Jump to content

Help! Malwarebytes detects Trojan.Agent/Backdoor.Bot/Trojan.Xanib/Trojan.Zlob etc.


Recommended Posts

I'm actually new here in the Malwarebytes forum and I really need your help. So, I was scanning my Windows 8 Laptop yesterday and then MB detected some trojan(s)/backdoor(s)/adware(s) etc. after the scan, and then I chose to quarantine it and remove it from my laptop. Then the next day, I tried to scan it again just to make sure, but after the scan, it detected the same infected files/viruses in my laptop. I tried to locate the file since the directory only points at my pictures/my documents/favorites and some other usual folders, but I can't seem to find those files in there. For example, in the My pictures\sample pictures\ directory, there's a detected file named blue hills.exe which I know should be *.jpeg. But when I tried to locate the file, I can't find it! and I don't even have a Sample pictures folder to begin with since I deleted it. I tried searching it on google first and found some results. It stated there that there is a bug causing this to happen in Vista. But then again, I'm using Windows 8 so I don't know it it's still the same bug in Vista that's causing this or my laptop is really infected. SuperAntiSpyware/AVG didn't detect anything :( Here is the log. Please help me. :( 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/28/2014
Scan Time: 8:22:00 PM
Logfile: Virrr.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.28.01
Rootkit Database: v2014.06.23.02
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: JC
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 636799
Time Elapsed: 4 hr, 45 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 15
Malware.Trace, c:\users\jc\documents\my videos\pulgconfig.log, Delete-on-Reboot, [8268027985f6063066b69644fd05867a], 
Malware.Trace, c:\users\jc\documents\my videos\pulgfile.log, Delete-on-Reboot, [47a30e6dbac1fb3bde6fe00928daf907], 
Trojan.Zlob, c:\users\jc\documents\my videos\my video.url, Delete-on-Reboot, [9456d5a60a7137ffa67eb6527b8852ae], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø - ìô£¡îòï²»¶.url, Delete-on-Reboot, [c822304b67143df999ec7cb05ea527d9], 
Malware.Trace, c:\users\jc\favorites\íøéïâòêé-¾íôúµ±µ±íø.url, Delete-on-Reboot, [8169c6b55c1f14225630de4ee2214ab6], 
Adware.DoubleD, c:\users\jc\favorites\myquickfinder.url, Delete-on-Reboot, [d515bbc03a41979f4641ab81a75c9e62], 
Trojan.Banker, c:\users\jc\videos\gbpxp.exe, Delete-on-Reboot, [da107308f5869a9cc08777b890734bb5], 
Malware.Trace, c:\users\jc\videos\mob127.bin, Delete-on-Reboot, [61898dee3249a2943612002f1ee5c63a], 
Malware.Trace, c:\users\jc\favorites\îþæá±îëñë÷.url, Delete-on-Reboot, [24c61269502bb0867cc0cda1748fca36], 
Trojan.Agent, c:\users\jc\pictures\cool profile pics\cool profile pics.exe, Delete-on-Reboot, [21c9e497e99248ee098d066bf70cfb05], 
Backdoor.Agent.DC, c:\users\jc\favorites\chromeupdate.exe, Delete-on-Reboot, [45a5cead32490d2963c4e9b4cb389e62], 
Trojan.Agent, c:\users\jc\videos\helppanel.exe, Delete-on-Reboot, [33b7cfacabd0d95df8dbfef95ba8be42], 
Trojan.MSIL, c:\users\jc\videos\winhelp.exe, Delete-on-Reboot, [4aa09fdc691241f53aa30bec7192df21], 
Backdoor.Agent.CHGen, c:\users\jc\pictures\conhost.exe, Delete-on-Reboot, [02e81c5f94e71f172fb100ffca398e72], 
Backdoor.Agent.E, c:\users\jc\pictures\windir.exe, Delete-on-Reboot, [03e7c9b21467092d588b1aeb966ed52b], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Post back the report which should be located on your desktop.

 

Let me see those logs...

 

Kevin

Link to post
Share on other sites

Thank you very much for replying! :D

 

Regarding the post in malwarebytes forum with the same experience as mine, here is the link!  :D

 


 

So yeah, regarding the Piracy thing, don't worry I've learned my lesson. I just checked my files to find they were safe, and I swear, I don't want to lose a semester-worth of important files. So I immediately deleted ALL softwares I downloaded through Bitorrent (as far as I can remember all of them) and I also uninstalled it. Regarding the piracy, the problem is I was afraid that the uninstallation program might also be infected since it is an executable file, so I didn't use it. Instead, I deleted the whole folder. (Sorry for the stupidity) Please please please don't hate me if you ever find traces of cracks/pirated softwares, because the uninstallation is incomplete since I only deleted folders from program files, common files, etc., :(  :( I believe there will be traces of it in the registry so I used ccleaner for it. If you find some traces, please dont lock or dismiss this thread, because I really learned my lesson since this is the first time I encountered a virus. So if some traces are there, I would be happy to remove it for you. ^_^

 

And I believe the source of the virus is a keygen for AutoCAD 2015 because I want to have the full version of it. SO i tried to activate it using the keygen and then an alert prompted me that it has a virus. After I found out that my antivirus detected virus in them, I instantly deleted the keygen as well as AutoCAD 2015. Only to find out that AutoDESK is giving a 3-year free license for AutoCAD 2015 if you are a student (-.-"). So the one I'm using now is a legit software from Autodesk. So I got the virus all for nothing. Long story short, If traces are still there, please don't hate me, :( ( i swear i tried my best to remove all of them since i don't want to my laptop to stay infected), Instead I would be happy to remove or clean them for you and some programs are pre-installed before I bought my laptop. I suggested programs to install for extra-pay , so I don't know if some of them are the legitimate copy, but I believe it is since they're also selling Original CD Installers. (recognized them from the software boxes and the over-priced product)

Thank you for understanding! 

 

So here are the logs you requested:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02

Ran by JC (administrator) on JOHNCHRISTOPHER on 30-06-2014 21:29:38

Running from C:\Users\JC\Desktop

Platform: Windows 8 Single Language (X64) OS Language: English (United States)

Internet Explorer Version 10

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe

(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Decor8\Decor8_64.exe

(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(WinAbility® Software Corporation) C:\Folder Guard\FGKey64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe

(Google Inc.) C:\Users\JC\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Users\JC\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

() C:\Users\JC\Desktop\RogueKiller.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-20] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-20] (Realtek Semiconductor)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-09-13] (Dell Inc.)

HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11582848 2012-10-01] (Motorola Solutions, Inc.)

HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [FG_Monitor] => C:\Folder Guard\FGKey64.exe [129864 2008-01-05] (WinAbility® Software Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-05-01] (NVIDIA Corporation)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-10] (Intel Corporation)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [uSB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [687336 2013-06-20] (Zbshareware Lab)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)

Winlogon\Notify\igfxcui: igfxdev.dll [X]

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20685680 2013-07-25] (Skype Technologies S.A.)

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-12] (MyCity)

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6589208 2013-10-11] (SUPERAntiSpyware)

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-10-27] (Siber Systems)

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [DuckCapture] => C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [instanteyedropper] => C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe [352256 2007-10-17] ()

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Run: [Google Update] => C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-04] (Google Inc.)

HKU\S-1-5-21-1731358849-753200723-36136057-1002\...\Policies\Explorer: [] 

HKU\S-1-5-21-1731358849-753200723-36136057-1006\...\Run: [Facebook Update] => C:\Users\iChrstphr\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-07] (Facebook Inc.)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={86489407-C7B4-4EA5-8725-310EA1A42CC5}&mid=2447952d365a47d39dcbb12520a68a4e-fdd8210cf0bd7c6d123107200aeade638134a456〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-21 11:58:48&v=18.0.5.292&pid=safeguard&sg=&sap=hp

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com

SearchScopes: HKLM - DefaultScope {570AA33D-F583-4B04-8990-FA6DA2931D04} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS

SearchScopes: HKLM - {570AA33D-F583-4B04-8990-FA6DA2931D04} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKLM-x32 - {570AA33D-F583-4B04-8990-FA6DA2931D04} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {570AA33D-F583-4B04-8990-FA6DA2931D04} URL = 

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)

Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default

FF Homepage: hxxp://mysearch.avg.com?cid={86489407-C7B4-4EA5-8725-310EA1A42CC5}&mid=2447952d365a47d39dcbb12520a68a4e-fdd8210cf0bd7c6d123107200aeade638134a456〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-21 11:58:48&v=18.0.5.292&pid=safeguard&sg=&sap=hp

FF Keyword.URL: user_pref("keyword.URL", "");

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\JC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\JC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\JC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

FF Extension: Flash Video Downloader - Full HD Download - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default\Extensions\artur.dubovoy@gmail.com [2014-05-09]

FF Extension: Master Password+ - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default\Extensions\masterpasswordtimeoutplus@vano [2013-11-21]

FF Extension: DownloadHelper - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-05]

FF Extension: Private Tab - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default\Extensions\privateTab@infocatcher.xpi [2013-11-21]

FF Extension: SmoothWheel (mozdev.org) - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2013-11-21]

FF Extension: DownThemAll! - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\j1eaxafm.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-20]

FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013-10-27]

FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox

FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-01-09]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://www.google.com/"

CHR NewTab: "chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"

CHR DefaultSearchKeyword: google.com.ph

CHR Extension: (Magic Actions for YouTube™) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-04-24]

CHR Extension: (Transparent Grey ) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\becaimlgpcocbcmpceoonkmdmglhacnf [2014-04-24]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (Desmos Graphing Calculator) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2014-04-24]

CHR Extension: (Secure Profile) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eddeeogaiodnhfkingpegpmhpdiifbgh [2014-04-24]

CHR Extension: (Photo Zoom for Facebook) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-04-24]

CHR Extension: (Lock Tab) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikalcnjojfkpleicbncjmnieimjlfe [2014-06-04]

CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2014-05-23]

CHR Extension: (Momentum) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2014-05-22]

CHR Extension: (Webcam Toy) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-04-24]

CHR Extension: (FVD Downloader) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-24]

CHR Extension: (Numerics Calculator & Converter) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2014-04-24]

CHR Extension: (Window Close Protector) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnpifgapnmpninomacbhdlconlpikdai [2014-04-24]

CHR Extension: (Google Wallet) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]

CHR Extension: (Bitdefender QuickScan) - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-06-28]

CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2013-08-09]

 

==================== Services (Whitelisted) =================

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)

S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)

R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)

R2 Decor8; C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe [74416 2012-11-27] (Stardock Software, Inc)

R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-10] (Intel Corporation) [File not signed]

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-08] (Realsil Microelectronics Inc.)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-19] ()

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-05-01] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-05-01] (NVIDIA Corporation)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-21] (Realtek Semiconductor)

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-22] (SoftThinks SAS)

R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-19] (Intel® Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)

R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [248632 2013-07-18] (AVG Technologies CZ, s.r.o.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)

S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132480 2012-10-02] (Motorola Solutions, Inc.)

S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-02] (Motorola Solutions, Inc.)

S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)

R2 FGUARD64; C:\Folder Guard\FGUARD64.SYS [69752 2008-01-05] (WinAbility® Software Corporation)

S3 kpptwzzh; No ImagePath

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-20] (Intel Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-05-01] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)

U0 ohddqiwp; C:\Windows\System32\drivers\qddynph.sys [79064 2014-06-29] (Malwarebytes Corporation)

R0 rtcrfilt64; C:\Windows\System32\drivers\rtcrfilt64.sys [19600 2012-09-05] (Realtek Semiconductor Corp.)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-08] (Synaptics Incorporated)

R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-09-08] (Synaptics Incorporated)

S3 SRS_AE_Service; C:\Windows\system32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()

S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-25] (Anchorfree Inc.)

R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows ® Win 7 DDK provider)

R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows ® Win 7 DDK provider)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-06-30 21:29 - 2014-06-30 21:29 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-06-30 21:28 - 2014-06-30 21:29 - 00027917 _____ () C:\Users\JC\Desktop\FRST.txt

2014-06-30 21:21 - 2014-06-30 21:29 - 00000000 ____D () C:\FRST

2014-06-30 21:14 - 2014-06-30 21:15 - 02083328 _____ (Farbar) C:\Users\JC\Desktop\FRST64.exe

2014-06-30 21:13 - 2014-06-30 21:14 - 04721240 _____ () C:\Users\JC\Desktop\RogueKiller.exe

2014-06-30 21:05 - 2014-06-30 21:18 - 00002079 _____ () C:\Users\JC\YAH.txt

2014-06-29 01:38 - 2014-06-29 01:38 - 00002743 _____ () C:\Users\JC\Documents\Virrr.txt

2014-06-29 01:08 - 2014-06-29 01:08 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\qddynph.sys

2014-06-28 22:54 - 2014-06-28 22:54 - 00060769 _____ () C:\Users\JC\Documents\J.xspf

2014-06-28 20:15 - 2014-06-28 20:15 - 00276897 _____ () C:\Users\JC\Downloads\ERRORS AND MISTAKES.pptx

2014-06-28 20:15 - 2014-06-28 20:15 - 00242377 _____ () C:\Users\JC\Downloads\SURVEYING FIELD NOTES.pptx

2014-06-28 20:15 - 2014-06-28 20:15 - 00072026 _____ () C:\Users\JC\Downloads\SURVEYING.pptx

2014-06-28 20:07 - 2014-06-28 20:07 - 01860096 _____ () C:\Users\JC\Downloads\MEASUREMENT OF HORIZONTAL DISTANCES.ppt

2014-06-28 18:03 - 2014-06-28 18:03 - 00000612 _____ () C:\Windows\PFRO.log

2014-06-28 18:00 - 2014-06-30 20:24 - 00000000 ____D () C:\Users\JC\Desktop\New folder

2014-06-28 16:34 - 2014-06-28 16:34 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-06-28 16:33 - 2014-06-28 16:34 - 02347384 _____ (ESET) C:\Users\JC\Downloads\esetsmartinstaller_enu.exe

2014-06-28 15:44 - 2014-06-30 21:05 - 00083269 _____ () C:\Windows\WindowsUpdate.log

2014-06-28 15:20 - 2014-06-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bagatrix Solved!

2014-06-28 15:20 - 2014-06-28 15:20 - 00000000 ____D () C:\Program Files (x86)\Bagatrix Solved!

2014-06-28 14:47 - 2014-06-28 14:48 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-06-28 14:03 - 2014-06-28 11:41 - 141752728 _____ () C:\Users\JC\Downloads\setup_11.0.1.1245.x01_2014_06_28_07_34.exe

2014-06-27 23:55 - 2014-06-27 23:55 - 00631472 _____ () C:\Users\JC\Downloads\pde.ppt

2014-06-27 22:23 - 2014-06-27 22:23 - 00004800 _____ () C:\Users\JC\Documents\Vir.txt

2014-06-27 21:54 - 2014-06-28 22:55 - 00000536 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 46939657-73e2-4000-acee-85c4d3651e1b.job

2014-06-27 21:54 - 2014-06-27 21:54 - 00003516 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 46939657-73e2-4000-acee-85c4d3651e1b

2014-06-27 20:40 - 2014-06-27 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - English

2014-06-27 20:23 - 2014-06-27 20:23 - 00000000 ____D () C:\Users\Public\Documents\Autodesk

2014-06-27 18:54 - 2014-06-27 18:54 - 00003276 _____ () C:\Windows\System32\Tasks\{B8337E16-7159-43B5-9D05-860528520339}

2014-06-27 16:57 - 2014-06-27 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap

2014-06-27 16:34 - 2014-06-27 16:34 - 00000000 ____D () C:\Users\JC\Documents\Inventor Server SDK ACAD 2015

2014-06-27 16:27 - 2014-06-27 16:27 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

2014-06-27 15:56 - 2014-06-27 21:23 - 00000000 ____D () C:\Program Files\Autodesk

2014-06-27 15:52 - 2014-06-27 15:52 - 00000000 ____D () C:\Program Files (x86)\Autodesk

2014-06-27 15:47 - 2014-06-27 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

2014-06-27 14:07 - 2014-06-27 15:03 - 00000000 ____D () C:\Autodesk

2014-06-26 23:28 - 2014-06-26 23:28 - 00000000 ____D () C:\Users\JC\Downloads\DirectX_11_Technology_Update_US

2014-06-26 22:54 - 2014-06-26 23:25 - 45099266 _____ () C:\Users\JC\Downloads\DirectX_11_Technology_Update_US.zip

2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared

2014-06-25 22:19 - 2014-06-28 19:51 - 00000000 ____D () C:\Users\JC\AppData\Local\Autodesk

2014-06-25 22:19 - 2014-06-28 19:45 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Autodesk

2014-06-25 22:19 - 2014-06-28 19:45 - 00000000 ____D () C:\ProgramData\Autodesk

2014-06-25 22:19 - 2014-06-27 20:37 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared

2014-06-25 20:57 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll

2014-06-25 20:57 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll

2014-06-25 20:57 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll

2014-06-25 20:57 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll

2014-06-25 20:57 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll

2014-06-25 20:56 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll

2014-06-25 20:56 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll

2014-06-25 20:56 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll

2014-06-25 20:56 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll

2014-06-25 20:56 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll

2014-06-25 20:56 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll

2014-06-25 20:56 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll

2014-06-25 20:56 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll

2014-06-25 20:56 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll

2014-06-25 20:56 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll

2014-06-25 20:56 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll

2014-06-25 20:56 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll

2014-06-25 20:56 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll

2014-06-25 20:56 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll

2014-06-25 20:56 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll

2014-06-25 20:56 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll

2014-06-25 20:56 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll

2014-06-25 20:56 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll

2014-06-25 20:56 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll

2014-06-25 20:56 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

2014-06-25 20:56 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll

2014-06-25 20:56 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll

2014-06-25 20:56 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll

2014-06-25 20:56 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

2014-06-25 20:56 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll

2014-06-25 20:56 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll

2014-06-25 20:56 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll

2014-06-25 20:56 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll

2014-06-25 20:56 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll

2014-06-25 20:56 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll

2014-06-25 20:56 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll

2014-06-25 20:56 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll

2014-06-25 20:56 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2014-06-25 20:56 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll

2014-06-25 20:56 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll

2014-06-25 20:56 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll

2014-06-25 20:56 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll

2014-06-25 20:56 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll

2014-06-25 20:56 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll

2014-06-25 20:56 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll

2014-06-25 20:56 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll

2014-06-25 20:56 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll

2014-06-25 20:56 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll

2014-06-25 20:56 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll

2014-06-25 20:56 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll

2014-06-25 20:56 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll

2014-06-25 20:56 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll

2014-06-25 20:56 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll

2014-06-25 20:56 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll

2014-06-25 20:56 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll

2014-06-25 20:56 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll

2014-06-25 20:56 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll

2014-06-25 20:56 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll

2014-06-25 20:56 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll

2014-06-25 20:56 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll

2014-06-25 20:56 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll

2014-06-25 20:56 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll

2014-06-25 20:56 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll

2014-06-25 20:56 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll

2014-06-25 20:56 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll

2014-06-25 20:56 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll

2014-06-25 20:56 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll

2014-06-25 20:56 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll

2014-06-25 20:56 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll

2014-06-25 20:56 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll

2014-06-25 20:56 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll

2014-06-25 20:56 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll

2014-06-25 20:56 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll

2014-06-25 20:56 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll

2014-06-25 20:56 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll

2014-06-25 20:56 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll

2014-06-25 20:56 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll

2014-06-25 20:56 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll

2014-06-25 20:56 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll

2014-06-25 20:56 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll

2014-06-25 20:56 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll

2014-06-25 20:55 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll

2014-06-25 20:55 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll

2014-06-25 20:55 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll

2014-06-25 20:55 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll

2014-06-25 20:55 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll

2014-06-25 20:55 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll

2014-06-25 20:55 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll

2014-06-25 20:55 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll

2014-06-25 20:55 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll

2014-06-25 20:55 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll

2014-06-25 20:55 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll

2014-06-25 20:55 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll

2014-06-25 20:55 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll

2014-06-25 20:55 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll

2014-06-25 20:55 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll

2014-06-25 20:55 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll

2014-06-25 20:55 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll

2014-06-25 20:55 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll

2014-06-25 20:55 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll

2014-06-25 20:55 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll

2014-06-25 20:55 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll

2014-06-25 20:55 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll

2014-06-25 20:55 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll

2014-06-25 20:55 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll

2014-06-25 20:55 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll

2014-06-25 20:55 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll

2014-06-25 20:55 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll

2014-06-25 20:55 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll

2014-06-25 20:55 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll

2014-06-25 20:55 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll

2014-06-25 20:55 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll

2014-06-25 20:55 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll

2014-06-25 20:55 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll

2014-06-25 20:55 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll

2014-06-25 20:55 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll

2014-06-25 20:55 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll

2014-06-25 20:55 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll

2014-06-25 20:55 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll

2014-06-25 20:55 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll

2014-06-25 20:55 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll

2014-06-25 20:55 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll

2014-06-25 20:55 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll

2014-06-25 20:55 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll

2014-06-25 20:55 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll

2014-06-25 20:55 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll

2014-06-25 20:55 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll

2014-06-25 20:55 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll

2014-06-25 20:55 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll

2014-06-25 20:55 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll

2014-06-25 20:55 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll

2014-06-25 20:55 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll

2014-06-25 20:55 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll

2014-06-25 20:55 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll

2014-06-25 20:55 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll

2014-06-25 20:55 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll

2014-06-25 20:55 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll

2014-06-25 20:55 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll

2014-06-25 20:55 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll

2014-06-25 20:55 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

2014-06-25 20:26 - 2014-06-25 20:53 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-06-25 20:25 - 2014-06-25 20:57 - 00000000 ____D () C:\Windows\SysWOW64\directx

2014-06-25 20:11 - 2014-06-25 20:45 - 568502788 ____R () C:\Users\JC\Downloads\[HorribleSubs] Hunter X Hunter - 135 [1080p].mkv

2014-06-24 21:29 - 2014-06-30 20:26 - 00000000 ____D () C:\Users\JC\Downloads\AutoCAD 2010 [64-Bit] - English

2014-06-21 23:38 - 2014-06-21 23:38 - 00000000 ____D () C:\Users\JC\Downloads\[iEgg] ClariS 3rd Album -PARTY TIME (320K+BK)

2014-06-21 22:48 - 2014-06-21 22:48 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2014-06-20 21:38 - 2014-06-20 21:38 - 00000000 ____D () C:\Users\JC\Downloads\3D geometry

2014-06-20 21:19 - 2014-06-20 21:19 - 00509236 _____ () C:\Users\JC\Downloads\3D geometry.zip

2014-06-20 20:46 - 2014-06-30 21:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-20 20:23 - 2014-06-20 20:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-20 20:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-06-18 21:12 - 2014-06-18 21:12 - 00000074 _____ () C:\Users\JC\AppData\Roaming\mbam.context.scan

2014-06-15 01:07 - 2014-06-15 01:07 - 00000000 ____D () C:\Users\JC\Downloads\MM

2014-06-14 22:18 - 2014-06-14 22:18 - 00000000 ____D () C:\Users\JC\AppData\Local\Intel

2014-06-14 22:17 - 2014-06-14 22:17 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Intel WiDi

2014-06-14 22:17 - 2014-06-14 22:17 - 00000000 ____D () C:\Users\JC\AppData\Local\Intel WiDi

2014-06-13 18:22 - 2014-06-13 18:22 - 00000000 ____D () C:\Users\JC\Downloads\nano.RIPE - PLUS to MINUS no shikumi [2012-10-03]

2014-06-12 18:25 - 2014-06-12 18:28 - 00000000 ____D () C:\Users\JC\Downloads\DAUGHTRY - DISCOGRAPHY (2005-13) [CHANNEL NEO]

2014-06-12 16:09 - 2014-06-12 16:09 - 00000196 _____ () C:\Users\JC\Downloads\6cc5ee32-d60f-4b43-aec4-a3bf63d63dfb.htm

2014-06-12 15:10 - 2014-06-12 16:04 - 92725700 _____ () C:\Users\JC\Downloads\2012-10-09_713988329.rar.part

2014-06-12 15:07 - 2014-06-12 15:07 - 00026657 _____ () C:\Users\JC\Downloads\bitshare.com_001.html

2014-06-11 16:51 - 2014-06-11 16:51 - 00000000 ____D () C:\Users\JC\Downloads\Netoge_Hello_Sleepwalkers_Masked_Monkey_Awakening

2014-06-11 12:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-06-11 12:03 - 2014-06-11 12:03 - 01333465 _____ () C:\Users\JC\Downloads\AdwCleaner (1).exe

2014-06-10 22:30 - 2014-06-10 22:30 - 00000000 ____D () C:\Users\JC\AppData\Local\IsolatedStorage

2014-06-08 23:38 - 2014-06-08 23:38 - 00061254 _____ () C:\Users\JC\Documents\Combo_.xspf

2014-06-07 21:07 - 2014-06-07 21:07 - 00367469 _____ () C:\Users\JC\Downloads\worms_2011_armageddon_esp_c3.jar

2014-06-07 03:15 - 2014-06-07 03:15 - 00026657 _____ () C:\Users\JC\Downloads\bitshare.com.html

2014-06-07 01:06 - 2014-06-07 01:06 - 00000000 _____ () C:\Users\JC\Downloads\710A.tmp

2014-06-05 19:20 - 2014-06-05 19:20 - 06171968 _____ () C:\Users\JC\Downloads\vector-ribbons.zip

2014-06-04 17:45 - 2014-06-04 17:45 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary

2014-06-04 17:07 - 2014-06-04 17:24 - 06103040 _____ () C:\Program Files (x86)\GUT5219.tmp

2014-06-04 17:07 - 2014-06-04 17:07 - 00000000 ____D () C:\Program Files (x86)\GUM5209.tmp

2014-06-04 16:34 - 2014-06-30 21:00 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002UA.job

2014-06-04 16:34 - 2014-06-27 18:45 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002Core.job

2014-06-04 16:34 - 2014-06-22 18:40 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002UA

2014-06-04 16:34 - 2014-06-22 18:40 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002Core

2014-06-03 01:13 - 2014-06-03 01:20 - 00000000 ____D () C:\Users\JC\Documents\New folder

2014-06-02 23:03 - 2014-06-02 23:06 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-06-02 23:03 - 2014-06-02 23:06 - 00000000 ____D () C:\Windows\system32\NV

2014-06-02 22:46 - 2014-05-20 10:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-06-02 22:46 - 2014-05-20 10:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-06-02 22:46 - 2014-05-20 10:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys

2014-06-02 22:46 - 2014-05-20 10:44 - 00026069 _____ () C:\Windows\system32\nvinfo.pb

2014-06-02 22:45 - 2014-05-20 10:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2014-06-02 22:45 - 2014-05-20 10:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2014-05-31 23:40 - 2014-05-31 23:40 - 00000000 ____D () C:\Users\JC\Downloads\Maps_With_Me_Pro_Offline_Maps_v2_6_2_apkgalaxy

2014-05-31 16:09 - 2014-05-31 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

 

==================== One Month Modified Files and Folders =======

 

2014-06-30 21:29 - 2014-06-30 21:29 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-06-30 21:29 - 2014-06-30 21:28 - 00027917 _____ () C:\Users\JC\Desktop\FRST.txt

2014-06-30 21:29 - 2014-06-30 21:21 - 00000000 ____D () C:\FRST

2014-06-30 21:18 - 2014-06-30 21:05 - 00002079 _____ () C:\Users\JC\YAH.txt

2014-06-30 21:18 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\system32\NDF

2014-06-30 21:15 - 2014-06-30 21:14 - 02083328 _____ (Farbar) C:\Users\JC\Desktop\FRST64.exe

2014-06-30 21:15 - 2014-06-20 20:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-30 21:14 - 2014-06-30 21:13 - 04721240 _____ () C:\Users\JC\Desktop\RogueKiller.exe

2014-06-30 21:14 - 2013-12-07 09:09 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1006UA.job

2014-06-30 21:12 - 2014-05-08 20:17 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JOHNCHRISTOPHER-JC JOHNCHRISTOPHER

2014-06-30 21:05 - 2014-06-28 15:44 - 00083269 _____ () C:\Windows\WindowsUpdate.log

2014-06-30 21:05 - 2013-08-05 15:37 - 00000000 ____D () C:\Users\JC

2014-06-30 21:00 - 2014-06-04 16:34 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002UA.job

2014-06-30 21:00 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\system32\sru

2014-06-30 20:42 - 2013-08-09 02:31 - 00000000 ____D () C:\ProgramData\MFAData

2014-06-30 20:41 - 2013-08-05 16:02 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-30 20:40 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\AUInstallAgent

2014-06-30 20:37 - 2012-07-26 15:28 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-06-30 20:33 - 2013-11-21 23:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-30 20:33 - 2013-08-21 22:36 - 00000000 ____D () C:\Users\JC\AppData\Roaming\BitTorrent

2014-06-30 20:33 - 2013-08-16 23:26 - 00000000 ____D () C:\ProgramData\MCShield

2014-06-30 20:30 - 2014-05-30 22:24 - 00000000 ____D () C:\Games

2014-06-30 20:26 - 2014-06-24 21:29 - 00000000 ____D () C:\Users\JC\Downloads\AutoCAD 2010 [64-Bit] - English

2014-06-30 20:24 - 2014-06-28 18:00 - 00000000 ____D () C:\Users\JC\Desktop\New folder

2014-06-30 20:22 - 2013-08-05 16:02 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-29 01:38 - 2014-06-29 01:38 - 00002743 _____ () C:\Users\JC\Documents\Virrr.txt

2014-06-29 01:08 - 2014-06-29 01:08 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\qddynph.sys

2014-06-29 00:12 - 2013-08-06 00:10 - 00000000 ____D () C:\Users\JC\AppData\Roaming\vlc

2014-06-28 23:51 - 2014-05-22 17:03 - 00000000 ____D () C:\Users\JC\AppData\Roaming\MiniLyrics

2014-06-28 23:15 - 2013-10-01 21:54 - 00000000 ____D () C:\Lyrics

2014-06-28 22:55 - 2014-06-27 21:54 - 00000536 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 46939657-73e2-4000-acee-85c4d3651e1b.job

2014-06-28 22:54 - 2014-06-28 22:54 - 00060769 _____ () C:\Users\JC\Documents\J.xspf

2014-06-28 20:15 - 2014-06-28 20:15 - 00276897 _____ () C:\Users\JC\Downloads\ERRORS AND MISTAKES.pptx

2014-06-28 20:15 - 2014-06-28 20:15 - 00242377 _____ () C:\Users\JC\Downloads\SURVEYING FIELD NOTES.pptx

2014-06-28 20:15 - 2014-06-28 20:15 - 00072026 _____ () C:\Users\JC\Downloads\SURVEYING.pptx

2014-06-28 20:07 - 2014-06-28 20:07 - 01860096 _____ () C:\Users\JC\Downloads\MEASUREMENT OF HORIZONTAL DISTANCES.ppt

2014-06-28 19:51 - 2014-06-25 22:19 - 00000000 ____D () C:\Users\JC\AppData\Local\Autodesk

2014-06-28 19:45 - 2014-06-25 22:19 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Autodesk

2014-06-28 19:45 - 2014-06-25 22:19 - 00000000 ____D () C:\ProgramData\Autodesk

2014-06-28 18:06 - 2013-04-18 18:57 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2014-06-28 18:03 - 2014-06-28 18:03 - 00000612 _____ () C:\Windows\PFRO.log

2014-06-28 18:03 - 2013-04-18 19:00 - 00000000 ____D () C:\Windows\en

2014-06-28 18:03 - 2012-07-26 15:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-28 18:02 - 2012-07-26 13:26 - 00524288 ___SH () C:\Windows\system32\config\BBI

2014-06-28 17:59 - 2013-08-12 16:23 - 00000000 ____D () C:\Icons

2014-06-28 17:56 - 2013-08-09 22:33 - 00001456 _____ () C:\Users\JC\AppData\Local\Adobe Save for Web 13.0 Prefs

2014-06-28 16:34 - 2014-06-28 16:34 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-06-28 16:34 - 2014-06-28 16:33 - 02347384 _____ (ESET) C:\Users\JC\Downloads\esetsmartinstaller_enu.exe

2014-06-28 16:12 - 2013-08-22 01:10 - 00000000 ____D () C:\Users\JC\AppData\Roaming\QuickScan

2014-06-28 15:20 - 2014-06-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bagatrix Solved!

2014-06-28 15:20 - 2014-06-28 15:20 - 00000000 ____D () C:\Program Files (x86)\Bagatrix Solved!

2014-06-28 15:17 - 2013-12-08 17:58 - 00000000 ____D () C:\Users\JC\AppData\Local\Downloaded Installations

2014-06-28 14:48 - 2014-06-28 14:47 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-06-28 11:41 - 2014-06-28 14:03 - 141752728 _____ () C:\Users\JC\Downloads\setup_11.0.1.1245.x01_2014_06_28_07_34.exe

2014-06-27 23:55 - 2014-06-27 23:55 - 00631472 _____ () C:\Users\JC\Downloads\pde.ppt

2014-06-27 22:28 - 2013-08-08 02:23 - 05950248 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-27 22:23 - 2014-06-27 22:23 - 00004800 _____ () C:\Users\JC\Documents\Vir.txt

2014-06-27 21:54 - 2014-06-27 21:54 - 00003516 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 46939657-73e2-4000-acee-85c4d3651e1b

2014-06-27 21:23 - 2014-06-27 15:56 - 00000000 ____D () C:\Program Files\Autodesk

2014-06-27 20:57 - 2013-08-05 20:35 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1731358849-753200723-36136057-1002

2014-06-27 20:40 - 2014-06-27 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - English

2014-06-27 20:39 - 2014-06-27 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

2014-06-27 20:37 - 2014-06-25 22:19 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared

2014-06-27 20:23 - 2014-06-27 20:23 - 00000000 ____D () C:\Users\Public\Documents\Autodesk

2014-06-27 19:17 - 2013-08-05 14:22 - 00000000 ____D () C:\Windows\pss

2014-06-27 18:54 - 2014-06-27 18:54 - 00003276 _____ () C:\Windows\System32\Tasks\{B8337E16-7159-43B5-9D05-860528520339}

2014-06-27 18:45 - 2014-06-04 16:34 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002Core.job

2014-06-27 17:25 - 2014-05-09 18:50 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-06-27 17:05 - 2014-04-14 13:10 - 00000000 ____D () C:\AdwCleaner

2014-06-27 16:57 - 2014-06-27 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap

2014-06-27 16:34 - 2014-06-27 16:34 - 00000000 ____D () C:\Users\JC\Documents\Inventor Server SDK ACAD 2015

2014-06-27 16:27 - 2014-06-27 16:27 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

2014-06-27 15:52 - 2014-06-27 15:52 - 00000000 ____D () C:\Program Files (x86)\Autodesk

2014-06-27 15:36 - 2013-10-17 23:36 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-27 15:03 - 2014-06-27 14:07 - 00000000 ____D () C:\Autodesk

2014-06-27 15:00 - 2012-07-26 16:12 - 00000000 ____D () C:\Windows\Help

2014-06-27 14:02 - 2013-12-22 17:05 - 00000000 ____D () C:\Users\JC\AppData\Local\Flvto Youtube Downloader

2014-06-26 23:28 - 2014-06-26 23:28 - 00000000 ____D () C:\Users\JC\Downloads\DirectX_11_Technology_Update_US

2014-06-26 23:25 - 2014-06-26 22:54 - 45099266 _____ () C:\Users\JC\Downloads\DirectX_11_Technology_Update_US.zip

2014-06-25 22:29 - 2012-07-26 13:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM

2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared

2014-06-25 20:57 - 2014-06-25 20:25 - 00000000 ____D () C:\Windows\SysWOW64\directx

2014-06-25 20:53 - 2014-06-25 20:26 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-06-25 20:45 - 2014-06-25 20:11 - 568502788 ____R () C:\Users\JC\Downloads\[HorribleSubs] Hunter X Hunter - 135 [1080p].mkv

2014-06-25 20:26 - 2013-04-18 18:58 - 00000000 ____D () C:\Temp

2014-06-24 22:20 - 2013-08-05 15:37 - 00000000 ____D () C:\Users\JC\AppData\Local\Packages

2014-06-22 18:40 - 2014-06-04 16:34 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002UA

2014-06-22 18:40 - 2014-06-04 16:34 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1731358849-753200723-36136057-1002Core

2014-06-22 18:19 - 2014-05-14 17:58 - 00000000 ____D () C:\ProgramData\Stardock

2014-06-22 18:15 - 2014-05-14 21:00 - 00000000 ___RD () C:\Users\JC\Documents\Notes

2014-06-21 23:38 - 2014-06-21 23:38 - 00000000 ____D () C:\Users\JC\Downloads\[iEgg] ClariS 3rd Album -PARTY TIME (320K+BK)

2014-06-21 23:35 - 2013-08-05 16:02 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-21 23:35 - 2013-08-05 16:02 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-21 22:48 - 2014-06-21 22:48 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2014-06-20 21:38 - 2014-06-20 21:38 - 00000000 ____D () C:\Users\JC\Downloads\3D geometry

2014-06-20 21:19 - 2014-06-20 21:19 - 00509236 _____ () C:\Users\JC\Downloads\3D geometry.zip

2014-06-20 20:25 - 2014-06-20 20:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-20 20:25 - 2013-11-03 15:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-06-20 20:23 - 2013-11-03 15:39 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Malwarebytes

2014-06-20 20:23 - 2013-11-03 15:39 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-18 21:16 - 2014-02-14 22:07 - 00000000 ____D () C:\Users\JC\Documents\Anime

2014-06-18 21:12 - 2014-06-18 21:12 - 00000074 _____ () C:\Users\JC\AppData\Roaming\mbam.context.scan

2014-06-15 20:58 - 2013-09-02 22:06 - 00000000 ____D () C:\Users\JC\Files

2014-06-15 01:07 - 2014-06-15 01:07 - 00000000 ____D () C:\Users\JC\Downloads\MM

2014-06-14 22:18 - 2014-06-14 22:18 - 00000000 ____D () C:\Users\JC\AppData\Local\Intel

2014-06-14 22:18 - 2013-08-05 15:37 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Intel

2014-06-14 22:17 - 2014-06-14 22:17 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Intel WiDi

2014-06-14 22:17 - 2014-06-14 22:17 - 00000000 ____D () C:\Users\JC\AppData\Local\Intel WiDi

2014-06-13 18:22 - 2014-06-13 18:22 - 00000000 ____D () C:\Users\JC\Downloads\nano.RIPE - PLUS to MINUS no shikumi [2012-10-03]

2014-06-12 18:28 - 2014-06-12 18:25 - 00000000 ____D () C:\Users\JC\Downloads\DAUGHTRY - DISCOGRAPHY (2005-13) [CHANNEL NEO]

2014-06-12 16:09 - 2014-06-12 16:09 - 00000196 _____ () C:\Users\JC\Downloads\6cc5ee32-d60f-4b43-aec4-a3bf63d63dfb.htm

2014-06-12 16:04 - 2014-06-12 15:10 - 92725700 _____ () C:\Users\JC\Downloads\2012-10-09_713988329.rar.part

2014-06-12 15:07 - 2014-06-12 15:07 - 00026657 _____ () C:\Users\JC\Downloads\bitshare.com_001.html

2014-06-11 16:51 - 2014-06-11 16:51 - 00000000 ____D () C:\Users\JC\Downloads\Netoge_Hello_Sleepwalkers_Masked_Monkey_Awakening

2014-06-11 12:03 - 2014-06-11 12:03 - 01333465 _____ () C:\Users\JC\Downloads\AdwCleaner (1).exe

2014-06-10 22:30 - 2014-06-10 22:30 - 00000000 ____D () C:\Users\JC\AppData\Local\IsolatedStorage

2014-06-10 22:08 - 2013-08-09 21:54 - 00000000 ____D () C:\Program Files (x86)\Stardock

2014-06-10 21:37 - 2013-08-12 17:06 - 00000000 ____D () C:\Program Files\OblyTile

2014-06-08 23:38 - 2014-06-08 23:38 - 00061254 _____ () C:\Users\JC\Documents\Combo_.xspf

2014-06-07 21:07 - 2014-06-07 21:07 - 00367469 _____ () C:\Users\JC\Downloads\worms_2011_armageddon_esp_c3.jar

2014-06-07 21:03 - 2014-04-07 15:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-06-07 03:15 - 2014-06-07 03:15 - 00026657 _____ () C:\Users\JC\Downloads\bitshare.com.html

2014-06-07 01:06 - 2014-06-07 01:06 - 00000000 _____ () C:\Users\JC\Downloads\710A.tmp

2014-06-05 19:20 - 2014-06-05 19:20 - 06171968 _____ () C:\Users\JC\Downloads\vector-ribbons.zip

2014-06-04 20:08 - 2014-05-08 22:46 - 00000000 ____D () C:\Users\JC\Downloads\WindowsShortcutArrowEditor

2014-06-04 17:56 - 2014-01-15 21:01 - 00000000 ____D () C:\Windows\Minidump

2014-06-04 17:45 - 2014-06-04 17:45 - 00000000 ____D () C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary

2014-06-04 17:43 - 2013-08-05 16:02 - 00000000 ____D () C:\Users\JC\AppData\Local\Google

2014-06-04 17:24 - 2014-06-04 17:07 - 06103040 _____ () C:\Program Files (x86)\GUT5219.tmp

2014-06-04 17:07 - 2014-06-04 17:07 - 00000000 ____D () C:\Program Files (x86)\GUM5209.tmp

2014-06-03 01:20 - 2014-06-03 01:13 - 00000000 ____D () C:\Users\JC\Documents\New folder

2014-06-02 23:06 - 2014-06-02 23:03 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-06-02 23:06 - 2014-06-02 23:03 - 00000000 ____D () C:\Windows\system32\NV

2014-06-02 23:02 - 2013-04-18 18:19 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-06-02 22:52 - 2014-05-08 22:12 - 00000000 ____D () C:\Windows\LastGood

2014-06-02 22:51 - 2013-04-18 18:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-05-31 23:40 - 2014-05-31 23:40 - 00000000 ____D () C:\Users\JC\Downloads\Maps_With_Me_Pro_Offline_Maps_v2_6_2_apkgalaxy

2014-05-31 16:09 - 2014-05-31 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

 

Files to move or delete:

====================

C:\Users\JC\AppData\Roaming\Camdata.ini

C:\Users\JC\AppData\Roaming\CamLayout.ini

C:\Users\JC\AppData\Roaming\CamShapes.ini

C:\Users\JC\ShowDNS.bat

 

 

Some content of TEMP:

====================

C:\Users\JC\AppData\Local\Temp\procexp64.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-06-20 23:27

 

==================== End Of Log ============================

 

 

When I ran RogueKiller the first time, it didn't have a FIX button, and no report showed up after, instead there's something that says KILLED on two items: ChromeCrashHandler.exe, and FRST64.exe (which I believe is what you told me to download :D). I stilled follow your instructions so I closed it but still with no report. So I tried scanning my system with it again, still no report, but it doesn't show anything under the files tabs etc. nor the ChromeCrashHandler.exe and FRST64.exe processes. :D I attached a screenshot together with tha Addition.txt and a copy of the FRST.txt :D

 

THANK YOU! :D

 

post-167887-0-74744300-1404135845_thumb.

Addition.txt

FRST.txt

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Run Malwarebytes....

 


On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
A Threat Scan will begin.
With some infections, you may see this message box.
'Could not load DDA driver'
Click 'Yes' to this message, to allow the driver to load after a restart.
Allow the computer to restart. Continue with the rest of these instructions.
When the scan is complete, click Apply Actions.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

To get the log:

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

 

Next,

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Post back the report which should be located on your desktop, or inside this folder "RK_Quarantine"

 

Let me see those logs....

 

Kevin

 

 

fixlist.txt

Link to post
Share on other sites

With regards to the Internet connection, it's some router problem not related to my laptop. :D So here's the log. Malwarebytes detected something but whenever I look at the file location, i can't find the file. :(

 

xxxxxxx Fixlog.txt xxxxxxxxxx

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by JC at 2014-07-05 22:06:36 Run:1
Running from C:\Users\JC\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
S3 kpptwzzh; No ImagePath
U0 ohddqiwp; C:\Windows\System32\drivers\qddynph.sys [79064 2014-06-29] (Malwarebytes Corporation)
C:\Windows\System32\drivers\qddynph.sys
C:\Users\JC\AppData\Roaming\Camdata.ini
C:\Users\JC\AppData\Roaming\CamLayout.ini
C:\Users\JC\AppData\Roaming\CamShapes.ini
C:\Users\JC\ShowDNS.bat
C:\Users\JC\AppData\Local\Temp\procexp64.exe
AlternateDataStreams: C:\ProgramData\Temp:4B1BA31B
End
*****************
 
kpptwzzh => Service deleted successfully.
ohddqiwp => Service not found.
"C:\Windows\System32\drivers\qddynph.sys" => File/Directory not found.
C:\Users\JC\AppData\Roaming\Camdata.ini => Moved successfully.
C:\Users\JC\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\JC\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\Users\JC\ShowDNS.bat => Moved successfully.
C:\Users\JC\AppData\Local\Temp\procexp64.exe => Moved successfully.
C:\ProgramData\Temp => ":4B1BA31B" ADS removed successfully.
 
==== End of Fixlog ====
 
 
 
 
 
xxxxxxx Malwarebytes Detections Log xxxxxxxxxxxxxx
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/5/2014
Scan Time: 10:10:10 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.05.06
Rootkit Database: v2014.07.03.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: JC
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350754
Time Elapsed: 34 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
Hijack.Trace, c:\users\jc\favorites\¼îçî¸ô, , [dd452a71d7a454e2f261523981817a86], 
Malware.Trace, c:\users\jc\favorites\³£óã, , [879bc9d2b0cbf2444f050f7cf012ed13], 
Hijack.Favourites, c:\users\jc\favorites\èèãåíøò³óîï·, , [4dd58417592205315cf9e4a7f012c63a], 
 
Files: 137
Backdoor.Agent.DCE, c:\users\jc\favorites\fox\vertrag.exe, , [3de55b407b0060d6aaca9623cd3502fe], 
Trojan.Agent, c:\users\jc\favorites\smss..exe, , [ab774d4e3b40df57a7ad8061d52d916f], 
Malware.Trace, c:\users\jc\documents\my videos\pulgconfig.log, , [99897328e19a1c1a48e31bc710f2857b], 
Backdoor.Agent.DC, c:\users\jc\favorites\windupdt\pnrp.exe, , [8b9787140f6c4ceae2aa578fbd45cd33], 
Trojan.Agent, c:\users\jc\favorites\scvhosr.exe, , [fa28dac11f5c1c1a50821bd23fc342be], 
Malware.Trace, c:\users\jc\documents\my videos\pulgfile.log, , [ab777f1cd1aa52e471eace232fd3cc34], 
Adware.Agent, c:\users\jc\favorites\adfly.exe, , [a082f1aa2259d264d9aa60910bf7f709], 
Backdoor.Agent, c:\users\jc\favorites\svshost.exe, , [ac76247789f24ceaf0f651b063a05ea2], 
Malware.Trace, c:\users\jc\favorites\&çí·Ãíøö·µ¼º½&.url, , [041efc9f2e4d72c40681020d0cf79f61], 
Malware.Trace, c:\users\jc\favorites\_favdata.dat, , [79a99308304b40f67a0f4dc2768dcb35], 
Hijack.Trace, c:\users\jc\favorites\¸Ãçåµçó°.url, , [0e14acefb9c2aa8c5535e22d3ac9738d], 
Malware.Trace, c:\users\jc\favorites\¿¬°á\µ¿¿µ»ó´ù¿î·îµå.url, , [45ddeab117641c1ae7a4eb24de25a858], 
Malware.Trace, c:\users\jc\favorites\¿¬°á\ãö½å¿µè­°¨»ó, , [23ffe4b75b20e84e2a6231de729109f7], 
Malware.Trace, c:\users\jc\favorites\¿á¼ççòà î.url, , [d64c5744502b092d127b30df59aaa858], 
Hijack.Trace, c:\users\jc\favorites\¿á256íøö·´óè«--âìé«íøö·--öð¹úÃîèòµµäíøö·µ¼º½.url, , [d250afec94e70531b7d776997b884ab6], 
Hijack.Trace, c:\users\jc\favorites\¢æ¿á¼ççòà î.url, , [7ba79cff8feca0960a858f80f112af51], 
Hijack.Trace, c:\users\jc\favorites\¢æµð¾ø¼¥çòà î.url, , [b66cddbec6b52610108044cb40c34eb2], 
Hijack.Trace, c:\users\jc\favorites\¢æà îåíæäå©çòà î.url, , [7da5d5c689f278bec2cffd12cd36e31d], 
Hijack.Trace, c:\users\jc\favorites\¢æg¸¶äïçòà î.url, , [0220ddbe1566f83ebfd362addd26dc24], 
Spyware.OnlineGames, c:\users\jc\favorites\»æ½ðñû007íøö·µ¼º½.url, , [b56d27742457b38361329679f50efd03], 
Malware.Trace, c:\users\jc\favorites\ÿô½íø.lnk, , [5ec4f4a788f3bb7bfa9a59b6d62d34cc], 
Malware.Trace, c:\users\jc\favorites\ÿô½íø.url, , [7da55843cfacec4a03927b94f40fb050], 
Hijack.Favourites, c:\users\jc\favorites\ÿô½ñçâíñ·éì³ç.url, , [0f13ff9c5f1c24121f770e013fc4bc44], 
Malware.Trace, c:\users\jc\favorites\°®çéôµ·öåä¶ô.url, , [ca588912ec8f280e118609069f64cc34], 
Malware.Trace, c:\users\jc\favorites\°ù¶èëñë÷.url, , [ea380794b6c5e94d51477a9540c3cc34], 
Malware.Trace, c:\users\jc\favorites\µ±µ±íø.lnk, , [a67c207b7cff6dc9a6f318f71ae96799], 
Malware.Trace, c:\users\jc\favorites\µ±µ±íø.url, , [1210f5a6394277bf6c2e2fe0a65d8d73], 
Hijack.Favourites, c:\users\jc\favorites\µ±µ±íøéﹺîï.url, , [938fa8f3adce54e2f0ab56b93dc6af51], 
Malware.Trace, c:\users\jc\favorites\µð¾ø¼¥çòà î.url, , [d94939628eed003694082ee1a45ffe02], 
Hijack.Trace, c:\users\jc\favorites\¶·ð·óîï·íø - 4000¿îµ¥»úóîï·ãâ·ñïâ.url, , [0c165546b0cbb77f5f3e719e11f28e72], 
Adware.ShareBox, c:\users\jc\favorites\½¦¾î¹ú½º.url, , [5ec48a11e4975dd9cfcf24eb030050b0], 
Malware.Trace, c:\users\jc\favorites\¾«²êð¡óîï·.url, , [de44a9f23546ef47465943cc1ce76e92], 
Malware.Trace, c:\users\jc\favorites\11¹ø°¡.url, , [d84a06958fecf442b8e925ea818224dc], 
Hijack.Favourites, c:\users\jc\favorites\¹è¸èëñë÷.url, , [e53d8219f08b48ee52503dd2fe05e41c], 
Malware.Trace, c:\users\jc\favorites\²»ëà ¸Ãçåµçó°.url, , [b56df9a277049b9b416235da22e1e020], 
Malware.Trace, c:\users\jc\favorites\³¬ìåêö»úáåòô.url, , [6cb6dfbc1467e84e10942ce3be4547b9], 
Hijack.Trace, c:\users\jc\favorites\4399ð¡óîï·.url, , [e43e1784552632045253e42bee15ed13], 
Trojan.Downloader, c:\users\jc\favorites\5173.com.url, , [f32febb0c2b97db900a67e919e6506fa], 
Malware.Trace, c:\users\jc\favorites\7555íøö·µ¼º½-·½±ã¿ì½ýµäíøö·µ¼º½õ¾.url, , [839f35667b009c9a2b7cfe11857ee31d], 
Malware.Trace, c:\users\jc\favorites\80877íøö·µ¼º½.url, , [869ca2f96e0d1f177f2915faea19629e], 
Malware.Trace, c:\users\jc\favorites\ã÷ðç¸öðôç©ãû.url, , [e1416437295267cf00a92de2a95ad729], 
Malware.Trace, c:\users\jc\favorites\ãâ·ñôúïõçó°.url, , [c35f4754641755e16149b85708fbb14f], 
Adware.SurfAssistant, c:\users\jc\favorites\adult sites\hardcore\yvon's training.lnk, , [80a2d5c67506280ee6c5d6393ec545bb], 
Hijack.Trace, c:\users\jc\favorites\æðµãð¡ëµ.url, , [b07235661467d95d48658887bd46a55b], 
Malware.Trace, c:\users\jc\favorites\æð¼ççã·¯½º.url, , [f42e09923d3edf575c52d63924df8b75], 
Hijack.Trace, c:\users\jc\favorites\æô¶¯internet explorer.url, , [5ac8e3b8374454e207a89b74c340a957], 
Favorites.Hijack, c:\users\jc\favorites\avartar.url, , [56cc247795e6122408a8f11ecf3418e8], 
Worm.AutoRun, c:\users\jc\favorites\bekol.exe, , [879b801b69120e28d8d998774fb4c838], 
Malware.Trace, c:\users\jc\favorites\chuguevforum.com, , [7ba70a914c2f39fda01518f7bf44a35d], 
Malware.Trace, c:\users\jc\favorites\çïçá嬷´.url, , [9a88e0bbee8d88ae269050bfe221cc34], 
Malware.Trace, c:\users\jc\favorites\clone cash system.url, , [b66c2f6ce2999b9b8b2c36d944bf9070], 
Malware.Trace, c:\users\jc\favorites\ð¡óîï·.lnk, , [8b974d4e7dfee2547b3d7798a0639f61], 
Favorites.Hijack, c:\users\jc\favorites\danh ba web hay.url, , [022082190b7052e49a1fce4111f2cc34], 
Hijack.Favourites, c:\users\jc\favorites\èèñª½­ºþ.url, , [4ad8b5e67704280e2d8dcc435ca7718f], 
Malware.Trace, c:\users\jc\favorites\èõì300ôªïîä¿.url, , [1f0394076c0fa294f4c77b94778c966a], 
Malware.Trace, c:\users\jc\favorites\favrites.cmd, , [3de5049706753bfb368722ed976ca55b], 
Malware.Trace, c:\users\jc\favorites\favrites.vbs, , [2bf7fc9f007b30069727010e4bb8639d], 
Malware.Trace, c:\users\jc\favorites\g¸¶äïçòà î.url, , [170becafc2b961d569585db24eb57b85], 
Hijack.Trace, c:\users\jc\favorites\googleëñë÷.url, , [43df48533e3dd165ac16f31c26ddfd03], 
Favorites.Hijack, c:\users\jc\favorites\hot music (dance).url, , [37ebefac166590a68a3aa66973907888], 
Malware.Trace, c:\users\jc\favorites\î÷ó±ù·â.url, , [c9598f0c1665f5414382b7582cd7ee12], 
Malware.Trace, c:\users\jc\favorites\î÷óîíø.lnk, , [e53d06959be003332c9a7897eb189f61], 
Malware.Trace, c:\users\jc\favorites\î÷óîíø.url, , [00228b10e7940d29e1e62ce3b54e5ca4], 
Malware.Trace, c:\users\jc\favorites\internet exp1orer.url, , [fa28554692e9bf7727a19c73a85b4fb1], 
Hijack.Favourites, c:\users\jc\favorites\ìô±¦»ê¹úµê.url, , [79a9a0fbb5c6fd390fbad43bbc474ab6], 
Hijack.Trace, c:\users\jc\favorites\ìô±¦¹ºîï.url, , [b270514a99e2ed49a3274dc2f70c6799], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø.url, , [7ea4ebb02952142223a848c761a27a86], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø½ñèõìø¼ûçø.lnk, , [4fd329728bf0d85ef9d338d740c343bd], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø½ñèõìø¼ûçø.url, , [d44ef6a5c6b5ad896a63b659c63de719], 
Hijack.Trace, c:\users\jc\favorites\íøâç´´òµãø¼®.url, , [b36fa9f2364545f1646a67a8ba49b947], 
Malware.Trace, c:\users\jc\favorites\íøéﹺîï¡¢óéà öµ¼º½-ëíq±ò-¶à ·ç¸ñµäíøõ¾µ¼º½.url, , [66bc712a5c1f10265c732ee139ca13ed], 
Hijack.Trace, c:\users\jc\favorites\íøö·´óè«.url, , [2ff338633942e155b21ee8279f64cd33], 
Malware.Trace, c:\users\jc\favorites\m32íøö·´óè«.url, , [f72ba0fbea9193a3557cc04f46bddb25], 
Favorites.Hijack, c:\users\jc\favorites\myanswersearch.url, , [79a98516bac1dc5aa4316ba4e81b0df3], 
Adware.DoubleD, c:\users\jc\favorites\myeasysearcher.url, , [1e042f6c81fa063086507c93d52e2ed2], 
Malware.Trace, c:\users\jc\favorites\myfastsearcher.url, , [32f01c7f502bab8b51864ec18083f907], 
Malware.Trace, c:\users\jc\favorites\myideafinder.url, , [0c16d6c52f4ca690d206e12eb84b11ef], 
Adware.DoubleD, c:\users\jc\favorites\mykeysearch.url, , [52d01685b0cb3bfb13c6b35c71921fe1], 
Hijack.Favorites, c:\users\jc\favorites\mymindsearcher.url, , [c062207b1c5fc274e4f6a46b3dc61ce4], 
Malware.Trace, c:\users\jc\favorites\myquickfinder.url, , [ee341a815229d16519c27e91a06342be], 
Backdoor.Agent, c:\users\jc\favorites\netservice.exe, , [dc468c0f9fdc7eb8aa3226e911f2db25], 
Favorites.Hijack, c:\users\jc\favorites\nghe nhac truc tuyen.url, , [48da1c7fb7c453e3e8f523ec38cb669a], 
Worm.AutoRun, c:\users\jc\favorites\nginul_na.exe, , [bb6723781a61ca6c31adda354bb8cd33], 
Malware.Trace, c:\users\jc\favorites\º¸¹°¹ú½º.url, , [1b07cfcc1c5f9d994897a06f9c677f81], 
Malware.Trace, c:\users\jc\favorites\ó²¹çí·.url, , [0b17207b1368a492855c43cc29daa25e], 
Malware.Trace, c:\users\jc\favorites\ò涯éìñ§ôº.url, , [60c2722982f934028959878830d38977], 
Malware.Trace, c:\users\jc\favorites\õæç®æååæóîï·.url, , [cd553764e69586b06a7931de2dd657a9], 
Malware.Trace, c:\users\jc\favorites\ºãíæð¡óîï·.url, , [bc66cdce6e0da2947173e52add26ad53], 
Malware.Trace, c:\users\jc\favorites\óîï·´óè«.url, , [1111cfcc4d2ec6702bba41ce47bc5da3], 
Trojan.Agent, c:\users\jc\favorites\õòie¾ûºïëñë÷, , [76ac3269aecd5ed8b830b956d52e9769], 
Backdoor.Agent, c:\users\jc\favorites\plug\001.dll, , [9989efaca0db4de902e78788f013b848], 
Malware.Trace, c:\users\jc\favorites\qq±íçé´óè«.url, , [d9498318b9c2c076ca22070823e05ba5], 
Favorites.Hijack, c:\users\jc\favorites\quang cao online.url, , [b76b0299ceadb3835c91a36c35ce34cc], 
Adware.QWO, c:\users\jc\favorites\qword search engine.url, , [52d0ecaf6f0cf244e806808ffd067d83], 
Favorites.Hijack, c:\users\jc\favorites\rap viet.url, , [45ddc2d9bcbf8fa713dc1df20bf809f7], 
Worm.AutoRun, c:\users\jc\favorites\salamkenal.exe, , [101262397dfe95a1dc152ce355ae629e], 
Rogue.Link, c:\users\jc\favorites\search online.url, , [39e91388710ae056737f27e84fb4cc34], 
Rogue.Link, c:\users\jc\favorites\sms trap.url, , [0022faa17308f145fdf68788c043916f], 
Favorites.Hijack, c:\users\jc\favorites\the gioi hinh dep.url, , [948eabf0d1aa57df14e2ca45ea1911ef], 
Favorites.Hijack, c:\users\jc\favorites\the thao giai tri.url, , [f1319dfe6c0f43f3c33439d620e341bf], 
Favorites.Hijack, c:\users\jc\favorites\thu thuat yahoo.url, , [61c1f4a7b7c470c6d6229976c3400bf5], 
Favorites.Hijack, c:\users\jc\favorites\tin the thao.url, , [d74bf1aad0abc6706990c34cd72c9967], 
Favorites.Hijack, c:\users\jc\favorites\tro choi truc tuyen.url, , [f32f89121e5d4bebb14947c8ca39936d], 
Favorites.Hijack, c:\users\jc\favorites\website nghe nhac online.url, , [45dd2f6c2d4e7bbb8e70c44bfb08827e], 
Favorites.Hijack, c:\users\jc\favorites\xem tuvi - boi toan.url, , [22007922ea91b77fb14e0c030300ae52], 
Hijack.Favourites, c:\users\jc\favorites\zhaodao123íøö·µ¼º½.url, , [5fc3b8e3cead3cfac63a4fc11ae9dd23], 
Trojan.Zlob, c:\users\jc\documents\my videos\my video.url, , [3fe35e3d403b78be66ccb95738cb9868], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø - ìô£¡îòï²»¶.url, , [11116734a4d71e18e1b2151f6d9655ab], 
Malware.Trace, c:\users\jc\favorites\íøéïâòêé-¾íôúµ±µ±íø.url, , [1111bfdce794d75fb9db8ca8dc27fd03], 
Trojan.Banker, c:\users\jc\videos\gbpxp.exe, , [aa78cbd02f4c52e49abbd6614eb58b75], 
Malware.Trace, c:\users\jc\videos\mob127.bin, , [938f1586681346f092c4b2851ae9ae52], 
Malware.Trace, c:\users\jc\favorites\îþæá±îëñë÷.url, , [9c86cdceaecd54e284c4fa7cc043956b], 
Trojan.Agent, c:\users\jc\pictures\cool profile pics\cool profile pics.exe, , [46dca7f4afccc571a6fc88f1b44f6e92], 
Malware.Trace, c:\users\jc\favorites\sioril.lnk, , [51d17b20027945f16e560872aa594cb4], 
Backdoor.Agent, c:\users\jc\favorites\spwmffas.exe, , [b76bafec8cefec4a9a4d8cf060a30df3], 
Trojan.Agent, c:\users\jc\favorites\windupdt\vbc.exe, , [ff232a715922ee48ac007b15f70caa56], 
Backdoor.Agent.DC, c:\users\jc\favorites\svvhost\svvhost.exe, , [12105645790236008112761df60d6b95], 
Backdoor.Agent.DC, c:\users\jc\favorites\chromeupdate.exe, , [c65cbedd6516c27427afa6f13fc421df], 
Backdoor.Agent.DC, c:\users\jc\favorites\msdcsc\masdassc.exe, , [20020299dd9e70c6a9f0089a956e33cd], 
Favorites.Hijack, c:\users\jc\favorites\adrive.url, , [0121316a2e4de94de85b2083e91ac53b], 
Trojan.Agent, c:\users\jc\favorites\chrome.exe, , [5bc70c8f5328e84ebc362689b74c916f], 
Backdoor.Agent.DC, c:\users\jc\favorites\msdcsc\msdcsc.exe, , [8d95a4f7136867cf67ed3b7758ab8c74], 
Malware.Trace, c:\users\jc\favorites\e1xplorer.lnk, , [4bd7a6f57605d6602f88358328dba45c], 
Dialer.Trace, c:\users\jc\favorites\krering39x.lnk, , [37eb84175d1ede5882159826fc07ac54], 
Malware.Trace, c:\users\jc\favorites\free spy cam.url, , [eb378e0daccf49edd7984283a95a52ae], 
Malware.Trace, c:\users\jc\favorites\get this 4 free.url, , [7aa8a6f59cdfee480769eadb659e5da3], 
Malware.Trace, c:\users\jc\favorites\free hidden cams world.url, , [140e8d0e2556ae88a0d107bee0239b65], 
Malware.Trace, c:\users\jc\favorites\free web cams chats.url, , [74aeb1eaceadb87efe74497cbd4619e7], 
Trojan.Agent, c:\users\jc\favorites\win.exe, , [78aaedaeee8d082e96c7e5e92ed59769], 
Backdoor.Agent.DC, c:\users\jc\favorites\microsoftupdate.exe, , [e73b83180b704fe79a80b41f8d768977], 
Dialer.Trace, c:\users\jc\favorites\moduli1.lnk, , [23ff6b307a01b77f0fd054817a89f10f], 
Trojan.Agent, c:\users\jc\videos\helppanel.exe, , [ef33b4e77dfe7abc389c7f8018eb9b65], 
Trojan.MSIL, c:\users\jc\videos\winhelp.exe, , [bb67d2c96c0fbb7b6b73926d35ce0bf5], 
Backdoor.Agent.CHGen, c:\users\jc\pictures\conhost.exe, , [ff23e8b314676dc94e93d631040006fa], 
Trojan.Dialer.FZ, c:\users\jc\favorites\fazeritalia.it - freeinternet.lnk, , [6cb63e5d6e0d7abcd3f753b754b015eb], 
Trojan.Backdoor, c:\users\jc\favorites\microsoft\windows\iexplorer.exe, , [2df5b7e45d1ec76fe6587c8f867e9d63], 
Backdoor.Agent.E, c:\users\jc\pictures\windir.exe, , [0c16fc9f047788aea13efa137490fb05], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
xxxxxxxxxxxxx RogueKiler Logs xxxxxxxxxxxxxxxx
 
 
RogueKiller V9.1.0.0 [Jun 23 2014] by Adlice Software
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : JC [Admin rights]
Mode : Scan -- Date : 07/05/2014  23:20:49
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 12 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1731358849-753200723-36136057-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPVT-75HXZT3 +++++
--- User ---
[MBR] 029a8fc542e3338290c0205cea1e5402
[bSP] 4788f1b74fc281b8e6c0f442ad75aebb : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK
 
 
============================================
RKreport_SCN_07052014_215738.log
Link to post
Share on other sites

I tried something else because I remembered the post on this forum that I happened to find with similar symptoms as mine. So like the guy on this post --> https://forums.malwarebytes.org/index.php?/topic/106149-malwarebytes-keeps-finding-bad-files-but-i-show-no-sign-of-infection-otherwise/, I also have Folder Lock installed which enables me to lock specific folders to secure files inside it. So I tried disabling it (All of the logs above, the frst, etc., except the latest malwarebytes log, I assure you that I disabed folder lock first before scanning) and scanned using malwarebytes. And yeah, Malwarebytes didn't detect anything, like what the guy on that post said. So I tried to turn folder lock on again, and scanned using malwarebytes for the second time, and as I expected, it detected files from common directories (my pictures, favorites etc) and the file doesn't seem to exist. I tried  to turn it off again and scan, and then turn it on again then scan, and same results. Scanning while folder lock is on results in detections of files which I presume doesn't exist (since I can't find them anywhere in the directory/file location even if Folder lock is off or even if the show hidden files option is selected ), and Scanning while folder lock is off results in no detection. I also use AVG and SuperAntiSpyware and both of them didn;t detect anything.

 

But I don't know for sure if my laptop is not infected, but based on the logs I posted earlier, do you think it is indeed infected? Maybe there's a virus which can hide files to make them undetectable? Or is it possible that there's just a bug causing Folder Lock to interere with Mbam?

I have a request, is it possible for you to confirm this to the Malwarebytes staff? Maybe they knew something about this issue. :D

Link to post
Share on other sites

You have not taken any action with the entries found and showing in the Malwarebytes log, why not??

 

Run another scan with Malwarebytes, when the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

Post the produced log..

Link to post
Share on other sites

I'm sorry. I did that because I think it won't make a difference , because even before I posted my problem in this forum, even if I remove/quarantine the detected files, it keeps coming back and it's the same files as far as I can remember. So I think I have to point out something else and that's when I remembered the other post regarding his issues with folder guard. but don't worry, I will scan and "apply action" just like you said. Thanks :)

Link to post
Share on other sites

Here's the log, so yeah I think it's the same files. :D please take into consideration the one I mentioned before your reply because I noticed that the detections only occur when folder guard is on. and I come up clean when it is off. I also read on other forum that there's a bug causing this on vista but Im on windows 8  so I just wanna make sure. Thanks :D

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/6/2014
Scan Time: 3:43:40 AM
Logfile: aaaaa.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.05.10
Rootkit Database: v2014.07.03.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: JC
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350300
Time Elapsed: 22 min, 38 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
Hijack.Trace, c:\users\jc\favorites\¼îçî¸ô, Delete-on-Reboot, [be644358017a6acc74f54348f80a0000], 
Malware.Trace, c:\users\jc\favorites\³£óã, Delete-on-Reboot, [5fc3c0dbf388a88edf8b414a639fb050], 
Hijack.Favourites, c:\users\jc\favorites\èèãåíøò³óîï·, Delete-on-Reboot, [ee34643796e5ca6c69028506c33f2ed2], 
 
Files: 137
Backdoor.Agent.DCE, c:\users\jc\favorites\fox\vertrag.exe, Delete-on-Reboot, [59c9cfccfc7f30065535e6d35ca633cd], 
Trojan.Agent, c:\users\jc\favorites\smss..exe, Delete-on-Reboot, [49d96c2fa1daa195b8b2429fe919718f], 
Malware.Trace, c:\users\jc\documents\my videos\pulgconfig.log, Delete-on-Reboot, [70b2e2b917643ef89fa2dc068f738779], 
Backdoor.Agent.DC, c:\users\jc\favorites\windupdt\pnrp.exe, Delete-on-Reboot, [d9495843710ad3637c263aac0df5f30d], 
Trojan.Agent, c:\users\jc\favorites\scvhosr.exe, Delete-on-Reboot, [a47e0e8d2a515bdb4d9b8469cf3316ea], 
Malware.Trace, c:\users\jc\documents\my videos\pulgfile.log, Delete-on-Reboot, [a08298037efd51e5d39e4aa7b949f808], 
Adware.Agent, c:\users\jc\favorites\adfly.exe, Delete-on-Reboot, [40e22576c9b2f3439504e70a42c01ee2], 
Backdoor.Agent, c:\users\jc\favorites\svshost.exe, Delete-on-Reboot, [dd4506954c2f1a1c77853ac7fc0753ad], 
Malware.Trace, c:\users\jc\favorites\&çí·Ã?íøö·µ¼º½&.url, Delete-on-Reboot, [9c86e2b9106b34020697c748b44f3bc5], 
Malware.Trace, c:\users\jc\favorites\_favdata.dat, Delete-on-Reboot, [180ae3b8710a191d4a5510ff956e6997], 
Hijack.Trace, c:\users\jc\favorites\¸Ã?çåµçó°.url, Delete-on-Reboot, [948e66354c2fbf77d8c8d8378b78d828], 
Malware.Trace, c:\users\jc\favorites\¿¬°á\µ¿¿µ»ó´ù¿î·îµå.url, Delete-on-Reboot, [071bb3e8adce290d960b3ed1ca39b54b], 
Malware.Trace, c:\users\jc\favorites\¿¬°á\ãö½å¿µè­°¨»ó, Delete-on-Reboot, [1c061586c4b7d95d445e8986e122ac54], 
Malware.Trace, c:\users\jc\favorites\¿á¼ççòà î.url, Delete-on-Reboot, [48da722945365adc544fdf3048bb37c9], 
Hijack.Trace, c:\users\jc\favorites\¿á256íøö·´óè«--âìé«íøö·--öð¹úÃ?îÃ?¨òµµäíøö·µ¼º½.url, Delete-on-Reboot, [958d128942393303950fc44bed16ab55], 
Hijack.Trace, c:\users\jc\favorites\¢æ¿á¼ççòà î.url, Delete-on-Reboot, [33efb1ea25564ceaaafb9c738e758d73], 
Hijack.Trace, c:\users\jc\favorites\¢æµð¾ø¼¥çòà î.url, Delete-on-Reboot, [2101475488f3bb7bc9dd4cc3847ff20e], 
Hijack.Trace, c:\users\jc\favorites\¢æà îåíæäå©çòà î.url, Delete-on-Reboot, [51d12675c1bab5812f78937c8c7725db], 
Hijack.Trace, c:\users\jc\favorites\¢æg¸¶äïçòà î.url, Delete-on-Reboot, [c9594e4daccf2e082880d639ea19b64a], 
Spyware.OnlineGames, c:\users\jc\favorites\»æ½ðñû007íøö·µ¼º½.url, Delete-on-Reboot, [d151e2b9c5b6c4722a7f719e49ba946c], 
Malware.Trace, c:\users\jc\favorites\Ã?¿ô½íø.lnk, Delete-on-Reboot, [8c96f6a5bdbe2214cedc5bb4ca3911ef], 
Malware.Trace, c:\users\jc\favorites\Ã?¿ô½íø.url, Delete-on-Reboot, [53cf4d4e651661d514978c835ba88a76], 
Hijack.Favourites, c:\users\jc\favorites\Ã?¿ô½ñçâíñ·éì³ç.url, Delete-on-Reboot, [31f18516aad1b680387451be2ed5966a], 
Malware.Trace, c:\users\jc\favorites\°®çéôµ·öåä¶ô.url, Delete-on-Reboot, [0022356642395bdbb5f8838cf60d03fd], 
Malware.Trace, c:\users\jc\favorites\°ù¶èëñë÷.url, Delete-on-Reboot, [b0721f7cc6b5072ff9b5fb14ac57c937], 
Malware.Trace, c:\users\jc\favorites\µ±µ±íø.lnk, Delete-on-Reboot, [160cddbe8af15bdbc6e9bf50689bf10f], 
Malware.Trace, c:\users\jc\favorites\µ±µ±íø.url, Delete-on-Reboot, [24fe8b105724fb3bc1efab64966d59a7], 
Hijack.Favourites, c:\users\jc\favorites\µ±µ±íøéﹺîï.url, Delete-on-Reboot, [a280efac1269a98d813034db59aa15eb], 
Malware.Trace, c:\users\jc\favorites\µð¾ø¼¥çòà î.url, Delete-on-Reboot, [b171b5e695e647ef486ad738d62dc739], 
Hijack.Trace, c:\users\jc\favorites\¶·ð·óîï·íø - 4000¿îµ¥»úóîï·ãâ·ñïâ.url, Delete-on-Reboot, [ed351e7dfd7e38fed1e2779852b14cb4], 
Adware.ShareBox, c:\users\jc\favorites\½¦¾î¹ú½º.url, Delete-on-Reboot, [0b17d6c53447db5b951fca45699a24dc], 
Malware.Trace, c:\users\jc\favorites\¾«²êð¡óîï·.url, Delete-on-Reboot, [0f135f3ceb9067cfefc68f80768d5aa6], 
Malware.Trace, c:\users\jc\favorites\11¹ø°¡.url, Delete-on-Reboot, [73afd7c4c8b3ce68397e828d8b78659b], 
Hijack.Favourites, c:\users\jc\favorites\¹è¸èëñë÷.url, Delete-on-Reboot, [7aa8e0bb3249082e53654fc03dc6ca36], 
Malware.Trace, c:\users\jc\favorites\²»ëà ¸Ã?çåµçó°.url, Delete-on-Reboot, [30f2b5e6aad1f44223962ee148bb05fb], 
Malware.Trace, c:\users\jc\favorites\³¬ìåêö»úáåòô.url, Delete-on-Reboot, [b36f504bc3b88aac8a3054bb946f04fc], 
Hijack.Trace, c:\users\jc\favorites\4399ð¡óîï·.url, Delete-on-Reboot, [e2402972dd9eb08618a37d92e51e7789], 
Trojan.Downloader, c:\users\jc\favorites\5173.com.url, Delete-on-Reboot, [a37f6b306615d85ebffd9c7356ade61a], 
Malware.Trace, c:\users\jc\favorites\7555íøö·µ¼º½-·½±ã¿ì½ýµäíøö·µ¼º½õ¾.url, Delete-on-Reboot, [91913f5cf08b0b2b7f3eee21c04322de], 
Malware.Trace, c:\users\jc\favorites\80877íøö·µ¼º½.url, Delete-on-Reboot, [9e84debd007bfe38ffbf37d8cc373ac6], 
Malware.Trace, c:\users\jc\favorites\ã÷ðç¸öðôç©ãû.url, Delete-on-Reboot, [9e84b3e82853d75f744b3ed1778c3fc1], 
Malware.Trace, c:\users\jc\favorites\ãâ·ñôúïÃ?µçó°.url, Delete-on-Reboot, [46dc8b10adcef93d8b35a96616ed33cd], 
Adware.SurfAssistant, c:\users\jc\favorites\adult sites\hardcore\yvon's training.lnk, Delete-on-Reboot, [56cc5348a5d6a2944d740e0108fbbe42], 
Hijack.Trace, c:\users\jc\favorites\æðµãð¡ëµ.url, Delete-on-Reboot, [35ed48530873290d606342cd9271a65a], 
Malware.Trace, c:\users\jc\favorites\æð¼ççã·¯½º.url, Delete-on-Reboot, [eb37fc9f1b60d95d5a6a32dd857e758b], 
Hijack.Trace, c:\users\jc\favorites\æô¶¯internet explorer.url, Delete-on-Reboot, [889a7b205823132302c3a96662a1748c], 
Favorites.Hijack, c:\users\jc\favorites\avartar.url, Delete-on-Reboot, [0a187d1e68139e9863637d92e41fbe42], 
Worm.AutoRun, c:\users\jc\favorites\bekol.exe, Delete-on-Reboot, [5bc7415afb8090a6b314f6194bb8728e], 
Malware.Trace, c:\users\jc\favorites\chuguevforum.com, Delete-on-Reboot, [f1312b7091ea8babccff9c7352b10cf4], 
Malware.Trace, c:\users\jc\favorites\çïçá嬷´.url, Delete-on-Reboot, [b0728c0f9edd74c2be0ef21d51b2659b], 
Malware.Trace, c:\users\jc\favorites\clone cash system.url, Delete-on-Reboot, [bd65237866152e08725b69a658ab4bb5], 
Malware.Trace, c:\users\jc\favorites\ð¡óîï·.lnk, Delete-on-Reboot, [d05268335c1fb581efdf9b74c340a759], 
Favorites.Hijack, c:\users\jc\favorites\danh ba web hay.url, Delete-on-Reboot, [27fbd9c23348ef47a52a3cd3c043e020], 
Hijack.Favourites, c:\users\jc\favorites\èèñª½­ºþ.url, Delete-on-Reboot, [d250d4c70576ce68e5ebe6290300f907], 
Malware.Trace, c:\users\jc\favorites\èõÃ?¬300ôªïîä¿.url, Delete-on-Reboot, [150d742792e937ff08c99b74c241d927], 
Malware.Trace, c:\users\jc\favorites\favrites.cmd, Delete-on-Reboot, [02203f5cbdbef93d70636ba4ce351be5], 
Malware.Trace, c:\users\jc\favorites\favrites.vbs, Delete-on-Reboot, [dd45960588f347ef8e46e52af211649c], 
Malware.Trace, c:\users\jc\favorites\g¸¶äïçòà î.url, Delete-on-Reboot, [3fe38318aecdec4a8d4adf3015ee15eb], 
Hijack.Trace, c:\users\jc\favorites\googleëñë÷.url, Delete-on-Reboot, [ac76f5a67a017eb87464c649897a7888], 
Favorites.Hijack, c:\users\jc\favorites\hot music (dance).url, Delete-on-Reboot, [d44eb6e5f388c571eaf039d6c73ca35d], 
Malware.Trace, c:\users\jc\favorites\î÷ó±ù·â.url, Delete-on-Reboot, [61c1cbd0b7c432048f4cf11e11f2d729], 
Malware.Trace, c:\users\jc\favorites\î÷óîíø.lnk, Delete-on-Reboot, [170b6239037821156d6f26e9af54e41c], 
Malware.Trace, c:\users\jc\favorites\î÷óîíø.url, Delete-on-Reboot, [6bb79a0154271f176f6e67a852b1a060], 
Malware.Trace, c:\users\jc\favorites\internet exp1orer.url, Delete-on-Reboot, [80a2c4d7a8d3e056ebf3808fa162a25e], 
Hijack.Favourites, c:\users\jc\favorites\ìô±¦»ê¹úµê.url, Delete-on-Reboot, [3de5faa1f3888aac5f80868927dc21df], 
Hijack.Trace, c:\users\jc\favorites\ìô±¦¹ºîï.url, Delete-on-Reboot, [d54ddbc0a0db22146a763cd3ef142cd4], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø.url, Delete-on-Reboot, [d34f712aaecd69cdd70a27e8fb085ba5], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø½ñèõìø¼ûçø.lnk, Delete-on-Reboot, [02208d0edd9ec3739d4531defd062ed2], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø½ñèõìø¼ûçø.url, Delete-on-Reboot, [dc46a3f8f487ea4c588b1af5d330768a], 
Hijack.Trace, c:\users\jc\favorites\íøâç´´òµãø¼®.url, Delete-on-Reboot, [61c1b3e86c0f360003e179960af94cb4], 
Malware.Trace, c:\users\jc\favorites\íøéﹺîï¡¢óéà öµ¼º½-ëíq±ò-¶à ·ç¸ñµäíøõ¾µ¼º½.url, Delete-on-Reboot, [2df59ffce09b2d099e47ad6261a24db3], 
Hijack.Trace, c:\users\jc\favorites\íøö·´óè«.url, Delete-on-Reboot, [9d85dfbc1a611125f4f22be4f1128080], 
Malware.Trace, c:\users\jc\favorites\m32íøö·´óè«.url, Delete-on-Reboot, [f42e2477daa13bfbd3148e818b78a759], 
Favorites.Hijack, c:\users\jc\favorites\myanswersearch.url, Delete-on-Reboot, [180aa8f3502b8babc229b35c659e9967], 
Adware.DoubleD, c:\users\jc\favorites\myeasysearcher.url, Delete-on-Reboot, [031f0c8fafcc72c4b03cef2083803dc3], 
Malware.Trace, c:\users\jc\favorites\myfastsearcher.url, Delete-on-Reboot, [fb270b908bf0ac8a48a54ac5c73ca858], 
Malware.Trace, c:\users\jc\favorites\myideafinder.url, Delete-on-Reboot, [65bd44574b301c1ab03ec04fae55c739], 
Adware.DoubleD, c:\users\jc\favorites\mykeysearch.url, Delete-on-Reboot, [cb57c4d70675300620cf2be40af95da3], 
Hijack.Favorites, c:\users\jc\favorites\mymindsearcher.url, Delete-on-Reboot, [51d1eead6b105adcf5fba966a45f56aa], 
Malware.Trace, c:\users\jc\favorites\myquickfinder.url, Delete-on-Reboot, [75ad039889f242f4945df619aa59d62a], 
Backdoor.Agent, c:\users\jc\favorites\netservice.exe, Delete-on-Reboot, [cf530d8e126963d3658df51a877c17e9], 
Favorites.Hijack, c:\users\jc\favorites\nghe nhac truc tuyen.url, Delete-on-Reboot, [48dac8d3d1aaac8ae70c46c99172fe02], 
Worm.AutoRun, c:\users\jc\favorites\nginul_na.exe, Delete-on-Reboot, [7ea4c8d367141a1c9a5aad62966dad53], 
Malware.Trace, c:\users\jc\favorites\º¸¹°¹ú½º.url, Delete-on-Reboot, [bb671f7c4e2d01350bea57b8df24c13f], 
Malware.Trace, c:\users\jc\favorites\ó²¹çí·.url, Delete-on-Reboot, [72b0d6c5710aca6c3eb91ef193700cf4], 
Malware.Trace, c:\users\jc\favorites\ò涯éìñ§ôº.url, Delete-on-Reboot, [31f1efac106b270fef09838c1be8926e], 
Malware.Trace, c:\users\jc\favorites\õæç®æååæóîï·.url, Delete-on-Reboot, [36ec9a01423970c630c9c649946f768a], 
Malware.Trace, c:\users\jc\favorites\ºãíæð¡óîï·.url, Delete-on-Reboot, [69b9debd1d5ee45244b6de31ce35ec14], 
Malware.Trace, c:\users\jc\favorites\óîï·´óè«.url, Delete-on-Reboot, [2cf64a5174071f1747b4818ead565fa1], 
Trojan.Agent, c:\users\jc\favorites\õòie¾ûºïëñë÷, Delete-on-Reboot, [4ed4b3e8c0bb0c2a976715fa16ed36ca], 
Backdoor.Agent, c:\users\jc\favorites\plug\001.dll, Delete-on-Reboot, [3ee4f5a684f74fe7c936cd42bb48b24e], 
Malware.Trace, c:\users\jc\favorites\qq±íçé´óè«.url, Delete-on-Reboot, [27fb7a21d9a289ad986a8a86030001ff], 
Favorites.Hijack, c:\users\jc\favorites\quang cao online.url, Delete-on-Reboot, [f131c9d24932fe38a95a39d74cb77987], 
Adware.QWO, c:\users\jc\favorites\qword search engine.url, Delete-on-Reboot, [fe24f2a9a8d30234d62eaf6163a01de3], 
Favorites.Hijack, c:\users\jc\favorites\rap viet.url, Delete-on-Reboot, [54ce7d1e9ae12d09da2be32df40f8b75], 
Worm.AutoRun, c:\users\jc\favorites\salamkenal.exe, Delete-on-Reboot, [f82a5447de9d082edb2c8888ff0434cc], 
Rogue.Link, c:\users\jc\favorites\search online.url, Delete-on-Reboot, [170b277481fa0c2a76924bc590736c94], 
Rogue.Link, c:\users\jc\favorites\sms trap.url, Delete-on-Reboot, [c0625b40f4878aace722a26e7e85bd43], 
Favorites.Hijack, c:\users\jc\favorites\the gioi hinh dep.url, Delete-on-Reboot, [958d6635cab1132322ea3dd37a897a86], 
Favorites.Hijack, c:\users\jc\favorites\the thao giai tri.url, Delete-on-Reboot, [f032613a6c0f88ae739a7e92857e946c], 
Favorites.Hijack, c:\users\jc\favorites\thu thuat yahoo.url, Delete-on-Reboot, [4fd3b1ea3744de5824ea8b850cf7f808], 
Favorites.Hijack, c:\users\jc\favorites\tin the thao.url, Delete-on-Reboot, [ec3669321764b48246c9c14ff70c3fc1], 
Favorites.Hijack, c:\users\jc\favorites\tro choi truc tuyen.url, Delete-on-Reboot, [0919920992e90135b65a7e92a95afa06], 
Favorites.Hijack, c:\users\jc\favorites\website nghe nhac online.url, Delete-on-Reboot, [dd45cecd730896a060b44ec2e71cb848], 
Favorites.Hijack, c:\users\jc\favorites\xem tuvi - boi toan.url, Delete-on-Reboot, [68ba73284e2dad8960b50010758ed12f], 
Hijack.Favourites, c:\users\jc\favorites\zhaodao123íøö·µ¼º½.url, Delete-on-Reboot, [1b07425983f8f640a4729e729e656c94], 
Trojan.Zlob, c:\users\jc\documents\my videos\my video.url, Delete-on-Reboot, [ec36663574072610d375060aa06347b9], 
Malware.Trace, c:\users\jc\favorites\ìô±¦íø - ìô£¡îòï²»¶.url, Delete-on-Reboot, [ac76acef0477b2847d2cf93b2cd7728e], 
Malware.Trace, c:\users\jc\favorites\íøéïâòêé-¾íôúµ±µ±íø.url, Delete-on-Reboot, [5bc70e8d3a415adce8c2250f36cdbc44], 
Trojan.Banker, c:\users\jc\videos\gbpxp.exe, Delete-on-Reboot, [ec364358c3b8ae88f774d95e4eb5c53b], 
Malware.Trace, c:\users\jc\videos\mob127.bin, Delete-on-Reboot, [da48702b8fecc4723537df5814efae52], 
Malware.Trace, c:\users\jc\favorites\îþæá±îëñë÷.url, Delete-on-Reboot, [1f035f3c4734db5ba8b6fd7920e31ce4], 
Trojan.Agent, c:\users\jc\pictures\cool profile pics\cool profile pics.exe, Delete-on-Reboot, [899989126912de583880ff7ac53ef20e], 
Malware.Trace, c:\users\jc\favorites\sioril.lnk, Delete-on-Reboot, [58ca8a11cdaeb3834e8cea90d62dc43c], 
Backdoor.Agent, c:\users\jc\favorites\spwmffas.exe, Delete-on-Reboot, [3fe39902c5b66fc7fa03f58751b2728e], 
Trojan.Agent, c:\users\jc\favorites\windupdt\vbc.exe, Delete-on-Reboot, [79a97229d0ab0a2c1ea43a5637cca759], 
Backdoor.Agent.DC, c:\users\jc\favorites\svvhost\svvhost.exe, Delete-on-Reboot, [081afe9df289fd39ebbee7acf1127e82], 
Backdoor.Agent.DC, c:\users\jc\favorites\chromeupdate.exe, Delete-on-Reboot, [81a1504b8bf032046b81cccb2bd8e719], 
Backdoor.Agent.DC, c:\users\jc\favorites\msdcsc\masdassc.exe, Delete-on-Reboot, [74aec4d7cfac063048679c069e6536ca], 
Favorites.Hijack, c:\users\jc\favorites\adrive.url, Delete-on-Reboot, [839fcccfdba0290d85d4049f03005ba5], 
Trojan.Agent, c:\users\jc\favorites\chrome.exe, Delete-on-Reboot, [49d966359edded49e0287739b84bf60a], 
Backdoor.Agent.DC, c:\users\jc\favorites\msdcsc\msdcsc.exe, Delete-on-Reboot, [ac76405b7cffd75f4921d5dd5fa4ba46], 
Malware.Trace, c:\users\jc\favorites\e1xplorer.lnk, Delete-on-Reboot, [44de5d3ec9b2e05618b5a315b3501be5], 
Dialer.Trace, c:\users\jc\favorites\krering39x.lnk, Delete-on-Reboot, [2101fd9ef883fa3c3e6f2896f50e4cb4], 
Malware.Trace, c:\users\jc\favorites\free spy cam.url, Delete-on-Reboot, [4ad8cecd3e3df244bbca725355aefe02], 
Malware.Trace, c:\users\jc\favorites\get this 4 free.url, Delete-on-Reboot, [66bc44575e1dae880086962fd330bd43], 
Malware.Trace, c:\users\jc\favorites\free hidden cams world.url, Delete-on-Reboot, [4bd7cbd0b1ca43f3c5c2ba0be12254ac], 
Malware.Trace, c:\users\jc\favorites\free web cams chats.url, Delete-on-Reboot, [31f1faa1f388d5613751e1e4dc2713ed], 
Trojan.Agent, c:\users\jc\favorites\win.exe, Delete-on-Reboot, [3ce6a3f80e6dc0763043d6f84cb77789], 
Backdoor.Agent.DC, c:\users\jc\favorites\microsoftupdate.exe, Delete-on-Reboot, [c35fb0eb5f1c62d41917835025def40c], 
Dialer.Trace, c:\users\jc\favorites\moduli1.lnk, Delete-on-Reboot, [45dd712ab6c521157b7a31a4ec17cb35], 
Trojan.Agent, c:\users\jc\videos\helppanel.exe, Delete-on-Reboot, [002203982e4da59146a4b649c0432cd4], 
Trojan.MSIL, c:\users\jc\videos\winhelp.exe, Delete-on-Reboot, [d9496e2dc6b5f541a84c5ca3fe05ac54], 
Backdoor.Agent.CHGen, c:\users\jc\pictures\conhost.exe, Delete-on-Reboot, [a280108b64171f1792658f785ba916ea], 
Trojan.Dialer.FZ, c:\users\jc\favorites\fazeritalia.it - freeinternet.lnk, Delete-on-Reboot, [061c1d7e57247eb86779789259ab8c74], 
Trojan.Backdoor, c:\users\jc\favorites\microsoft\windows\iexplorer.exe, Delete-on-Reboot, [54ce861599e21323bb9992799b69b64a], 
Backdoor.Agent.E, c:\users\jc\pictures\windir.exe, Delete-on-Reboot, [2af8acef601b65d1ec090607ca3a23dd], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

I assume your system was rebooted to remove all listed entries? continue please:

 

Download TDSSKiller and save it to your Desktop.

 

Make sure TDSSKiller.exe  is on the Desktop itself, not within a folder on the desktop.

 

Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

 

"%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

 

If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.

If Malicious objects are found, do NOT select Delete or Cure. Change the action to Skip, When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

 

Thanks,

 

Kevin

Link to post
Share on other sites

So here's the log. :D It didn't detect anything. :/ I'll split it into different replies since it says that it's too long.

 

 

XXXXXX PART 1 XXXXXXX

 

16:54:34.0968 0x2274  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54

16:54:34.0969 0x2274  UEFI system
16:54:40.0080 0x2274  ============================================================
16:54:40.0080 0x2274  Current date / time: 2014/07/06 16:54:40.0080
16:54:40.0080 0x2274  SystemInfo:
16:54:40.0080 0x2274  
16:54:40.0080 0x2274  OS Version: 6.2.9200 ServicePack: 0.0
16:54:40.0080 0x2274  Product type: Workstation
16:54:40.0080 0x2274  ComputerName: JOHNCHRISTOPHER
16:54:40.0081 0x2274  UserName: JC
16:54:40.0081 0x2274  Windows directory: C:\Windows
16:54:40.0081 0x2274  System windows directory: C:\Windows
16:54:40.0081 0x2274  Running under WOW64
16:54:40.0081 0x2274  Processor architecture: Intel x64
16:54:40.0081 0x2274  Number of processors: 4
16:54:40.0081 0x2274  Page size: 0x1000
16:54:40.0081 0x2274  Boot type: Normal boot
16:54:40.0081 0x2274  ============================================================
16:54:43.0807 0x2274  KLMD registered as C:\Windows\system32\drivers\88838743.sys
16:54:46.0130 0x2274  System UUID: {8E036864-F6FF-86E6-68DC-6667FA615DD5}
16:54:49.0767 0x2274  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:54:49.0812 0x2274  ============================================================
16:54:49.0812 0x2274  \Device\Harddisk0\DR0:
16:54:49.0845 0x2274  GPT partitions:
16:54:49.0905 0x2274  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3F14EA27-F2EF-4745-AF7A-E79B25CE8613}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
16:54:49.0905 0x2274  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {90EEF550-1B4F-411C-BF7C-73729872B413}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
16:54:49.0905 0x2274  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {EF110801-7359-4809-8964-F662D87F8098}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
16:54:49.0905 0x2274  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6B759E87-5849-4559-9042-038A64399147}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xF5000
16:54:49.0905 0x2274  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {502A035D-E057-4E25-9B34-9329C853F460}, Name: Basic data partition, StartLBA 0x243800, BlocksNum 0x56008800
16:54:49.0905 0x2274  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {39A64DAE-4605-4921-8D77-95E550018724}, Name: Microsoft recovery partition, StartLBA 0x5624C000, BlocksNum 0x12F9EF0
16:54:49.0905 0x2274  MBR partitions:
16:54:49.0905 0x2274  ============================================================
16:54:50.0145 0x2274  C: <-> \Device\Harddisk0\DR0\Partition5
16:54:50.0146 0x2274  ============================================================
16:54:50.0146 0x2274  Initialize success
16:54:50.0146 0x2274  ============================================================
16:55:10.0764 0x1d88  ============================================================
16:55:10.0764 0x1d88  Scan started
16:55:10.0764 0x1d88  Mode: Manual; 
16:55:10.0764 0x1d88  ============================================================
16:55:10.0764 0x1d88  KSN ping started
16:55:13.0572 0x1d88  KSN ping finished: true
16:55:14.0480 0x1d88  ================ Scan system memory ========================
16:55:14.0481 0x1d88  System memory - ok
16:55:14.0483 0x1d88  ================ Scan services =============================
16:55:14.0555 0x1d88  [ 620C92D6EEFA9853A3EAD41B5EB9B5FD, 72DD7297179AC6629B816DD9656D5EC3F02BE677EA01A05A5EB808180F0D775F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:55:14.0563 0x1d88  !SASCORE - ok
16:55:14.0895 0x1d88  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
16:55:14.0939 0x1d88  1394ohci - ok
16:55:14.0954 0x1d88  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
16:55:14.0959 0x1d88  3ware - ok
16:55:15.0005 0x1d88  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:55:15.0028 0x1d88  ACPI - ok
16:55:15.0052 0x1d88  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
16:55:15.0058 0x1d88  acpiex - ok
16:55:15.0082 0x1d88  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
16:55:15.0095 0x1d88  acpipagr - ok
16:55:15.0107 0x1d88  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
16:55:15.0190 0x1d88  AcpiPmi - ok
16:55:15.0226 0x1d88  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
16:55:15.0230 0x1d88  acpitime - ok
16:55:15.0430 0x1d88  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:55:15.0442 0x1d88  AdobeFlashPlayerUpdateSvc - ok
16:55:15.0485 0x1d88  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:55:15.0597 0x1d88  adp94xx - ok
16:55:15.0629 0x1d88  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:55:15.0643 0x1d88  adpahci - ok
16:55:15.0661 0x1d88  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:55:15.0670 0x1d88  adpu320 - ok
16:55:15.0703 0x1d88  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:55:15.0711 0x1d88  AeLookupSvc - ok
16:55:15.0757 0x1d88  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:55:15.0763 0x1d88  AERTFilters - ok
16:55:15.0818 0x1d88  [ 36D6A3201721558A8AFBCC09C2DA4C2C, 66BBD6F2267A6418625D54F114B87248590E48C182085B3F43AEF585554F4A17 ] AFD             C:\Windows\system32\drivers\afd.sys
16:55:15.0855 0x1d88  AFD - ok
16:55:15.0875 0x1d88  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:55:15.0881 0x1d88  agp440 - ok
16:55:15.0918 0x1d88  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
16:55:15.0924 0x1d88  ALG - ok
16:55:15.0947 0x1d88  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
16:55:15.0955 0x1d88  AllUserInstallAgent - ok
16:55:16.0002 0x1d88  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
16:55:16.0065 0x1d88  AmdK8 - ok
16:55:16.0137 0x1d88  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
16:55:16.0156 0x1d88  AmdPPM - ok
16:55:16.0185 0x1d88  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:55:16.0191 0x1d88  amdsata - ok
16:55:16.0212 0x1d88  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:55:16.0223 0x1d88  amdsbs - ok
16:55:16.0235 0x1d88  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:55:16.0239 0x1d88  amdxata - ok
16:55:16.0292 0x1d88  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\Windows\System32\drivers\AMPPAL.sys
16:55:16.0331 0x1d88  AMPPAL - ok
16:55:16.0349 0x1d88  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
16:55:16.0356 0x1d88  AMPPALP - ok
16:55:16.0454 0x1d88  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:55:16.0544 0x1d88  AMPPALR3 - ok
16:55:16.0597 0x1d88  [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
16:55:16.0682 0x1d88  Apowersoft_AudioDevice - ok
16:55:16.0723 0x1d88  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
16:55:16.0728 0x1d88  AppID - ok
16:55:16.0766 0x1d88  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:55:16.0770 0x1d88  AppIDSvc - ok
16:55:16.0802 0x1d88  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
16:55:16.0808 0x1d88  Appinfo - ok
16:55:16.0830 0x1d88  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
16:55:16.0838 0x1d88  arc - ok
16:55:16.0852 0x1d88  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:55:16.0858 0x1d88  arcsas - ok
16:55:16.0875 0x1d88  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:55:16.0897 0x1d88  AsyncMac - ok
16:55:16.0911 0x1d88  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:55:16.0915 0x1d88  atapi - ok
16:55:16.0954 0x1d88  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:55:16.0962 0x1d88  AudioEndpointBuilder - ok
16:55:17.0033 0x1d88  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:55:17.0082 0x1d88  Audiosrv - ok
16:55:17.0125 0x1d88  [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82, FE8E1C220535DDD84934AB6FD86334CB4C24AE4C7CDBA8ABF2B8D9805622E077 ] Avgboota        C:\Windows\system32\DRIVERS\avgboota.sys
16:55:17.0130 0x1d88  Avgboota - ok
16:55:17.0161 0x1d88  [ 3D1FFAA3358CA0D8A298DEA8BECFC468, 011E9E9F9AC2113E5357AEE4C89AAE73DBC3A604105165FD3DA286979F0BF9D4 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
16:55:17.0204 0x1d88  Avgfwfd - ok
16:55:17.0375 0x1d88  [ 8A0D857EE0D05FDF1FAC51D3CC03E18C, 0806BCC1593B2CCFA26B0C8BA17088801D850401505A486B17BC49B28B058D01 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
16:55:17.0444 0x1d88  avgfws - ok
16:55:17.0718 0x1d88  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:55:17.0921 0x1d88  AVGIDSAgent - ok
16:55:18.0065 0x1d88  [ 92B7689FBC131E143421A19C18320E34, D3A323015790355070A380731CA56547F518F8AF800BC71670481A646C8FEEB3 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:55:18.0087 0x1d88  AVGIDSDriver - ok
16:55:18.0108 0x1d88  [ C8D9EEACF266512C1FA52E2ECF5AD944, 01972886F4324C55BE4450F2E18F263FBF0BE7525A9390714216E6C7A1827B1D ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
16:55:18.0113 0x1d88  AVGIDSHA - ok
16:55:18.0150 0x1d88  [ FACD18A89FDEBC35C85CAF762B294BE2, FD6EBE87ACA6CC017AB7ED886B2BC13CA05BDA38E4B7E8A63F33EF7E5C755BB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
16:55:18.0160 0x1d88  Avgldx64 - ok
16:55:18.0206 0x1d88  [ 29FCDEAC6086FB7E55344B51E35D99CE, 06408D79DF92B8A31DE0CA518BD93CA211D3192496CA3783762F289549F8F615 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
16:55:18.0220 0x1d88  Avgloga - ok
16:55:18.0260 0x1d88  [ 85053293DCDE19829E8691A9E9E8A6FF, 1F115376DCF888C0ED928D5E7150CC4602510FDA785DE76912D415366D8D7393 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
16:55:18.0266 0x1d88  Avgmfx64 - ok
16:55:18.0299 0x1d88  [ E191E443B0F7B05E784279A1C29B9D2A, 24B2B048C2CE5520A6B0E6702F55B5B65411E3E3D0857301E430EF2F9D7ECAFE ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
16:55:18.0305 0x1d88  Avgrkx64 - ok
16:55:18.0339 0x1d88  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:55:18.0351 0x1d88  avgwd - ok
16:55:18.0390 0x1d88  [ 7900D44647018603D274D572FB83BC7F, 9EA4B23B20ACDBFA6448B1E960B172142546284F329FC0BB26D3FA382912BD3E ] Avgwfpa         C:\Windows\system32\DRIVERS\avgwfpa.sys
16:55:18.0419 0x1d88  Avgwfpa - ok
16:55:18.0470 0x1d88  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:55:18.0478 0x1d88  AxInstSV - ok
16:55:18.0545 0x1d88  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:55:18.0600 0x1d88  b06bdrv - ok
16:55:18.0639 0x1d88  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
16:55:18.0655 0x1d88  BasicDisplay - ok
16:55:18.0681 0x1d88  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
16:55:18.0685 0x1d88  BasicRender - ok
16:55:18.0735 0x1d88  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
16:55:18.0745 0x1d88  BDESVC - ok
16:55:18.0765 0x1d88  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
16:55:18.0769 0x1d88  Beep - ok
16:55:18.0822 0x1d88  [ 9E6A544F465C582AB42444A217CF04DC, E436BA0C423C66740965DA5CB03C39C0EE31A6C0CE5D1D20C7D609E5B0AD27A4 ] BFE             C:\Windows\System32\bfe.dll
16:55:18.0859 0x1d88  BFE - ok
16:55:18.0935 0x1d88  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
16:55:20.0586 0x1d88  BITS - ok
16:55:21.0948 0x1d88  [ BAE8683BE3463B25E51875B380AB695A, 3EDB44560F798BB05AB7F534CEC4688C35AD9092B7D1CC5F58B47E82BD8EA270 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:55:22.0120 0x1d88  Bluetooth Device Monitor - ok
16:55:22.0962 0x1d88  [ AF06006C7A8B6CE409ABD351867A9544, AB985CEB86E57AB99E8D273058533CD3D04FF3232C62688DFD8F9D6A5B6586CD ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:55:23.0195 0x1d88  Bluetooth OBEX Service - ok
16:55:23.0388 0x1d88  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:55:23.0393 0x1d88  bowser - ok
16:55:23.0444 0x1d88  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:55:23.0455 0x1d88  BrokerInfrastructure - ok
16:55:23.0541 0x1d88  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
16:55:23.0549 0x1d88  Browser - ok
16:55:23.0666 0x1d88  [ 8427CBC6270B7EF6D089B1D67E77A0DC, FA9AB76ECD593200221AF6A4699BA3F3B98C3B755DECA6B7FA13862423683D62 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
16:55:23.0702 0x1d88  BstHdAndroidSvc - ok
16:55:23.0794 0x1d88  [ 35F3B5ED900FD2AB03F2889C05DECA35, 8343CAAC4E5A9607A2599A606FFAEF8E63DA948269E81619715B078AB5A57D37 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
16:55:23.0802 0x1d88  BstHdDrv - ok
16:55:23.0906 0x1d88  [ 5827A64E55EEA31EDA9DF0ABB8F7E956, 8D0B33EB3BE9C6639897A47D493A9B65D7F7168E9369AB40076F0ECA86338A13 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
16:55:23.0926 0x1d88  BstHdLogRotatorSvc - ok
16:55:24.0021 0x1d88  [ BC3C6332032180FCD0E294039256875F, 48925DF1853735324070ECD8FBBAEC2A04829069EB9F7A6C05C4A61C21FB74A0 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
16:55:24.0103 0x1d88  BstHdUpdaterSvc - ok
16:55:24.0151 0x1d88  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
16:55:24.0186 0x1d88  BthAvrcpTg - ok
16:55:24.0218 0x1d88  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
16:55:24.0449 0x1d88  BthEnum - ok
16:55:24.0485 0x1d88  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
16:55:24.0496 0x1d88  BthHFEnum - ok
16:55:24.0534 0x1d88  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
16:55:24.0550 0x1d88  bthhfhid - ok
16:55:24.0591 0x1d88  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
16:55:24.0613 0x1d88  BthLEEnum - ok
16:55:24.0643 0x1d88  [ EB4CBCB3288233CD964716D0A5E1CFC5, 0CE67B2D7855117B924ACC3A2979CE12F8DE45227B37AF95F9ABCC7406AD1EC3 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
16:55:24.0663 0x1d88  BTHMODEM - ok
16:55:24.0699 0x1d88  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:55:24.0721 0x1d88  BthPan - ok
16:55:24.0803 0x1d88  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:55:24.0879 0x1d88  BTHPORT - ok
16:55:24.0930 0x1d88  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
16:55:24.0938 0x1d88  bthserv - ok
16:55:24.0964 0x1d88  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:55:25.0031 0x1d88  BTHSSecurityMgr - ok
16:55:25.0070 0x1d88  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:55:25.0092 0x1d88  BTHUSB - ok
16:55:25.0133 0x1d88  [ 8F5E4E166C19A1B60F508057CF2FF96E, 6924EC4B820BB9C1753C1153AF315717826C7393D42C3AFB097957885987B7A3 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
16:55:25.0141 0x1d88  btmaux - ok
16:55:25.0253 0x1d88  [ FD6DCB9E986D4B88655370C7F3976F78, F106BBC3147BF4FFEE3A56B477BA7F26A269CAE659570930860AF033F1171A70 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
16:55:25.0344 0x1d88  btmhsf - ok
16:55:25.0390 0x1d88  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:55:25.0405 0x1d88  cdfs - ok
16:55:25.0437 0x1d88  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
16:55:25.0458 0x1d88  cdrom - ok
16:55:25.0493 0x1d88  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:55:25.0502 0x1d88  CertPropSvc - ok
16:55:25.0515 0x1d88  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
16:55:25.0540 0x1d88  circlass - ok
16:55:25.0566 0x1d88  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
16:55:25.0582 0x1d88  CLFS - ok
16:55:25.0631 0x1d88  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
16:55:25.0637 0x1d88  CmBatt - ok
16:55:25.0728 0x1d88  [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:55:25.0763 0x1d88  CNG - ok
16:55:25.0781 0x1d88  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
16:55:25.0785 0x1d88  CompositeBus - ok
16:55:25.0797 0x1d88  COMSysApp - ok
16:55:25.0811 0x1d88  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
16:55:25.0816 0x1d88  condrv - ok
16:55:25.0986 0x1d88  [ 6CB6EBB6B85594D5E4E8941363A6C9C2, FFE10DBE42FD507D677AF1A2FF0EADE1C1F21E13F5F2F39B0C5DB7FF3C5431DB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:55:26.0020 0x1d88  cphs - ok
16:55:26.0068 0x1d88  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:55:26.0074 0x1d88  CryptSvc - ok
16:55:26.0105 0x1d88  [ C4D01BD86D6B207275FC143EEA951D75, D36F7BBE0DB3EAD0C74DE5E6622C89D4568760D8735B6E191AD30990EA8018DC ] dam             C:\Windows\system32\drivers\dam.sys
16:55:26.0111 0x1d88  dam - ok
16:55:26.0183 0x1d88  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:55:26.0232 0x1d88  DcomLaunch - ok
16:55:26.0335 0x1d88  [ D1003E46139274BF3173EBCE4594CCC6, 80DA5070CF62FB83B0F96F4AC9EB67E14BB4CAEFFAAD3522C451A92BF96C6C68 ] Decor8          C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe
16:55:26.0358 0x1d88  Decor8 - ok
16:55:26.0410 0x1d88  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\Windows\System32\defragsvc.dll
16:55:26.0443 0x1d88  defragsvc - ok
16:55:26.0497 0x1d88  [ 2E19CAEACBBCB68B2338D936D64EA012, 840BD87697D2A11A959E57F695E2E3546555E0C82E812BD30750E3F5BCE7A51F ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
16:55:26.0523 0x1d88  DellDigitalDelivery - ok
16:55:26.0608 0x1d88  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\Windows\System32\drivers\DellRbtn.sys
16:55:27.0042 0x1d88  DellRbtn - ok
16:55:27.0145 0x1d88  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
16:55:27.0161 0x1d88  DeviceAssociationService - ok
16:55:27.0226 0x1d88  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
16:55:27.0236 0x1d88  DeviceInstall - ok
16:55:27.0271 0x1d88  [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
16:55:27.0278 0x1d88  Dfsc - ok
16:55:27.0353 0x1d88  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:55:27.0403 0x1d88  dg_ssudbus - ok
16:55:27.0470 0x1d88  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:55:27.0493 0x1d88  Dhcp - ok
16:55:27.0510 0x1d88  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
16:55:27.0514 0x1d88  discache - ok
16:55:27.0567 0x1d88  [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk            C:\Windows\system32\drivers\disk.sys
16:55:27.0573 0x1d88  disk - ok
16:55:27.0602 0x1d88  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
16:55:27.0606 0x1d88  dmvsc - ok
16:55:27.0645 0x1d88  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:55:27.0686 0x1d88  Dnscache - ok
16:55:27.0723 0x1d88  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
16:55:27.0745 0x1d88  dot3svc - ok
16:55:27.0782 0x1d88  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
16:55:27.0792 0x1d88  DPS - ok
16:55:27.0815 0x1d88  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:55:27.0826 0x1d88  drmkaud - ok
16:55:27.0884 0x1d88  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
16:55:27.0895 0x1d88  DsmSvc - ok
16:55:27.0985 0x1d88  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9, 3D348D3EFCA9C2AC25C3D0722FB8F64820936DEFD3926888740442972A0A8189 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:55:28.0077 0x1d88  DXGKrnl - ok
16:55:28.0122 0x1d88  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
16:55:28.0130 0x1d88  Eaphost - ok
16:55:28.0297 0x1d88  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:55:28.0439 0x1d88  ebdrv - ok
16:55:28.0496 0x1d88  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS             C:\Windows\System32\lsass.exe
16:55:28.0524 0x1d88  EFS - ok
16:55:28.0580 0x1d88  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
16:55:28.0586 0x1d88  EhStorClass - ok
16:55:28.0610 0x1d88  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:55:28.0617 0x1d88  EhStorTcgDrv - ok
16:55:28.0665 0x1d88  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
16:55:28.0670 0x1d88  ErrDev - ok
16:55:28.0761 0x1d88  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
16:55:28.0798 0x1d88  EventSystem - ok
16:55:28.0915 0x1d88  [ E67E289FA8AA393223AD7F9AFB738FD6, DBAB42EE5C140024CB4FF669664885B5CB404054A430331B5ABF273598A881C0 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:55:28.0962 0x1d88  EvtEng - ok
16:55:28.0997 0x1d88  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
16:55:29.0008 0x1d88  exfat - ok
16:55:29.0066 0x1d88  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:55:29.0079 0x1d88  fastfat - ok
16:55:29.0149 0x1d88  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
16:55:29.0195 0x1d88  Fax - ok
16:55:29.0209 0x1d88  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
16:55:29.0213 0x1d88  fdc - ok
16:55:29.0232 0x1d88  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:55:29.0236 0x1d88  fdPHost - ok
16:55:29.0252 0x1d88  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:55:29.0257 0x1d88  FDResPub - ok
16:55:29.0302 0x1d88  [ 79F403E33B69931105CA562A5B5D6E16, 0855EF21261FD0259A0A4D214B44D2BF57B12B265D3116FA6EBF57FCEB2DF9D2 ] FGUARD64        C:\Folder Guard\FGUARD64.SYS
16:55:29.0307 0x1d88  FGUARD64 - ok
16:55:29.0351 0x1d88  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
16:55:29.0360 0x1d88  fhsvc - ok
16:55:29.0391 0x1d88  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:55:29.0397 0x1d88  FileInfo - ok
16:55:29.0418 0x1d88  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:55:29.0423 0x1d88  Filetrace - ok
16:55:29.0550 0x1d88  [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:55:29.0617 0x1d88  FLEXnet Licensing Service 64 - ok
16:55:29.0653 0x1d88  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
16:55:29.0657 0x1d88  flpydisk - ok
16:55:29.0683 0x1d88  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:55:29.0699 0x1d88  FltMgr - ok
16:55:29.0798 0x1d88  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
16:55:29.0872 0x1d88  FontCache - ok
16:55:29.0992 0x1d88  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:55:30.0022 0x1d88  FontCache3.0.0.0 - ok
16:55:30.0068 0x1d88  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:55:30.0074 0x1d88  FsDepends - ok
16:55:30.0113 0x1d88  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:55:30.0118 0x1d88  Fs_Rec - ok
16:55:30.0184 0x1d88  [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:55:30.0218 0x1d88  fvevol - ok
16:55:30.0267 0x1d88  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
16:55:30.0281 0x1d88  FxPPM - ok
16:55:30.0322 0x1d88  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:55:30.0327 0x1d88  gagp30kx - ok
16:55:30.0355 0x1d88  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
16:55:30.0402 0x1d88  gencounter - ok
16:55:30.0427 0x1d88  [ CA18ECFCFFDD638ECE80799A9056B238, FEA6778443253CBAA9FF43A980D576A3F449B036151F91495F04CE0C54F02254 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
16:55:30.0435 0x1d88  GPIOClx0101 - ok
16:55:30.0527 0x1d88  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:55:30.0596 0x1d88  gpsvc - ok
16:55:30.0649 0x1d88  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:55:30.0655 0x1d88  gupdate - ok
16:55:30.0670 0x1d88  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:55:30.0674 0x1d88  gupdatem - ok
16:55:30.0707 0x1d88  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
16:55:30.0735 0x1d88  HDAudBus - ok
16:55:30.0806 0x1d88  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
16:55:30.0818 0x1d88  HidBatt - ok
16:55:30.0856 0x1d88  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
16:55:30.0883 0x1d88  HidBth - ok
16:55:30.0929 0x1d88  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
16:55:30.0949 0x1d88  hidi2c - ok
16:55:30.0979 0x1d88  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
16:55:31.0001 0x1d88  HidIr - ok
16:55:31.0032 0x1d88  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
16:55:31.0038 0x1d88  hidserv - ok
16:55:31.0100 0x1d88  [ 9E11EE0F2E117B2D5A835B2B91752827, DA523B5DE025B54DC685CB7FF76A75B343EAA8A10C7A8870BB023F1AAEEB67F5 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
16:55:31.0117 0x1d88  HidUsb - ok
16:55:31.0151 0x1d88  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:55:31.0160 0x1d88  hkmsvc - ok
16:55:31.0206 0x1d88  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:55:31.0221 0x1d88  HomeGroupListener - ok
16:55:31.0274 0x1d88  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:55:31.0309 0x1d88  HomeGroupProvider - ok
16:55:31.0361 0x1d88  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:55:31.0368 0x1d88  HpSAMD - ok
16:55:31.0439 0x1d88  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:55:31.0515 0x1d88  HTTP - ok
16:55:31.0535 0x1d88  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:55:31.0539 0x1d88  hwpolicy - ok
16:55:31.0556 0x1d88  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
16:55:31.0561 0x1d88  hyperkbd - ok
16:55:31.0573 0x1d88  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
16:55:31.0577 0x1d88  HyperVideo - ok
16:55:31.0594 0x1d88  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
16:55:31.0601 0x1d88  i8042prt - ok
16:55:31.0681 0x1d88  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
16:55:31.0702 0x1d88  iaStorA - ok
16:55:31.0785 0x1d88  [ 584068E03829BC5C63F54B05E6244E97, C075E8A4853C0DE09A9BF846338F9C8997FE7ACD604B4EC02AA89F0DAA1D985B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:55:31.0936 0x1d88  IAStorDataMgrSvc - ok
16:55:32.0001 0x1d88  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:55:32.0035 0x1d88  iaStorV - ok
16:55:32.0063 0x1d88  [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:55:32.0078 0x1d88  ibtfltcoex - ok
16:55:32.0139 0x1d88  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
16:55:32.0167 0x1d88  ICCS - ok
16:55:32.0334 0x1d88  [ 829EA5ECCAA623279D94EAEE3B5AD140, 2D40536146203079BDD31B0A86E442CE896DAF08F8AC7ACF77E38BC85BB179A4 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
16:55:32.0441 0x1d88  IconMan_R - ok
16:55:32.0657 0x1d88  [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:55:33.0039 0x1d88  igfx - ok
16:55:33.0105 0x1d88  [ B54E51AF05F883B2282693B4214ED228, 1083DA63D8DF1149644A3BDA0BD8B69C35D98C745E23F5FD9FDD2D9FF5682ABA ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
16:55:33.0126 0x1d88  igfxCUIService1.0.0.0 - ok
16:55:33.0157 0x1d88  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:55:33.0162 0x1d88  iirsp - ok
16:55:33.0239 0x1d88  [ 531B5A98145DA689741A0AC18F14EA94, BFD6FF79EA87627B2E5D96747518928119B60CFE772AE15F1643F9738DCD4DBB ] IKEEXT          C:\Windows\System32\ikeext.dll
16:55:33.0298 0x1d88  IKEEXT - ok
16:55:33.0344 0x1d88  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA, 46D1DC6A44E20339AD9195EE7CC719DC9BC99C78F8C74E730B671F0D78B9C683 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:55:33.0351 0x1d88  intaud_WaveExtensible - ok
16:55:33.0624 0x1d88  [ E4FD2A81EF844C01E3BA6FBED1644A23, 022419EDDA4694536FD677EB3C6BA79A0B318982F0F7644918FD828D1FF64758 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:55:33.0809 0x1d88  IntcAzAudAddService - ok
16:55:33.0876 0x1d88  [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:55:33.0910 0x1d88  IntcDAud - ok
16:55:34.0017 0x1d88  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:55:34.0060 0x1d88  Intel® Capability Licensing Service Interface - ok
16:55:34.0092 0x1d88  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:55:34.0096 0x1d88  intelide - ok
16:55:34.0133 0x1d88  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
16:55:34.0154 0x1d88  intelppm - ok
16:55:34.0186 0x1d88  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:55:34.0193 0x1d88  IpFilterDriver - ok
16:55:34.0273 0x1d88  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:55:34.0327 0x1d88  iphlpsvc - ok
16:55:34.0355 0x1d88  [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
16:55:34.0391 0x1d88  IPMIDRV - ok
16:55:34.0414 0x1d88  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:55:34.0421 0x1d88  IPNAT - ok
16:55:34.0446 0x1d88  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:55:34.0451 0x1d88  IRENUM - ok
16:55:34.0464 0x1d88  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:55:34.0467 0x1d88  isapnp - ok
16:55:34.0505 0x1d88  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
16:55:34.0527 0x1d88  iScsiPrt - ok
16:55:34.0564 0x1d88  [ C59B9CE2855E667809F9E63C20FC44A5, 36C71CDAB84296E408F29588E1993B6E2016841435C6F2CABBB716A2E2947BA8 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
16:55:34.0568 0x1d88  iwdbus - ok
16:55:34.0632 0x1d88  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
16:55:34.0643 0x1d88  jhi_service - ok
16:55:34.0665 0x1d88  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
16:55:34.0670 0x1d88  kbdclass - ok
16:55:34.0682 0x1d88  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
16:55:34.0685 0x1d88  kbdhid - ok
16:55:34.0701 0x1d88  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
16:55:34.0719 0x1d88  kdnic - ok
16:55:34.0740 0x1d88  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso          C:\Windows\system32\lsass.exe
16:55:34.0745 0x1d88  KeyIso - ok
16:55:34.0763 0x1d88  [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:55:34.0771 0x1d88  KSecDD - ok
16:55:34.0799 0x1d88  [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:55:34.0807 0x1d88  KSecPkg - ok
16:55:34.0827 0x1d88  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:55:34.0831 0x1d88  ksthunk - ok
16:55:34.0877 0x1d88  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:55:34.0934 0x1d88  KtmRm - ok
16:55:34.0980 0x1d88  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:55:35.0015 0x1d88  LanmanServer - ok
16:55:35.0057 0x1d88  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:55:35.0081 0x1d88  LanmanWorkstation - ok
16:55:35.0111 0x1d88  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:55:35.0116 0x1d88  lltdio - ok
16:55:35.0154 0x1d88  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:55:35.0199 0x1d88  lltdsvc - ok
16:55:35.0235 0x1d88  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:55:35.0240 0x1d88  lmhosts - ok
16:55:35.0285 0x1d88  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:55:35.0298 0x1d88  LMS - ok
16:55:35.0347 0x1d88  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:55:35.0356 0x1d88  LSI_SAS - ok
16:55:35.0371 0x1d88  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:55:35.0378 0x1d88  LSI_SAS2 - ok
16:55:35.0393 0x1d88  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:55:35.0402 0x1d88  LSI_SCSI - ok
16:55:35.0416 0x1d88  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
16:55:35.0422 0x1d88  LSI_SSS - ok
16:55:35.0474 0x1d88  [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM             C:\Windows\System32\lsm.dll
16:55:35.0509 0x1d88  LSM - ok
16:55:35.0532 0x1d88  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv          
Link to post
Share on other sites

XXXXXX PART 2 XXXXXXX

 

C:\Windows\system32\drivers\luafv.sys

16:55:35.0542 0x1d88  luafv - ok

16:55:35.0584 0x1d88  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

16:55:35.0588 0x1d88  MBAMProtector - ok

16:55:35.0724 0x1d88  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

16:55:35.0811 0x1d88  MBAMScheduler - ok

16:55:35.0883 0x1d88  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

16:55:35.0934 0x1d88  MBAMService - ok

16:55:36.0042 0x1d88  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

16:55:36.0049 0x1d88  MBAMSwissArmy - ok

16:55:36.0083 0x1d88  [ 0664F6335F108F38FE08C3CA747311EE, 04C5F31C57573DC4ABFC609D3F7C589835CE5C528AF5EE07FB25E35F72DF98A4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

16:55:36.0089 0x1d88  MBAMWebAccessControl - ok

16:55:36.0116 0x1d88  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys

16:55:36.0120 0x1d88  megasas - ok

16:55:36.0153 0x1d88  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

16:55:36.0168 0x1d88  MegaSR - ok

16:55:36.0206 0x1d88  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys

16:55:36.0213 0x1d88  MEIx64 - ok

16:55:36.0248 0x1d88  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll

16:55:36.0255 0x1d88  MMCSS - ok

16:55:36.0284 0x1d88  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys

16:55:36.0289 0x1d88  Modem - ok

16:55:36.0326 0x1d88  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys

16:55:36.0360 0x1d88  monitor - ok

16:55:36.0400 0x1d88  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys

16:55:36.0406 0x1d88  mouclass - ok

16:55:36.0426 0x1d88  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys

16:55:36.0444 0x1d88  mouhid - ok

16:55:36.0465 0x1d88  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

16:55:36.0470 0x1d88  mountmgr - ok

16:55:36.0525 0x1d88  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C, BCBFF081FAFB822CE29D291FB329FC310D90F0EC0D1BB69CF8CB09ED5A2E84D1 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

16:55:36.0596 0x1d88  mpsdrv - ok

16:55:36.0774 0x1d88  [ 3031573A739DBEE8923851929D0AF423, E9EA6C0D12A896AC745173B1F1A58192B52724AA424718B16B8D05E9AC091741 ] MpsSvc          C:\Windows\system32\mpssvc.dll

16:55:36.0856 0x1d88  MpsSvc - ok

16:55:36.0895 0x1d88  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

16:55:36.0905 0x1d88  MRxDAV - ok

16:55:37.0000 0x1d88  [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

16:55:37.0021 0x1d88  mrxsmb - ok

16:55:37.0123 0x1d88  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:55:37.0137 0x1d88  mrxsmb10 - ok

16:55:37.0187 0x1d88  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:55:37.0199 0x1d88  mrxsmb20 - ok

16:55:37.0334 0x1d88  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys

16:55:37.0342 0x1d88  MsBridge - ok

16:55:37.0400 0x1d88  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe

16:55:37.0412 0x1d88  MSDTC - ok

16:55:37.0446 0x1d88  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

16:55:37.0450 0x1d88  Msfs - ok

16:55:37.0514 0x1d88  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys

16:55:37.0519 0x1d88  msgpiowin32 - ok

16:55:37.0598 0x1d88  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

16:55:37.0603 0x1d88  mshidkmdf - ok

16:55:37.0623 0x1d88  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys

16:55:37.0626 0x1d88  mshidumdf - ok

16:55:37.0708 0x1d88  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

16:55:37.0712 0x1d88  msisadrv - ok

16:55:37.0804 0x1d88  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

16:55:37.0834 0x1d88  MSiSCSI - ok

16:55:37.0843 0x1d88  msiserver - ok

16:55:37.0886 0x1d88  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

16:55:37.0889 0x1d88  MSKSSRV - ok

16:55:37.0941 0x1d88  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys

16:55:37.0946 0x1d88  MsLldp - ok

16:55:37.0972 0x1d88  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

16:55:37.0975 0x1d88  MSPCLOCK - ok

16:55:37.0988 0x1d88  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

16:55:37.0992 0x1d88  MSPQM - ok

16:55:38.0081 0x1d88  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

16:55:38.0096 0x1d88  MsRPC - ok

16:55:38.0124 0x1d88  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys

16:55:38.0130 0x1d88  mssmbios - ok

16:55:38.0162 0x1d88  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

16:55:38.0166 0x1d88  MSTEE - ok

16:55:38.0181 0x1d88  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys

16:55:38.0186 0x1d88  MTConfig - ok

16:55:38.0214 0x1d88  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys

16:55:38.0220 0x1d88  Mup - ok

16:55:38.0240 0x1d88  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys

16:55:38.0246 0x1d88  mvumis - ok

16:55:38.0291 0x1d88  [ 431F065E2A99FC3C670BD20694117C8B, ADE1D6B5EC0C0F078DB5F24FE4E830AC08FA1EDA1C895E7F4873874BCC1F2154 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

16:55:38.0335 0x1d88  MyWiFiDHCPDNS - ok

16:55:38.0479 0x1d88  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll

16:55:38.0498 0x1d88  napagent - ok

16:55:38.0562 0x1d88  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

16:55:38.0581 0x1d88  NativeWifiP - ok

16:55:38.0625 0x1d88  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll

16:55:38.0636 0x1d88  NcaSvc - ok

16:55:38.0677 0x1d88  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll

16:55:38.0684 0x1d88  NcdAutoSetup - ok

16:55:38.0830 0x1d88  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys

16:55:38.0881 0x1d88  NDIS - ok

16:55:38.0914 0x1d88  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

16:55:38.0920 0x1d88  NdisCap - ok

16:55:38.0968 0x1d88  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys

16:55:38.0975 0x1d88  NdisImPlatform - ok

16:55:39.0068 0x1d88  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

16:55:39.0171 0x1d88  NdisTapi - ok

16:55:39.0235 0x1d88  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

16:55:39.0289 0x1d88  Ndisuio - ok

16:55:39.0320 0x1d88  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

16:55:39.0329 0x1d88  NdisWan - ok

16:55:39.0342 0x1d88  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys

16:55:39.0349 0x1d88  NDISWANLEGACY - ok

16:55:39.0391 0x1d88  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

16:55:39.0413 0x1d88  NDProxy - ok

16:55:39.0430 0x1d88  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys

16:55:39.0438 0x1d88  Ndu - ok

16:55:39.0481 0x1d88  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

16:55:39.0486 0x1d88  NetBIOS - ok

16:55:39.0519 0x1d88  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

16:55:39.0548 0x1d88  NetBT - ok

16:55:39.0573 0x1d88  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon        C:\Windows\system32\lsass.exe

16:55:39.0577 0x1d88  Netlogon - ok

16:55:39.0618 0x1d88  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll

16:55:39.0633 0x1d88  Netman - ok

16:55:39.0684 0x1d88  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll

16:55:39.0717 0x1d88  netprofm - ok

16:55:39.0801 0x1d88  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:55:39.0818 0x1d88  NetTcpPortSharing - ok

16:55:40.0002 0x1d88  [ 6C9793D9E1E26E74B6421B0791971F89, 0C5C59B248BC658F5F6FC1B4A58580B77497ED87A9F96697223EB039FA588F5C ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys

16:55:40.0204 0x1d88  NETwNe64 - ok

16:55:40.0246 0x1d88  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

16:55:40.0251 0x1d88  nfrd960 - ok

16:55:40.0295 0x1d88  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\Windows\System32\nlasvc.dll

16:55:40.0319 0x1d88  NlaSvc - ok

16:55:40.0339 0x1d88  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

16:55:40.0343 0x1d88  Npfs - ok

16:55:40.0360 0x1d88  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys

16:55:40.0364 0x1d88  npsvctrig - ok

16:55:40.0393 0x1d88  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll

16:55:40.0469 0x1d88  nsi - ok

16:55:40.0482 0x1d88  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

16:55:40.0487 0x1d88  nsiproxy - ok

16:55:40.0603 0x1d88  [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

16:55:40.0695 0x1d88  Ntfs - ok

16:55:40.0739 0x1d88  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys

16:55:40.0749 0x1d88  Null - ok

16:55:41.0324 0x1d88  [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:55:41.0876 0x1d88  nvlddmkm - ok

16:55:42.0037 0x1d88  [ C22ADABFABBC2B7AC189C87D87B1ABD6, 20886F806C1C02FA8BAA8B76AFCC32C40FA51921ED8D97F592DF9F92BFA933EE ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

16:55:42.0122 0x1d88  NvNetworkService - ok

16:55:42.0168 0x1d88  [ C045199456CE8B823AD85CB9507DEA3C, 9C070B7463AB22D1AFC116E89C690FD552ED68D138F9DD3BA9FAD9BB652DC940 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys

16:55:42.0173 0x1d88  nvpciflt - ok

16:55:42.0216 0x1d88  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

16:55:42.0225 0x1d88  nvraid - ok

16:55:42.0244 0x1d88  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

16:55:42.0251 0x1d88  nvstor - ok

16:55:42.0320 0x1d88  [ A88135181D776F8C18550A589A9CAF2D, 47CA5246A55198BA5DEDD34C93A3C5E2DF0EED29ADA3F27AB963857116B6048E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

16:55:42.0323 0x1d88  NvStreamKms - ok

16:55:42.0338 0x1d88  NvStreamSvc - ok

16:55:42.0395 0x1d88  [ 03C0CB5CF01B8AB02D66B2C036BC3F37, 91FA6761B6D1F3BCE1E7949908F812DA796AE6C13B99637225C748491E3CA1B6 ] NvStUSB         C:\Windows\System32\drivers\nvstusb.sys

16:55:42.0431 0x1d88  NvStUSB - ok

16:55:42.0505 0x1d88  [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc           C:\Windows\system32\nvvsvc.exe

16:55:42.0559 0x1d88  nvsvc - ok

16:55:42.0581 0x1d88  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys

16:55:42.0585 0x1d88  nvvad_WaveExtensible - ok

16:55:42.0612 0x1d88  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

16:55:42.0620 0x1d88  nv_agp - ok

16:55:42.0690 0x1d88  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:55:42.0701 0x1d88  ose64 - ok

16:55:42.0749 0x1d88  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

16:55:42.0771 0x1d88  p2pimsvc - ok

16:55:42.0828 0x1d88  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll

16:55:42.0862 0x1d88  p2psvc - ok

16:55:42.0888 0x1d88  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys

16:55:42.0895 0x1d88  Parport - ok

16:55:42.0932 0x1d88  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

16:55:42.0954 0x1d88  partmgr - ok

16:55:43.0016 0x1d88  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll

16:55:43.0051 0x1d88  PcaSvc - ok

16:55:43.0081 0x1d88  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys

16:55:43.0093 0x1d88  pci - ok

16:55:43.0112 0x1d88  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys

16:55:43.0117 0x1d88  pciide - ok

16:55:43.0136 0x1d88  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

16:55:43.0149 0x1d88  pcmcia - ok

16:55:43.0173 0x1d88  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys

16:55:43.0178 0x1d88  pcw - ok

16:55:43.0214 0x1d88  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys

16:55:43.0221 0x1d88  pdc - ok

16:55:43.0282 0x1d88  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

16:55:43.0356 0x1d88  PEAUTH - ok

16:55:43.0560 0x1d88  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe

16:55:43.0566 0x1d88  PerfHost - ok

16:55:43.0655 0x1d88  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll

16:55:43.0726 0x1d88  pla - ok

16:55:43.0770 0x1d88  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

16:55:43.0778 0x1d88  PlugPlay - ok

16:55:43.0796 0x1d88  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

16:55:43.0803 0x1d88  PNRPAutoReg - ok

16:55:43.0837 0x1d88  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

16:55:43.0851 0x1d88  PNRPsvc - ok

16:55:43.0909 0x1d88  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

16:55:43.0946 0x1d88  PolicyAgent - ok

16:55:43.0983 0x1d88  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll

16:55:43.0991 0x1d88  Power - ok

16:55:44.0021 0x1d88  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

16:55:44.0047 0x1d88  PptpMiniport - ok

16:55:44.0217 0x1d88  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

16:55:44.0341 0x1d88  PrintNotify - ok

16:55:44.0426 0x1d88  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys

16:55:44.0439 0x1d88  Processor - ok

16:55:44.0544 0x1d88  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\Windows\system32\profsvc.dll

16:55:44.0555 0x1d88  ProfSvc - ok

16:55:44.0586 0x1d88  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

16:55:44.0595 0x1d88  Psched - ok

16:55:44.0626 0x1d88  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll

16:55:44.0647 0x1d88  QWAVE - ok

16:55:44.0685 0x1d88  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

16:55:44.0690 0x1d88  QWAVEdrv - ok

16:55:44.0710 0x1d88  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

16:55:44.0714 0x1d88  RasAcd - ok

16:55:44.0750 0x1d88  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

16:55:44.0755 0x1d88  RasAgileVpn - ok

16:55:44.0808 0x1d88  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll

16:55:44.0816 0x1d88  RasAuto - ok

16:55:44.0845 0x1d88  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

16:55:44.0853 0x1d88  Rasl2tp - ok

16:55:44.0885 0x1d88  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll

16:55:44.0919 0x1d88  RasMan - ok

16:55:44.0932 0x1d88  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

16:55:44.0937 0x1d88  RasPppoe - ok

16:55:44.0952 0x1d88  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

16:55:44.0958 0x1d88  RasSstp - ok

16:55:45.0042 0x1d88  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

16:55:45.0075 0x1d88  rdbss - ok

16:55:45.0107 0x1d88  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys

16:55:45.0117 0x1d88  rdpbus - ok

16:55:45.0153 0x1d88  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

16:55:45.0174 0x1d88  RDPDR - ok

16:55:45.0228 0x1d88  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

16:55:45.0232 0x1d88  RdpVideoMiniport - ok

16:55:45.0259 0x1d88  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

16:55:45.0271 0x1d88  RDPWD - ok

16:55:45.0298 0x1d88  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

16:55:45.0309 0x1d88  rdyboost - ok

16:55:45.0404 0x1d88  [ D4F8266D63800FF9ACFAC838005A974C, 4FF1053A6B5365867F58AE521FDD32565C144686CB399C2B606005A507EC206E ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

16:55:45.0412 0x1d88  RegSrvc - ok

16:55:45.0453 0x1d88  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll

16:55:45.0462 0x1d88  RemoteAccess - ok

16:55:45.0521 0x1d88  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

16:55:45.0531 0x1d88  RemoteRegistry - ok

16:55:45.0573 0x1d88  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys

16:55:45.0619 0x1d88  RFCOMM - ok

16:55:45.0653 0x1d88  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

16:55:45.0660 0x1d88  RpcEptMapper - ok

16:55:45.0687 0x1d88  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe

16:55:45.0692 0x1d88  RpcLocator - ok

16:55:45.0746 0x1d88  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll

16:55:45.0773 0x1d88  RpcSs - ok

16:55:45.0810 0x1d88  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

16:55:45.0817 0x1d88  rspndr - ok

16:55:45.0869 0x1d88  [ 46726EB52FDC7A141DE6780B09F3F729, EC8BC2A023F81D7C5F39452E8286C65C58B34B5E9A8E99134969C032735D4768 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys

16:55:45.0884 0x1d88  RSUSBVSTOR - ok

16:55:45.0910 0x1d88  [ 3208C73AE8E3B032DF1235B8F820CBBC, 42A2F0785FDC3998C1B28806AEA3AA78AF187088478C67CBCAC803FEA31AEF9C ] rtcrfilt64      C:\Windows\system32\drivers\rtcrfilt64.sys

16:55:45.0913 0x1d88  rtcrfilt64 - ok

16:55:45.0962 0x1d88  [ 1BB99CCA4CF32C41D623E895B556FEC1, 7A0A953987AC1308169EFBA662A3AB962ADF00519D0D1567E9D5764FC8B9F2C0 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

16:55:45.0982 0x1d88  RtkAudioService - ok

16:55:46.0030 0x1d88  [ 34DA0D14F5C3F1883A331AFB975AB434, BB5D580C1DCAE59CC1DB75C411A5A4DDF435931469E7EBFF5DFDADBFE07ADEBF ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys

16:55:46.0064 0x1d88  RTL8168 - ok

16:55:46.0110 0x1d88  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys

16:55:46.0114 0x1d88  s3cap - ok

16:55:46.0162 0x1d88  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs           C:\Windows\system32\lsass.exe

16:55:46.0166 0x1d88  SamSs - ok

16:55:46.0202 0x1d88  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

16:55:46.0206 0x1d88  SASDIFSV - ok

16:55:46.0222 0x1d88  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

16:55:46.0226 0x1d88  SASKUTIL - ok

16:55:46.0252 0x1d88  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

16:55:46.0258 0x1d88  sbp2port - ok

16:55:46.0304 0x1d88  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

16:55:46.0317 0x1d88  SCardSvr - ok

16:55:46.0356 0x1d88  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

16:55:46.0360 0x1d88  scfilter - ok

16:55:46.0460 0x1d88  [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule        C:\Windows\system32\schedsvc.dll

16:55:46.0526 0x1d88  Schedule - ok

16:55:46.0570 0x1d88  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll

16:55:46.0578 0x1d88  SCPolicySvc - ok

16:55:46.0619 0x1d88  [ 98636FB2973B8876A7F0BECD076CF109, 84A03360BA47EDEA86FE52433E8BA2D2356FE8FDB3DB05B9FBACE36389A1AEB5 ] sdbus           C:\Windows\System32\drivers\sdbus.sys

16:55:46.0628 0x1d88  sdbus - ok

16:55:46.0666 0x1d88  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

16:55:46.0679 0x1d88  SDRSVC - ok

16:55:46.0720 0x1d88  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys

16:55:46.0727 0x1d88  sdstor - ok

16:55:46.0761 0x1d88  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

16:55:46.0764 0x1d88  secdrv - ok

16:55:46.0789 0x1d88  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll

16:55:46.0795 0x1d88  seclogon - ok

16:55:46.0820 0x1d88  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll

16:55:46.0827 0x1d88  SENS - ok

16:55:46.0855 0x1d88  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

16:55:46.0866 0x1d88  SensrSvc - ok

16:55:46.0894 0x1d88  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys

16:55:46.0898 0x1d88  SerCx - ok

16:55:46.0910 0x1d88  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys

16:55:46.0915 0x1d88  Serenum - ok

16:55:46.0928 0x1d88  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys

16:55:46.0935 0x1d88  Serial - ok

16:55:46.0947 0x1d88  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys

16:55:46.0953 0x1d88  sermouse - ok

16:55:47.0006 0x1d88  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll

16:55:47.0029 0x1d88  SessionEnv - ok

16:55:47.0042 0x1d88  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys

16:55:47.0045 0x1d88  sfloppy - ok

16:55:47.0234 0x1d88  [ B2B36D1B62BA24ACA1C114B3936F308D, 251C87C6EFCA5D18EFB0008B827D22E32B45A1D5C2E125B381EF5444775B798E ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe

16:55:47.0317 0x1d88  SftService - ok

16:55:47.0374 0x1d88  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

16:55:47.0411 0x1d88  SharedAccess - ok

16:55:47.0516 0x1d88  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:55:47.0583 0x1d88  ShellHWDetection - ok

16:55:47.0607 0x1d88  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

16:55:47.0612 0x1d88  SiSRaid2 - ok

16:55:47.0631 0x1d88  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

16:55:47.0638 0x1d88  SiSRaid4 - ok

16:55:47.0684 0x1d88  [ A7CD1B0E0452B2E9C650EFDB466D40E7, 232DC51A32BDD522AC0D03A2614CE71E61F95980E9BC3619CB058626C546BDE5 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys

16:55:47.0689 0x1d88  SmbDrv - ok

16:55:47.0715 0x1d88  [ D79951652C8C22C01996E6C2E29AD390, 491F9D982F5C4CBA8C5F8BC0B05097898C68D100FB34280D467D6826DF2DF182 ] SmbDrvI         C:\Windows\System32\drivers\Smb_driver_Intel.sys

16:55:47.0721 0x1d88  SmbDrvI - ok

16:55:47.0746 0x1d88  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

16:55:47.0753 0x1d88  SNMPTRAP - ok

16:55:47.0799 0x1d88  [ FD3AF5575B99871BADB94E7699DBCE08, 847A78C1388683984AFA7D00B7C7F8741BC1DFBF4999AAD1E2EFC22D3C316846 ] spaceport       C:\Windows\system32\drivers\spaceport.sys

16:55:47.0814 0x1d88  spaceport - ok

16:55:47.0828 0x1d88  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys

16:55:47.0833 0x1d88  SpbCx - ok

16:55:47.0896 0x1d88  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe

16:55:47.0947 0x1d88  Spooler - ok

16:55:48.0179 0x1d88  [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC ] sppsvc          C:\Windows\system32\sppsvc.exe

16:55:48.0404 0x1d88  sppsvc - ok

16:55:48.0486 0x1d88  [ 62392CEB7DD65838364990E0F5494B73, 1DF78114F42545FF991A0EB0233E26E8A18B38B4F16B2E24BFB0A9FBCDF62F29 ] SRS_AE_Service  C:\Windows\system32\drivers\SRS_AE_amd64.sys

16:55:48.0520 0x1d88  SRS_AE_Service - ok

16:55:48.0563 0x1d88  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys

16:55:48.0587 0x1d88  srv - ok

16:55:48.0641 0x1d88  [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

16:55:48.0678 0x1d88  srv2 - ok

16:55:48.0704 0x1d88  [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

16:55:48.0716 0x1d88  srvnet - ok

16:55:48.0757 0x1d88  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

16:55:48.0779 0x1d88  SSDPSRV - ok

16:55:48.0827 0x1d88  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

16:55:48.0836 0x1d88  SstpSvc - ok

16:55:48.0901 0x1d88  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys

16:55:48.0911 0x1d88  ssudmdm - ok

16:55:48.0989 0x1d88  [ 882E2063832AA21716D2C17F11BE4079, 8E2E20960B1D6A2E9C26AB1E1A7BD4571C12B04DD73BB0BA77A22111B78ACD37 ] Start8          C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe

16:55:48.0997 0x1d88  Start8 - ok

16:55:49.0029 0x1d88  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys

16:55:49.0034 0x1d88  stexstor - ok

16:55:49.0096 0x1d88  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll

16:55:49.0130 0x1d88  stisvc - ok

16:55:49.0170 0x1d88  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys

16:55:49.0176 0x1d88  storahci - ok

16:55:49.0201 0x1d88  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys

16:55:49.0205 0x1d88  storflt - ok

16:55:49.0233 0x1d88  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll

16:55:49.0241 0x1d88  StorSvc - ok

16:55:49.0253 0x1d88  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys

16:55:49.0258 0x1d88  storvsc - ok

16:55:49.0282 0x1d88  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll

16:55:49.0289 0x1d88  svsvc - ok

16:55:49.0317 0x1d88  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys

16:55:49.0321 0x1d88  swenum - ok

16:55:49.0366 0x1d88  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll

16:55:49.0401 0x1d88  swprv - ok

16:55:49.0473 0x1d88  [ 276C0D79A6C62944B02A5502DB260AAF, 472D0E46CD20E979180D26E65C19E02C7096F955A8B3C87FFAF63BB2DED821D7 ] SynTP           C:\Windows\System32\drivers\SynTP.sys

16:55:49.0508 0x1d88  SynTP - ok

16:55:49.0599 0x1d88  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll

16:55:49.0668 0x1d88  SysMain - ok

16:55:49.0713 0x1d88  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll

16:55:49.0724 0x1d88  SystemEventsBroker - ok

16:55:49.0762 0x1d88  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll

16:55:49.0771 0x1d88  TabletInputService - ok

16:55:49.0819 0x1d88  [ D8D7EE024FD89B8BA73477CBFCAC41AA, EC2A0CDB0DECE5A81FFFE9C9A7AF51A6A2E70AE4D5207102C87C9C00FBBB91CD ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys

16:55:49.0861 0x1d88  taphss6 - ok

16:55:49.0905 0x1d88  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll

16:55:49.0929 0x1d88  TapiSrv - ok

16:55:50.0111 0x1d88  [ 1794C43A000A47D92B3304FC1E3E512A, 5599B11EC63BB4BDD0486BDF06D913EEECCF6E2955AEC814619EAAA3CBBF22E4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

16:55:50.0214 0x1d88  Tcpip - ok

16:55:50.0347 0x1d88  [ 1794C43A000A47D92B3304FC1E3E512A, 5599B11EC63BB4BDD0486BDF06D913EEECCF6E2955AEC814619EAAA3CBBF22E4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

16:55:50.0421 0x1d88  TCPIP6 - ok

16:55:50.0477 0x1d88  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

16:55:50.0482 0x1d88  tcpipreg - ok

16:55:50.0511 0x1d88  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

16:55:50.0523 0x1d88  tdx - ok

16:55:50.0541 0x1d88  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys

16:55:50.0546 0x1d88  terminpt - ok

16:55:50.0597 0x1d88  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\Windows\System32\termsrv.dll

16:55:50.0644 0x1d88  TermService - ok

16:55:50.0682 0x1d88  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll

16:55:50.0690 0x1d88  Themes - ok

16:55:50.0715 0x1d88  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll

16:55:50.0721 0x1d88  THREADORDER - ok

16:55:50.0757 0x1d88  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll

16:55:50.0769 0x1d88  TimeBroker - ok

16:55:50.0813 0x1d88  [ 6F0BFF80EE2A5BC841286A51F893CBAD, 79C58352002D9E3274170B6933FE3600F7C74E9DDB38C74805C42C53ADD35F28 ] TPM             C:\Windows\system32\drivers\tpm.sys

16:55:50.0821 0x1d88  TPM - ok

16:55:50.0853 0x1d88  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll

16:55:50.0863 0x1d88  TrkWks - ok

16:55:50.0923 0x1d88  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:55:50.0930 0x1d88  TrustedInstaller - ok

16:55:50.0959 0x1d88  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

16:55:50.0978 0x1d88  TsUsbFlt - ok

16:55:50.0991 0x1d88  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys

16:55:50.0995 0x1d88  TsUsbGD - ok

16:55:51.0016 0x1d88  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

16:55:51.0025 0x1d88  tunnel - ok

16:55:51.0086 0x1d88  [ 42350E49DA754D2D77362FDAE3491651, F29E8BA444ECB0484066B02C0A3DCE09B8417159EE37D7A2E05D4C06A98449C4 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys

16:55:51.0174 0x1d88  TurboB - ok

16:55:51.0250 0x1d88  [ 4F4B0AB2FB69C414CCBCEF7CF2E1C8D8, E1F197554369C97DBF61389346B4CB0233F40AAA2575F5D2FEC809AC9123FC69 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe

16:55:51.0259 0x1d88  TurboBoost - ok

16:55:51.0272 0x1d88  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys

16:55:51.0279 0x1d88  uagp35 - ok

16:55:51.0303 0x1d88  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys

16:55:51.0309 0x1d88  UASPStor - ok

16:55:51.0341 0x1d88  [ 4834158B8D06A153FADAB6B85320FBBE, 55D78600A9D2E02AA19A1840484E03B5DFF39BF5DA06834A0CCF531D5B623BED ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys

16:55:51.0351 0x1d88  UCX01000 - ok

16:55:51.0392 0x1d88  [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

16:55:51.0413 0x1d88  udfs - ok

16:55:51.0457 0x1d88  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe

16:55:51.0464 0x1d88  UI0Detect - ok

16:55:51.0477 0x1d88  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

16:55:51.0484 0x1d88  uliagpkx - ok

16:55:51.0503 0x1d88  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys

16:55:51.0510 0x1d88  umbus - ok

16:55:51.0523 0x1d88  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys

16:55:51.0527 0x1d88  UmPass - ok

16:55:51.0565 0x1d88  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll

16:55:51.0587 0x1d88  UmRdpService - ok

16:55:51.0671 0x1d88  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

16:55:51.0694 0x1d88  UNS - ok

16:55:51.0738 0x1d88  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll

16:55:51.0773 0x1d88  upnphost - ok

16:55:51.0813 0x1d88  [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys

16:55:51.0818 0x1d88  usb3Hub - ok

16:55:51.0868 0x1d88  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys

16:55:52.0025 0x1d88  usbccgp - ok

16:55:52.0060 0x1d88  [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys

16:55:52.0067 0x1d88  usbcir - ok

16:55:52.0092 0x1d88  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86, 93E2CC1D4A56A3BBDD85020A8F4AD1B9B119953DB83A155C56D667924D5D8A02 ] usbehci         C:\Windows\System32\drivers\usbehci.sys

16:55:52.0101 0x1d88  usbehci - ok

16:55:52.0146 0x1d88  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE, 4B73F96CD6526439983462CC19D092C92B5FBEAFB37DF6E34A1DAEE9985210E0 ] usbhub          C:\Windows\System32\drivers\usbhub.sys

16:55:52.0195 0x1d88  usbhub - ok

16:55:52.0234 0x1d88  [ EA040D4C6C94F315A85F3D0EAA884B37, 7A222CD59117CB2AACF1D9BD2A2A4C1B1AC5EEDCBFDB13B722469BA2D81F4901 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys

16:55:52.0270 0x1d88  USBHUB3 - ok

16:55:52.0292 0x1d88  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys

16:55:52.0424 0x1d88  usbohci - ok

16:55:52.0459 0x1d88  [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414 ] usbprint        C:\Windows\System32\drivers\usbprint.sys

16:55:52.0483 0x1d88  usbprint - ok

16:55:52.0506 0x1d88  [ 72334EC4B3FD4EB270623E32E701B57D, DF0AEBB0ADCB3FD8211939CAE9FD384865389FFFF01AB4F4A525F6853B3CAB0E ] usbser          C:\Windows\system32\DRIVERS\usbser.sys

16:55:52.0521 0x1d88  usbser - ok

16:55:52.0562 0x1d88  [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS

16:55:52.0570 0x1d88  USBSTOR - ok

16:55:52.0596 0x1d88  [ D25EF4A6EC244C5DE85D88A05B7C149D, A08793945D5FDC2CCCB2C621853A69941F1A108DF6CB559F3E8A21A047A8CCB3 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys

16:55:52.0719 0x1d88  usbuhci - ok

16:55:52.0761 0x1d88  [ 09799E701B4327097E9F63D3FE221083, CF2B97D5B3D434D8E5547B2A86771C69A6F7F4857CAD70865B50462A04A27A48 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

16:55:52.0938 0x1d88  usbvideo - ok

16:55:52.0997 0x1d88  [ 1ADCF0A490C2845637B334626669CD6F, 7B49B491E2328A6969FAEA12B8D74C27F2671C9B2DC60294A2B8B431BAB1C176 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS

16:55:53.0017 0x1d88  USBXHCI - ok

16:55:53.0040 0x1d88  [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc        C:\Windows\system32\lsass.exe

16:55:53.0044 0x1d88  VaultSvc - ok

16:55:53.0086 0x1d88  [ 7FFC48B516856FD40B9F55687C8D70A2, F805CF5C709C01270C3AE7C82C3DDB21CF17C1B085CDF4452C0462EA39878693 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

16:55:53.0096 0x1d88  VBoxNetAdp - ok

16:55:53.0133 0x1d88  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

16:55:53.0137 0x1d88  vdrvroot - ok

16:55:53.0188 0x1d88  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe

16:55:53.0235 0x1d88  vds - ok

16:55:53.0263 0x1d88  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys

16:55:53.0270 0x1d88  VerifierExt - ok

16:55:53.0310 0x1d88  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys

16:55:53.0345 0x1d88  vhdmp - ok

16:55:53.0370 0x1d88  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys

16:55:53.0374 0x1d88  viaide - ok

16:55:53.0393 0x1d88  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys

16:55:53.0402 0x1d88  vmbus - ok

16:55:53.0414 0x1d88  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys

16:55:53.0418 0x1d88  VMBusHID - ok

16:55:53.0468 0x1d88  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll

16:55:53.0489 0x1d88  vmicheartbeat - ok

16:55:53.0512 0x1d88  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll

16:55:53.0524 0x1d88  vmickvpexchange - ok

16:55:53.0546 0x1d88  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll

16:55:53.0559 0x1d88  vmicrdv - ok

16:55:53.0581 0x1d88  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll

16:55:53.0593 0x1d88  vmicshutdown - ok

16:55:53.0616 0x1d88  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll

16:55:53.0629 0x1d88  vmictimesync - ok

16:55:53.0651 0x1d88  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll

16:55:53.0664 0x1d88  vmicvss - ok

16:55:53.0680 0x1d88  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

16:55:53.0686 0x1d88  volmgr - ok

16:55:53.0720 0x1d88  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

16:55:53.0741 0x1d88  volmgrx - ok

16:55:53.0787 0x1d88  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

16:55:53.0807 0x1d88  volsnap - ok

16:55:53.0830 0x1d88  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys

16:55:53.0836 0x1d88  vpci - ok

16:55:53.0856 0x1d88  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

16:55:53.0866 0x1d88  vsmraid - ok

16:55:53.0965 0x1d88  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\Windows\system32\vssvc.exe

16:55:54.0043 0x1d88  VSS - ok

16:55:54.0070 0x1d88  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys

16:55:54.0082 0x1d88  VSTXRAID - ok

16:55:54.0104 0x1d88  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

16:55:54.0108 0x1d88  vwifibus - ok

16:55:54.0128 0x1d88  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

16:55:54.0133 0x1d88  vwififlt - ok

16:55:54.0151 0x1d88  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

16:55:54.0155 0x1d88  vwifimp - ok

16:55:54.0200 0x1d88  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll

16:55:54.0245 0x1d88  W32Time - ok

16:55:54.0259 0x1d88  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys

16:55:54.0264 0x1d88  WacomPen - ok

16:55:54.0321 0x1d88  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

16:55:54.0342 0x1d88  Wanarp - ok

16:55:54.0353 0x1d88  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

16:55:54.0358 0x1d88  Wanarpv6 - ok

16:55:54.0442 0x1d88  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe

16:55:54.0526 0x1d88  wbengine - ok

16:55:54.0563 0x1d88  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

16:55:54.0586 0x1d88  WbioSrvc - ok

16:55:54.0632 0x1d88  [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc          C:\Windows\System32\wcmsvc.dll

16:55:54.0647 0x1d88  Wcmsvc - ok

16:55:54.0713 0x1d88  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

16:55:54.0747 0x1d88  wcncsvc - ok

16:55:54.0773 0x1d88  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:55:54.0780 0x1d88  WcsPlugInService - ok

16:55:54.0810 0x1d88  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys

16:55:54.0815 0x1d88  Wd - ok

16:55:54.0854 0x1d88  [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys

16:55:54.0859 0x1d88  WdBoot - ok

16:55:54.0902 0x1d88  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys

16:55:55.0045 0x1d88  WDC_SAM - ok

16:55:55.0112 0x1d88  [ 2ADC985B85A71BD7D99712EC0C24358B, 22B2BAC79BBA83271AC23EA14E4EB1101F1F570691EBE68A43C0D74D1A3E8D23 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

16:55:55.0182 0x1d88  Wdf01000 - ok

16:55:55.0225 0x1d88  [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys

16:55:55.0243 0x1d88  WdFilter - ok

16:55:55.0303 0x1d88  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll

16:55:55.0313 0x1d88  WdiServiceHost - ok

16:55:55.0325 0x1d88  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll

16:55:55.0334 0x1d88  WdiSystemHost - ok

16:55:55.0399 0x1d88  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient       C:\Windows\System32\webclnt.dll

16:55:55.0413 0x1d88  WebClient - ok

16:55:55.0458 0x1d88  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll

16:55:55.0495 0x1d88  Wecsvc - ok

16:55:55.0558 0x1d88  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

16:55:55.0667 0x1d88  wercplsupport - ok

16:55:55.0717 0x1d88  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll

16:55:55.0727 0x1d88  WerSvc - ok

16:55:55.0762 0x1d88  [ FE762D3498719C3A23471BBA62F747B4, 7F9390D5B0133BF1FA66BFC5FD933E17AADEB7845F141948EE4A52AB779A69F8 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys

16:55:55.0786 0x1d88  WFPLWFS - ok

16:55:55.0814 0x1d88  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll

16:55:55.0821 0x1d88  WiaRpc - ok

16:55:55.0855 0x1d88  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

16:55:55.0859 0x1d88  WIMMount - ok

16:55:55.0886 0x1d88  WinDefend - ok

16:55:55.0966 0x1d88  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll

16:55:56.0011 0x1d88  WinHttpAutoProxySvc - ok

16:55:56.0084 0x1d88  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

16:55:56.0094 0x1d88  Winmgmt - ok

16:55:56.0261 0x1d88  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\Windows\system32\WsmSvc.dll

16:55:56.0397 0x1d88  WinRM - ok

16:55:56.0471 0x1d88  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

16:55:56.0525 0x1d88  WinUsb - ok

16:55:56.0619 0x1d88  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll

16:55:56.0692 0x1d88  WlanSvc - ok

16:55:56.0825 0x1d88  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll

16:55:56.0925 0x1d88  wlidsvc - ok

16:55:56.0972 0x1d88  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys

16:55:56.0977 0x1d88  WmiAcpi - ok

16:55:57.0020 0x1d88  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

16:55:57.0046 0x1d88  wmiApSrv - ok

16:55:57.0069 0x1d88  WMPNetworkSvc - ok

16:55:57.0097 0x1d88  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys

16:55:57.0109 0x1d88  wpcfltr - ok

16:55:57.0143 0x1d88  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

16:55:57.0149 0x1d88  WPCSvc - ok

16:55:57.0185 0x1d88  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

16:55:57.0195 0x1d88  WPDBusEnum - ok

16:55:57.0225 0x1d88  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys

16:55:57.0228 0x1d88  WpdUpFltr - ok

16:55:57.0259 0x1d88  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

16:55:57.0303 0x1d88  ws2ifsl - ok

16:55:57.0345 0x1d88  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll

16:55:57.0354 0x1d88  wscsvc - ok

16:55:57.0365 0x1d88  WSearch - ok

16:55:57.0512 0x1d88  [ C10BFFEE7E0D7A1366E84F251796C51D, E1FD1DF5F5C5934F9A8584D54F35720655AC4F5D4CFD69CD1E063C0BBEC4D33D ] WSService       C:\Windows\System32\WSService.dll

16:55:57.0641 0x1d88  WSService - ok

16:55:57.0811 0x1d88  [ BE302BABE45EC05995F8DC66E37BBB3D, 5AC4601FD2F064D0901112CE73E0D7FC9F5C3861C2E9B59941B346BFD6D4EF82 ] wuauserv        C:\Windows\system32\wuaueng.dll

16:55:58.0000 0x1d88  wuauserv - ok

16:55:58.0072 0x1d88  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

16:55:58.0078 0x1d88  WudfPf - ok

16:55:58.0105 0x1d88  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys

16:55:58.0115 0x1d88  WUDFRd - ok

16:55:58.0150 0x1d88  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys

16:55:58.0157 0x1d88  WUDFSensorLP - ok

16:55:58.0197 0x1d88  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

16:55:58.0206 0x1d88  wudfsvc - ok

16:55:58.0223 0x1d88  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys

16:55:58.0231 0x1d88  WUDFWpdFs - ok

16:55:58.0246 0x1d88  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys

16:55:58.0253 0x1d88  WUDFWpdMtp - ok

16:55:58.0294 0x1d88  [ FBB9B00D7A5756B0AA8E10BF7619E604, E41A8854577BE1B52E2CB804C8A5F2F6642DF22F4FA04FA7C610997F44C8EC43 ] WwanSvc         C:\Windows\System32\wwansvc.dll

16:55:58.0329 0x1d88  WwanSvc - ok

16:55:58.0379 0x1d88  [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort        C:\Windows\System32\drivers\XHCIPort.sys

16:55:58.0388 0x1d88  XHCIPort - ok

16:55:58.0598 0x1d88  [ 97D3DCBBF3915782644DB56F5C191B9F, 3207D951F8042ADA9256283E9D64C3427D145DB98172A87733F868215FF62EF4 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

16:55:58.0739 0x1d88  ZeroConfigService - ok

16:55:58.0784 0x1d88  ================ Scan global ===============================

16:55:58.0856 0x1d88  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll

16:55:58.0936 0x1d88  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll

16:55:58.0993 0x1d88  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll

16:55:59.0059 0x1d88  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe

16:55:59.0096 0x1d88  [ Global ] - ok

16:55:59.0097 0x1d88  ================ Scan MBR ==================================

16:55:59.0111 0x1d88  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

16:55:59.0124 0x1d88  \Device\Harddisk0\DR0 - ok

16:55:59.0125 0x1d88  ================ Scan VBR ==================================

16:55:59.0132 0x1d88  [ CAFCDEF3DB1B17FB7331F1BE63BCD34B ] \Device\Harddisk0\DR0\Partition1

16:55:59.0144 0x1d88  \Device\Harddisk0\DR0\Partition1 - ok

16:55:59.0159 0x1d88  [ 92E4AA6B17966FE46616934DD360ED2C ] \Device\Harddisk0\DR0\Partition2

16:55:59.0174 0x1d88  \Device\Harddisk0\DR0\Partition2 - ok

16:55:59.0196 0x1d88  [ 9F71282FCB2537AFE187100264584556 ] \Device\Harddisk0\DR0\Partition3

16:55:59.0197 0x1d88  \Device\Harddisk0\DR0\Partition3 - ok

16:55:59.0219 0x1d88  [ 4AF2F197BAD8A2D438491968E40CE5EF ] \Device\Harddisk0\DR0\Partition4

16:55:59.0236 0x1d88  \Device\Harddisk0\DR0\Partition4 - ok

16:55:59.0254 0x1d88  [ 9AA7076F6C007EFDCBB14D55C9C86163 ] \Device\Harddisk0\DR0\Partition5

16:55:59.0268 0x1d88  \Device\Harddisk0\DR0\Partition5 - ok

16:55:59.0299 0x1d88  [ 787CAFA51280DAE4F3F58267A15C2660 ] \Device\Harddisk0\DR0\Partition6

16:55:59.0303 0x1d88  \Device\Harddisk0\DR0\Partition6 - ok

16:55:59.0304 0x1d88  ================ Scan generic autorun ======================

16:55:59.0620 0x1d88  [ DB333A5F69B00A6B550901A5C854929F, 7CAB6D0D20CDE3AE41B06826C9045CC3E3438AB94BB3D9D5C0E50EEF3C41101F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

16:55:59.0922 0x1d88  RTHDVCPL - ok

16:56:00.0030 0x1d88  [ E9752E0CD9FB37612474B23973443FC9, B497B77BCC70A721D74DDE5551C0314D43FDAFE547D071C26750F0314128FCB8 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

16:56:00.0094 0x1d88  RtHDVBg - ok

16:56:00.0288 0x1d88  [ F441C40B4BA7534BDE992E746BB9773E, D83D919FB793835AB0FC775436AC7EC802405C0537729BA935B7A2BE20E8BB2A ] c:\Program Files\Dell\QuickSet\QuickSet.exe

16:56:00.0480 0x1d88  QuickSet - ok

16:56:00.0498 0x1d88  BTMTrayAgent - ok

16:56:00.0506 0x1d88  IntelTBRunOnce - ok

16:56:00.0565 0x1d88  [ 5CE69AAE4BB13B816D55289354E5F303, AECA3E86A735322D098CB318B00A0F9C4F1ACD0049B4D811C07A1239E14968DB ] C:\Folder Guard\FGKey64.exe

16:56:00.0571 0x1d88  FG_Monitor - ok

16:56:00.0720 0x1d88  [ 44FE94FCDF97E574B6986C5A81758628, D950CF92623CA2AD053F7DCC44B483176D02E721C716255957DA90A083D0F1B9 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

16:56:00.0813 0x1d88  NvBackend - ok

16:56:00.0867 0x1d88  [ 28BBBFCC1AD839D1EED3AB392353590F, 9273EF234AC64DBC50EC25DE2DB5B99AAB42F340D9F7327F2AD88CAAC887EDDC ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe

16:56:00.0884 0x1d88  IAStorIcon - ok

16:56:01.0137 0x1d88  [ 8335E440B93C3FD3B699B74583DDE295, CE9C574954EB46674A5753E389FDA6C362C53FDEED3D781A23952F70AEEB1CC9 ] C:\Program Files (x86)\AVG\AVG2013\avgui.exe

16:56:01.0328 0x1d88  AVG_UI - ok

16:56:01.0451 0x1d88  [ 0EE209370FAA94C2267B3B201D31E412, 8685350BE438A18BB883C2A844876913923064B80633E47272DF908BE12F355C ] C:\Program Files (x86)\USB Disk Security\USBGuard.exe

16:56:01.0818 0x1d88  USB Security - ok

16:56:01.0990 0x1d88  [ 13B19DD5EBEB6FDDBD11DD77490A3585, 3B768AA254708F77B5136AF00C27C20D2F820AF693FB2CB725C32E0BC443D8B7 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

16:56:02.0020 0x1d88  SunJavaUpdateSched - ok

16:56:02.0200 0x1d88  [ 6EF8F0148B46EE1B03E5A889AB5C02F5, 7EA9CF140C21DA3C32E1FB0F9B0F60108B5BCB122E567FBF4941707872521B9F ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe

16:56:02.0281 0x1d88  BlueStacks Agent - ok

16:56:03.0176 0x1d88  [ AACF7763452AC9D6CF84E84A16BEAD9D, 81259B51D225FE8C13E2960B42738C8E74D5CA1B8EBC4CDC5C34D5E0E4F76765 ] C:\Program Files (x86)\Skype\Phone\Skype.exe

16:56:04.0002 0x1d88  Skype - ok

16:56:04.0161 0x1d88  [ E5703839EE9DD7FACE721CF56E3F9963, 4B020EAA0B9F47D61F2C77A8755C43D34C72C8D4132FD17BC011A6316250E66E ] C:\Program Files (x86)\MCShield\mcshieldrtm.exe

16:56:04.0194 0x1d88  MCShield Monitor - ok

16:56:04.0505 0x1d88  [ 9BAF5E1FD5A3333EA8804395B616E2BD, E5F0C822CC7E96B72DA69F33058ED5C7DA0C19432C99928A9D3D2AFC57E271FD ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

16:56:04.0794 0x1d88  SUPERAntiSpyware - ok

16:56:04.0885 0x1d88  [ 0FD5010AA50FDBC9B83955BC712C9444, F98F7C8E576E0AF2DFF8E39C3EF02DAB93A91991A10D17631BB89FBCAEC63C58 ] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

16:56:04.0931 0x1d88  RoboForm - ok

16:56:04.0996 0x1d88  [ E429410581E60535B555DDA729424885, 6324FABE1977E54C9742A466DD39E539BCE2DCD0ECD29700B859B80D3033A20D ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe

16:56:05.0030 0x1d88  DuckCapture - ok

16:56:05.0094 0x1d88  [ 925F39488F2ADD1A1A31AF32B6ECC160, B502778EBED00DD6C486854CB3F6B145023523ACDCDE5C033FBFAC0B840E5579 ] C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe

16:56:05.0335 0x1d88  instanteyedropper - ok

16:56:05.0496 0x1d88  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

16:56:05.0502 0x1d88  Google Update - ok

16:56:05.0614 0x1d88  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\iChrstphr\AppData\Local\Facebook\Update\FacebookUpdate.exe

16:56:05.0654 0x1d88  Facebook Update - ok

16:56:05.0657 0x1d88  Waiting for KSN requests completion. In queue: 182

16:56:06.0659 0x1d88  Waiting for KSN requests completion. In queue: 182

16:56:07.0659 0x1d88  Waiting for KSN requests completion. In queue: 182

16:56:08.0660 0x1d88  Waiting for KSN requests completion. In queue: 182

16:56:09.0765 0x1d88  AV detected via SS2: AVG Internet Security 2013, C:\Program Files (x86)\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )

16:56:09.0846 0x1d88  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x60100 ( disabled : updated )

16:56:09.0857 0x1d88  FW detected via SS2: AVG Internet Security 2013, C:\Program Files (x86)\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41010 ( enabled )

16:56:12.0867 0x1d88  ============================================================

16:56:12.0867 0x1d88  Scan finished

16:56:12.0867 0x1d88  ============================================================

16:56:12.0890 0x0edc  Detected object count: 0

16:56:12.0890 0x0edc  Actual detected object count: 0
Link to post
Share on other sites

Thanks for the update and new log, continue please....

 

1.Download Malwarebytes Anti-Rootkit from this link:

 

 http://www.malwarebytes.org/products/mbar/

 

2. Unzip the File to a convenient location. (Recommend the Desktop)

3. Open the folder where the contents were unzipped to run mbar.exe

 

Image1.png

 

4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

 

mbarwm.png

 

5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

 

6. The following image opens, select Next.

 

Image2.png

 

7. The following image opens, select Update

 

Image3.png

 

8. When the update completes select Next.

 

Image4.png

 

9. In the following window ensure "Targets" are ticked. Then select "Scan"

 

Image5.png

 

10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.

 

MBAntiRKcleanA.png

 

11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.

12. If no threats were found you will see the following image, Select Exit:

 

Image6.png

 

13. Verify that your system is now running normally, making sure that the following items are functional:

 


  •      
  • Internet access
         
  • Windows Update
         
  • Windows Firewall

 

14.  If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.

 

15. Select "Y" from your Keyboard, tap Enter.

 

16. The fix will be applied, select any key to Exit.

 

17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

 

System - log

Mbar - log   Date and time of scan will also be shown

 

Thanks,

 

Kevin...

Link to post
Share on other sites

Thank you. :D Here are the logs. :)

 

XXXXXXXXXXX SYSTEM-LOG.TXT XXXXXXXXX

 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16660
 
Java version: 1.6.0_25
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.796000 GHz
Memory total: 4187049984, free: 483495936
 
=======================================
 
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16660
 
Java version: 1.6.0_25
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.796000 GHz
Memory total: 4187049984, free: 425140224
 
Downloaded database version: v2014.07.07.02
Canceled update
Downloaded database version: v2014.07.07.02
Downloaded database version: v2014.07.03.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 76267335
 
GPT Protective MBR Partition information:
 
    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
GPT Partition information:
 
    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 903269435
    GPT Header CurrentLba = 1 BackupLba 1465149167
    GPT Header FirstUsableLba 34  LastUsableLba 1465149134
    GPT Header Guid 4348be22-abca-459c-a931-73379db02d17
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128
 
    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 903269435
    Backup GPT header CurrentLba = 1465149167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1465149134
    Backup GPT header Guid 4348be22-abca-459c-a931-73379db02d17
    Backup GPT header Contains 128 partition entries starting at LBA 1465149135
    Backup GPT header Partition entry size = 128
 
    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 3f14ea27-f2ef-4745-af7a-e79b25ce8613
    FirstLBA 2048  Last LBA 1026047
    Attributes 0
    Partition Name                 EFI system partition
 
    GPT Partition 0 is bootable
    Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
    Partition ID 90eef550-1b4f-411c-bf7c-73729872b413
    FirstLBA 1026048  Last LBA 1107967
    Attributes 1
    Partition Name                 Basic data partition
 
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID ef110801-7359-4809-8964-f662d87f8098
    FirstLBA 1107968  Last LBA 1370111
    Attributes 0
    Partition Name         Microsoft reserved partition
 
    Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 6b759e87-5849-4559-9042-38a64399147
    FirstLBA 1370112  Last LBA 2373631
    Attributes 1
    Partition Name                 Basic data partition
 
    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 502a035d-e057-4e25-9b34-9329c853f460
    FirstLBA 2373632  Last LBA 1445249023
    Attributes 0
    Partition Name                 Basic data partition
 
    Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 39a64dae-4605-4921-8d77-95e55018724
    FirstLBA 1445249024  Last LBA 1465147119
    Attributes 1
    Partition Name         Microsoft recovery partition
 
Disk Size: 750156374016 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
 
 
XXXXXXXXXX MBAR-LOG.TXT XXXXXXXXXX
 
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
 
Database version: v2014.07.07.02
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
JC :: JOHNCHRISTOPHER [administrator]
 
7/7/2014 7:50:10 PM
mbar-log-2014-07-07 (19-50-10).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 351112
Time elapsed: 1 hour(s), 38 minute(s), 46 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
I  will Scan with malwarebytes again and update you if it finds anything. ^^ Thanks for everything. If ever it indeed detects something, I think it'll be safe to assume that it's an issue with something else not related to virus, i think? :D
I will update you as soon as the scan is finished. :D The detection always appear in the heuristic analysis (last step in scanning with malwarebytes) and I'm currently in that stage. So I'll update you soon! :D
 

post-167887-0-19960000-1404741028_thumb.

Link to post
Share on other sites

It appears that may very well be causing problems.... Deactivate folder guard and run the following online AV scan:

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

Link to post
Share on other sites

So here's the log. And yeah! The scan was indeed worth it even if the scan lasted for almost 3 hours :D

 

XXXXXXX ESET SCAN.txt XXXXXXXXX

 

C:\Icons\icons\JuiceDefender_Ultimate_4.9.0 APK CRAZY.apk a variant of Android/AdDisplay.Viser.A potentially unwanted application
C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\configmgrc1.cfg Win32/AdWare.Bandoo.AD application
C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\Helper.dll a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application
C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\Internet Explorer Settings.exe a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetynut.exe a variant of Win32/Toolbar.SearchSuite.O potentially unwanted application
C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg a variant of Win64/Adware.Bandoo.B application
C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\Internet Explorer Settings.exe a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\JC\Downloads\eicar2.zip Eicar test file
C:\Users\JC\Files\BACKUPS\clockworkmod\backup\defaultrombackup\data.ext4.tar.a probably a variant of Android/AdDisplay.RevMob.A potentially unwanted application
C:\Users\JC\Files\BACKUPS\clockworkmod\backup\defaultrombackup\system.ext4.tar.a a variant of Android/Spy.Agent.BN trojan
C:\Users\JC\Files\BACKUPS\USB1\Retorika1.rar multiple threats
C:\Users\JC\Files\Files from the Past\Src\Retorika1.rar multiple threats
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
Link to post
Share on other sites

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    :FilesC:\Icons\icons\JuiceDefender_Ultimate_4.9.0 APK CRAZY.apkC:\Program Files (x86)\Browser Tab Search by AskC:\Users\JC\Files\BACKUPS\clockworkmod\backup\defaultrombackup\data.ext4.tar.aC:\Users\JC\Files\BACKUPS\clockworkmod\backup\defaultrombackup\system.ext4.tar.aC:\Users\JC\Files\BACKUPS\USB1\Retorika1.rarC:\Users\JC\Files\Files from the Past\Src\Retorika1.rarC:\Windows\System32\Adobe\Shockwave 12\gt.exeC:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.
 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

If Security Check will not run or you get an alert saying it is not supported, Re-boot your PC then try again...

 

Post those logs, also let me know if there are any remaining issues or concerns.....

 

Kevin.....

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.