Jump to content

Recommended Posts

Hi!

I'm hoping that I (maybe) got rid of it?

I read several things here and ran:

JRT, ADW Cleaner then MBAM (I have those logs)

MBAM was quarantining what seemed like 50 - 100 at once. I would clear them and then the box would fill up again.

 

I noted in the quarantine file that many were located in the temp folders in various locations, so I deleted those.  There were only about 6 that would not delete.

 

The conduit search engine was still running in Chrome but I could not find it anywhere in Chromes Settings.

 

So, I then I started again today, I ran dds.com .  I'm wondering if the JRT logs and ADW, MBAM logs are outdated from yesterday since I cleared some stuff today?  I will post those in a reply. Should I re-run?

 

OK - Here goes 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16750  BrowserJavaVersion: 10.45.2
Run by Owner at 23:33:23 on 2014-01-27
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3835.1953 [GMT -6:00]
.
AV: Trend Micro Titanium Internet Security 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Internet Security 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Box Sync\BoxSyncHelper.exe
C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Glary Utilities\memdefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files\Box Sync\BoxSync.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [MusicManager] "C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [skyDrive] "C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [Glary Memory Optimizer] "C:\Program Files (x86)\Glary Utilities\memdefrag.exe" /autostart
uRun: [bDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
mRun: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
dRunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect"
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOXSYN~1.LNK - C:\Program Files\Box Sync\BoxSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files\MozyHome\mozystat.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258} : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\34C6561627023507F64702466336 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\3586562727972E0899370296D41636 : DHCPNameServer = 10.0.2.1
TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\452554E444E65647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\84F4D454D254542423 : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\D416D656474756D27657563747 : DHCPNameServer = 192.168.3.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
AppInit_DLLs= c:\progra~2\gsb779~1.ena
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator-cbfs4 - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\SysWOW64\cbfsMntNtf4.dll
STS: Virtual Storage Mount Notification - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\SysWOW64\cbfsMntNtf4.dll
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: YoutubeAdblocker: {E9F2720A-EB2C-8BC7-D724-EDCB5426CE19} - 
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [boxSyncHelper] "C:\Program Files\Box Sync\BoxSyncHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator-cbfs4 - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\System32\cbfsMntNtf4.dll
x64-STS: Virtual Storage Mount Notification - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\System32\cbfsMntNtf4.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R1 cbfs4;cbfs4;C:\Windows\System32\drivers\cbfs4.sys [2013-12-29 387776]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2009-9-8 87600]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-2-26 83704]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-7-22 321064]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-11-19 25928]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-7-22 1084448]
S3 acsock;acsock;C:\Windows\System32\drivers\acsock64.sys [2013-7-19 112080]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [2013-12-15 276256]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-6-11 22016]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2012-6-8 27136]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-22 239136]
.
=============== Created Last 30 ================
.
2014-01-27 12:37:05 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-01-26 23:10:28 -------- d-----w- C:\zoek_backup
2014-01-26 20:00:15 -------- d-----w- C:\AdwCleaner
2014-01-26 19:44:41 -------- d-----w- C:\Windows\ERUNT
2014-01-21 16:48:38 -------- d-----w- C:\Program Files\ART-Backup
2014-01-21 12:09:09 238128 ----a-w- C:\Windows\RegBootClean64.exe
2014-01-21 11:49:23 -------- d-----w- C:\ProgramData\House Of Soft
2014-01-21 11:49:15 4229120 ----a-w- C:\Program Files (x86)\GS_x64.Enabler
2014-01-21 11:49:15 183632 ----a-w- C:\Program Files (x86)\GSSvc.dll
2014-01-21 11:48:37 -------- d-----w- C:\Users\Owner\AppData\Local\Packages
2014-01-21 11:48:30 -------- d-----w- C:\Users\Owner\AppData\Local\Comodo
2014-01-21 11:48:30 -------- d-----w- C:\ProgramData\17c7f4c59dc60633
2014-01-19 19:34:06 -------- d-----w- C:\Users\Owner\AppData\Roaming\DropboxMaster
2014-01-15 03:52:09 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 03:52:09 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 03:52:09 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 03:52:09 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 03:52:09 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 03:52:09 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 03:52:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 03:52:07 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-15 03:52:05 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2014-01-04 04:18:59 -------- d-----w- C:\Users\Owner\AppData\Local\Cisco
2014-01-04 04:18:59 -------- d-----w- C:\ProgramData\Cisco
2014-01-04 04:18:59 -------- d-----w- C:\Program Files (x86)\Cisco
2013-12-29 20:39:07 182568 ----a-w- C:\Windows\System32\cbfsMntNtf4.dll
2013-12-29 20:39:07 156456 ----a-w- C:\Windows\SysWow64\cbfsMntNtf4.dll
2013-12-29 20:39:06 218408 ----a-w- C:\Windows\SysWow64\cbfsNetRdr4.dll
2013-12-29 20:39:06 120104 ----a-w- C:\Windows\System32\cbfsNetRdr4.dll
2013-12-29 20:39:05 387776 ----a-w- C:\Windows\System32\drivers\cbfs4.sys
2013-12-29 20:37:17 9000 ----a-w- C:\Windows\System32\elevtmsg.dll
2013-12-29 20:37:16 18624 ----a-w- C:\Windows\System32\drivers\vpnpbus.sys
.
==================== Find3M  ====================
.
2013-12-16 00:07:01 276256 ----a-w- C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys
2013-12-11 06:58:23 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 06:58:23 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-24 01:24:56 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-11-24 01:24:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 23:34:57.68 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 10/15/2010 3:01:10 PM
System Uptime: 1/27/2014 11:02:58 PM (0 hours ago)
.
Motherboard: Gateway          |  | NV53A           
Processor: AMD Turion II P540 Dual-Core Processor | Socket S1G4 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 316.011 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
RP199: 1/12/2014 3:33:10 PM - Windows Update
RP200: 1/15/2014 7:02:04 PM - Windows Update
RP201: 1/19/2014 7:00:21 PM - Windows Update
RP202: 1/20/2014 10:36:26 PM - Windows Update
RP203: 1/21/2014 6:57:29 AM - Installed Evernote v. 5.0.3
RP204: 1/21/2014 9:58:08 AM - Installed Evernote v. 5.1.1
RP206: 1/22/2014 8:09:50 PM - Installed MozyHome
RP207: 1/26/2014 5:17:28 PM - zoek.exe restore point
RP208: 1/26/2014 7:00:24 PM - Windows Update
RP209: 1/26/2014 11:59:51 PM - Windows Update
RP210: 1/27/2014 11:13:21 PM - Windows Update
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader 9.5.5 MUI
Advertising Center
AMD USB Filter Driver
Apple Application Support
ASAP Utilities
ASUS WebStorage Sync
ATI Catalyst Install Manager
Auslogics BoostSpeed
Auslogics Disk Defrag
Backup Manager Basic
Best Buy pc app
Box Sync (64 bit)
calibre
Catalina Savings Printer
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client 
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Coupon Printer for Windows
CyberLink PowerDVD 12
Dropbox
Evernote v. 5.0.3
Gateway InfoCentre
Gateway MyBackup
Gateway Power Management
Gateway Recovery Management
Gateway Registration
Gateway Updater
Glary Utilities 2.56.0.1822
Google Apps Migration For Microsoft Outlook® 2.3.14.36
Google Apps Sync™ for Microsoft Outlook® 3.5.365.980
Google Chrome
Google Drive
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Google+ Auto Backup
GoToMeeting 5.1.0.873
GS.Enabler
GS.Supporter 1.80
HD Video Converter Factory Pro
HP Deskjet 3520 series Basic Device Software
HP Deskjet 3520 series Setup Guide
HP Update
Identity Card
ImagXpress
iSEEK AnswerWorks English Runtime
Java 7 Update 45
Java Auto Updater
JavaFX 2.1.1
Juniper Networks Host Checker
Juniper Networks Network Connect 7.0.0
Juniper Networks Setup Client
Juniper Terminal Services Client
Junk Mail filter update
Launch Manager
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 365 Home Premium - en-us
Microsoft Office File Validation Add-In
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
MotoCast
MotoHelper MergeModules
Motorola Device Manager
Motorola Device Software Update
MOTOROLA MEDIA LINK
Motorola Mobile Drivers Installation 5.9.0
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MozyHome
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
Music Manager
my makeup makeover v2.4 update
Nero 9 Essentials
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
NFO Reader version 1.0
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
ooVoo
PDF Settings CS6
Picasa 3
PlayReady PC Runtime x86
Quicken 2011
Quicken WillMaker Plus 2011
QuickTime
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Remote Drive 2.0.0.232
Revo Uninstaller 1.94
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Shutterfly Express Uploader
Skype™ 5.10
Stash
Storia
swMSM
Synaptics Pointing Device Driver
The Imagination Station (remove only)
Trend Micro Titanium
Trend Micro Titanium Internet Security 2012
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Video Web Camera
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinRAR archiver
WinX DVD Copy Pro 3.5.0
WinX DVD Ripper 5.5.14
WinX DVD Ripper Platinum 7.3.2
WinX HD Video Converter Deluxe 4.2.1
.
==== Event Viewer Messages From Past Week ========
.
1/27/2014 6:50:36 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.
1/27/2014 6:50:06 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
1/27/2014 6:49:35 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
1/27/2014 6:49:05 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Amsp service.
1/27/2014 6:48:35 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
1/27/2014 6:37:19 AM, Error: Service Control Manager [7034]  - The CLHNServiceForPowerDVD12 service terminated unexpectedly.  It has done this 1 time(s).
1/27/2014 6:37:19 AM, Error: Service Control Manager [7034]  - The AMD External Events Utility service terminated unexpectedly.  It has done this 1 time(s).
1/27/2014 6:37:19 AM, Error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/27/2014 6:37:19 AM, Error: Service Control Manager [7031]  - The PST Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.
1/27/2014 6:37:19 AM, Error: Service Control Manager [7031]  - The MozyHome Backup Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
1/27/2014 6:37:19 AM, Error: Service Control Manager [7031]  - The Cisco AnyConnect Secure Mobility Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
1/27/2014 6:37:18 AM, Error: Service Control Manager [7034]  - The CyberLink PowerDVD 12 Media Server Monitor Service service terminated unexpectedly.  It has done this 1 time(s).
1/27/2014 6:37:18 AM, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/27/2014 6:37:09 AM, Error: Service Control Manager [7030]  - The HOSTS Anti-PUPs service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
1/27/2014 11:22:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
1/27/2014 11:10:00 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
1/27/2014 11:04:07 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.
1/27/2014 11:04:07 PM, Error: Service Control Manager [7000]  - The HOSTS Anti-PUPs service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/27/2014 10:56:18 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer JERRY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7435787B-D650-491A-A386-912BED018258}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
 
 
Link to post
Share on other sites

  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

I was getting all excited after seeing the below logs but then, darn it, the second tab in Chrome popped up again with the conduit search thingy.  Running MBAM now but will wait until I hear back, unless something pops up under MBAM, then I'll post that too, so you will have current information.  After that, I wont run anything else, because I don't know what else to do....lol

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Mon 01/27/2014 at 23:53:24.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/28/2014 at  0:05:09.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

 

# AdwCleaner v3.017 - Report created 28/01/2014 at 00:08:00
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - MIKKI-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16750
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
-\\ Google Chrome v
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
Link to post
Share on other sites

Hi and Welcome!!   
 
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 
Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 

weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Could you also post the logs made by Malwarebytes and AdwCleaner?   :)

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Thank you!

 

Here is MBAM:

 

alwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.26.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Owner :: MIKKI-PC [administrator]
 
Protection: Enabled
 
1/26/2014 2:23:30 PM
mbam-log-2014-01-26 (14-23-30).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 406441
Time elapsed: 1 hour(s), 41 minute(s), 3 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 45
C:\$Recycle.Bin\S-1-5-21-2681166796-2007918134-1661358387-1000\$R27JVM7.exe (PUP.Optional.InstallMonetizer) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2681166796-2007918134-1661358387-1000\$R3CJKTE.exe (PUP.Optional.Installrex) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2681166796-2007918134-1661358387-1000\$RHFEVKY.exe (PUP.Optional.Installrex) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New_1.1\WhiteSmoke_New_1.1ToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\GrtSCouponApp\AdMRxpC52.exe.vir (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\chLogic.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\ctbe.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\ffLogic.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\ieLogic.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\spch.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\spff.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\statisticsStub.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Temp\CT3316750\stub.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9L3QYT16\SPIdentifierImpl[1].exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9L3QYT16\sprotector_x86_x64[1].exe (Trojan.SProtector) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9L3QYT16\WhiteSmoke_New_1.1[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ATP702SZ\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ATP702SZ\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGBNRPPE\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGBNRPPE\whitesmoke_new_1.1[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7QOL27J\Bundle[1].exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7QOL27J\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7QOL27J\WhiteSmoke_New_1_1[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nshFB81.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsm6345.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsuE46.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsx51C8.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsx6683.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsxCC09.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsxF3A2.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\setup.exe (PUP.Optional.InstallMonetizer) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\setup__3813.exe (PUP.Optional.InstallMonetizer) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\AU\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nslED5D.tmp\SPtool.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\{743AAEAB-450E-4938-ABD3-0D2CAFD98C5D}\Addons\Bundle.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Owner\SkyDrive\How to Talk So Kids Will Listen and Listen So Kids Will Talk pdf.exe (PUP.Optional.Installrex) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsc71A9.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsh4BB3.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsmECB4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsx6B35.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
 
(end)
 
 
# AdwCleaner v3.017 - Report created 26/01/2014 at 14:02:20
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - MIKKI-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner - Copy.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\greatsaoveri
Folder Deleted : C:\ProgramData\GrtSCouponApp
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\SNT
Folder Deleted : C:\Program Files (x86)\greatsaoveri
Folder Deleted : C:\Program Files (x86)\GrtSCouponApp
Folder Deleted : C:\Program Files (x86)\WhiteSmoke_New_1.1
Folder Deleted : C:\Windows\SysWOW64\Searchprotect
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Owner\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\CT3316750
Folder Deleted : C:\Users\Owner\AppData\LocalLow\WhiteSmoke_New_1.1
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\CT3316750
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\Extensions\{6825e695-047b-460f-afb3-1b23fa2f3601}
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6825E695-047B-460F-AFB3-1B23FA2F3601}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA90D93F-7835-49D9-82E7-9DDB92EE4C2F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6825E695-047B-460F-AFB3-1B23FA2F3601}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AA90D93F-7835-49D9-82E7-9DDB92EE4C2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D94A5D6-A0C9-4E7D-8888-5852E0952782}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4908B21-3522-4885-A2AC-8E60B6839EEE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6825E695-047B-460F-AFB3-1B23FA2F3601}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6825E695-047B-460F-AFB3-1B23FA2F3601}]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_New_1.1
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\Software\WhiteSmoke_New_1.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7C5EA94-B96A-41F5-BE95-25D78B486678}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater
Key Deleted : [x64] HKLM\SOFTWARE\wnlt
Key Deleted : HKLM\Software\Classes\Installer\Features\49AE5C7BA69B5F14EB59527DB8846687
Key Deleted : HKLM\Software\Classes\Installer\Products\49AE5C7BA69B5F14EB59527DB8846687
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16750
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
-\\ Google Chrome v
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [5629 octets] - [26/01/2014 14:00:20]
AdwCleaner[s0].txt - [5067 octets] - [26/01/2014 14:02:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5127 octets] ##########
 
 
Okie Dokie, going to go run the one you just told me to do right now. :-)
Link to post
Share on other sites

Here is this one.  PS - While I'm thinking about it, I have it on my work laptop too.  Would I start a new thread, and would you by chance be willing to help me dig out of that one too?  Thank you for helping me by the way!!

 

20:36:37.0729 0x2ea0  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
20:36:44.0581 0x2ea0  ============================================================
20:36:44.0581 0x2ea0  Current date / time: 2014/02/05 20:36:44.0581
20:36:44.0581 0x2ea0  SystemInfo:
20:36:44.0581 0x2ea0  
20:36:44.0581 0x2ea0  OS Version: 6.1.7601 ServicePack: 1.0
20:36:44.0581 0x2ea0  Product type: Workstation
20:36:44.0581 0x2ea0  ComputerName: MIKKI-PC
20:36:44.0582 0x2ea0  UserName: Owner
20:36:44.0582 0x2ea0  Windows directory: C:\Windows
20:36:44.0582 0x2ea0  System windows directory: C:\Windows
20:36:44.0582 0x2ea0  Running under WOW64
20:36:44.0582 0x2ea0  Processor architecture: Intel x64
20:36:44.0582 0x2ea0  Number of processors: 2
20:36:44.0582 0x2ea0  Page size: 0x1000
20:36:44.0582 0x2ea0  Boot type: Normal boot
20:36:44.0582 0x2ea0  ============================================================
20:36:47.0656 0x2ea0  KLMD registered as C:\Windows\system32\drivers\41647980.sys
20:36:48.0038 0x2ea0  System UUID: {3194B493-D0DA-3137-C618-D67B72BF1CEC}
20:36:49.0309 0x2ea0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:36:49.0314 0x2ea0  ============================================================
20:36:49.0314 0x2ea0  \Device\Harddisk0\DR0:
20:36:49.0314 0x2ea0  MBR partitions:
20:36:49.0315 0x2ea0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
20:36:49.0315 0x2ea0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
20:36:49.0315 0x2ea0  ============================================================
20:36:49.0359 0x2ea0  C: <-> \Device\Harddisk0\DR0\Partition2
20:36:49.0360 0x2ea0  ============================================================
20:36:49.0360 0x2ea0  Initialize success
20:36:49.0360 0x2ea0  ============================================================
20:36:59.0654 0x2024  ============================================================
20:36:59.0655 0x2024  Scan started
20:36:59.0655 0x2024  Mode: Manual; 
20:36:59.0655 0x2024  ============================================================
20:36:59.0655 0x2024  KSN ping started
20:37:03.0214 0x2024  KSN ping finished: true
20:37:04.0343 0x2024  ================ Scan system memory ========================
20:37:04.0343 0x2024  System memory - ok
20:37:04.0344 0x2024  ================ Scan services =============================
20:37:04.0538 0x2024  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:37:04.0545 0x2024  1394ohci - ok
20:37:04.0617 0x2024  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 1a34a8e0        C:\Windows\system32\rundll32.exe
20:37:04.0658 0x2024  1a34a8e0 - ok
20:37:04.0709 0x2024  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:37:04.0721 0x2024  ACPI - ok
20:37:04.0772 0x2024  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:37:04.0774 0x2024  AcpiPmi - ok
20:37:04.0830 0x2024  [ 5AE65DCD983077278A6173C2872BCA99, 81C4DE30A3C20338761D04121773C7B4BB88F8A0AF82F55B8EBF3C84194AD9B6 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
20:37:04.0835 0x2024  acsock - ok
20:37:04.0921 0x2024  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:37:04.0959 0x2024  AdobeARMservice - ok
20:37:05.0092 0x2024  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:37:05.0140 0x2024  AdobeFlashPlayerUpdateSvc - ok
20:37:05.0185 0x2024  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:37:05.0204 0x2024  adp94xx - ok
20:37:05.0248 0x2024  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:37:05.0259 0x2024  adpahci - ok
20:37:05.0269 0x2024  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:37:05.0276 0x2024  adpu320 - ok
20:37:05.0317 0x2024  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:37:05.0320 0x2024  AeLookupSvc - ok
20:37:05.0392 0x2024  [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
20:37:05.0421 0x2024  Afc - ok
20:37:05.0476 0x2024  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
20:37:05.0495 0x2024  AFD - ok
20:37:05.0571 0x2024  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:37:05.0574 0x2024  agp440 - ok
20:37:05.0611 0x2024  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:37:05.0615 0x2024  ALG - ok
20:37:05.0643 0x2024  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:37:05.0645 0x2024  aliide - ok
20:37:05.0671 0x2024  [ D865F8ABFF031563E860D16A38BD5A35, 9C1A078B75303B4C6BE4FED54867C75B9BA6537FA7A60A0758B7DE8B1FE3BD83 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:37:05.0678 0x2024  AMD External Events Utility - ok
20:37:05.0693 0x2024  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:37:05.0696 0x2024  amdide - ok
20:37:05.0726 0x2024  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:37:05.0729 0x2024  AmdK8 - ok
20:37:05.0974 0x2024  [ 83418F6EE5A81DDDD8E248FCBFC99AF6, FDDF142CFB12F4644C87CA25096869DBBB7579F7CFBBCFC48A455EC1B75C5A52 ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
20:37:06.0222 0x2024  amdkmdag - ok
20:37:06.0265 0x2024  [ 7E58B5E1DEAA70BD46997068DF06B4E3, C81D45CCBAAFBEE87D0148E0678A764C632CAA54A33898A3B7F7CB39896E0E2C ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:37:06.0272 0x2024  amdkmdap - ok
20:37:06.0287 0x2024  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:37:06.0290 0x2024  AmdPPM - ok
20:37:06.0331 0x2024  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:37:06.0336 0x2024  amdsata - ok
20:37:06.0371 0x2024  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:37:06.0378 0x2024  amdsbs - ok
20:37:06.0416 0x2024  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:37:06.0418 0x2024  amdxata - ok
20:37:06.0551 0x2024  [ 1B7D1F0A0DFADBC797C16364792A7AA5, 0F56D0AE094BED2D0ACB8CD4C06264C429B0E08A0597744747C4D3DF77860BE2 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
20:37:06.0600 0x2024  Amsp - ok
20:37:06.0649 0x2024  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
20:37:06.0654 0x2024  AppID - ok
20:37:06.0708 0x2024  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:37:06.0710 0x2024  AppIDSvc - ok
20:37:06.0745 0x2024  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
20:37:06.0748 0x2024  Appinfo - ok
20:37:06.0787 0x2024  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:37:06.0791 0x2024  arc - ok
20:37:06.0798 0x2024  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:37:06.0802 0x2024  arcsas - ok
20:37:06.0822 0x2024  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:37:06.0825 0x2024  AsyncMac - ok
20:37:06.0861 0x2024  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:37:06.0863 0x2024  atapi - ok
20:37:06.0931 0x2024  [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:37:06.0988 0x2024  athr - ok
20:37:07.0026 0x2024  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
20:37:07.0029 0x2024  AtiPcie - ok
20:37:07.0085 0x2024  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:37:07.0119 0x2024  AudioEndpointBuilder - ok
20:37:07.0142 0x2024  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:37:07.0157 0x2024  AudioSrv - ok
20:37:07.0201 0x2024  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:37:07.0206 0x2024  AxInstSV - ok
20:37:07.0254 0x2024  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:37:07.0272 0x2024  b06bdrv - ok
20:37:07.0294 0x2024  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:37:07.0303 0x2024  b57nd60a - ok
20:37:07.0334 0x2024  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:37:07.0339 0x2024  BDESVC - ok
20:37:07.0352 0x2024  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:37:07.0354 0x2024  Beep - ok
20:37:07.0416 0x2024  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:37:07.0450 0x2024  BFE - ok
20:37:07.0521 0x2024  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:37:07.0567 0x2024  BITS - ok
20:37:07.0590 0x2024  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:37:07.0593 0x2024  blbdrive - ok
20:37:07.0642 0x2024  [ 85E239DE26774AFD66A6305BC7C39662, 906ED79FE2EA4925E777D55D7FE83134267A850132FE92F85F9E85312C997DC9 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
20:37:07.0644 0x2024  BootDefragDriver - ok
20:37:07.0678 0x2024  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:37:07.0682 0x2024  bowser - ok
20:37:07.0715 0x2024  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:37:07.0717 0x2024  BrFiltLo - ok
20:37:07.0722 0x2024  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:37:07.0724 0x2024  BrFiltUp - ok
20:37:07.0809 0x2024  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:37:07.0814 0x2024  Browser - ok
20:37:07.0826 0x2024  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:37:07.0835 0x2024  Brserid - ok
20:37:07.0851 0x2024  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:37:07.0854 0x2024  BrSerWdm - ok
20:37:07.0859 0x2024  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:37:07.0861 0x2024  BrUsbMdm - ok
20:37:07.0867 0x2024  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:37:07.0869 0x2024  BrUsbSer - ok
20:37:07.0905 0x2024  [ FF7C57973EEAD140062238C5A0B7D455, 71055CAA7A7072F88E9218F2DCBD3122FAB3DFEE042F8D4D0D90AAC922C736E2 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
20:37:07.0941 0x2024  BTCFilterService - ok
20:37:07.0949 0x2024  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:37:07.0952 0x2024  BTHMODEM - ok
20:37:07.0986 0x2024  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:37:07.0990 0x2024  bthserv - ok
20:37:08.0038 0x2024  [ 6C1506E58A2A0F1FC6756D322C576C5F, FBAE9597A594956AD6677DB0FB7FC2483DA6450E66BEB9B2D2D4F2C1373B7AA8 ] cbfs4           C:\Windows\system32\drivers\cbfs4.sys
20:37:08.0049 0x2024  cbfs4 - ok
20:37:08.0068 0x2024  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:37:08.0072 0x2024  cdfs - ok
20:37:08.0114 0x2024  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:37:08.0120 0x2024  cdrom - ok
20:37:08.0153 0x2024  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:37:08.0156 0x2024  CertPropSvc - ok
20:37:08.0177 0x2024  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:37:08.0180 0x2024  circlass - ok
20:37:08.0219 0x2024  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:37:08.0230 0x2024  CLFS - ok
20:37:08.0406 0x2024  [ 525A4F2E6ED045A51CDA4DCD3A24C69F, F3A2C4E8D876A6AFAF7FB7F9B3221657595F7B161FC6BF1D3905C355A6F2C318 ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
20:37:08.0934 0x2024  CLHNServiceForPowerDVD12 - ok
20:37:09.0005 0x2024  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:09.0021 0x2024  clr_optimization_v2.0.50727_32 - ok
20:37:09.0081 0x2024  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:37:09.0085 0x2024  clr_optimization_v2.0.50727_64 - ok
20:37:09.0149 0x2024  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:37:09.0155 0x2024  clr_optimization_v4.0.30319_32 - ok
20:37:09.0190 0x2024  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:37:09.0195 0x2024  clr_optimization_v4.0.30319_64 - ok
20:37:09.0222 0x2024  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:37:09.0224 0x2024  CmBatt - ok
20:37:09.0257 0x2024  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:37:09.0259 0x2024  cmdide - ok
20:37:09.0310 0x2024  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:37:09.0329 0x2024  CNG - ok
20:37:09.0346 0x2024  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:37:09.0348 0x2024  Compbatt - ok
20:37:09.0381 0x2024  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:37:09.0384 0x2024  CompositeBus - ok
20:37:09.0389 0x2024  COMSysApp - ok
20:37:09.0409 0x2024  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:37:09.0411 0x2024  crcdisk - ok
20:37:09.0461 0x2024  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:37:09.0467 0x2024  CryptSvc - ok
20:37:09.0515 0x2024  [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
20:37:09.0551 0x2024  ctxusbm - ok
20:37:09.0596 0x2024  [ 937337437A28D96DD107ABEEFEA4574F, 18C1185336595551FABA75E1034AF45170F8405BA621E85C38CD9BC4A0D97DF7 ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
20:37:09.0635 0x2024  CyberLink PowerDVD 12 Media Server Monitor Service - ok
20:37:09.0692 0x2024  [ 9DBAD535C952276D780FF20D66A5A1C9, E475BB631DCACAF8759E5456A41AA59B9BC6FAB61438E8494EBCB8AB1C755FE7 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
20:37:09.0746 0x2024  CyberLink PowerDVD 12 Media Server Service - ok
20:37:09.0809 0x2024  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:37:09.0831 0x2024  DcomLaunch - ok
20:37:09.0875 0x2024  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:37:09.0885 0x2024  defragsvc - ok
20:37:09.0954 0x2024  [ 59D90B6A7FBC4CC712DD7C5868618480, ED7D7052D50B346CD1624D05ADDC33E030008D7EEE3AEDBA267F583BE51D859B ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
20:37:10.0008 0x2024  DeviceMonitorService - ok
20:37:10.0042 0x2024  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:37:10.0046 0x2024  DfsC - ok
20:37:10.0073 0x2024  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:37:10.0083 0x2024  Dhcp - ok
20:37:10.0142 0x2024  [ 79B9D7643C9E3AD10B89DF8EF0A9D2FE, 204104896F26591B5BCAD017F66D266C1AC337FB76E70ACF5470B61B2BB7C92D ] DigiartyVirtualCDBus C:\Windows\system32\drivers\DigiartyVirtualCDBus.sys
20:37:10.0195 0x2024  DigiartyVirtualCDBus - ok
20:37:10.0221 0x2024  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:37:10.0223 0x2024  discache - ok
20:37:10.0233 0x2024  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:37:10.0237 0x2024  Disk - ok
20:37:10.0286 0x2024  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:37:10.0292 0x2024  Dnscache - ok
20:37:10.0345 0x2024  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:37:10.0353 0x2024  dot3svc - ok
20:37:10.0394 0x2024  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:37:10.0400 0x2024  DPS - ok
20:37:10.0451 0x2024  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:37:10.0453 0x2024  drmkaud - ok
20:37:10.0546 0x2024  [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:37:10.0637 0x2024  DsiWMIService - ok
20:37:10.0672 0x2024  [ 3EEF0B3489EDBF725564E17C77CABAFD, 991765159A07F159FA1D78632C1EABE9E3ACE02B06A41B2F47C80E89817041E3 ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
20:37:10.0675 0x2024  dsNcAdpt - ok
20:37:10.0731 0x2024  [ 5538EED60DC1BC13E9E534D067CC0F40, 2E4A400502B05F3CD6210BE32A0DE7D8B2566D7BCC449773F814BC770C4AF6AA ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
20:37:10.0812 0x2024  dsNcService - ok
20:37:10.0890 0x2024  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:37:10.0935 0x2024  DXGKrnl - ok
20:37:10.0960 0x2024  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:37:10.0965 0x2024  EapHost - ok
20:37:11.0108 0x2024  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:37:11.0243 0x2024  ebdrv - ok
20:37:11.0289 0x2024  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
20:37:11.0292 0x2024  EFS - ok
20:37:11.0379 0x2024  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:37:11.0436 0x2024  ehRecvr - ok
20:37:11.0474 0x2024  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:37:11.0479 0x2024  ehSched - ok
20:37:11.0530 0x2024  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:37:11.0563 0x2024  elxstor - ok
20:37:11.0721 0x2024  [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc       C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
20:37:11.0818 0x2024  ePowerSvc - ok
20:37:11.0857 0x2024  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:37:11.0859 0x2024  ErrDev - ok
20:37:11.0923 0x2024  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:37:11.0941 0x2024  EventSystem - ok
20:37:11.0976 0x2024  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:37:11.0982 0x2024  exfat - ok
20:37:12.0009 0x2024  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:37:12.0016 0x2024  fastfat - ok
20:37:12.0081 0x2024  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:37:12.0115 0x2024  Fax - ok
20:37:12.0139 0x2024  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:37:12.0142 0x2024  fdc - ok
20:37:12.0178 0x2024  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:37:12.0180 0x2024  fdPHost - ok
20:37:12.0192 0x2024  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:37:12.0195 0x2024  FDResPub - ok
20:37:12.0210 0x2024  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:37:12.0214 0x2024  FileInfo - ok
20:37:12.0225 0x2024  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:37:12.0227 0x2024  Filetrace - ok
20:37:12.0233 0x2024  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:37:12.0236 0x2024  flpydisk - ok
20:37:12.0300 0x2024  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:37:12.0309 0x2024  FltMgr - ok
20:37:12.0425 0x2024  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
20:37:12.0471 0x2024  FontCache - ok
20:37:12.0522 0x2024  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:37:12.0525 0x2024  FontCache3.0.0.0 - ok
20:37:12.0566 0x2024  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:37:12.0569 0x2024  FsDepends - ok
20:37:12.0597 0x2024  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:37:12.0599 0x2024  Fs_Rec - ok
20:37:12.0634 0x2024  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:37:12.0641 0x2024  fvevol - ok
20:37:12.0657 0x2024  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:37:12.0660 0x2024  gagp30kx - ok
20:37:12.0728 0x2024  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:37:12.0762 0x2024  gpsvc - ok
20:37:12.0833 0x2024  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
20:37:12.0861 0x2024  GREGService - ok
20:37:12.0941 0x2024  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:37:12.0945 0x2024  gupdate - ok
20:37:12.0952 0x2024  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:37:12.0956 0x2024  gupdatem - ok
20:37:12.0987 0x2024  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:37:13.0038 0x2024  gusvc - ok
20:37:13.0059 0x2024  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:37:13.0062 0x2024  hcw85cir - ok
20:37:13.0108 0x2024  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:37:13.0119 0x2024  HdAudAddService - ok
20:37:13.0145 0x2024  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:37:13.0149 0x2024  HDAudBus - ok
20:37:13.0163 0x2024  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:37:13.0165 0x2024  HidBatt - ok
20:37:13.0172 0x2024  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:37:13.0177 0x2024  HidBth - ok
20:37:13.0183 0x2024  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:37:13.0186 0x2024  HidIr - ok
20:37:13.0223 0x2024  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:37:13.0226 0x2024  hidserv - ok
20:37:13.0267 0x2024  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:37:13.0269 0x2024  HidUsb - ok
20:37:13.0308 0x2024  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:37:13.0312 0x2024  hkmsvc - ok
20:37:13.0351 0x2024  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:37:13.0360 0x2024  HomeGroupListener - ok
20:37:13.0407 0x2024  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:37:13.0414 0x2024  HomeGroupProvider - ok
20:37:13.0463 0x2024  HOSTS Anti-PUPs - ok
20:37:13.0512 0x2024  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:37:13.0516 0x2024  HpSAMD - ok
20:37:13.0574 0x2024  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:37:13.0608 0x2024  HTTP - ok
20:37:13.0665 0x2024  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:37:13.0667 0x2024  hwpolicy - ok
20:37:13.0705 0x2024  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:37:13.0710 0x2024  i8042prt - ok
20:37:13.0758 0x2024  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:37:13.0771 0x2024  iaStorV - ok
20:37:13.0858 0x2024  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:37:13.0903 0x2024  idsvc - ok
20:37:13.0938 0x2024  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:37:13.0941 0x2024  iirsp - ok
20:37:14.0010 0x2024  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:37:14.0044 0x2024  IKEEXT - ok
20:37:14.0160 0x2024  [ FEADC18677A85A123E95A9B976101120, 3198981BBC0FFDD706F7B14AAAAE076449D74B4EEA308C58CB354E7FFF89FAD7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:37:14.0358 0x2024  IntcAzAudAddService - ok
20:37:14.0381 0x2024  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:37:14.0383 0x2024  intelide - ok
20:37:14.0419 0x2024  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:37:14.0422 0x2024  intelppm - ok
20:37:14.0454 0x2024  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:37:14.0480 0x2024  IPBusEnum - ok
20:37:14.0518 0x2024  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:37:14.0522 0x2024  IpFilterDriver - ok
20:37:14.0585 0x2024  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:37:14.0617 0x2024  iphlpsvc - ok
20:37:14.0669 0x2024  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:37:14.0673 0x2024  IPMIDRV - ok
20:37:14.0702 0x2024  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:37:14.0707 0x2024  IPNAT - ok
20:37:14.0725 0x2024  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:37:14.0745 0x2024  IRENUM - ok
20:37:14.0763 0x2024  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:37:14.0765 0x2024  isapnp - ok
20:37:14.0913 0x2024  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:37:14.0951 0x2024  iScsiPrt - ok
20:37:15.0205 0x2024  [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
20:37:15.0215 0x2024  k57nd60a - ok
20:37:15.0252 0x2024  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:37:15.0255 0x2024  kbdclass - ok
20:37:15.0298 0x2024  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:37:15.0300 0x2024  kbdhid - ok
20:37:15.0312 0x2024  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
20:37:15.0314 0x2024  KeyIso - ok
20:37:15.0354 0x2024  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:37:15.0358 0x2024  KSecDD - ok
20:37:15.0380 0x2024  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:37:15.0386 0x2024  KSecPkg - ok
20:37:15.0415 0x2024  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:37:15.0418 0x2024  ksthunk - ok
20:37:15.0464 0x2024  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:37:15.0476 0x2024  KtmRm - ok
20:37:15.0536 0x2024  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:37:15.0545 0x2024  LanmanServer - ok
20:37:15.0584 0x2024  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:37:15.0590 0x2024  LanmanWorkstation - ok
20:37:15.0607 0x2024  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:37:15.0610 0x2024  lltdio - ok
20:37:15.0643 0x2024  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:37:15.0653 0x2024  lltdsvc - ok
20:37:15.0680 0x2024  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:37:15.0682 0x2024  lmhosts - ok
20:37:15.0717 0x2024  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:37:15.0721 0x2024  LSI_FC - ok
20:37:15.0729 0x2024  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:37:15.0733 0x2024  LSI_SAS - ok
20:37:15.0740 0x2024  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:37:15.0745 0x2024  LSI_SAS2 - ok
20:37:15.0752 0x2024  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:37:15.0759 0x2024  LSI_SCSI - ok
20:37:15.0777 0x2024  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:37:15.0781 0x2024  luafv - ok
20:37:15.0827 0x2024  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:37:15.0829 0x2024  MBAMProtector - ok
20:37:15.0904 0x2024  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:37:16.0017 0x2024  MBAMScheduler - ok
20:37:16.0064 0x2024  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:37:16.0142 0x2024  MBAMService - ok
20:37:16.0178 0x2024  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:37:16.0183 0x2024  Mcx2Svc - ok
20:37:16.0195 0x2024  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:37:16.0198 0x2024  megasas - ok
20:37:16.0232 0x2024  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:37:16.0241 0x2024  MegaSR - ok
20:37:16.0276 0x2024  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:37:16.0280 0x2024  MMCSS - ok
20:37:16.0286 0x2024  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:37:16.0289 0x2024  Modem - ok
20:37:16.0303 0x2024  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:37:16.0306 0x2024  monitor - ok
20:37:16.0341 0x2024  [ D69F1E9A944A5F46A494AF901ED41118, 162F7EFA30BF687585A2F4CB612CFAA24F5B7B8BEAF1A9FB9FE3E4988682228D ] motandroidusb   C:\Windows\system32\Drivers\motoandroid.sys
20:37:16.0344 0x2024  motandroidusb - ok
20:37:16.0382 0x2024  [ 43E754047C6DEE50666554D3C66D6279, DE37EFFEA44CBD1EA245B21056AB40453F8570FE223412C9A5C0509E4AC7E455 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
20:37:16.0384 0x2024  motccgp - ok
20:37:16.0397 0x2024  [ 577399C75CF85AC68E7830EB150F45EF, 0E8D496CDAC260C8B2AB7B37654BA2395EC924903EE07161D13F1B6B1F8C8966 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
20:37:16.0399 0x2024  motccgpfl - ok
20:37:16.0403 0x2024  motmodem - ok
20:37:16.0465 0x2024  [ 11AAA0083D30F4677AD2B218EE7F5CE9, 6E1070DF996E0A230351D545CE3E7B9B31A0B11917DD6E45953255A8207A151C ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
20:37:16.0511 0x2024  Motorola Device Manager - ok
20:37:16.0531 0x2024  [ 19BC2161C3FCCED802F1BCD9B78C3466, 2EA39F23C49191A4651CD785A742554801A4AC59AACE1993B3A30EA137B4A321 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
20:37:16.0533 0x2024  MotoSwitchService - ok
20:37:16.0547 0x2024  [ C4F1495598C7E1FEF53BCFD84A5BD53E, E6B1290083B448E01518F060CB47805B39F68466DFA1860C7DD2CA5E780CAF3D ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
20:37:16.0550 0x2024  Motousbnet - ok
20:37:16.0592 0x2024  [ D075B1D964A314D240F5498773EE89DF, 3EEF4D06556CE9CA4A268F335D87FCA25C078DAE341F4C23B6F56DB9D746FD80 ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
20:37:16.0594 0x2024  motusbdevice - ok
20:37:16.0629 0x2024  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:37:16.0632 0x2024  mouclass - ok
20:37:16.0662 0x2024  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:37:16.0665 0x2024  mouhid - ok
20:37:16.0707 0x2024  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:37:16.0711 0x2024  mountmgr - ok
20:37:16.0795 0x2024  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:37:16.0841 0x2024  MozillaMaintenance - ok
20:37:16.0887 0x2024  [ 19B2629C3F8E02B2E823738FF0AB1BFD, 1430D463E93B49C0C915C0D583A736017977D06615F8415E1F68B3D79B433BF9 ] mozybackup      C:\Program Files\MozyHome\mozybackup.exe
20:37:16.0922 0x2024  mozybackup - ok
20:37:16.0964 0x2024  [ E7C9CCAA210D23096118184CF583C952, 58E075ED163A4F78E0C55F4EEC4CBFCBDF6C208E4E72C6134596105342A017E4 ] mozyFilter      C:\Windows\system32\DRIVERS\mozy.sys
20:37:16.0998 0x2024  mozyFilter - ok
20:37:17.0048 0x2024  [ A44B420D30BD56E145D6A2BC8768EC58, 
 
 
Part 2 coming next - it said "Post too long".
Link to post
Share on other sites

B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

20:37:17.0054 0x2024  mpio - ok

20:37:17.0083 0x2024  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

20:37:17.0087 0x2024  mpsdrv - ok

20:37:17.0204 0x2024  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

20:37:17.0229 0x2024  MpsSvc - ok

20:37:17.0268 0x2024  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

20:37:17.0274 0x2024  MRxDAV - ok

20:37:17.0319 0x2024  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

20:37:17.0325 0x2024  mrxsmb - ok

20:37:17.0368 0x2024  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:37:17.0377 0x2024  mrxsmb10 - ok

20:37:17.0397 0x2024  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:37:17.0403 0x2024  mrxsmb20 - ok

20:37:17.0420 0x2024  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

20:37:17.0422 0x2024  msahci - ok

20:37:17.0502 0x2024  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

20:37:17.0507 0x2024  msdsm - ok

20:37:17.0591 0x2024  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

20:37:17.0610 0x2024  MSDTC - ok

20:37:17.0654 0x2024  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

20:37:17.0667 0x2024  Msfs - ok

20:37:17.0682 0x2024  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

20:37:17.0684 0x2024  mshidkmdf - ok

20:37:17.0714 0x2024  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

20:37:17.0717 0x2024  msisadrv - ok

20:37:17.0745 0x2024  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

20:37:17.0751 0x2024  MSiSCSI - ok

20:37:17.0756 0x2024  msiserver - ok

20:37:17.0767 0x2024  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

20:37:17.0769 0x2024  MSKSSRV - ok

20:37:17.0775 0x2024  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

20:37:17.0777 0x2024  MSPCLOCK - ok

20:37:17.0794 0x2024  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

20:37:17.0795 0x2024  MSPQM - ok

20:37:17.0851 0x2024  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

20:37:17.0862 0x2024  MsRPC - ok

20:37:17.0905 0x2024  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

20:37:17.0908 0x2024  mssmbios - ok

20:37:17.0924 0x2024  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

20:37:17.0926 0x2024  MSTEE - ok

20:37:17.0931 0x2024  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

20:37:17.0935 0x2024  MTConfig - ok

20:37:17.0959 0x2024  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

20:37:17.0962 0x2024  Mup - ok

20:37:18.0023 0x2024  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

20:37:18.0043 0x2024  napagent - ok

20:37:18.0068 0x2024  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

20:37:18.0078 0x2024  NativeWifiP - ok

20:37:18.0156 0x2024  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

20:37:18.0201 0x2024  NDIS - ok

20:37:18.0223 0x2024  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

20:37:18.0226 0x2024  NdisCap - ok

20:37:18.0246 0x2024  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

20:37:18.0249 0x2024  NdisTapi - ok

20:37:18.0291 0x2024  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

20:37:18.0294 0x2024  Ndisuio - ok

20:37:18.0309 0x2024  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

20:37:18.0315 0x2024  NdisWan - ok

20:37:18.0357 0x2024  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

20:37:18.0380 0x2024  NDProxy - ok

20:37:18.0487 0x2024  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

20:37:18.0579 0x2024  Nero BackItUp Scheduler 4.0 - ok

20:37:18.0610 0x2024  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

20:37:18.0613 0x2024  NetBIOS - ok

20:37:18.0671 0x2024  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

20:37:18.0679 0x2024  NetBT - ok

20:37:18.0689 0x2024  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe

20:37:18.0692 0x2024  Netlogon - ok

20:37:18.0749 0x2024  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

20:37:18.0760 0x2024  Netman - ok

20:37:18.0789 0x2024  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

20:37:18.0807 0x2024  netprofm - ok

20:37:18.0838 0x2024  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:37:18.0843 0x2024  NetTcpPortSharing - ok

20:37:18.0875 0x2024  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

20:37:18.0879 0x2024  nfrd960 - ok

20:37:18.0923 0x2024  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

20:37:18.0933 0x2024  NlaSvc - ok

20:37:18.0943 0x2024  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

20:37:18.0946 0x2024  Npfs - ok

20:37:18.0974 0x2024  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

20:37:18.0977 0x2024  nsi - ok

20:37:18.0995 0x2024  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

20:37:18.0996 0x2024  nsiproxy - ok

20:37:19.0083 0x2024  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

20:37:19.0151 0x2024  Ntfs - ok

20:37:19.0222 0x2024  [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

20:37:19.0318 0x2024  NTI IScheduleSvc - ok

20:37:19.0346 0x2024  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys

20:37:19.0372 0x2024  NTIDrvr - ok

20:37:19.0405 0x2024  [ A773AA47341A1FD16C6A9BA3C11D7DAA, 55BA057FD11856BEB5F8C31CE3F422B53ABAACE565933B658882635A95231E6E ] ntk_PowerDVD12  C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys

20:37:19.0441 0x2024  ntk_PowerDVD12 - ok

20:37:19.0452 0x2024  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

20:37:19.0454 0x2024  Null - ok

20:37:19.0487 0x2024  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

20:37:19.0494 0x2024  nvraid - ok

20:37:19.0531 0x2024  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

20:37:19.0537 0x2024  nvstor - ok

20:37:19.0578 0x2024  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

20:37:19.0583 0x2024  nv_agp - ok

20:37:19.0742 0x2024  [ E7D8C7748AAED52F1700D048A0087158, 3DD1652460C3AC9809A01DFC39326614C738CBF8196AC1DB73D88231EB860C90 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

20:37:19.0839 0x2024  OfficeSvc - ok

20:37:19.0877 0x2024  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

20:37:19.0881 0x2024  ohci1394 - ok

20:37:19.0956 0x2024  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:37:20.0003 0x2024  ose - ok

20:37:20.0263 0x2024  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

20:37:20.0500 0x2024  osppsvc - ok

20:37:20.0557 0x2024  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

20:37:20.0568 0x2024  p2pimsvc - ok

20:37:20.0602 0x2024  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

20:37:20.0621 0x2024  p2psvc - ok

20:37:20.0656 0x2024  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

20:37:20.0661 0x2024  Parport - ok

20:37:20.0710 0x2024  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

20:37:20.0714 0x2024  partmgr - ok

20:37:20.0734 0x2024  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

20:37:20.0741 0x2024  PcaSvc - ok

20:37:20.0794 0x2024  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

20:37:20.0800 0x2024  pci - ok

20:37:20.0837 0x2024  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

20:37:20.0840 0x2024  pciide - ok

20:37:20.0889 0x2024  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

20:37:20.0897 0x2024  pcmcia - ok

20:37:20.0931 0x2024  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

20:37:20.0934 0x2024  pcw - ok

20:37:20.0971 0x2024  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

20:37:21.0028 0x2024  PEAUTH - ok

20:37:21.0141 0x2024  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

20:37:21.0144 0x2024  PerfHost - ok

20:37:21.0245 0x2024  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

20:37:21.0302 0x2024  pla - ok

20:37:21.0361 0x2024  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

20:37:21.0380 0x2024  PlugPlay - ok

20:37:21.0410 0x2024  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

20:37:21.0414 0x2024  PNRPAutoReg - ok

20:37:21.0435 0x2024  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

20:37:21.0444 0x2024  PNRPsvc - ok

20:37:21.0507 0x2024  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

20:37:21.0540 0x2024  PolicyAgent - ok

20:37:21.0577 0x2024  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

20:37:21.0584 0x2024  Power - ok

20:37:21.0624 0x2024  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

20:37:21.0628 0x2024  PptpMiniport - ok

20:37:21.0659 0x2024  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

20:37:21.0663 0x2024  Processor - ok

20:37:21.0714 0x2024  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

20:37:21.0722 0x2024  ProfSvc - ok

20:37:21.0734 0x2024  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe

20:37:21.0736 0x2024  ProtectedStorage - ok

20:37:21.0779 0x2024  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

20:37:21.0783 0x2024  Psched - ok

20:37:21.0855 0x2024  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

20:37:22.0605 0x2024  PST Service - ok

20:37:22.0710 0x2024  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

20:37:22.0778 0x2024  ql2300 - ok

20:37:22.0789 0x2024  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

20:37:22.0794 0x2024  ql40xx - ok

20:37:22.0831 0x2024  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

20:37:22.0840 0x2024  QWAVE - ok

20:37:22.0850 0x2024  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

20:37:22.0852 0x2024  QWAVEdrv - ok

20:37:22.0857 0x2024  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

20:37:22.0860 0x2024  RasAcd - ok

20:37:22.0892 0x2024  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

20:37:22.0895 0x2024  RasAgileVpn - ok

20:37:22.0910 0x2024  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

20:37:22.0916 0x2024  RasAuto - ok

20:37:22.0952 0x2024  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

20:37:22.0957 0x2024  Rasl2tp - ok

20:37:23.0005 0x2024  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

20:37:23.0017 0x2024  RasMan - ok

20:37:23.0056 0x2024  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

20:37:23.0060 0x2024  RasPppoe - ok

20:37:23.0072 0x2024  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

20:37:23.0076 0x2024  RasSstp - ok

20:37:23.0093 0x2024  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

20:37:23.0103 0x2024  rdbss - ok

20:37:23.0125 0x2024  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

20:37:23.0128 0x2024  rdpbus - ok

20:37:23.0147 0x2024  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

20:37:23.0149 0x2024  RDPCDD - ok

20:37:23.0163 0x2024  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

20:37:23.0164 0x2024  RDPENCDD - ok

20:37:23.0178 0x2024  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

20:37:23.0179 0x2024  RDPREFMP - ok

20:37:23.0225 0x2024  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

20:37:23.0232 0x2024  RDPWD - ok

20:37:23.0272 0x2024  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

20:37:23.0279 0x2024  rdyboost - ok

20:37:23.0322 0x2024  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

20:37:23.0327 0x2024  RemoteAccess - ok

20:37:23.0343 0x2024  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

20:37:23.0350 0x2024  RemoteRegistry - ok

20:37:23.0391 0x2024  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

20:37:23.0396 0x2024  RpcEptMapper - ok

20:37:23.0422 0x2024  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

20:37:23.0425 0x2024  RpcLocator - ok

20:37:23.0476 0x2024  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

20:37:23.0489 0x2024  RpcSs - ok

20:37:23.0531 0x2024  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

20:37:23.0534 0x2024  rspndr - ok

20:37:23.0566 0x2024  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys

20:37:23.0612 0x2024  RSUSBSTOR - ok

20:37:23.0658 0x2024  [ 4E821C740A675F6D040BE41D59A62B1D, F09A0247DD21580AEE268FB88371D581B6383FC354B5FBBD147E5338BF7681A4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys

20:37:23.0703 0x2024  RTHDMIAzAudService - ok

20:37:23.0773 0x2024  [ 21D19AEE157A98355AC80A7BB2608775, DB1E36B6F3FD7429A38B7D5F97F1D06B8EC498A5355DB9DE38689E286C248034 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys

20:37:23.0861 0x2024  rtl8192se - ok

20:37:23.0878 0x2024  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe

20:37:23.0881 0x2024  SamSs - ok

20:37:23.0922 0x2024  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

20:37:23.0926 0x2024  sbp2port - ok

20:37:23.0954 0x2024  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

20:37:23.0962 0x2024  SCardSvr - ok

20:37:24.0005 0x2024  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

20:37:24.0008 0x2024  scfilter - ok

20:37:24.0079 0x2024  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

20:37:24.0136 0x2024  Schedule - ok

20:37:24.0186 0x2024  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

20:37:24.0189 0x2024  SCPolicySvc - ok

20:37:24.0250 0x2024  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

20:37:24.0257 0x2024  SDRSVC - ok

20:37:24.0286 0x2024  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

20:37:24.0288 0x2024  secdrv - ok

20:37:24.0326 0x2024  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

20:37:24.0329 0x2024  seclogon - ok

20:37:24.0360 0x2024  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

20:37:24.0365 0x2024  SENS - ok

20:37:24.0383 0x2024  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

20:37:24.0387 0x2024  SensrSvc - ok

20:37:24.0403 0x2024  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

20:37:24.0406 0x2024  Serenum - ok

20:37:24.0413 0x2024  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

20:37:24.0418 0x2024  Serial - ok

20:37:24.0449 0x2024  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

20:37:24.0452 0x2024  sermouse - ok

20:37:24.0502 0x2024  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

20:37:24.0508 0x2024  SessionEnv - ok

20:37:24.0546 0x2024  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

20:37:24.0548 0x2024  sffdisk - ok

20:37:24.0564 0x2024  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

20:37:24.0567 0x2024  sffp_mmc - ok

20:37:24.0586 0x2024  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

20:37:24.0588 0x2024  sffp_sd - ok

20:37:24.0619 0x2024  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

20:37:24.0621 0x2024  sfloppy - ok

20:37:24.0675 0x2024  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

20:37:24.0686 0x2024  SharedAccess - ok

20:37:24.0741 0x2024  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:37:24.0753 0x2024  ShellHWDetection - ok

20:37:24.0759 0x2024  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:37:24.0762 0x2024  SiSRaid2 - ok

20:37:24.0770 0x2024  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

20:37:24.0774 0x2024  SiSRaid4 - ok

20:37:24.0831 0x2024  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

20:37:25.0368 0x2024  SkypeUpdate - ok

20:37:25.0392 0x2024  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

20:37:25.0473 0x2024  Smb - ok

20:37:25.0504 0x2024  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

20:37:25.0507 0x2024  SNMPTRAP - ok

20:37:25.0544 0x2024  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

20:37:25.0546 0x2024  spldr - ok

20:37:25.0611 0x2024  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

20:37:25.0645 0x2024  Spooler - ok

20:37:25.0823 0x2024  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

20:37:25.0980 0x2024  sppsvc - ok

20:37:26.0027 0x2024  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

20:37:26.0032 0x2024  sppuinotify - ok

20:37:26.0081 0x2024  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

20:37:26.0098 0x2024  srv - ok

20:37:26.0148 0x2024  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

20:37:26.0160 0x2024  srv2 - ok

20:37:26.0176 0x2024  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

20:37:26.0182 0x2024  srvnet - ok

20:37:26.0223 0x2024  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

20:37:26.0230 0x2024  SSDPSRV - ok

20:37:26.0261 0x2024  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

20:37:26.0265 0x2024  SstpSvc - ok

20:37:26.0298 0x2024  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

20:37:26.0301 0x2024  stexstor - ok

20:37:26.0330 0x2024  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys

20:37:26.0332 0x2024  StillCam - ok

20:37:26.0390 0x2024  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

20:37:26.0424 0x2024  stisvc - ok

20:37:26.0466 0x2024  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys

20:37:26.0468 0x2024  swenum - ok

20:37:26.0659 0x2024  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

20:37:26.0749 0x2024  SwitchBoard - ok

20:37:26.0796 0x2024  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

20:37:26.0812 0x2024  swprv - ok

20:37:26.0854 0x2024  [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

20:37:26.0864 0x2024  SynTP - ok

20:37:26.0965 0x2024  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

20:37:27.0033 0x2024  SysMain - ok

20:37:27.0073 0x2024  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:37:27.0078 0x2024  TabletInputService - ok

20:37:27.0130 0x2024  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

20:37:27.0141 0x2024  TapiSrv - ok

20:37:27.0176 0x2024  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

20:37:27.0180 0x2024  TBS - ok

20:37:27.0285 0x2024  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

20:37:27.0364 0x2024  Tcpip - ok

20:37:27.0442 0x2024  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

20:37:27.0484 0x2024  TCPIP6 - ok

20:37:27.0532 0x2024  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

20:37:27.0535 0x2024  tcpipreg - ok

20:37:27.0566 0x2024  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

20:37:27.0569 0x2024  TDPIPE - ok

20:37:27.0607 0x2024  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

20:37:27.0609 0x2024  TDTCP - ok

20:37:27.0646 0x2024  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

20:37:27.0651 0x2024  tdx - ok

20:37:27.0690 0x2024  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys

20:37:27.0693 0x2024  TermDD - ok

20:37:27.0754 0x2024  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

20:37:27.0788 0x2024  TermService - ok

20:37:27.0822 0x2024  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

20:37:27.0826 0x2024  Themes - ok

20:37:27.0864 0x2024  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

20:37:27.0867 0x2024  THREADORDER - ok

20:37:27.0930 0x2024  [ 4C4554287AB3E0F84AE5101117B0C18E, C861C720C963527D04F070312F9BC49D67363107BA82AE43192E27AF9D216BE8 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys

20:37:27.0935 0x2024  tmactmon - ok

20:37:27.0966 0x2024  [ E3485981980692756B6D4A561D718368, 86CE2A4F9CD2B072F4ED1206BE782A75D24CF5DA9625CA6C072EEC01570ED42A ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys

20:37:27.0972 0x2024  tmcomm - ok

20:37:28.0013 0x2024  [ 1161F882B3CFA8076870A09924E0ADC2, C24E8729C2237C7B3E3B2F48A5B15D85D960942BB94A1F16EDACDFDBA80ADAC3 ] tmeevw          C:\Windows\system32\DRIVERS\tmeevw.sys

20:37:28.0016 0x2024  tmeevw - ok

20:37:28.0055 0x2024  [ 384C4A844E3DE65E26ED0639375C0D3B, 7A48131A1E14166FE055DE022C2BB5BA254CC3F314658DC8B4FB4C7AD7999AD3 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys

20:37:28.0059 0x2024  tmevtmgr - ok

20:37:28.0098 0x2024  [ F0AE672EE91E7F1EF24644621B57CA7F, 68169664BA99AA2F2DCC40296B5D50B00FCA4000E4F4E134FA94B0C76E2E7075 ] tmnciesc        C:\Windows\system32\DRIVERS\tmnciesc.sys

20:37:28.0106 0x2024  tmnciesc - ok

20:37:28.0157 0x2024  [ 065CB7D9278D778FB9EF62CEAD01433F, 73A256CBE234296C3C6201FEF94501F25E790C6F077070D94B809DFA61DBA520 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys

20:37:28.0161 0x2024  tmtdi - ok

20:37:28.0196 0x2024  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

20:37:28.0201 0x2024  TrkWks - ok

20:37:28.0267 0x2024  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:37:28.0273 0x2024  TrustedInstaller - ok

20:37:28.0317 0x2024  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

20:37:28.0320 0x2024  tssecsrv - ok

20:37:28.0362 0x2024  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

20:37:28.0366 0x2024  TsUsbFlt - ok

20:37:28.0391 0x2024  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

20:37:28.0396 0x2024  tunnel - ok

20:37:28.0433 0x2024  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

20:37:28.0438 0x2024  uagp35 - ok

20:37:28.0450 0x2024  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys

20:37:28.0475 0x2024  UBHelper - ok

20:37:28.0532 0x2024  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

20:37:28.0543 0x2024  udfs - ok

20:37:28.0580 0x2024  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

20:37:28.0585 0x2024  UI0Detect - ok

20:37:28.0618 0x2024  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

20:37:28.0622 0x2024  uliagpkx - ok

20:37:28.0667 0x2024  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys

20:37:28.0670 0x2024  umbus - ok

20:37:28.0701 0x2024  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

20:37:28.0703 0x2024  UmPass - ok

20:37:28.0786 0x2024  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

20:37:28.0869 0x2024  Updater Service - ok

20:37:28.0964 0x2024  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

20:37:28.0977 0x2024  upnphost - ok

20:37:29.0018 0x2024  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

20:37:29.0022 0x2024  usbccgp - ok

20:37:29.0052 0x2024  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

20:37:29.0057 0x2024  usbcir - ok

20:37:29.0089 0x2024  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

20:37:29.0092 0x2024  usbehci - ok

20:37:29.0115 0x2024  [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys

20:37:29.0118 0x2024  usbfilter - ok

20:37:29.0166 0x2024  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

20:37:29.0177 0x2024  usbhub - ok

20:37:29.0195 0x2024  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

20:37:29.0197 0x2024  usbohci - ok

20:37:29.0234 0x2024  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

20:37:29.0237 0x2024  usbprint - ok

20:37:29.0281 0x2024  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:37:29.0285 0x2024  USBSTOR - ok

20:37:29.0315 0x2024  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

20:37:29.0317 0x2024  usbuhci - ok

20:37:29.0346 0x2024  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

20:37:29.0353 0x2024  usbvideo - ok

20:37:29.0388 0x2024  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys

20:37:29.0391 0x2024  usb_rndisx - ok

20:37:29.0424 0x2024  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

20:37:29.0428 0x2024  UxSms - ok

20:37:29.0444 0x2024  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe

20:37:29.0447 0x2024  VaultSvc - ok

20:37:29.0464 0x2024  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

20:37:29.0466 0x2024  vdrvroot - ok

20:37:29.0525 0x2024  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

20:37:29.0558 0x2024  vds - ok

20:37:29.0613 0x2024  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

20:37:29.0616 0x2024  vga - ok

20:37:29.0639 0x2024  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

20:37:29.0641 0x2024  VgaSave - ok

20:37:29.0677 0x2024  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

20:37:29.0685 0x2024  vhdmp - ok

20:37:29.0718 0x2024  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

20:37:29.0720 0x2024  viaide - ok

20:37:29.0752 0x2024  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

20:37:29.0756 0x2024  volmgr - ok

20:37:29.0808 0x2024  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

20:37:29.0818 0x2024  volmgrx - ok

20:37:29.0842 0x2024  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

20:37:29.0851 0x2024  volsnap - ok

20:37:29.0915 0x2024  [ 5C180CD2A33051642A589A7C6090A035, 2045BFA86EBCA6D3F9C029DA9D84BE22BCC183907A1073699A65AB700F20605A ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

20:37:30.0017 0x2024  vpnagent - ok

20:37:30.0057 0x2024  [ EFE0CE79D7BE51365021704B4122EA50, 0164C6E9EDD88916487E411BA83913867FCB83823EA741312FD85D26E787CCAA ] vpnpbus         C:\Windows\system32\DRIVERS\vpnpbus.sys

20:37:30.0060 0x2024  vpnpbus - ok

20:37:30.0100 0x2024  [ 5B3644AB5E8E210F60869EA6895DE822, 0D713C1C92E73BE8886DD1E9D5D37721427598B3B8DD93B30E522B0825E2082E ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys

20:37:30.0103 0x2024  vpnva - ok

20:37:30.0140 0x2024  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

20:37:30.0146 0x2024  vsmraid - ok

20:37:30.0241 0x2024  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

20:37:30.0278 0x2024  VSS - ok

20:37:30.0297 0x2024  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

20:37:30.0300 0x2024  vwifibus - ok

20:37:30.0306 0x2024  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

20:37:30.0310 0x2024  vwififlt - ok

20:37:30.0319 0x2024  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

20:37:30.0321 0x2024  vwifimp - ok

20:37:30.0353 0x2024  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

20:37:30.0366 0x2024  W32Time - ok

20:37:30.0383 0x2024  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

20:37:30.0386 0x2024  WacomPen - ok

20:37:30.0423 0x2024  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

20:37:30.0427 0x2024  WANARP - ok

20:37:30.0432 0x2024  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

20:37:30.0436 0x2024  Wanarpv6 - ok

20:37:30.0518 0x2024  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

20:37:30.0575 0x2024  WatAdminSvc - ok

20:37:30.0663 0x2024  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

20:37:30.0731 0x2024  wbengine - ok

20:37:30.0776 0x2024  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

20:37:30.0784 0x2024  WbioSrvc - ok

20:37:30.0836 0x2024  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

20:37:30.0849 0x2024  wcncsvc - ok

20:37:30.0872 0x2024  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:37:30.0876 0x2024  WcsPlugInService - ok

20:37:30.0909 0x2024  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

20:37:30.0911 0x2024  Wd - ok

20:37:30.0977 0x2024  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

20:37:31.0012 0x2024  Wdf01000 - ok

20:37:31.0029 0x2024  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

20:37:31.0034 0x2024  WdiServiceHost - ok

20:37:31.0039 0x2024  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

20:37:31.0044 0x2024  WdiSystemHost - ok

20:37:31.0090 0x2024  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

20:37:31.0099 0x2024  WebClient - ok

20:37:31.0118 0x2024  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

20:37:31.0128 0x2024  Wecsvc - ok

20:37:31.0165 0x2024  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

20:37:31.0169 0x2024  wercplsupport - ok

20:37:31.0193 0x2024  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

20:37:31.0197 0x2024  WerSvc - ok

20:37:31.0217 0x2024  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

20:37:31.0220 0x2024  WfpLwf - ok

20:37:31.0232 0x2024  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

20:37:31.0234 0x2024  WIMMount - ok

20:37:31.0263 0x2024  WinDefend - ok

20:37:31.0273 0x2024  WinHttpAutoProxySvc - ok

20:37:31.0388 0x2024  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

20:37:31.0397 0x2024  Winmgmt - ok

20:37:31.0505 0x2024  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

20:37:31.0595 0x2024  WinRM - ok

20:37:31.0648 0x2024  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

20:37:31.0681 0x2024  WinUsb - ok

20:37:31.0746 0x2024  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

20:37:31.0791 0x2024  Wlansvc - ok

20:37:31.0832 0x2024  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

20:37:31.0834 0x2024  WmiAcpi - ok

20:37:31.0872 0x2024  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

20:37:31.0879 0x2024  wmiApSrv - ok

20:37:31.0907 0x2024  WMPNetworkSvc - ok

20:37:31.0939 0x2024  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

20:37:31.0943 0x2024  WPCSvc - ok

20:37:31.0978 0x2024  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

20:37:31.0984 0x2024  WPDBusEnum - ok

20:37:32.0008 0x2024  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

20:37:32.0011 0x2024  ws2ifsl - ok

20:37:32.0032 0x2024  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

20:37:32.0037 0x2024  wscsvc - ok

20:37:32.0041 0x2024  WSearch - ok

20:37:32.0166 0x2024  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

20:37:32.0267 0x2024  wuauserv - ok

20:37:32.0320 0x2024  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

20:37:32.0324 0x2024  WudfPf - ok

20:37:32.0349 0x2024  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

20:37:32.0355 0x2024  WUDFRd - ok

20:37:32.0394 0x2024  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

20:37:32.0399 0x2024  wudfsvc - ok

20:37:32.0424 0x2024  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll

20:37:32.0433 0x2024  WwanSvc - ok

20:37:32.0622 0x2024  [ 6F58BD07113A38412A6AE6566A3B36A0, 1D1A6342F776C74D49D589548F5F00A549C4A32F35D08858D55D5EB8A55EED81 ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl

20:37:32.0676 0x2024  {73526619-C24F-470B-9BED-53D455FBB5C6} - ok

20:37:32.0690 0x2024  ================ Scan global ===============================

20:37:32.0749 0x2024  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

20:37:32.0794 0x2024  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

20:37:32.0816 0x2024  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

20:37:32.0845 0x2024  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

20:37:32.0885 0x2024  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

20:37:32.0896 0x2024  [ Global ] - ok

20:37:32.0896 0x2024  ================ Scan MBR ==================================

20:37:32.0910 0x2024  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:37:33.0376 0x2024  \Device\Harddisk0\DR0 - ok

20:37:33.0376 0x2024  ================ Scan VBR ==================================

20:37:33.0381 0x2024  [ DDF51A82933EF3C397D0396F1BD7133C ] \Device\Harddisk0\DR0\Partition1

20:37:33.0382 0x2024  \Device\Harddisk0\DR0\Partition1 - ok

20:37:33.0398 0x2024  [ AFAE425CBE3F4D2B8161FAE1E59A03DA ] \Device\Harddisk0\DR0\Partition2

20:37:33.0400 0x2024  \Device\Harddisk0\DR0\Partition2 - ok

20:37:33.0401 0x2024  Waiting for KSN requests completion. In queue: 75

20:37:34.0401 0x2024  Waiting for KSN requests completion. In queue: 75

20:37:35.0401 0x2024  Waiting for KSN requests completion. In queue: 75

20:37:36.0480 0x2024  AV detected via SS2: Trend Micro Titanium Internet Security 2012, C:\Program Files\Trend Micro\Titanium\wschandler.exe ( 5.4.0.1023 ), 0x41000 ( enabled : updated )

20:37:36.0540 0x2024  Win FW state via NFP2: enabled

20:37:39.0361 0x2024  ============================================================

20:37:39.0361 0x2024  Scan finished

20:37:39.0361 0x2024  ============================================================

20:37:39.0370 0x2f74  Detected object count: 0

20:37:39.0370 0x2f74  Actual detected object count: 0
Link to post
Share on other sites

While I'm thinking about it, I have it on my work laptop too.  Would I start a new thread, and would you by chance be willing to help me dig out of that one too?  Thank you for helping me by the way!!

I would be more than happy to help....I think it would be best that we start a new topic for that when this one is complete.  That way we don't confuse anything that we are seeing.  If you would like for me in particular to help you, when you start the new topic, just be sure to put my name in the subject line of the topic too.   :)

 

------------------------

 

ComboFix

 

Download Combofix from either of the links below, and save it to your desktop.  

Link 1

Link 2

 

**Note:  It is important that it is saved directly to your desktop**

If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

 

--------------------------------------------------------------------

 

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

 

--------------------------------------------------------------------

 

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.
Link to post
Share on other sites

OK - Whew!

 

ComboFix 14-02-05.02 - Owner 02/06/2014  20:34:20.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3835.2126 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\htIVrPCj9.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\E4ME.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\S4xUbA.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\i_Yje.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\icon48.png
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\newtab.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\ZPpTaM.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\q1C_9C4zzT.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\htIVrPCj9.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfckihfebijamknemacffcepjbockgd\2.7\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\E4ME.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\122\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihipnemgmfipdkdapbchnlmjgkkimgo\1.0\S4xUbA.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\i_Yje.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\icon48.png
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emndmmpednlalgidkbhjmmgdmakkcblg\1.1\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\newtab.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfpindflmgdobgmmihckbeicbklfopo\2.1\ZPpTaM.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiibaahadhjgcjnbkmjemiefcdpinad\3.18\q1C_9C4zzT.js
c:\users\Owner\AppData\Local\assembly\tmp
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Recent\Mikki's Notebook.url
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-07 to 2014-02-07  )))))))))))))))))))))))))))))))
.
.
2014-02-03 12:04 . 2014-02-03 12:04 5330 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-01-28 22:29 . 2014-02-04 20:41 -------- d-----w- c:\users\Owner\AppData\Local\Skitch
2014-01-28 07:07 . 2014-01-28 22:26 -------- d-----w- c:\program files (x86)\Evernote
2014-01-28 06:51 . 2014-01-28 06:51 -------- d-----w- c:\programdata\GlarySoft
2014-01-28 06:50 . 2014-01-22 01:09 17088 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-01-28 06:50 . 2014-01-22 01:16 117024 ----a-w- c:\windows\system32\BootDefrag.exe
2014-01-28 06:50 . 2014-01-28 06:51 -------- d-----w- c:\program files (x86)\Glary Utilities 4
2014-01-28 06:12 . 2014-01-28 06:12 -------- d-----w- C:\SkyDriveTemp
2014-01-27 12:37 . 2014-01-27 12:37 -------- d-----w- c:\program files (x86)\Hosts_Anti_Adwares_PUPs
2014-01-26 23:10 . 2014-01-26 23:10 -------- d-----w- C:\zoek_backup
2014-01-26 20:00 . 2014-01-28 06:08 -------- d-----w- C:\AdwCleaner
2014-01-26 19:44 . 2014-01-26 19:44 -------- d-----w- c:\windows\ERUNT
2014-01-21 16:48 . 2014-01-21 16:48 -------- d-----w- c:\program files\ART-Backup
2014-01-21 12:09 . 2014-01-21 16:43 238128 ----a-w- c:\windows\RegBootClean64.exe
2014-01-21 11:49 . 2014-01-21 11:49 -------- d-----w- c:\programdata\House Of Soft
2014-01-21 11:49 . 2014-01-21 11:49 4229120 ----a-w- c:\program files (x86)\GS_x64.Enabler
2014-01-21 11:49 . 2014-01-21 11:49 183632 ----a-w- c:\program files (x86)\GSSvc.dll
2014-01-21 11:48 . 2014-01-21 11:48 -------- d-----w- c:\users\Owner\AppData\Local\Packages
2014-01-21 11:48 . 2014-01-26 19:27 -------- d-----w- c:\programdata\17c7f4c59dc60633
2014-01-21 11:48 . 2014-01-21 11:48 -------- d-----w- c:\users\Owner\AppData\Local\Comodo
2014-01-21 11:48 . 2014-01-21 11:48 -------- d-----w- c:\users\Guest
2014-01-21 11:48 . 2014-01-21 11:48 -------- d-----w- c:\users\Administrator
2014-01-19 19:34 . 2014-01-19 19:34 -------- d-----w- c:\users\Owner\AppData\Roaming\DropboxMaster
2014-01-15 03:52 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 03:52 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 03:52 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 03:52 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 03:52 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 03:52 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 03:52 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 03:52 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 03:52 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-06 02:27 . 2013-02-28 18:19 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-06 02:26 . 2012-02-21 13:41 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-16 01:06 . 2010-10-15 21:40 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-15 03:34 . 2013-06-19 23:30 566480 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-12-21 00:45 . 2013-12-21 00:45 45056 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}\UNINST_Uninstall_C_EBD1846850A64C858760A659B987DCFF.exe
2013-12-21 00:45 . 2013-12-21 00:45 45056 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}\ARPPRODUCTICON.exe
2013-12-16 00:07 . 2013-12-16 00:07 276256 ----a-w- c:\windows\system32\drivers\DigiartyVirtualCDBus.sys
2013-11-24 01:24 . 2013-11-24 01:24 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-11-24 01:24 . 2013-11-24 01:24 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-11-23 18:26 . 2013-12-11 01:59 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 01:59 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 01:58 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-10-03 12:58 222832 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-10-03 12:58 222832 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-10-03 12:58 222832 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay-cbfs4]
@="{D2244D6F-F44D-4A19-8A6E-9B7AACCA4E89}"
[HKEY_CLASSES_ROOT\CLSID\{D2244D6F-F44D-4A19-8A6E-9B7AACCA4E89}]
2013-10-25 20:14 156456 ----a-w- c:\windows\SysWOW64\cbfsMntNtf4.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2013-11-12 7380992]
"SkyDrive"="c:\users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-10-03 257136]
"BDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run"="c:\users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" [2014-02-01 866632]
"Skitch"="c:\program files (x86)\Evernote\Skitch\Skitch.exe" [2013-12-31 4739392]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-22 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-07-19 703888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallDeleteDir"="rmdir" [X]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteTray.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteTray.exe [2014-1-16 397664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe -hidden [2013-6-7 7959552]
MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2013-10-2 6444360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD}"= "c:\windows\SysWOW64\cbfsMntNtf4.dll" [2013-10-25 156456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"EldosMountNotificator-cbfs4"= {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - c:\windows\SysWOW64\cbfsMntNtf4.dll [2013-10-25 156456]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk * 
.
R2 1a34a8e0;GS.Supporter;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys;c:\windows\SYSNATIVE\drivers\DigiartyVirtualCDBus.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S1 cbfs4;cbfs4;c:\windows\system32\drivers\cbfs4.sys;c:\windows\SYSNATIVE\drivers\cbfs4.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/02/26 08:23];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys;c:\windows\SYSNATIVE\DRIVERS\tmeevw.sys [x]
S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys;c:\windows\SYSNATIVE\DRIVERS\tmnciesc.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 vpnpbus;EldoS PnP Virtual Bus driver;c:\windows\system32\DRIVERS\vpnpbus.sys;c:\windows\SYSNATIVE\DRIVERS\vpnpbus.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 02:27]
.
2014-02-07 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-01-22 01:15]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-08 00:02]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-08 00:02]
.
2014-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2681166796-2007918134-1661358387-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 23:48]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2681166796-2007918134-1661358387-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 23:48]
.
.
--------- X64 Entries -----------
.
.
Link to post
Share on other sites

Last Part:

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-10-03 12:58 261744 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-10-03 12:58 261744 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-10-03 12:58 261744 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-15 03:39 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-15 03:39 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-15 03:39 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ StashNotUploaded]
@="{34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3}"
[HKEY_CLASSES_ROOT\CLSID\{34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3}]
2012-11-03 12:39 862720 ----a-w- c:\program files\Mozy\Stash\StashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ StashPendingChanges]
@="{6673BC77-4A7B-4299-A130-14312E6B203A}"
[HKEY_CLASSES_ROOT\CLSID\{6673BC77-4A7B-4299-A130-14312E6B203A}]
2012-11-03 12:39 862720 ----a-w- c:\program files\Mozy\Stash\StashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ StashUpToDate]
@="{04547006-32F5-4635-844B-B8D7FCE47692}"
[HKEY_CLASSES_ROOT\CLSID\{04547006-32F5-4635-844B-B8D7FCE47692}]
2012-11-03 12:39 862720 ----a-w- c:\program files\Mozy\Stash\StashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2010-11-04 22:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2010-11-04 22:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2010-11-04 22:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2010-11-04 22:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2010-11-04 22:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage Sync\1.0.18.84\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage Sync\1.0.18.84\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage Sync\1.0.18.84\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay-cbfs4]
@="{D2244D6F-F44D-4A19-8A6E-9B7AACCA4E89}"
[HKEY_CLASSES_ROOT\CLSID\{D2244D6F-F44D-4A19-8A6E-9B7AACCA4E89}]
2013-10-25 20:15 182568 ----a-w- c:\windows\System32\cbfsMntNtf4.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 21:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 21:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 21:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 21:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 21:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 21:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]
@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"
[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]
2013-10-02 13:51 6885192 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]
@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"
[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]
2013-10-02 13:51 6885192 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-12-18 1304296]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 213824]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2013-06-08 393216]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD}"= "c:\windows\system32\cbfsMntNtf4.dll" [2013-10-25 182568]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Clip image - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: New note - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: marykayintouch.com\applications
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
BHO-{E9F2720A-EB2C-8BC7-D724-EDCB5426CE19} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
SSODL-EldosMountNotificator-cbfs4    REG_SZ    {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD}- - (no file)
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0} - c:\progra~2\GSB779~1.ENA
AddRemove-1640518236.reader.ebooks2.scholastic.com - c:\program files (x86)\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Juniper Networks\Common Files\dsNcService.exe
c:\program files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
.
**************************************************************************
.
Completion time: 2014-02-06  20:56:28 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-07 02:56
.
Pre-Run: 335,491,649,536 bytes free
Post-Run: 335,062,372,352 bytes free
.
- - End Of File - - D63FCA96F245884715C8B7258C80410A
A36C5E4F47E84449FF07ED3517B43A31
 
 
Thanks again - wow, thank goodness for people like you! :)
Link to post
Share on other sites

Oh and my Trend Micro Titanium Internet Security 2012 icon is missing from my notification tray.  AND - there is no longer a folder in my Start Menu (All Programs area).  I had to search for it in the Run folder of the start menu.  I can find the folder in C:\Program Files but there are so many folders and files, that I'm not sure what to do to put it back.

Link to post
Share on other sites

Hi,

 

Great questions....

 

Just curios - How much privacy data does this expose?  I mean, if someone had bad intentions, would this be extremely helpful?  Or if you had a heavily encrypted system - would this expose too much (i.e., give hackers information to get into a very secure system)?

If your system is already properly secured than you will have no worries about what is shown here.  I would not hesitate to post my own logs here in the forums for people to see.  There is nothing that can really be useful shown.  :)

 

 

Oh and my Trend Micro Titanium Internet Security 2012 icon is missing from my notification tray.  AND - there is no longer a folder in my Start Menu (All Programs area).  I had to search for it in the Run folder of the start menu.  I can find the folder in C:\Program Files but there are so many folders and files, that I'm not sure what to do to put it back.

Could you clarify on this please?  Are you missing all of your folders from your Start Menu now?

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

OK I had a duh moment.

The only thing that was making me notice it was still there was that the chrome browser populated a new tab when I opened.  I went in and removed that engine, deleted all history, etc there.

 

Did the same thing with Firefox and IE.  Nothing was there.

Deleted my Recycle Bin

Ran a search in my windows explorer - it pulled up some random files, ADW quarantine stuff (not the logs). 

I deleted those, emptied the Recycle Bin again

 

Ran ADW again and got the log results below.

Note - I'm running MBAM again but it may not be done before I leave for work.  I will post those and respond to your input when I get home. :)

Thank you again!!!!!

 

# AdwCleaner v3.018 - Report created 13/02/2014 at 04:17:30
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - MIKKI-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Updater Service for AMZN
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Advanced System Protector
Folder Deleted : C:\Program Files (x86)\Amazon Browser Bar
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Users\Owner\AppData\Local\Amazon Browser Bar
Folder Deleted : C:\Users\Owner\AppData\Local\Systweak
Folder Deleted : C:\Users\Owner\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Deleted : C:\Windows\System32\Tasks\RegClean Pro
File Deleted : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
File Deleted : C:\Windows\Tasks\RegClean Pro_UPDATES.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16750
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [5629 octets] - [26/01/2014 14:00:20]
AdwCleaner[R1].txt - [907 octets] - [27/01/2014 06:31:28]
AdwCleaner[R2].txt - [1025 octets] - [28/01/2014 00:06:18]
AdwCleaner[R3].txt - [3228 octets] - [13/02/2014 04:14:40]
AdwCleaner[s0].txt - [5211 octets] - [26/01/2014 14:02:20]
AdwCleaner[s1].txt - [619 octets] - [27/01/2014 06:37:19]
AdwCleaner[s2].txt - [1087 octets] - [28/01/2014 00:08:00]
AdwCleaner[s3].txt - [2961 octets] - [13/02/2014 04:17:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [3021 octets] ##########
Link to post
Share on other sites

okie dokie - here is the log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.13.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16798
Owner :: MIKKI-PC [administrator]
 
2/13/2014 4:37:48 AM
MBAM-log-2014-02-13 (20-42-07).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 430233
Time elapsed: 3 hour(s), 47 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 3
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Amazon Browser Bar\search_protect.exe.vir (PUP.Optional.Searchprotect) -> No action taken.
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\Owner\Desktop\rcp_dcomnew_sec_728.exe (PUP.Optional.RegCleanPro) -> No action taken.
 
(end)
 
Thank you!
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.