08:53 - 2014-01-24 08:53 - 0000005 _____ () C:\Users\Levin\AppData\Roaming\WBPU-TTL.DAT2015-01-31 21:58 - 2015-01-31 21:58 - 0000064 _____ () C:\Users\Levin\AppData\Local\9f0364cf034ccb214842ee1b4e1c86162015-01-06 16:10 - 2015-01-06 16:10 - 0000001 _____ () C:\Users\Levin\AppData\Local\DSI.DAT2015-01-06 16:10 - 2015-01-06 16:10 - 0022528 _____ () C:\Users\Levin\AppData\Local\dsisetup1811461922.exe2010-10-23 15:44 - 2015-02-08 15:45 - 0012564 _____ () C:\ProgramData\hpzinstall.log2015-01-31 21:56 - 2015-01-31 21:56 - 0001612 _____ () C:\ProgramData\tempimage.bmp Some content of TEMP:====================C:\Users\Levin\AppData\Local\Temp\Quarantine.exeC:\Users\Levin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 01:19 ==================== End Of Log ============================
  22. I was attempting to disinfect a PC that was unable to run programs,and had no internet access. Not able to run Malwarebytes or the FARBAR tool from the desktop, but only safe mode. This report is from Safe More. Windows 7 Home Premium 64bit. ********************************************* Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Levin (administrator) on LEVIN-PC on 27-03-2015 17:24:51 Running from C:\Users\Levin\Desktop Loaded Profiles: Levin (Available profiles: Levin & L2) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.) HKLM-x32\...\Run: [shwiconXP6366] => c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe [237568 2009-07-16] (Alcor Micro Corp.) HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [uCam_Menu] => C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.) HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [PCShowServer] => C:\Users\Levin\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1765744 2013-11-17] (NDS Technologies) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.) HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Run: [updates Scheduler] => C:\Program Files (x86)\Common Files\lacerte shared\update scheduler\updsched.exe [104768 2014-05-28] () HKU\S-1-5-21-411477476-3930164457-2768981298-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File) Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com SearchScopes: HKLM -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=sp SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchassist.net/search?q={searchTerms}&p=sm=51&c=d&s=sp SearchScopes: HKLM -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=sp SearchScopes: HKLM -> {CED8DC85-D661-4CA5-9FF4-91CD24E71DED} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_15_02_ff&cd=2XzuyEtN2Y1L1QzuzzyEtB0BtB0BzztDtA0EyCtC0C0DyD0AtN0D0Tzu0StCtCtDtCtN1L2XzutAtFyBtFtCtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0DyCtC0AtAtC0EtGzz0F0E0FtG0AtBtByEtGyE0AtB0DtGtDtC0FyE0BtC0CyE0C0FtBzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtB0AyBtAyBtAzztG0AtAtA0BtGyE0FyEyBtGzzyEzytBtGtCtC0C0AyBtD0A0CtAzz0FyE2Q&cr=2025818252&ir= SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {D570E2AB-2619-440A-9C82-D7557A775154} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=sp SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> 332F101FDCD9428787544141B9948D54 URL = http://www.bing.com/search?FORM=U220DF&PC=U220&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchassist.net/search?q={searchTerms}&p=sm=51&c=d&s=sp SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {4E70BA87-5501-4CA9-93DC-79346E444EF1} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=737 SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.SearchAssist.net/search?q={searchTerms}&p=s&m=51&c=d&s=sp SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {CED8DC85-D661-4CA5-9FF4-91CD24E71DED} URL = SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {D570E2AB-2619-440A-9C82-D7557A775154} URL = SearchScopes: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH) Toolbar: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File Toolbar: HKU\S-1-5-21-411477476-3930164457-2768981298-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=972 Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\CatWSPrx.dll [330464] () Winsock: Catalog9 02 C:\Windows\SysWOW64\CatWSPrx.dll [330464] () Winsock: Catalog9 03 C:\Windows\SysWOW64\CatWSPrx.dll [330464] () Winsock: Catalog9 04 C:\Windows\SysWOW64\CatWSPrx.dll [330464] () Winsock: Catalog9 15 C:\Windows\SysWOW64\CatWSPrx.dll [330464] () Winsock: Catalog9-x64 01 C:\Windows\system32\CatWSPrx64.dll [386224] () Winsock: Catalog9-x64 02 C:\Windows\system32\CatWSPrx64.dll [386224] () Winsock: Catalog9-x64 03 C:\Windows\system32\CatWSPrx64.dll [386224] () Winsock: Catalog9-x64 04 C:\Windows\system32\CatWSPrx64.dll [386224] () Winsock: Catalog9-x64 15 C:\Windows\system32\CatWSPrx64.dll [386224] () Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default FF DefaultSearchEngine: Google FF SelectedSearchEngine: Trovi FF Homepage: hxxp://www.comcast.net/ FF Keyword.URL: FF DefaultSearchEngine: Search FF SearchEngineOrder.1: Search FF SelectedSearchEngine: Search FF DefaultSearchUrl: hxxp://www.SearchAssist.net/search?p=s&q={searchTerms}&m=51&c=d&s=sp FF Homepage: hxxp://www.SearchAssist.net/?p=h&m=51&c=d&s=sp FF NewTab: hxxp://www.SearchAssist.net/?p=t&m=51&c=d&s=sp FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-411477476-3930164457-2768981298-1000: @nds.com/PlayerPlugin -> C:\Users\Levin\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV) FF Plugin HKU\S-1-5-21-411477476-3930164457-2768981298-1000: NDS.com/PlayerPlugin -> C:\Users\Levin\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV) FF SearchPlugin: C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\searchplugins\searchassist.xml [2014-02-21] FF SearchPlugin: C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\searchplugins\startpointkms.xml [2015-01-07] FF Extension: Zoom It - C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\Extensions\{1a18bf36-5351-f662-9c94-b75ceb521144} [2015-02-03] FF Extension: AllowClipboard Helper - C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\Extensions\{cda6db95-6aab-414b-803c-40cf34f589b5} [2014-10-06] FF Extension: Pin It Button - C:\Users\Levin\AppData\Roaming\Mozilla\Firefox\Profiles\rx3uqchy.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-11-23] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-03-03] FF HKU\S-1-5-21-411477476-3930164457-2768981298-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://xfinity.comcast.net/ CHR Profile: C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-17] CHR Extension: (Google Docs) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17] CHR Extension: (Google Drive) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17] CHR Extension: (YouTube) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17] CHR Extension: (Google Search) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17] CHR Extension: (Google Sheets) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17] CHR Extension: (Google Wallet) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17] CHR Extension: (Gmail) - C:\Users\Levin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17] CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) S2 DellOSDservice; C:\Program Files\Dell\OSD\DellOSDservice.exe [7168 2010-07-05] (Microsoft) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH) S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH) S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2015-02-12] (IBM Corp.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-02] (Dell Inc.) [File not signed] S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 LMIRfsClientNP; No ImagePath S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed] S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) S3 NPF; C:\Windows\System32\drivers\NPF.sys [47632 2010-02-02] (CACE Technologies, Inc.) S1 RapportCerberus_80128; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [844440 2015-02-25] (IBM Corp.) [File not signed] S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2015-02-12] (IBM Corp.) [File not signed] S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2015-02-12] (IBM Corp.) [File not signed] S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2015-02-12] (IBM Corp.) [File not signed] S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited) S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X] S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-27 17:24 - 2015-03-27 17:25 - 00019241 _____ () C:\Users\Levin\Desktop\FRST.txt 2015-03-27 17:24 - 2015-03-27 17:24 - 00000000 ____D () C:\FRST 2015-03-27 17:12 - 2015-03-27 17:11 - 02095616 _____ (Farbar) C:\Users\Levin\Desktop\FRST64.exe 2015-03-27 16:56 - 2015-03-27 16:56 - 00000000 ____D () C:\Users\L2\AppData\Roaming\ATI 2015-03-27 16:56 - 2015-03-27 16:56 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Apple Computer 2015-03-27 16:56 - 2015-03-27 16:56 - 00000000 ____D () C:\Users\L2\AppData\Local\ATI 2015-03-27 16:55 - 2015-03-27 16:55 - 00001415 _____ () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-27 16:55 - 2015-03-27 16:55 - 00000258 __RSH () C:\Users\L2\ntuser.pol 2015-03-27 16:55 - 2015-03-27 16:55 - 00000020 ___SH () C:\Users\L2\ntuser.ini 2015-03-27 16:55 - 2015-03-27 16:55 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Adobe 2015-03-27 16:55 - 2015-03-27 16:55 - 00000000 ____D () C:\Users\L2\AppData\Local\Google 2015-03-27 16:55 - 2015-03-27 16:55 - 00000000 ____D () C:\Users\L2 2015-03-27 16:55 - 2012-06-19 21:58 - 00000000 ____D () C:\Users\L2\AppData\Local\Trusteer 2015-03-27 16:55 - 2012-03-21 03:03 - 00000000 ____D () C:\Users\L2\AppData\Local\Microsoft Help 2015-03-27 16:55 - 2010-10-23 13:55 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Macromedia 2015-03-27 16:55 - 2010-09-16 22:18 - 00000000 ____D () C:\Users\L2\AppData\Local\SoftThinks 2015-03-27 16:55 - 2010-09-16 22:05 - 00000000 ____D () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell TouchCam 2015-03-27 16:55 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-27 16:55 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\L2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-27 16:24 - 2015-03-27 16:24 - 00251538 _____ () C:\Users\Levin\Documents\cc_20150327_162430.reg 2015-03-27 16:23 - 2015-03-27 16:23 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-03-27 16:23 - 2015-03-27 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-03-27 16:23 - 2015-03-27 16:23 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-27 16:07 - 2015-03-27 16:07 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-03-27 08:12 - 2015-03-27 08:16 - 00000000 ____D () C:\inetpub 2015-03-18 08:45 - 2015-03-18 08:45 - 00028444 _____ () C:\Users\Levin\Downloads\unknown 2015-03-17 18:58 - 2015-03-27 16:21 - 00001298 _____ () C:\Windows\setupact.log 2015-03-17 18:58 - 2015-03-17 18:58 - 00000320 _____ () C:\Windows\PFRO.log 2015-03-17 18:58 - 2015-03-17 18:58 - 00000000 _____ () C:\Windows\setuperr.log 2015-03-17 12:03 - 2015-03-20 05:08 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-17 12:03 - 2015-03-17 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-03-17 12:01 - 2015-03-26 02:06 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-17 12:01 - 2015-03-25 16:44 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-17 12:01 - 2015-03-17 12:01 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-03-17 12:01 - 2015-03-17 12:01 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-03-17 12:00 - 2015-03-17 12:00 - 00880208 _____ (Google Inc.) C:\Users\Levin\Downloads\ChromeSetup.exe 2015-03-15 21:22 - 2015-03-24 07:36 - 00000945 _____ () C:\Windows\SysWOW64\debug.log 2015-03-14 16:12 - 2015-03-27 16:27 - 00000000 ____D () C:\Program Files (x86)\SweepTools PC Cleaner 2015-03-14 16:12 - 2015-03-21 08:38 - 00000000 ____D () C:\Users\Levin\Documents\Add-in Express 2015-03-14 16:12 - 2015-03-14 16:12 - 00003980 _____ () C:\Windows\System32\Tasks\SAUpdate 2015-03-14 16:12 - 2015-03-14 16:12 - 00003208 _____ () C:\Windows\System32\Tasks\SACheck 2015-03-14 16:12 - 2015-03-14 16:12 - 00002796 _____ () C:\Windows\System32\Tasks\SweepTools PC Cleaner 2015-03-14 16:12 - 2015-03-14 16:12 - 00000258 __RSH () C:\Users\Levin\ntuser.pol 2015-03-14 16:12 - 2015-03-14 16:12 - 00000000 ____D () C:\Users\Levin\AppData\Local\SweepTools 2015-03-14 16:12 - 2015-03-14 16:12 - 00000000 ____D () C:\Program Files\SearchAssist 2015-03-11 06:06 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 06:06 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 06:06 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 06:06 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 06:06 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 06:06 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 06:06 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 06:06 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 06:06 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 06:06 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 06:06 - 2015-02-02 22:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 06:06 - 2015-02-02 22:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 06:06 - 2015-02-02 22:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 06:06 - 2015-02-02 22:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 06:06 - 2015-02-02 22:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 06:06 - 2015-02-02 22:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 06:06 - 2015-02-02 22:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 06:06 - 2015-02-02 22:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 06:06 - 2015-02-02 22:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 06:06 - 2015-02-02 22:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 06:06 - 2015-02-02 22:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 06:06 - 2015-02-02 22:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 06:06 - 2015-02-02 22:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 06:06 - 2015-02-02 22:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 06:06 - 2015-02-02 22:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 06:06 - 2014-10-31 17:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 06:05 - 2015-02-02 22:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 06:05 - 2015-02-02 22:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 06:05 - 2015-02-02 22:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 06:05 - 2015-02-02 22:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 06:05 - 2015-02-02 22:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 06:05 - 2015-02-02 22:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 06:05 - 2015-02-02 22:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 06:05 - 2015-02-02 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 06:05 - 2015-02-02 22:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 06:05 - 2015-02-02 22:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 06:05 - 2015-02-02 22:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 06:05 - 2015-02-02 22:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 06:05 - 2015-02-02 22:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 06:05 - 2015-02-02 22:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 06:05 - 2015-02-02 21:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 06:04 - 2015-02-13 00:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 06:04 - 2015-02-13 00:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 06:04 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 06:04 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 06:04 - 2015-01-30 22:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 06:04 - 2015-01-30 22:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 06:04 - 2015-01-30 18:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 06:03 - 2015-03-06 00:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 06:03 - 2015-03-06 00:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 06:03 - 2015-03-06 00:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 06:03 - 2015-03-06 00:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 06:03 - 2015-03-06 00:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 06:03 - 2015-03-06 00:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 06:03 - 2015-03-06 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 06:03 - 2015-03-06 00:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 06:03 - 2015-03-06 00:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 06:03 - 2015-03-06 00:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 06:03 - 2015-03-06 00:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 06:03 - 2015-03-06 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 06:03 - 2015-03-06 00:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 06:03 - 2015-03-06 00:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 06:03 - 2015-03-06 00:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 06:03 - 2015-02-25 22:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 06:03 - 2015-02-23 22:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 06:03 - 2015-02-23 21:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 06:03 - 2015-02-20 19:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 06:03 - 2015-02-20 19:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 06:03 - 2015-02-20 19:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 06:03 - 2015-02-20 19:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 06:03 - 2015-02-20 18:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 06:03 - 2015-02-19 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 06:03 - 2015-02-19 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 06:03 - 2015-02-19 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 06:03 - 2015-02-19 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 06:03 - 2015-02-19 21:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 06:03 - 2015-02-19 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 06:03 - 2015-02-19 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 06:03 - 2015-02-19 21:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 06:03 - 2015-02-19 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 06:03 - 2015-02-19 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 06:03 - 2015-02-19 21:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 06:03 - 2015-02-19 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 06:03 - 2015-02-19 21:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 06:03 - 2015-02-19 21:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 06:03 - 2015-02-19 21:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 06:03 - 2015-02-19 21:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 06:03 - 2015-02-19 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 06:03 - 2015-02-19 21:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 06:03 - 2015-02-19 21:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 06:03 - 2015-02-19 21:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 06:03 - 2015-02-19 20:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 06:03 - 2015-02-19 20:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 06:03 - 2015-02-19 20:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 06:03 - 2015-02-19 20:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 06:03 - 2015-02-19 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 06:03 - 2015-02-19 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 06:03 - 2015-02-19 20:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 06:03 - 2015-02-19 20:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 06:03 - 2015-02-19 20:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 06:03 - 2015-02-19 20:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 06:03 - 2015-02-19 20:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 06:03 - 2015-02-19 20:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 06:03 - 2015-02-19 20:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 06:03 - 2015-02-19 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 06:03 - 2015-02-19 20:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 06:03 - 2015-02-19 19:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 06:03 - 2015-02-19 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 06:03 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 06:03 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 06:03 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 06:03 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 06:03 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 06:02 - 2015-02-20 20:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 06:02 - 2015-02-20 18:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 06:02 - 2015-02-19 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 06:02 - 2015-02-19 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 06:02 - 2015-02-19 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 06:02 - 2015-02-19 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 06:02 - 2015-02-19 21:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 06:02 - 2015-02-19 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 06:02 - 2015-02-19 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 06:02 - 2015-02-19 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 06:02 - 2015-02-19 20:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 06:02 - 2015-02-19 20:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 06:02 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 06:02 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-07 10:35 - 2015-03-25 18:03 - 00000000 ____D () C:\Program Files (x86)\Booster-Web 2015-03-03 15:17 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-03-03 15:17 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-03-03 15:17 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-03-03 15:17 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-03-03 13:52 - 2015-03-03 13:54 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2 2015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\Users\Levin\Documents\PDF Architect 2 2015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2 2015-03-03 13:50 - 2015-03-03 13:50 - 00000000 ____D () C:\Users\Levin\AppData\Local\PDFCreator 2015-03-03 13:50 - 2015-03-03 13:50 - 00000000 ____D () C:\ProgramData\PDF Architect 2 2015-03-03 13:49 - 2015-03-03 13:49 - 00114872 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2015-03-03 13:49 - 2015-03-03 13:49 - 00000000 ____D () C:\Users\Levin\AppData\Roaming\pdfforge 2015-03-03 13:49 - 2015-03-03 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-03-03 13:45 - 2015-03-03 13:46 - 27721680 _____ (pdfforge ) C:\Users\Levin\Downloads\PDFCreator-2_0_2-setup.exe 2015-02-25 13:44 - 2015-02-25 13:44 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-02-25 13:44 - 2015-02-25 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-02-25 13:42 - 2015-02-25 13:44 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-25 13:42 - 2015-02-25 13:44 - 00000000 ____D () C:\Program Files\iTunes 2015-02-25 04:01 - 2015-01-08 18:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 04:01 - 2015-01-08 18:43 - 00419936 _____ () C:\Windows\system32\locale.nls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-27 17:23 - 2014-12-21 19:51 - 00339024 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-27 17:13 - 2014-12-17 13:33 - 01114562 _____ () C:\Windows\WindowsUpdate.log 2015-03-27 17:12 - 2014-11-05 13:27 - 00000000 ___RD () C:\Users\Levin\iCloudDrive 2015-03-27 16:56 - 2014-12-17 20:29 - 00088312 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2015-03-27 16:56 - 2014-12-17 13:33 - 00088312 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT 2015-03-27 16:56 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-03-27 16:44 - 2009-07-14 00:13 - 00006462 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-27 16:29 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-27 16:29 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-27 16:27 - 2015-02-03 14:01 - 00088312 _____ () C:\Users\Levin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-27 16:26 - 2012-10-19 19:40 - 00000000 ____D () C:\ProgramData\LogMeIn 2015-03-27 16:26 - 2012-10-19 19:39 - 00000000 ____D () C:\Program Files (x86)\LogMeIn 2015-03-27 16:21 - 2009-07-14 00:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-27 16:21 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-27 15:48 - 2014-08-29 18:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-27 15:43 - 2014-08-29 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-27 15:43 - 2014-08-29 18:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-27 15:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-27 15:29 - 2014-01-28 21:21 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk 2015-03-27 15:29 - 2014-01-28 21:21 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk 2015-03-27 14:55 - 2010-10-23 12:16 - 00000000 ____D () C:\Users\Levin 2015-03-27 14:53 - 2014-04-18 09:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2015-03-27 14:53 - 2010-10-23 15:02 - 00000000 ____D () C:\Users\Levin\AppData\Local\Lacerte 2015-03-27 14:53 - 2010-09-16 21:41 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-03-27 14:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration 2015-03-27 14:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-03-27 14:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-03-27 08:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv 2015-03-27 08:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\inetsrv 2015-03-26 20:33 - 2012-06-06 19:47 - 00000000 ____D () C:\Users\Levin\Documents\Outlook Files 2015-03-26 02:18 - 2012-04-09 18:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-25 19:48 - 2010-12-05 21:38 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDF7A165-D1AE-488A-9423-9F3401AC2F54} 2015-03-25 19:33 - 2014-11-10 16:11 - 00000000 ____D () C:\Users\Levin\Desktop\Greenview 2015-03-25 16:48 - 2014-08-22 09:36 - 00000000 ____D () C:\Users\Levin\AppData\Local\Adobe 2015-03-25 16:47 - 2012-04-09 18:29 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-25 16:47 - 2012-04-09 18:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-25 16:47 - 2011-05-18 08:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-21 07:57 - 2014-12-17 20:49 - 00001573 _____ () C:\Users\Public\Desktop\2014 Lacerte Tax.LNK 2015-03-17 12:05 - 2013-01-13 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2015-03-17 12:03 - 2010-10-23 13:45 - 00000000 ____D () C:\Users\Levin\AppData\Local\Google 2015-03-17 12:02 - 2010-10-23 13:45 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-14 16:12 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-03-14 16:12 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2015-03-12 03:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 03:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 03:37 - 2010-10-23 14:08 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-12 03:36 - 2009-07-13 21:34 - 00000545 _____ () C:\Windows\win.ini 2015-03-12 03:21 - 2013-07-12 03:00 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-12 03:09 - 2010-10-23 16:02 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-07 08:51 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system 2015-03-07 08:29 - 2014-08-29 18:37 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-04 04:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing 2015-03-03 14:11 - 2014-01-24 08:53 - 00000000 ____D () C:\Program Files\PDFCreator 2015-03-03 09:00 - 2014-12-17 20:36 - 00001924 _____ () C:\Users\Public\Desktop\Lacerte DMS.lnk 2015-03-03 08:17 - 2010-10-23 13:23 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-02-25 18:51 - 2012-10-19 19:40 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak 2015-02-25 18:51 - 2012-10-19 19:40 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll 2015-02-25 18:51 - 2012-10-19 19:40 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll 2015-02-25 18:51 - 2012-10-19 19:40 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll 2015-02-25 13:42 - 2011-09-08 21:28 - 00000000 ____D () C:\Program Files\iPod 2015-02-25 13:42 - 2011-09-08 21:28 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-02-25 13:42 - 2010-10-23 14:33 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-02-25 04:23 - 2013-08-29 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection ==================== Files in the root of some directories ======= 2010-11-17 23:00 - 2010-12-21 15:01 - 1984000 ____N () C:\Program Files (x86)\Common Files\clientmgmt.dll 2010-11-17 23:00 - 2010-12-20 18:21 - 0002177 ____N () C:\Program Files (x86)\Common Files\default_404.html 2013-01-13 12:39 - 2013-01-13 12:41 - 0007168 ___SH () C:\Users\Levin\AppData\Roaming\Thumbs.db 2011-10-22 13:23 - 2011-10-22 13:23 - 0039320 _____ () C:\Users\Levin\AppData\Roaming\UserTile.png 2014-01-24 08:53 - 2015-01-06 16:10 - 0000238 _____ () C:\Users\Levin\AppData\Roaming\WB.CFG 2014-01-24 08:53 - 2014-01-24 08:53 - 0000005 _____ () C:\Users\Levin\AppData\Roaming\WBPU-TTL.DAT 2015-01-31 21:58 - 2015-01-31 21:58 - 0000064 _____ () C:\Users\Levin\AppData\Local\9f0364cf034ccb214842ee1b4e1c8616 2015-01-06 16:10 - 2015-01-06 16:10 - 0000001 _____ () C:\Users\Levin\AppData\Local\DSI.DAT 2015-01-06 16:10 - 2015-01-06 16:10 - 0022528 _____ () C:\Users\Levin\AppData\Local\dsisetup1811461922.exe 2010-10-23 15:44 - 2015-02-08 15:45 - 0012564 _____ () C:\ProgramData\hpzinstall.log 2015-01-31 21:56 - 2015-01-31 21:56 - 0001612 _____ () C:\ProgramData\tempimage.bmp Some content of TEMP: ==================== C:\Users\Levin\AppData\Local\Temp\Quarantine.exe C:\Users\Levin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-03 01:19 ==================== End Of Log ============================ FRST.txt
  23. Hi! I need lots of help!! I have Windows 7, and Norton Internet, but recently noticed that my Norton would not open, but I'm not sure how long that has been going on. So I looked up solutions, and it said I had to uninstall and reinstall. I uninstalled successfully, but when I went to reinstall, things starting getting wierd. A blue screen came on, and I had to remove the battery in order to restart. When I did so, I tried to reinstall Norton again, but the blue screen reappeared. que multiple restarts to try stuff... Then I tried starting Safe mode with networking so I could download some of those malware to remove the virus, or try and reinstall Norton, but now my internet says "no connections available". I tried starting in regular mode again, but it still says no internet available there too, though there should be plenty of connections I could use from my apartment area. What do I do?? Thanks in advance for your time and assistance!!
  24. I have a virus/malware on my laptop. PC Tech & Optimize Your PC have been installed/downloaded and TrendMicro did not catch it before they were installed. Here's what is happening: I have 3 tabs at the top of my google chrome the first one is Facebook then 2 Google tabs.The FB tab is working just fine, I can update FB, check status, etc. (which I think is weird) If I select tab #2 Google, google comes up, I then type in a webpage, it pulls up the page listing all the sites, when I click on the link I want this is when I get the error "THIS WEBPAGE IS NOT AVAILABLE" RELOAD OR MORE". When I select more I see Error code: ERR_CONNECTION_RESET. I was able to get to this forum by going to Malwarebytes Facebook page, someone then responded to my post and posted a link. Some how it let me select the link and I was able to setup an account and post to this forum. Someone then posted to my original post and they also had a link to "Available Assistance for Possibly Infected Computers" . when I tried to open that link I got the above error. So, I pulled it up on my ipad to get the instructions on what to do! How do I download malwarebytes onto my computer if I can't get a webpage to open so I can have access to download it? I have some computer knowledge but this kind of stuff is dumbfounding to me and makes me alittle nervous! Help! Aggravated! Thanks in advance!
  25. So I am helping out a friend who got some adware installed on his laptop and after running malwarebytes and quarantining the problems detected(which has always worked beatifully in the past) the web browsers no longer work and even steam can't connect to their login servers, however from the command prompt I still cna resolve hostnames and ping distant objects so we're connected but somethings wrong. I tried running a mobile browser from a flash drive(mobile firefox) but It wouldn't pull anything up either. I am attaching the log from the scan I did. Any help on this would be appreciated because i am clearly out of my depths. Thanks, Robert Log 1.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.