Jump to content

Removing Linkey, Yahoo ToolBar, SoftSonic, etc Help?


Recommended Posts

Hello.
I have been trying to figure out why my search engine kept changing to yahoo from google. I asked the Malwarebytes facebook, and they gave me a removal guide. The removal guide had me install and run Adwcleaner.
I am not a computer expert, and I heard that Adwcleaner is proned to something called false positives? So I was hoping someone could look over this log and tell me what is okay to delete and what is okay to keep on my computer?
This is what came up on my log;





# AdwCleaner v3.310 - Report created 25/09/2014 at 01:48:45
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1 Connected  (64 bits)
# Username : Kelsey - ROCKET
# Running from : C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\qxdx0cjx.default-1411642132038\prefs.js ]


*************************

AdwCleaner[R0].txt - [2343 octets] - [25/09/2014 01:48:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2403 octets] ##########

 

 

 

 

 

 

 

 

I posted this in the wrong forum first so now I'm hoping I'm in the right one.
I don't have a backup computer, and I want to make sure I don't break this one because I do all of my school work on it.

Link to post
Share on other sites

Hello novemberainx, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
General P2P/Piracy Notice:
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Please backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
     

======================================================

 

We'll get to your AdwCleaner scan in my next post. :) In the meantime, please do the following: 
 
STEP 1
xGfiJrQ9.png.pagespeed.ic.HjgFxjvw2Z.jpg Malwarebytes Anti-Malware (MBAM)

  • If you have not downloaded and installed the updated Malwarebytes Anti-Malware 2.0 please do so now.
  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply.
     

STEP 2
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.pngTDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM log
  • TDSSKiller log
Link to post
Share on other sites

Hello Adam!!!! Thank you so much for responding. :)



Here is the clipboard for the Malwarebytes scan;




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/25/2014
Scan Time: 9:57:02 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.25.03
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Kelsey

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 308486
Time Elapsed: 28 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 

I did not delete or quarantine anything, this is how it came up.
I did a Malwarebytes scan a few days ago and removed some files it told me to before I decided to come to this forum for help when I couldn't remove the virus.


Next is coming the TDSS Killer log.
 

Link to post
Share on other sites

Here is the log for TDSS Killer


11:15:51.0818 0x031c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
11:15:51.0818 0x031c  UEFI system
11:16:29.0186 0x031c  ============================================================
11:16:29.0186 0x031c  Current date / time: 2014/09/25 11:16:29.0186
11:16:29.0186 0x031c  SystemInfo:
11:16:29.0186 0x031c  
11:16:29.0186 0x031c  OS Version: 6.3.9600 ServicePack: 0.0
11:16:29.0186 0x031c  Product type: Workstation
11:16:29.0186 0x031c  ComputerName: ROCKET
11:16:29.0186 0x031c  UserName: Kelsey
11:16:29.0186 0x031c  Windows directory: C:\Windows
11:16:29.0186 0x031c  System windows directory: C:\Windows
11:16:29.0186 0x031c  Running under WOW64
11:16:29.0186 0x031c  Processor architecture: Intel x64
11:16:29.0186 0x031c  Number of processors: 2
11:16:29.0186 0x031c  Page size: 0x1000
11:16:29.0186 0x031c  Boot type: Normal boot
11:16:29.0186 0x031c  ============================================================
11:16:29.0927 0x031c  KLMD registered as C:\Windows\system32\drivers\15472030.sys
11:16:31.0459 0x031c  System UUID: {996DAAE2-CFCA-D656-9177-742D6DA11C64}
11:16:33.0573 0x031c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:16:33.0573 0x031c  ============================================================
11:16:33.0573 0x031c  \Device\Harddisk0\DR0:
11:16:33.0573 0x031c  GPT partitions:
11:16:33.0573 0x031c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {775A3156-463A-4F2D-B73F-2536EFDDA3D9}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
11:16:33.0573 0x031c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3E80AB0F-BF50-4F22-8C02-3C22EE1A6BB4}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
11:16:33.0573 0x031c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {741D25F8-9BD3-4026-B122-89F8E5DC06E6}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
11:16:33.0573 0x031c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7A2BCF69-DB07-4374-9A0E-88835CB874F2}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x3794C800
11:16:33.0573 0x031c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {436D9E19-7FB5-4350-864C-86573EC335B2}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
11:16:33.0573 0x031c  MBR partitions:
11:16:33.0573 0x031c  ============================================================
11:16:33.0604 0x031c  C: <-> \Device\Harddisk0\DR0\Partition4
11:16:33.0604 0x031c  ============================================================
11:16:33.0604 0x031c  Initialize success
11:16:33.0604 0x031c  ============================================================
11:21:35.0748 0x15cc  ============================================================
11:21:35.0748 0x15cc  Scan started
11:21:35.0748 0x15cc  Mode: Manual; TDLFS;
11:21:35.0748 0x15cc  ============================================================
11:21:35.0748 0x15cc  KSN ping started
11:21:38.0343 0x15cc  KSN ping finished: true
11:21:39.0974 0x15cc  ================ Scan system memory ========================
11:21:39.0974 0x15cc  System memory - ok
11:21:39.0974 0x15cc  ================ Scan services =============================
11:21:40.0146 0x15cc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:21:40.0146 0x15cc  1394ohci - ok
11:21:40.0193 0x15cc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:21:40.0193 0x15cc  3ware - ok
11:21:40.0240 0x15cc  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:21:40.0271 0x15cc  ACPI - ok
11:21:40.0302 0x15cc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:21:40.0302 0x15cc  acpiex - ok
11:21:40.0318 0x15cc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:21:40.0318 0x15cc  acpipagr - ok
11:21:40.0318 0x15cc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:21:40.0334 0x15cc  AcpiPmi - ok
11:21:40.0334 0x15cc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:21:40.0334 0x15cc  acpitime - ok
11:21:40.0443 0x15cc  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:21:40.0459 0x15cc  AdobeFlashPlayerUpdateSvc - ok
11:21:40.0521 0x15cc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
11:21:40.0552 0x15cc  ADP80XX - ok
11:21:40.0599 0x15cc  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:21:40.0599 0x15cc  AeLookupSvc - ok
11:21:40.0662 0x15cc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
11:21:40.0709 0x15cc  AFD - ok
11:21:40.0802 0x15cc  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
11:21:40.0881 0x15cc  AgereSoftModem - ok
11:21:40.0912 0x15cc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:21:40.0912 0x15cc  agp440 - ok
11:21:40.0928 0x15cc  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
11:21:40.0928 0x15cc  ahcache - ok
11:21:40.0959 0x15cc  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
11:21:40.0959 0x15cc  AiCharger - ok
11:21:40.0974 0x15cc  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
11:21:40.0990 0x15cc  ALG - ok
11:21:41.0021 0x15cc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:21:41.0021 0x15cc  AmdK8 - ok
11:21:41.0053 0x15cc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:21:41.0053 0x15cc  AmdPPM - ok
11:21:41.0068 0x15cc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:21:41.0068 0x15cc  amdsata - ok
11:21:41.0099 0x15cc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:21:41.0099 0x15cc  amdsbs - ok
11:21:41.0131 0x15cc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:21:41.0131 0x15cc  amdxata - ok
11:21:41.0146 0x15cc  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
11:21:41.0162 0x15cc  AppID - ok
11:21:41.0178 0x15cc  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:21:41.0193 0x15cc  AppIDSvc - ok
11:21:41.0224 0x15cc  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\Windows\System32\appinfo.dll
11:21:41.0224 0x15cc  Appinfo - ok
11:21:41.0303 0x15cc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:21:41.0318 0x15cc  Apple Mobile Device - ok
11:21:41.0396 0x15cc  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
11:21:41.0428 0x15cc  AppReadiness - ok
11:21:41.0537 0x15cc  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
11:21:41.0568 0x15cc  AppXSvc - ok
11:21:41.0599 0x15cc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:21:41.0599 0x15cc  arcsas - ok
11:21:41.0693 0x15cc  [ 28C27484043BDE86B91D1428673B7D2A, 137CDC07F269BEDD5767921CC9D98F13294BEAA2B18C7C3696F106D31835DAB3 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:21:41.0709 0x15cc  ASLDRService - ok
11:21:41.0724 0x15cc  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:21:41.0724 0x15cc  ASMMAP64 - ok
11:21:41.0771 0x15cc  [ 591C1205CD75D271A4828869AC54EEEF, 2E34690DDC1A935ACEA9CD36DB2904B1895E7BFDFF54B5AF93241892B655B090 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
11:21:41.0771 0x15cc  Asus WebStorage Windows Service - ok
11:21:41.0803 0x15cc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:21:41.0803 0x15cc  atapi - ok
11:21:42.0021 0x15cc  [ BBE82125AC1E180DA7E3AF98AB4C0DA2, A0723EBC70B861B2F7EEF7CAEBE66DEF044CBCB0D5C8F4441197264EF69E9641 ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
11:21:42.0193 0x15cc  athr - ok
11:21:42.0240 0x15cc  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:21:42.0256 0x15cc  ATKGFNEXSrv - ok
11:21:42.0287 0x15cc  [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:21:42.0287 0x15cc  ATKWMIACPIIO - ok
11:21:42.0322 0x15cc  [ 22973DEAE98D27F5BBDBA6B093B8DC0A, FD2CAF329AFD1934C1C57E9CC47926443B53039F4B55543C1CB473D01887E754 ] ATP             C:\Windows\System32\drivers\AsusTP.sys
11:21:42.0322 0x15cc  ATP - ok
11:21:42.0369 0x15cc  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:21:42.0369 0x15cc  AudioEndpointBuilder - ok
11:21:42.0432 0x15cc  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:21:42.0463 0x15cc  Audiosrv - ok
11:21:42.0494 0x15cc  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:21:42.0494 0x15cc  AxInstSV - ok
11:21:42.0541 0x15cc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:21:42.0572 0x15cc  b06bdrv - ok
11:21:42.0588 0x15cc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:21:42.0588 0x15cc  BasicDisplay - ok
11:21:42.0619 0x15cc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:21:42.0619 0x15cc  BasicRender - ok
11:21:42.0635 0x15cc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
11:21:42.0635 0x15cc  bcmfn2 - ok
11:21:42.0697 0x15cc  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:21:42.0697 0x15cc  BDESVC - ok
11:21:42.0729 0x15cc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
11:21:42.0729 0x15cc  Beep - ok
11:21:42.0776 0x15cc  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\Windows\System32\bfe.dll
11:21:42.0822 0x15cc  BFE - ok
11:21:42.0901 0x15cc  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
11:21:42.0947 0x15cc  BITS - ok
11:21:43.0010 0x15cc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:21:43.0026 0x15cc  Bonjour Service - ok
11:21:43.0041 0x15cc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:21:43.0041 0x15cc  bowser - ok
11:21:43.0088 0x15cc  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:21:43.0088 0x15cc  BrokerInfrastructure - ok
11:21:43.0135 0x15cc  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\Windows\System32\browser.dll
11:21:43.0135 0x15cc  Browser - ok
11:21:43.0166 0x15cc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:21:43.0166 0x15cc  BthAvrcpTg - ok
11:21:43.0182 0x15cc  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
11:21:43.0197 0x15cc  BthEnum - ok
11:21:43.0197 0x15cc  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:21:43.0213 0x15cc  BthHFEnum - ok
11:21:43.0213 0x15cc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:21:43.0213 0x15cc  bthhfhid - ok
11:21:43.0229 0x15cc  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:21:43.0244 0x15cc  BTHMODEM - ok
11:21:43.0276 0x15cc  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
11:21:43.0276 0x15cc  BthPan - ok
11:21:43.0377 0x15cc  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:21:43.0439 0x15cc  BTHPORT - ok
11:21:43.0471 0x15cc  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
11:21:43.0471 0x15cc  bthserv - ok
11:21:43.0486 0x15cc  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:21:43.0502 0x15cc  BTHUSB - ok
11:21:43.0627 0x15cc  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:21:43.0689 0x15cc  c2cautoupdatesvc - ok
11:21:43.0783 0x15cc  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:21:43.0908 0x15cc  c2cpnrsvc - ok
11:21:43.0923 0x15cc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:21:43.0923 0x15cc  cdfs - ok
11:21:43.0955 0x15cc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:21:43.0955 0x15cc  cdrom - ok
11:21:43.0986 0x15cc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:21:44.0002 0x15cc  CertPropSvc - ok
11:21:44.0033 0x15cc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
11:21:44.0033 0x15cc  circlass - ok
11:21:44.0080 0x15cc  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:21:44.0095 0x15cc  CLFS - ok
11:21:44.0142 0x15cc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:21:44.0142 0x15cc  CmBatt - ok
11:21:44.0189 0x15cc  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:21:44.0220 0x15cc  CNG - ok
11:21:44.0252 0x15cc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:21:44.0252 0x15cc  CompositeBus - ok
11:21:44.0267 0x15cc  COMSysApp - ok
11:21:44.0283 0x15cc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
11:21:44.0283 0x15cc  condrv - ok
11:21:44.0377 0x15cc  [ DE25C7437EFBE3078CF361CBE1F3425B, DCA8DDC2B9AF046EBFAE03D0EAFDC48F1195A6155DC5427E3D30E7C000A6536B ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:21:44.0423 0x15cc  cphs - ok
11:21:44.0470 0x15cc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:21:44.0470 0x15cc  CryptSvc - ok
11:21:44.0502 0x15cc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
11:21:44.0502 0x15cc  dam - ok
11:21:44.0564 0x15cc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:21:44.0595 0x15cc  DcomLaunch - ok
11:21:44.0642 0x15cc  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:21:44.0658 0x15cc  defragsvc - ok
11:21:44.0705 0x15cc  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
11:21:44.0720 0x15cc  DeviceAssociationService - ok
11:21:44.0767 0x15cc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:21:44.0783 0x15cc  DeviceInstall - ok
11:21:44.0814 0x15cc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:21:44.0830 0x15cc  Dfsc - ok
11:21:44.0877 0x15cc  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:21:44.0892 0x15cc  Dhcp - ok
11:21:44.0939 0x15cc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
11:21:44.0939 0x15cc  disk - ok
11:21:44.0970 0x15cc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:21:44.0970 0x15cc  dmvsc - ok
11:21:45.0017 0x15cc  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:21:45.0049 0x15cc  Dnscache - ok
11:21:45.0095 0x15cc  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
11:21:45.0095 0x15cc  dot3svc - ok
11:21:45.0127 0x15cc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
11:21:45.0127 0x15cc  DPS - ok
11:21:45.0142 0x15cc  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:21:45.0142 0x15cc  drmkaud - ok
11:21:45.0174 0x15cc  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:21:45.0174 0x15cc  DsmSvc - ok
11:21:45.0283 0x15cc  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:21:45.0364 0x15cc  DXGKrnl - ok
11:21:45.0395 0x15cc  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
11:21:45.0411 0x15cc  e1iexpress - ok
11:21:45.0458 0x15cc  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
11:21:45.0473 0x15cc  Eaphost - ok
11:21:45.0645 0x15cc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:21:45.0833 0x15cc  ebdrv - ok
11:21:45.0864 0x15cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
11:21:45.0880 0x15cc  EFS - ok
11:21:45.0895 0x15cc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:21:45.0895 0x15cc  EhStorClass - ok
11:21:45.0926 0x15cc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:21:45.0926 0x15cc  EhStorTcgDrv - ok
11:21:45.0942 0x15cc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:21:45.0942 0x15cc  ErrDev - ok
11:21:46.0020 0x15cc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
11:21:46.0020 0x15cc  EventSystem - ok
11:21:46.0051 0x15cc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:21:46.0067 0x15cc  exfat - ok
11:21:46.0098 0x15cc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:21:46.0114 0x15cc  fastfat - ok
11:21:46.0145 0x15cc  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
11:21:46.0208 0x15cc  Fax - ok
11:21:46.0208 0x15cc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:21:46.0208 0x15cc  fdc - ok
11:21:46.0239 0x15cc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
11:21:46.0239 0x15cc  fdPHost - ok
11:21:46.0255 0x15cc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
11:21:46.0255 0x15cc  FDResPub - ok
11:21:46.0270 0x15cc  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
11:21:46.0286 0x15cc  fhsvc - ok
11:21:46.0301 0x15cc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:21:46.0301 0x15cc  FileInfo - ok
11:21:46.0333 0x15cc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:21:46.0333 0x15cc  Filetrace - ok
11:21:46.0348 0x15cc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:21:46.0364 0x15cc  flpydisk - ok
11:21:46.0411 0x15cc  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:21:46.0442 0x15cc  FltMgr - ok
11:21:46.0551 0x15cc  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\Windows\system32\FntCache.dll
11:21:46.0614 0x15cc  FontCache - ok
11:21:46.0692 0x15cc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:21:46.0708 0x15cc  FontCache3.0.0.0 - ok
11:21:46.0739 0x15cc  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:21:46.0739 0x15cc  FsDepends - ok
11:21:46.0770 0x15cc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:21:46.0770 0x15cc  Fs_Rec - ok
11:21:46.0848 0x15cc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:21:46.0880 0x15cc  fvevol - ok
11:21:46.0895 0x15cc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:21:46.0895 0x15cc  FxPPM - ok
11:21:46.0926 0x15cc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:21:46.0926 0x15cc  gagp30kx - ok
11:21:47.0020 0x15cc  [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
11:21:47.0051 0x15cc  GamesAppIntegrationService - ok
11:21:47.0083 0x15cc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:21:47.0083 0x15cc  GamesAppService - ok
11:21:47.0114 0x15cc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:21:47.0114 0x15cc  GEARAspiWDM - ok
11:21:47.0145 0x15cc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:21:47.0145 0x15cc  gencounter - ok
11:21:47.0176 0x15cc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:21:47.0192 0x15cc  GPIOClx0101 - ok
11:21:47.0255 0x15cc  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:21:47.0301 0x15cc  gpsvc - ok
11:21:47.0334 0x15cc  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:21:47.0365 0x15cc  HdAudAddService - ok
11:21:47.0381 0x15cc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:21:47.0381 0x15cc  HDAudBus - ok
11:21:47.0396 0x15cc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:21:47.0396 0x15cc  HidBatt - ok
11:21:47.0427 0x15cc  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:21:47.0427 0x15cc  HidBth - ok
11:21:47.0443 0x15cc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:21:47.0459 0x15cc  hidi2c - ok
11:21:47.0459 0x15cc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:21:47.0459 0x15cc  HidIr - ok
11:21:47.0490 0x15cc  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
11:21:47.0506 0x15cc  hidserv - ok
11:21:47.0537 0x15cc  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
11:21:47.0537 0x15cc  HIDSwitch - ok
11:21:47.0568 0x15cc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:21:47.0568 0x15cc  HidUsb - ok
11:21:47.0615 0x15cc  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:21:47.0631 0x15cc  hkmsvc - ok
11:21:47.0662 0x15cc  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:21:47.0662 0x15cc  HomeGroupListener - ok
11:21:47.0709 0x15cc  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:21:47.0756 0x15cc  HomeGroupProvider - ok
11:21:47.0787 0x15cc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:21:47.0787 0x15cc  HpSAMD - ok
11:21:47.0865 0x15cc  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ]

 

 

More coming.

Link to post
Share on other sites

HTTP            C:\Windows\system32\drivers\HTTP.sys
11:21:47.0927 0x15cc  HTTP - ok
11:21:47.0959 0x15cc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:21:47.0959 0x15cc  hwpolicy - ok
11:21:47.0959 0x15cc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:21:47.0959 0x15cc  hyperkbd - ok
11:21:47.0974 0x15cc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:21:47.0974 0x15cc  HyperVideo - ok
11:21:47.0990 0x15cc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:21:48.0006 0x15cc  i8042prt - ok
11:21:48.0021 0x15cc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
11:21:48.0021 0x15cc  iaLPSSi_GPIO - ok
11:21:48.0037 0x15cc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
11:21:48.0037 0x15cc  iaLPSSi_I2C - ok
11:21:48.0084 0x15cc  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:21:48.0115 0x15cc  iaStorA - ok
11:21:48.0162 0x15cc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
11:21:48.0193 0x15cc  iaStorAV - ok
11:21:48.0224 0x15cc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:21:48.0240 0x15cc  iaStorV - ok
11:21:48.0287 0x15cc  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
11:21:48.0302 0x15cc  ICCS - ok
11:21:48.0302 0x15cc  IEEtwCollectorService - ok
11:21:48.0521 0x15cc  [ 09E41C653B31A4AF5B0E5D25C3FBC057, B45740F3FCF3565AC1D40486B9313B61F0824B36BD6C28DB057497ACD9D4FB39 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:21:48.0709 0x15cc  igfx - ok
11:21:48.0803 0x15cc  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:21:48.0865 0x15cc  IKEEXT - ok
11:21:48.0896 0x15cc  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:21:48.0896 0x15cc  intaud_WaveExtensible - ok
11:21:49.0115 0x15cc  [ 5520DC86887A4D2DF15BF3524F6985A7, 5CC788B18FD2A12207D97EB6B7AD6AB288322C727FCB6DB545D8D28D7C374CE1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:21:49.0350 0x15cc  IntcAzAudAddService - ok
11:21:49.0412 0x15cc  [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:21:49.0443 0x15cc  IntcDAud - ok
11:21:49.0568 0x15cc  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
11:21:49.0631 0x15cc  Intel® Capability Licensing Service Interface - ok
11:21:49.0693 0x15cc  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
11:21:49.0740 0x15cc  Intel® Capability Licensing Service TCP IP Interface - ok
11:21:49.0771 0x15cc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:21:49.0771 0x15cc  intelide - ok
11:21:49.0787 0x15cc  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\Windows\system32\drivers\intelpep.sys
11:21:49.0803 0x15cc  intelpep - ok
11:21:49.0834 0x15cc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:21:49.0834 0x15cc  intelppm - ok
11:21:49.0865 0x15cc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:21:49.0865 0x15cc  IpFilterDriver - ok
11:21:49.0928 0x15cc  [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:21:49.0974 0x15cc  iphlpsvc - ok
11:21:50.0006 0x15cc  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:21:50.0021 0x15cc  IPMIDRV - ok
11:21:50.0053 0x15cc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:21:50.0053 0x15cc  IPNAT - ok
11:21:50.0115 0x15cc  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:21:50.0146 0x15cc  iPod Service - ok
11:21:50.0178 0x15cc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:21:50.0178 0x15cc  IRENUM - ok
11:21:50.0193 0x15cc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:21:50.0193 0x15cc  isapnp - ok
11:21:50.0224 0x15cc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:21:50.0256 0x15cc  iScsiPrt - ok
11:21:50.0271 0x15cc  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
11:21:50.0271 0x15cc  iwdbus - ok
11:21:50.0303 0x15cc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:21:50.0303 0x15cc  kbdclass - ok
11:21:50.0335 0x15cc  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:21:50.0338 0x15cc  kbdhid - ok
11:21:50.0352 0x15cc  [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
11:21:50.0352 0x15cc  kbfiltr - ok
11:21:50.0383 0x15cc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:21:50.0383 0x15cc  kdnic - ok
11:21:50.0398 0x15cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
11:21:50.0398 0x15cc  KeyIso - ok
11:21:50.0414 0x15cc  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:21:50.0414 0x15cc  KSecDD - ok
11:21:50.0445 0x15cc  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:21:50.0461 0x15cc  KSecPkg - ok
11:21:50.0492 0x15cc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:21:50.0492 0x15cc  ksthunk - ok
11:21:50.0523 0x15cc  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:21:50.0555 0x15cc  KtmRm - ok
11:21:50.0586 0x15cc  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:21:50.0617 0x15cc  LanmanServer - ok
11:21:50.0664 0x15cc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:21:50.0695 0x15cc  LanmanWorkstation - ok
11:21:50.0758 0x15cc  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
11:21:50.0789 0x15cc  lfsvc - ok
11:21:50.0820 0x15cc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:21:50.0820 0x15cc  lltdio - ok
11:21:50.0867 0x15cc  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:21:50.0883 0x15cc  lltdsvc - ok
11:21:50.0898 0x15cc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:21:50.0914 0x15cc  lmhosts - ok
11:21:50.0945 0x15cc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:21:50.0945 0x15cc  LSI_SAS - ok
11:21:50.0977 0x15cc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:21:50.0977 0x15cc  LSI_SAS2 - ok
11:21:50.0992 0x15cc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
11:21:50.0992 0x15cc  LSI_SAS3 - ok
11:21:51.0008 0x15cc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:21:51.0008 0x15cc  LSI_SSS - ok
11:21:51.0055 0x15cc  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\Windows\System32\lsm.dll
11:21:51.0086 0x15cc  LSM - ok
11:21:51.0117 0x15cc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:21:51.0117 0x15cc  luafv - ok
11:21:51.0148 0x15cc  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:21:51.0164 0x15cc  MBAMProtector - ok
11:21:51.0305 0x15cc  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
11:21:51.0461 0x15cc  MBAMScheduler - ok
11:21:51.0523 0x15cc  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
11:21:51.0539 0x15cc  MBAMService - ok
11:21:51.0586 0x15cc  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:21:51.0586 0x15cc  MBAMSwissArmy - ok
11:21:51.0602 0x15cc  [ 0664F6335F108F38FE08C3CA747311EE, 04C5F31C57573DC4ABFC609D3F7C589835CE5C528AF5EE07FB25E35F72DF98A4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:21:51.0602 0x15cc  MBAMWebAccessControl - ok
11:21:51.0633 0x15cc  [ 0D3CF8B876F55291B137B972891C1575, 2E7D0A54D5B2211D340EB56F3D5FCB8362E75415A3C75F553643BA55888DC690 ] MBI             C:\Windows\system32\drivers\MBI.sys
11:21:51.0633 0x15cc  MBI - ok
11:21:51.0664 0x15cc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
11:21:51.0664 0x15cc  megasas - ok
11:21:51.0695 0x15cc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
11:21:51.0773 0x15cc  megasr - ok
11:21:51.0820 0x15cc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
11:21:51.0820 0x15cc  MMCSS - ok
11:21:51.0836 0x15cc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
11:21:51.0836 0x15cc  Modem - ok
11:21:51.0867 0x15cc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
11:21:51.0867 0x15cc  monitor - ok
11:21:51.0883 0x15cc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:21:51.0883 0x15cc  mouclass - ok
11:21:51.0898 0x15cc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:21:51.0898 0x15cc  mouhid - ok
11:21:51.0914 0x15cc  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:21:51.0930 0x15cc  mountmgr - ok
11:21:51.0992 0x15cc  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:21:51.0992 0x15cc  MozillaMaintenance - ok
11:21:52.0039 0x15cc  MpKslec46e7a9 - ok
11:21:52.0055 0x15cc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:21:52.0070 0x15cc  mpsdrv - ok
11:21:52.0117 0x15cc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:21:52.0149 0x15cc  MpsSvc - ok
11:21:52.0180 0x15cc  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:21:52.0195 0x15cc  MRxDAV - ok
11:21:52.0227 0x15cc  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:21:52.0258 0x15cc  mrxsmb - ok
11:21:52.0273 0x15cc  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:21:52.0289 0x15cc  mrxsmb10 - ok
11:21:52.0320 0x15cc  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:21:52.0336 0x15cc  mrxsmb20 - ok
11:21:52.0357 0x15cc  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:21:52.0373 0x15cc  MsBridge - ok
11:21:52.0389 0x15cc  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
11:21:52.0404 0x15cc  MSDTC - ok
11:21:52.0451 0x15cc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:21:52.0451 0x15cc  Msfs - ok
11:21:52.0467 0x15cc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:21:52.0467 0x15cc  msgpiowin32 - ok
11:21:52.0482 0x15cc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:21:52.0482 0x15cc  mshidkmdf - ok
11:21:52.0514 0x15cc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:21:52.0514 0x15cc  mshidumdf - ok
11:21:52.0529 0x15cc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:21:52.0529 0x15cc  msisadrv - ok
11:21:52.0576 0x15cc  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:21:52.0576 0x15cc  MSiSCSI - ok
11:21:52.0592 0x15cc  msiserver - ok
11:21:52.0607 0x15cc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:21:52.0607 0x15cc  MSKSSRV - ok
11:21:52.0623 0x15cc  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:21:52.0623 0x15cc  MsLldp - ok
11:21:52.0654 0x15cc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:21:52.0654 0x15cc  MSPCLOCK - ok
11:21:52.0670 0x15cc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:21:52.0670 0x15cc  MSPQM - ok
11:21:52.0701 0x15cc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:21:52.0717 0x15cc  MsRPC - ok
11:21:52.0732 0x15cc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:21:52.0732 0x15cc  mssmbios - ok
11:21:52.0764 0x15cc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:21:52.0764 0x15cc  MSTEE - ok
11:21:52.0779 0x15cc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:21:52.0779 0x15cc  MTConfig - ok
11:21:52.0795 0x15cc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
11:21:52.0810 0x15cc  Mup - ok
11:21:52.0810 0x15cc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:21:52.0810 0x15cc  mvumis - ok
11:21:52.0857 0x15cc  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
11:21:52.0873 0x15cc  napagent - ok
11:21:52.0935 0x15cc  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:21:52.0982 0x15cc  NativeWifiP - ok
11:21:53.0029 0x15cc  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:21:53.0045 0x15cc  NcaSvc - ok
11:21:53.0060 0x15cc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
11:21:53.0076 0x15cc  NcbService - ok
11:21:53.0092 0x15cc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:21:53.0107 0x15cc  NcdAutoSetup - ok
11:21:53.0170 0x15cc  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:21:53.0217 0x15cc  NDIS - ok
11:21:53.0248 0x15cc  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:21:53.0248 0x15cc  NdisCap - ok
11:21:53.0264 0x15cc  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:21:53.0279 0x15cc  NdisImPlatform - ok
11:21:53.0295 0x15cc  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:21:53.0295 0x15cc  NdisTapi - ok
11:21:53.0326 0x15cc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:21:53.0326 0x15cc  Ndisuio - ok
11:21:53.0342 0x15cc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
11:21:53.0342 0x15cc  NdisVirtualBus - ok
11:21:53.0357 0x15cc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:21:53.0373 0x15cc  NdisWan - ok
11:21:53.0389 0x15cc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
11:21:53.0404 0x15cc  NdisWanLegacy - ok
11:21:53.0404 0x15cc  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:21:53.0404 0x15cc  NDProxy - ok
11:21:53.0435 0x15cc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:21:53.0435 0x15cc  Ndu - ok
11:21:53.0451 0x15cc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:21:53.0451 0x15cc  NetBIOS - ok
11:21:53.0482 0x15cc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:21:53.0498 0x15cc  NetBT - ok
11:21:53.0514 0x15cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
11:21:53.0529 0x15cc  Netlogon - ok
11:21:53.0560 0x15cc  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
11:21:53.0592 0x15cc  Netman - ok
11:21:53.0639 0x15cc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:21:53.0670 0x15cc  netprofm - ok
11:21:53.0732 0x15cc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:21:53.0748 0x15cc  NetTcpPortSharing - ok
11:21:53.0779 0x15cc  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
11:21:53.0779 0x15cc  netvsc - ok
11:21:54.0310 0x15cc  [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
11:21:54.0884 0x15cc  NETwNs64 - ok
11:21:55.0025 0x15cc  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:21:55.0056 0x15cc  NlaSvc - ok
11:21:55.0072 0x15cc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:21:55.0072 0x15cc  Npfs - ok
11:21:55.0088 0x15cc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:21:55.0103 0x15cc  npsvctrig - ok
11:21:55.0119 0x15cc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
11:21:55.0119 0x15cc  nsi - ok
11:21:55.0150 0x15cc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:21:55.0150 0x15cc  nsiproxy - ok
11:21:55.0291 0x15cc  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:21:55.0385 0x15cc  Ntfs - ok
11:21:55.0400 0x15cc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
11:21:55.0400 0x15cc  Null - ok
11:21:55.0431 0x15cc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:21:55.0447 0x15cc  nvraid - ok
11:21:55.0463 0x15cc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:21:55.0478 0x15cc  nvstor - ok
11:21:55.0478 0x15cc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:21:55.0494 0x15cc  nv_agp - ok
11:21:55.0525 0x15cc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:21:55.0541 0x15cc  p2pimsvc - ok
11:21:55.0588 0x15cc  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:21:55.0619 0x15cc  p2psvc - ok
11:21:55.0634 0x15cc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
11:21:55.0634 0x15cc  Parport - ok
11:21:55.0666 0x15cc  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:21:55.0666 0x15cc  partmgr - ok
11:21:55.0697 0x15cc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:21:55.0728 0x15cc  PcaSvc - ok
11:21:55.0775 0x15cc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
11:21:55.0791 0x15cc  pci - ok
11:21:55.0806 0x15cc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:21:55.0822 0x15cc  pciide - ok
11:21:55.0838 0x15cc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:21:55.0838 0x15cc  pcmcia - ok
11:21:55.0869 0x15cc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:21:55.0869 0x15cc  pcw - ok
11:21:55.0884 0x15cc  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\Windows\system32\drivers\pdc.sys
11:21:55.0884 0x15cc  pdc - ok
11:21:55.0931 0x15cc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:21:55.0963 0x15cc  PEAUTH - ok
11:21:56.0041 0x15cc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:21:56.0056 0x15cc  PerfHost - ok
11:21:56.0134 0x15cc  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
11:21:56.0213 0x15cc  pla - ok
11:21:56.0259 0x15cc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:21:56.0259 0x15cc  PlugPlay - ok
11:21:56.0291 0x15cc  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:21:56.0291 0x15cc  PNRPAutoReg - ok
11:21:56.0322 0x15cc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:21:56.0338 0x15cc  PNRPsvc - ok
11:21:56.0373 0x15cc  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:21:56.0404 0x15cc  PolicyAgent - ok
11:21:56.0435 0x15cc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
11:21:56.0451 0x15cc  Power - ok
11:21:56.0701 0x15cc  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:21:56.0794 0x15cc  PrintNotify - ok
11:21:56.0810 0x15cc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
11:21:56.0826 0x15cc  Processor - ok
11:21:56.0857 0x15cc  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:21:56.0857 0x15cc  ProfSvc - ok
11:21:56.0888 0x15cc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:21:56.0888 0x15cc  Psched - ok
11:21:56.0935 0x15cc  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
11:21:56.0951 0x15cc  QWAVE - ok
11:21:56.0966 0x15cc  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:21:56.0982 0x15cc  QWAVEdrv - ok
11:21:56.0998 0x15cc  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:21:56.0998 0x15cc  RasAcd - ok
11:21:57.0013 0x15cc  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:21:57.0029 0x15cc  RasAuto - ok
11:21:57.0060 0x15cc  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\Windows\System32\rasmans.dll
11:21:57.0107 0x15cc  RasMan - ok
11:21:57.0123 0x15cc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:21:57.0123 0x15cc  RasPppoe - ok
11:21:57.0154 0x15cc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:21:57.0185 0x15cc  rdbss - ok
11:21:57.0232 0x15cc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:21:57.0232 0x15cc  rdpbus - ok
11:21:57.0248 0x15cc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:21:57.0263 0x15cc  RDPDR - ok
11:21:57.0294 0x15cc  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:21:57.0310 0x15cc  RdpVideoMiniport - ok
11:21:57.0341 0x15cc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:21:57.0357 0x15cc  rdyboost - ok
11:21:57.0404 0x15cc  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
11:21:57.0466 0x15cc  ReFS - ok
11:21:57.0498 0x15cc  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:21:57.0513 0x15cc  RemoteAccess - ok
11:21:57.0545 0x15cc  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:21:57.0560 0x15cc  RemoteRegistry - ok
11:21:57.0576 0x15cc  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
11:21:57.0576 0x15cc  RFCOMM - ok
11:21:57.0607 0x15cc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:21:57.0607 0x15cc  RpcEptMapper - ok
11:21:57.0638 0x15cc  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
11:21:57.0638 0x15cc  RpcLocator - ok
11:21:57.0670 0x15cc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\Windows\system32\rpcss.dll
11:21:57.0701 0x15cc  RpcSs - ok
11:21:57.0732 0x15cc  [ 566B32C6C06B31384C4D5D7762955A8F, A71E746CED15294DC5268953AE573D3DD59829A7B28F0FC887F343D762F69897 ] RSBASTOR        C:\Windows\system32\DRIVERS\RtsBaStor.sys
11:21:57.0748 0x15cc  RSBASTOR - ok
11:21:57.0763 0x15cc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:21:57.0779 0x15cc  rspndr - ok
11:21:57.0826 0x15cc  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:21:57.0857 0x15cc  RTL8168 - ok
11:21:57.0888 0x15cc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:21:57.0888 0x15cc  s3cap - ok
11:21:57.0920 0x15cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
11:21:57.0920 0x15cc  SamSs - ok
11:21:57.0951 0x15cc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:21:57.0951 0x15cc  sbp2port - ok
11:21:57.0982 0x15cc  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:21:57.0998 0x15cc  SCardSvr - ok
11:21:58.0013 0x15cc  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
11:21:58.0029 0x15cc  ScDeviceEnum - ok
11:21:58.0045 0x15cc  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:21:58.0045 0x15cc  scfilter - ok
11:21:58.0123 0x15cc  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\Windows\system32\schedsvc.dll
11:21:58.0170 0x15cc  Schedule - ok
11:21:58.0201 0x15cc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:21:58.0201 0x15cc  SCPolicySvc - ok
11:21:58.0232 0x15cc  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:21:58.0248 0x15cc  sdbus - ok
11:21:58.0263 0x15cc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:21:58.0279 0x15cc  sdstor - ok
11:21:58.0295 0x15cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:21:58.0295 0x15cc  secdrv - ok
11:21:58.0326 0x15cc  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
11:21:58.0326 0x15cc  seclogon - ok
11:21:58.0341 0x15cc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
11:21:58.0357 0x15cc  SENS - ok
11:21:58.0373 0x15cc  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:21:58.0388 0x15cc  SensrSvc - ok
11:21:58.0420 0x15cc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:21:58.0420 0x15cc  SerCx - ok
11:21:58.0451 0x15cc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
11:21:58.0451 0x15cc  SerCx2 - ok
11:21:58.0482 0x15cc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:21:58.0482 0x15cc  Serenum - ok
11:21:58.0513 0x15cc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
11:21:58.0513 0x15cc  Serial - ok
11:21:58.0513 0x15cc  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:21:58.0529 0x15cc  sermouse - ok
11:21:58.0576 0x15cc  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:21:58.0591 0x15cc  SessionEnv - ok
11:21:58.0607 0x15cc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:21:58.0607 0x15cc  sfloppy - ok
11:21:58.0638 0x15cc  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:21:58.0670 0x15cc  SharedAccess - ok
11:21:58.0732 0x15cc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:21:58.0779 0x15cc  ShellHWDetection - ok
11:21:58.0779 0x15cc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:21:58.0795 0x15cc  SiSRaid2 - ok
11:21:58.0826 0x15cc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:21:58.0826 0x15cc  SiSRaid4 - ok
11:21:58.0951 0x15cc  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:21:58.0966 0x15cc  SkypeUpdate - ok
11:21:59.0013 0x15cc  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
11:21:59.0013 0x15cc  smphost - ok
11:21:59.0029 0x15cc  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:21:59.0045 0x15cc  SNMPTRAP - ok
11:21:59.0107 0x15cc  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:21:59.0123 0x15cc  spaceport - ok
11:21:59.0154 0x15cc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:21:59.0154 0x15cc  SpbCx - ok
11:21:59.0216 0x15cc  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\Windows\System32\spoolsv.exe
11:21:59.0248 0x15cc  Spooler - ok
11:21:59.0591 0x15cc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
11:21:59.0795 0x15cc  sppsvc - ok
11:21:59.0888 0x15cc  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:21:59.0966 0x15cc  srv - ok
11:22:00.0029 0x15cc  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:22:00.0060 0x15cc  srv2 - ok
11:22:00.0092 0x15cc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:22:00.0107 0x15cc  srvnet - ok
11:22:00.0138 0x15cc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:22:00.0185 0x15cc  SSDPSRV - ok
11:22:00.0201 0x15cc  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:22:00.0217 0x15cc  SstpSvc - ok
11:22:00.0248 0x15cc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:22:00.0248 0x15cc  stexstor - ok
11:22:00.0295 0x15cc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
11:22:00.0326 0x15cc  stisvc - ok
11:22:00.0342 0x15cc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
11:22:00.0342 0x15cc  storahci - ok
11:22:00.0376 0x15cc  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:22:00.0379 0x15cc  storflt - ok
11:22:00.0390 0x15cc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
11:22:00.0392 0x15cc  stornvme - ok
11:22:00.0408 0x15cc  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
11:22:00.0408 0x15cc  StorSvc - ok
11:22:00.0423 0x15cc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:22:00.0423 0x15cc  storvsc - ok
11:22:00.0454 0x15cc  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
11:22:00.0454 0x15cc  svsvc - ok
11:22:00.0470 0x15cc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
11:22:00.0470 0x15cc  swenum - ok
11:22:00.0533 0x15cc  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\Windows\System32\swprv.dll
11:22:00.0564 0x15cc  swprv - ok
11:22:00.0673 0x15cc  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\Windows\system32\sysmain.dll
11:22:00.0751 0x15cc  SysMain - ok
11:22:00.0814 0x15cc  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:22:00.0830 0x15cc  SystemEventsBroker - ok
11:22:00.0845 0x15cc  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
11:22:00.0845 0x15cc  TabletInputService - ok
11:22:00.0876 0x15cc  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:22:00.0892 0x15cc  TapiSrv - ok
11:22:01.0033 0x15cc  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:22:01.0142 0x15cc  Tcpip - ok
11:22:01.0298 0x15cc  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:22:01.0376 0x15cc  TCPIP6 - ok
11:22:01.0408 0x15cc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:22:01.0408 0x15cc  tcpipreg - ok
11:22:01.0439 0x15cc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:22:01.0439 0x15cc  tdx - ok
11:22:01.0470 0x15cc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:22:01.0470 0x15cc  terminpt - ok
11:22:01.0549 0x15cc  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\Windows\System32\termsrv.dll
11:22:01.0580 0x15cc  TermService - ok
11:22:01.0611 0x15cc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
11:22:01.0611 0x15cc  Themes - ok
11:22:01.0642 0x15cc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:22:01.0642 0x15cc  THREADORDER - ok
11:22:01.0674 0x15cc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:22:01.0689 0x15cc  TimeBroker - ok
11:22:01.0736 0x15cc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
11:22:01.0736 0x15cc  TPM - ok
11:22:01.0767 0x15cc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
11:22:01.0767 0x15cc  TrkWks - ok
11:22:01.0814 0x15cc  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:22:01.0830 0x15cc  TrustedInstaller - ok
11:22:01.0845 0x15cc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:22:01.0861 0x15cc  TsUsbFlt - ok
11:22:01.0877 0x15cc  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:22:01.0877 0x15cc  TsUsbGD - ok
11:22:01.0908 0x15cc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:22:01.0908 0x15cc  tunnel - ok
11:22:01.0939 0x15cc  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys
11:22:01.0939 0x15cc  TXEIx64 - ok
11:22:01.0955 0x15cc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:22:01.0955 0x15cc  uagp35 - ok
11:22:01.0970 0x15cc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:22:01.0970 0x15cc  UASPStor - ok
11:22:02.0002 0x15cc  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:22:02.0017 0x15cc  UCX01000 - ok
11:22:02.0033 0x15cc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:22:02.0049 0x15cc  udfs - ok
11:22:02.0064 0x15cc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
11:22:02.0064 0x15cc  UEFI - ok
11:22:02.0095 0x15cc  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:22:02.0111 0x15cc  UI0Detect - ok
11:22:02.0111 0x15cc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:22:02.0127 0x15cc  uliagpkx - ok
11:22:02.0142 0x15cc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:22:02.0142 0x15cc  umbus - ok
11:22:02.0142 0x15cc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:22:02.0158 0x15cc  UmPass - ok
11:22:02.0189 0x15cc  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:22:02.0205 0x15cc  UmRdpService - ok
11:22:02.0236 0x15cc  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
11:22:02.0252 0x15cc  upnphost - ok
11:22:02.0283 0x15cc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:22:02.0283 0x15cc  usbccgp - ok
11:22:02.0299 0x15cc  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:22:02.0330 0x15cc  usbcir - ok
11:22:02.0392 0x15cc  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:22:02.0408 0x15cc  usbehci - ok
11:22:02.0470 0x15cc  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:22:02.0502 0x15cc  usbhub - ok
11:22:02.0533 0x15cc  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:22:02.0549 0x15cc  USBHUB3 - ok
11:22:02.0595 0x15cc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:22:02.0595 0x15cc  usbohci - ok
11:22:02.0611 0x15cc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:22:02.0611 0x15cc  usbprint - ok
11:22:02.0642 0x15cc  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:22:02.0658 0x15cc  USBSTOR - ok
11:22:02.0689 0x15cc  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:22:02.0705 0x15cc  usbuhci - ok
11:22:02.0736 0x15cc  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:22:02.0736 0x15cc  usbvideo - ok
11:22:02.0767 0x15cc  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:22:02.0783 0x15cc  USBXHCI - ok
11:22:02.0814 0x15cc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:22:02.0814 0x15cc  VaultSvc - ok
11:22:02.0830 0x15cc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:22:02.0830 0x15cc  vdrvroot - ok
11:22:02.0924 0x15cc  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe
11:22:02.0986 0x15cc  vds - ok
11:22:03.0017 0x15cc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:22:03.0017 0x15cc  VerifierExt - ok
11:22:03.0080 0x15cc  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:22:03.0111 0x15cc  vhdmp - ok
11:22:03.0142 0x15cc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:22:03.0142 0x15cc  viaide - ok
11:22:03.0158 0x15cc  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:22:03.0158 0x15cc  vmbus - ok
11:22:03.0174 0x15cc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:22:03.0174 0x15cc  VMBusHID - ok
11:22:03.0252 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
11:22:03.0283 0x15cc  vmicguestinterface - ok
11:22:03.0314 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:22:03.0330 0x15cc  vmicheartbeat - ok
11:22:03.0361 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:22:03.0377 0x15cc  vmickvpexchange - ok
11:22:03.0408 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:22:03.0411 0x15cc  vmicrdv - ok
11:22:03.0443 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:22:03.0458 0x15cc  vmicshutdown - ok
11:22:03.0490 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:22:03.0505 0x15cc  vmictimesync - ok
11:22:03.0521 0x15cc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
11:22:03.0552 0x15cc  vmicvss - ok
11:22:03.0568 0x15cc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:22:03.0568 0x15cc  volmgr - ok
11:22:03.0630 0x15cc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:22:03.0661 0x15cc  volmgrx - ok
11:22:03.0693 0x15cc  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:22:03.0708 0x15cc  volsnap - ok
11:22:03.0724 0x15cc  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
11:22:03.0724 0x15cc  vpci - ok
11:22:03.0755 0x15cc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:22:03.0755 0x15cc  vsmraid - ok
11:22:03.0865 0x15cc  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\Windows\system32\vssvc.exe
11:22:03.0927 0x15cc  VSS - ok
11:22:03.0958 0x15cc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:22:03.0958 0x15cc  VSTXRAID - ok
11:22:03.0990 0x15cc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:22:03.0990 0x15cc  vwifibus - ok
11:22:04.0021 0x15cc  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:22:04.0021 0x15cc  vwififlt - ok
11:22:04.0037 0x15cc  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:22:04.0052 0x15cc  vwifimp - ok
11:22:04.0099 0x15cc  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
11:22:04.0115 0x15cc  W32Time - ok
11:22:04.0130 0x15cc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:22:04.0130 0x15cc  WacomPen - ok
11:22:04.0208 0x15cc  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\Windows\system32\wbengine.exe
11:22:04.0271 0x15cc  wbengine - ok
11:22:04.0333 0x15cc  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:22:04.0349 0x15cc  WbioSrvc - ok
11:22:04.0365 0x15cc  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:22:04.0380 0x15cc  Wcmsvc - ok
11:22:04.0412 0x15cc  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:22:04.0427 0x15cc  wcncsvc - ok
11:22:04.0443 0x15cc  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:22:04.0443 0x15cc  WcsPlugInService - ok
11:22:04.0490 0x15cc  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:22:04.0490 0x15cc  WdBoot - ok
11:22:04.0552 0x15cc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:22:04.0583 0x15cc  Wdf01000 - ok
11:22:04.0615 0x15cc  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:22:04.0630 0x15cc  WdFilter - ok
11:22:04.0662 0x15cc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:22:04.0662 0x15cc  WdiServiceHost - ok
11:22:04.0677 0x15cc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:22:04.0677 0x15cc  WdiSystemHost - ok
11:22:04.0708 0x15cc  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
11:22:04.0708 0x15cc  WdNisDrv - ok
11:22:04.0740 0x15cc  WdNisSvc - ok
11:22:04.0755 0x15cc  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\Windows\System32\webclnt.dll
11:22:04.0771 0x15cc  WebClient - ok
11:22:04.0802 0x15cc  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:22:04.0818 0x15cc  Wecsvc - ok
11:22:04.0849 0x15cc  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
11:22:04.0849 0x15cc  WEPHOSTSVC - ok
11:22:04.0865 0x15cc  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:22:04.0880 0x15cc  wercplsupport - ok
11:22:04.0896 0x15cc  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:22:04.0896 0x15cc  WerSvc - ok
11:22:04.0943 0x15cc  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:22:04.0943 0x15cc  WFPLWFS - ok
11:22:04.0958 0x15cc  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:22:04.0974 0x15cc  WiaRpc - ok
11:22:04.0990 0x15cc  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:22:04.0990 0x15cc  WIMMount - ok
11:22:05.0005 0x15cc  WinDefend - ok
11:22:05.0068 0x15cc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:22:05.0099 0x15cc  WinHttpAutoProxySvc - ok
11:22:05.0177 0x15cc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:22:05.0240 0x15cc  Winmgmt - ok
11:22:05.0412 0x15cc  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\Windows\system32\WsmSvc.dll
11:22:05.0537 0x15cc  WinRM - ok
11:22:05.0568 0x15cc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
11:22:05.0583 0x15cc  WinUsb - ok
11:22:05.0662 0x15cc  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:22:05.0755 0x15cc  WlanSvc - ok
11:22:05.0849 0x15cc  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:22:05.0896 0x15cc  wlidsvc - ok
11:22:05.0927 0x15cc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:22:05.0927 0x15cc  WmiAcpi - ok
11:22:05.0958 0x15cc  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:22:05.0958 0x15cc  wmiApSrv - ok
11:22:05.0990 0x15cc  WMPNetworkSvc - ok
11:22:06.0021 0x15cc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
11:22:06.0021 0x15cc  Wof - ok
11:22:06.0115 0x15cc  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
11:22:06.0193 0x15cc  workfolderssvc - ok
11:22:06.0224 0x15cc  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:22:06.0224 0x15cc  wpcfltr - ok
11:22:06.0255 0x15cc  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:22:06.0255 0x15cc  WPCSvc - ok
11:22:06.0287 0x15cc  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:22:06.0287 0x15cc  WPDBusEnum - ok
11:22:06.0302 0x15cc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:22:06.0302 0x15cc  WpdUpFltr - ok
11:22:06.0318 0x15cc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:22:06.0318 0x15cc  ws2ifsl - ok
11:22:06.0349 0x15cc  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:22:06.0349 0x15cc  wscsvc - ok
11:22:06.0396 0x15cc  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
11:22:06.0396 0x15cc  WSDPrintDevice - ok
11:22:06.0449 0x15cc  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\Windows\System32\drivers\WSDScan.sys
11:22:06.0449 0x15cc  WSDScan - ok
11:22:06.0449 0x15cc  WSearch - ok
11:22:06.0668 0x15cc  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll
11:22:06.0840 0x15cc  WSService - ok
11:22:07.0012 0x15cc  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:22:07.0121 0x15cc  wuauserv - ok
11:22:07.0168 0x15cc  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:22:07.0183 0x15cc  WudfPf - ok
11:22:07.0199 0x15cc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:22:07.0215 0x15cc  WUDFRd - ok
11:22:07.0230 0x15cc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
11:22:07.0246 0x15cc  WUDFSensorLP - ok
11:22:07.0262 0x15cc  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:22:07.0262 0x15cc  wudfsvc - ok
11:22:07.0277 0x15cc  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
11:22:07.0293 0x15cc  WUDFWpdFs - ok
11:22:07.0340 0x15cc  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:22:07.0387 0x15cc  WwanSvc - ok
11:22:07.0418 0x15cc  ================ Scan global ===============================
11:22:07.0453 0x15cc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
11:22:07.0484 0x15cc  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
11:22:07.0515 0x15cc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
11:22:07.0578 0x15cc  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
11:22:07.0609 0x15cc  [ Global ] - ok
11:22:07.0609 0x15cc  ================ Scan MBR ==================================
11:22:07.0640 0x15cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:22:07.0749 0x15cc  \Device\Harddisk0\DR0 - ok
11:22:07.0749 0x15cc  ================ Scan VBR ==================================
11:22:07.0765 0x15cc  [ A0D1D83A99ECC0BBADA4068F2376F609 ] \Device\Harddisk0\DR0\Partition1
11:22:07.0781 0x15cc  \Device\Harddisk0\DR0\Partition1 - ok
11:22:07.0812 0x15cc  [ DA06E51183E068B3854925525F1FB4B4 ] \Device\Harddisk0\DR0\Partition2
11:22:07.0828 0x15cc  \Device\Harddisk0\DR0\Partition2 - ok
11:22:07.0843 0x15cc  [ 3B1727C808837DAC4104A16DB3F7F6F8 ] \Device\Harddisk0\DR0\Partition3
11:22:07.0843 0x15cc  \Device\Harddisk0\DR0\Partition3 - ok
11:22:07.0859 0x15cc  [ 5D9404F803A5D4D776F1E0BFE48774D6 ] \Device\Harddisk0\DR0\Partition4
11:22:07.0874 0x15cc  \Device\Harddisk0\DR0\Partition4 - ok
11:22:07.0921 0x15cc  [ E5F7ABBA9C005716404954BAEE446C0D ] \Device\Harddisk0\DR0\Partition5
11:22:07.0953 0x15cc  \Device\Harddisk0\DR0\Partition5 - ok
11:22:07.0953 0x15cc  ================ Scan generic autorun ======================
11:22:08.0031 0x15cc  [ C3E0B008C3EF33DBEC90209B1FC7B5BD, 43B8E194381B4129D8367CCCE6CB4656A11414A9EB72912800F01DD735BFB86D ] C:\Windows\system32\igfxtray.exe
11:22:08.0062 0x15cc  IgfxTray - ok
11:22:08.0109 0x15cc  [ 5CA2166CC4BD93E4986DFA209FBD3935, C279067C2B6F29DA6250BABC1DBF6F52935ECBFA7B5FC3AC97A6E0BB86091F27 ] C:\Windows\system32\hkcmd.exe
11:22:08.0156 0x15cc  HotKeysCmds - ok
11:22:08.0265 0x15cc  [ 232390232619AD98E0D070704303E50D, 1D3582E582B2BC19DF30ED7A038684099727DA82350B1EC61A87F2F94195E5B0 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
11:22:08.0328 0x15cc  ASUSPRP - ok
11:22:08.0343 0x15cc  [ 18C6EB33C4392AFFAC81D5FF9F7EBF86, 456ACF6ABD8C86C564683BEC9CB29160E59F1F8A19E48AAC429E3F8540E0CB24 ] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
11:22:08.0343 0x15cc  WebStorage - ok
11:22:08.0390 0x15cc  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
11:22:08.0390 0x15cc  RemoteControl10 - ok
11:22:08.0468 0x15cc  [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
11:22:08.0499 0x15cc  iTunesHelper - ok
11:22:08.0562 0x15cc  [ 6320CA4A7C486D412D01391E202745F6, D694D6A6C696AF16F14A000E0DD09D7BD6F177CEDAF6BD20012AEED4CB531EE4 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE
11:22:08.0578 0x15cc  EPLTarget\P0000000000000000 - ok
11:22:08.0703 0x15cc  [ B9829EE922823F86D556564E6654D4E9, 4CB956C21B0CC0D15C1DBA8CD359208928AFCD2CED09B29566615E0BD3F4FFD6 ] C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe
11:22:08.0781 0x15cc  AIM for Windows - ok
11:22:08.0796 0x15cc  Skype - ok
11:22:08.0796 0x15cc  Waiting for KSN requests completion. In queue: 105
11:22:09.0809 0x15cc  Waiting for KSN requests completion. In queue: 105
11:22:10.0825 0x15cc  Waiting for KSN requests completion. In queue: 105
11:22:12.0200 0x15cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x61100 ( enabled : updated )
11:22:12.0215 0x15cc  Win FW state via NFP2: enabled
11:22:14.0805 0x15cc  ============================================================
11:22:14.0805 0x15cc  Scan finished
11:22:14.0805 0x15cc  ============================================================
11:22:14.0821 0x17d8  Detected object count: 0
11:22:14.0821 0x17d8  Actual detected object count: 0

Link to post
Share on other sites

Hello, 
 
Those logs look good. Please work your way through the following. 
 
STEP 1
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts.
  • Click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
  • Follow the prompts and allow your computer to reboot.
  • After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 
 
STEP 2
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted.
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • AdwCleaner[s0].txt
  • JRT.txt
  • FRST.txt
  • Addition.txt
     
Link to post
Share on other sites

Here is my log on Adwcleaner


# AdwCleaner v3.310 - Report created 25/09/2014 at 12:01:01
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1 Connected  (64 bits)
# Username : Kelsey - ROCKET
# Running from : C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\qxdx0cjx.default-1411642132038\prefs.js ]


*************************

AdwCleaner[R0].txt - [2503 octets] - [25/09/2014 01:48:45]
AdwCleaner[R1].txt - [2403 octets] - [25/09/2014 12:01:01]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2463 octets] ##########
 

 

I know that the Linkey and Softsonic are worthy of deleting, but I'm not sure what is legitimate and what isn't. Should I just clear them all?

Link to post
Share on other sites

This is for the Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.0 (09.22.2014:1)
OS: Windows 8.1 Connected x64
Ran by Kelsey on Thu 09/25/2014 at 12:27:46.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1984596698-3233877183-1367041420-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Kelsey\AppData\Roaming\mozilla\firefox\profiles\qxdx0cjx.default-1411642132038\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 09/25/2014 at 12:32:27.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



So far so good. :) Next is coming the FRS log.

Link to post
Share on other sites

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Kelsey (administrator) on ROCKET on 25-09-2014 12:37:11
Running from C:\Users\Kelsey\Downloads
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHWA.EXE
(AOL Inc.) C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AdFender, Inc.) C:\Program Files (x86)\AdFender\AdFender.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-24] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [AIM for Windows] => C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe [1075144 2014-02-04] (AOL Inc.)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA0793E948FD7CF01
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{22E7428A-D459-4ABD-AC59-50051B78086C}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5930C68C-6818-4556-90A6-F28B141CBA7F}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{DC9548E0-34DC-4B41-BCC4-42F9A6ABB174}: [NameServer] 208.69.150.252,208.69.150.250

FireFox:
========
FF ProfilePath: C:\Users\Kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\qxdx0cjx.default-1411642132038
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-24] (ASUS Cloud Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S1 MpKslec46e7a9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA68BD0B-9EAA-4970-8C89-C4F13587F6FE}\MpKslec46e7a9.sys [X]
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 12:37 - 2014-09-25 12:38 - 00011933 _____ () C:\Users\Kelsey\Downloads\FRST.txt
2014-09-25 12:36 - 2014-09-25 12:37 - 00000000 ____D () C:\FRST
2014-09-25 12:35 - 2014-09-25 12:35 - 02106880 _____ (Farbar) C:\Users\Kelsey\Downloads\FRST64.exe
2014-09-25 12:32 - 2014-09-25 12:32 - 00001507 _____ () C:\Users\Kelsey\Desktop\JRT.txt
2014-09-25 12:27 - 2014-09-25 12:27 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 11:58 - 2014-09-25 11:58 - 01024790 _____ (Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
2014-09-25 11:14 - 2014-09-25 11:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kelsey\Downloads\tdsskiller.exe
2014-09-25 01:48 - 2014-09-25 12:19 - 00000000 ____D () C:\AdwCleaner
2014-09-25 01:46 - 2014-09-25 01:46 - 01373475 _____ () C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
2014-09-25 00:09 - 2014-09-25 00:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 23:48 - 2014-09-24 23:48 - 00000000 ____D () C:\Users\Kelsey\Desktop\Old Firefox Data
2014-09-24 10:20 - 2014-09-24 10:20 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Macromedia
2014-09-24 10:19 - 2014-09-25 12:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 10:19 - 2014-09-24 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 10:19 - 2014-09-24 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-24 10:18 - 2014-09-24 10:19 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Adobe

Link to post
Share on other sites

Additional.

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by Kelsey at 2014-09-25 12:40:12
Running from C:\Users\Kelsey\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdFender (HKLM-x32\...\AdFender) (Version: 1.83 - AdFender, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AIM for Windows (HKCU\...\AIM) (Version:  - AOL Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5712.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version:  - SEIKO EPSON Corporation)
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel® Trusted Execution Engine Driver (Version: 1.0.0.1064 - Intel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7213 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

11-09-2014 00:52:39 Scheduled Checkpoint
15-09-2014 02:37:53 Windows Update
19-09-2014 14:35:22 Windows Update
25-09-2014 01:44:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 02:25 - 2013-08-22 02:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1DFB4E93-A50C-4368-B841-E397A1CD8A34} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-17] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2860F7A3-7312-4E33-A49A-C4A482F86B53} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D9126DE-032D-49B2-820A-E40F9AFA8D87} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2F77C99A-CC26-4B19-9C48-9E056CFD5D78} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {302CC9D7-E9A0-44B2-B6C9-E581565CDE65} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {371E8A9F-1C8D-4DD9-8BB2-3273A6978AF8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-20] (Realtek Semiconductor)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {59A6FEA7-9A79-45A6-9DF6-D96B6E748927} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-20] (Microsoft Corporation)
Task: {61B342AA-9DDF-44FA-9D7D-FB9996356F61} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {690C8AC4-1C09-463B-92C7-FD28CAFAFE8E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {738065ED-D60C-41A4-BB79-7210E1F354A9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {743982EF-54CC-4D89-967C-6867A5EC5FFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {77CEE2AD-C081-4937-ACC6-95927AD5F34D} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-30] (Realtek Semiconductor)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7CFD618F-80A2-4B79-8910-1B9900ED1089} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {82683EB0-50AD-4E1E-8D81-4D2E8BE195B2} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {957BC611-1402-4921-B043-B94764421E42} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D66CC15F-8C22-4DE7-8DE7-A0BC65C43F13} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E853A63E-B75E-4E0E-A904-FB83BF55839C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {EAE483F9-F1D4-42F8-A9D1-2340B7CBDB2F} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2014-09-25] ()
Task: {FB1878DC-8EC1-4F09-A068-B1CC86817D10} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2014-09-25] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-02-23 23:59 - 2014-02-23 23:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-08 16:41 - 2013-10-08 16:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 14:23 - 2013-09-09 14:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-02-04 10:47 - 2014-02-04 10:47 - 23782856 _____ () C:\Users\Kelsey\AppData\Local\AOL\AIM\libcef.dll
2014-02-04 08:33 - 2014-02-04 08:33 - 16233864 _____ () C:\Users\Kelsey\AppData\Local\AOL\AIM\npswf32.dll
2014-09-25 00:09 - 2014-09-25 00:09 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Kelsey\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (09/25/2014 00:40:54 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/25/2014 00:40:24 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/25/2014 00:38:35 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/25/2014 00:38:05 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/25/2014 00:37:35 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/25/2014 00:37:05 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/25/2014 00:36:35 PM) (Source: DCOM) (EventID: 10010) (User: ROCKET)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-21 04:38:02.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-21 04:38:02.331
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-21 04:36:56.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-09-21 04:36:56.517
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-09-20 05:00:57.586
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-20 05:00:57.059
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-20 04:53:31.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-09-20 04:53:31.677
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-09-19 03:38:15.181
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-09-19 03:38:14.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel® Celeron® CPU N2830 @ 2.16GHz
Percentage of memory in use: 44%
Total physical RAM: 3982.68 MB
Available physical RAM: 2209.07 MB
Total Pagefile: 4686.68 MB
Available Pagefile: 2755.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.65 GB) (Free:405.76 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3F7852A4)

Partition: GPT Partition Type.

==================== End Of Log ============================




When I went to run this program, I noticed something called Sqlite which I've never seen before. Should I be concerned?

Link to post
Share on other sites

Sorry!!!!!
Here is the whole log. :)




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Kelsey (administrator) on ROCKET on 25-09-2014 12:37:11
Running from C:\Users\Kelsey\Downloads
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHWA.EXE
(AOL Inc.) C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AdFender, Inc.) C:\Program Files (x86)\AdFender\AdFender.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-24] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [AIM for Windows] => C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe [1075144 2014-02-04] (AOL Inc.)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA0793E948FD7CF01
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{22E7428A-D459-4ABD-AC59-50051B78086C}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5930C68C-6818-4556-90A6-F28B141CBA7F}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{DC9548E0-34DC-4B41-BCC4-42F9A6ABB174}: [NameServer] 208.69.150.252,208.69.150.250

FireFox:
========
FF ProfilePath: C:\Users\Kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\qxdx0cjx.default-1411642132038
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-24] (ASUS Cloud Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S1 MpKslec46e7a9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA68BD0B-9EAA-4970-8C89-C4F13587F6FE}\MpKslec46e7a9.sys [X]
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 12:37 - 2014-09-25 12:38 - 00011933 _____ () C:\Users\Kelsey\Downloads\FRST.txt
2014-09-25 12:36 - 2014-09-25 12:37 - 00000000 ____D () C:\FRST
2014-09-25 12:35 - 2014-09-25 12:35 - 02106880 _____ (Farbar) C:\Users\Kelsey\Downloads\FRST64.exe
2014-09-25 12:32 - 2014-09-25 12:32 - 00001507 _____ () C:\Users\Kelsey\Desktop\JRT.txt
2014-09-25 12:27 - 2014-09-25 12:27 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 11:58 - 2014-09-25 11:58 - 01024790 _____ (Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
2014-09-25 11:14 - 2014-09-25 11:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kelsey\Downloads\tdsskiller.exe
2014-09-25 01:48 - 2014-09-25 12:19 - 00000000 ____D () C:\AdwCleaner
2014-09-25 01:46 - 2014-09-25 01:46 - 01373475 _____ () C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
2014-09-25 00:09 - 2014-09-25 00:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 23:48 - 2014-09-24 23:48 - 00000000 ____D () C:\Users\Kelsey\Desktop\Old Firefox Data
2014-09-24 10:20 - 2014-09-24 10:20 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Macromedia
2014-09-24 10:19 - 2014-09-25 12:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 10:19 - 2014-09-24 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 10:19 - 2014-09-24 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-24 10:18 - 2014-09-24 10:19 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Adobe
2014-09-23 15:56 - 2014-09-25 12:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-23 15:56 - 2014-09-23 15:56 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-22 07:44 - 2014-09-22 07:44 - 00002259 _____ () C:\Windows\epplauncher.mif
2014-09-22 07:35 - 2014-09-22 07:40 - 14087848 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall (1).exe
2014-09-22 07:35 - 2014-09-22 07:37 - 11447608 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall.exe
2014-09-21 15:35 - 2014-09-25 12:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 15:35 - 2014-09-21 15:35 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-21 15:35 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-21 15:35 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-21 15:35 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-21 15:33 - 2014-09-21 15:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kelsey\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 04:26 - 2014-09-21 04:27 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\Program Files (x86)\AdFender
2014-09-21 04:24 - 2014-09-21 04:25 - 02735032 _____ (AdFender, Inc.) C:\Users\Kelsey\Downloads\Setup.exe
2014-09-20 04:57 - 2014-09-20 04:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-15 09:43 - 2014-08-22 20:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-15 09:43 - 2014-08-22 20:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-15 09:43 - 2014-08-22 19:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 09:43 - 2014-08-22 18:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 09:43 - 2014-08-22 17:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-15 09:43 - 2014-08-22 17:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-15 09:43 - 2014-08-22 17:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-15 09:43 - 2014-08-22 17:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-15 09:43 - 2014-08-22 17:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-15 09:43 - 2014-07-29 14:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-15 09:43 - 2014-07-28 18:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-15 09:42 - 2014-07-24 04:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-15 09:42 - 2014-07-24 04:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-15 09:42 - 2014-07-24 04:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-15 09:42 - 2014-07-24 04:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-15 09:42 - 2014-07-24 04:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-15 09:42 - 2014-07-24 04:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 09:42 - 2014-07-24 04:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-15 09:42 - 2014-07-24 04:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-15 09:42 - 2014-07-24 04:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-15 09:42 - 2014-07-24 04:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-15 09:42 - 2014-07-24 04:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-15 09:42 - 2014-07-24 03:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-15 09:42 - 2014-07-24 03:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-15 09:42 - 2014-07-24 02:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-15 09:42 - 2014-07-24 02:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-15 09:42 - 2014-07-24 00:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-15 09:42 - 2014-07-24 00:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-15 09:42 - 2014-07-24 00:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-15 09:42 - 2014-07-23 23:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-15 09:42 - 2014-07-23 23:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-15 09:42 - 2014-07-23 22:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 09:42 - 2014-07-23 22:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 09:42 - 2014-07-23 22:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-15 09:42 - 2014-07-23 22:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 09:42 - 2014-07-23 22:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-15 09:42 - 2014-07-23 21:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-15 09:42 - 2014-07-23 21:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-15 09:42 - 2014-07-23 21:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-15 09:42 - 2014-07-23 21:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-15 09:42 - 2014-07-23 21:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 09:42 - 2014-07-23 21:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-15 09:42 - 2014-07-23 21:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-15 09:42 - 2014-07-23 21:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-15 09:42 - 2014-07-23 21:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-15 09:42 - 2014-07-23 21:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-15 09:42 - 2014-07-23 21:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-15 09:42 - 2014-07-23 21:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-15 09:42 - 2014-07-23 21:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-15 09:42 - 2014-07-23 21:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-15 09:42 - 2014-07-23 20:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-15 09:42 - 2014-07-23 20:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-15 09:42 - 2014-07-23 20:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-15 09:42 - 2014-07-23 20:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-15 09:42 - 2014-07-23 20:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-15 09:42 - 2014-07-23 20:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-15 09:42 - 2014-07-23 20:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-15 09:42 - 2014-07-23 20:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-15 09:42 - 2014-07-23 20:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-15 09:42 - 2014-07-03 22:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-15 09:42 - 2014-07-03 22:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-15 09:42 - 2014-06-25 13:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-15 09:42 - 2014-06-18 15:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-15 09:42 - 2014-06-13 19:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-15 09:42 - 2014-06-13 18:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-15 09:42 - 2014-06-04 23:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-15 09:42 - 2014-06-04 22:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-15 09:42 - 2014-05-05 17:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-15 09:42 - 2014-05-05 13:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-15 09:41 - 2014-07-24 04:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-15 09:41 - 2014-07-24 04:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-15 09:41 - 2014-07-24 04:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-15 09:41 - 2014-07-24 04:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-15 09:41 - 2014-07-24 04:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-15 09:41 - 2014-07-24 04:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-15 09:41 - 2014-07-24 04:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 09:41 - 2014-07-24 04:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-15 09:41 - 2014-07-24 04:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-15 09:41 - 2014-07-24 04:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-15 09:41 - 2014-07-24 04:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-15 09:41 - 2014-07-24 04:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-15 09:41 - 2014-07-24 04:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-15 09:41 - 2014-07-24 04:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-15 09:41 - 2014-07-24 02:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-15 09:41 - 2014-07-24 02:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-15 09:41 - 2014-07-24 02:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-15 09:41 - 2014-07-24 02:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-15 09:41 - 2014-07-24 00:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 09:41 - 2014-07-24 00:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-15 09:41 - 2014-07-24 00:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-15 09:41 - 2014-07-24 00:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-15 09:41 - 2014-07-24 00:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-15 09:41 - 2014-07-24 00:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-15 09:41 - 2014-07-24 00:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-15 09:41 - 2014-07-24 00:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-15 09:41 - 2014-07-24 00:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-15 09:41 - 2014-07-24 00:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-15 09:41 - 2014-07-24 00:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-15 09:41 - 2014-07-23 23:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-15 09:41 - 2014-07-23 23:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 09:41 - 2014-07-23 23:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-15 09:41 - 2014-07-23 23:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-15 09:41 - 2014-07-23 23:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-15 09:41 - 2014-07-23 23:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-15 09:41 - 2014-07-23 23:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-15 09:41 - 2014-07-23 23:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-15 09:41 - 2014-07-23 23:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-15 09:41 - 2014-07-23 23:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-15 09:41 - 2014-07-23 23:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-15 09:41 - 2014-07-23 23:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 09:41 - 2014-07-23 22:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-15 09:41 - 2014-07-23 22:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-15 09:41 - 2014-07-23 22:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-15 09:41 - 2014-07-23 22:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-15 09:41 - 2014-07-23 22:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-15 09:41 - 2014-07-23 22:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-15 09:41 - 2014-07-23 22:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-15 09:41 - 2014-07-23 22:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-15 09:41 - 2014-07-23 22:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-15 09:41 - 2014-07-23 22:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-15 09:41 - 2014-07-23 22:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-15 09:41 - 2014-07-23 22:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-15 09:41 - 2014-07-23 22:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-15 09:41 - 2014-07-23 22:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-15 09:41 - 2014-07-23 22:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-15 09:41 - 2014-07-23 22:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-15 09:41 - 2014-07-23 22:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-15 09:41 - 2014-07-23 22:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-15 09:41 - 2014-07-23 22:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-15 09:41 - 2014-07-23 22:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-15 09:41 - 2014-07-23 21:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-15 09:41 - 2014-07-23 21:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-15 09:41 - 2014-07-23 21:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-15 09:41 - 2014-07-23 21:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-15 09:41 - 2014-07-23 21:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-15 09:41 - 2014-07-23 21:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 09:41 - 2014-07-23 21:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-15 09:41 - 2014-07-23 21:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-15 09:41 - 2014-07-23 21:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-15 09:41 - 2014-07-23 21:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-15 09:41 - 2014-07-23 21:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-15 09:41 - 2014-07-23 21:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-15 09:41 - 2014-07-23 21:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-15 09:41 - 2014-07-23 21:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-15 09:41 - 2014-07-23 21:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-15 09:41 - 2014-07-23 21:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-15 09:41 - 2014-07-23 21:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-15 09:41 - 2014-07-23 21:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-15 09:41 - 2014-07-23 21:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-15 09:41 - 2014-07-23 21:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-15 09:41 - 2014-07-23 21:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-15 09:41 - 2014-07-23 21:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-15 09:41 - 2014-07-23 21:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-15 09:41 - 2014-07-23 21:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-15 09:41 - 2014-07-23 21:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-15 09:41 - 2014-07-23 21:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-15 09:41 - 2014-07-23 21:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-15 09:41 - 2014-07-23 21:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-15 09:41 - 2014-07-23 20:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-15 09:41 - 2014-07-23 20:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-15 09:41 - 2014-07-23 20:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-15 09:41 - 2014-07-23 20:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-15 09:41 - 2014-07-23 20:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-15 09:41 - 2014-07-23 20:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-15 09:41 - 2014-07-23 20:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-15 09:41 - 2014-07-23 20:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-15 09:41 - 2014-07-23 20:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-15 09:41 - 2014-07-23 20:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-15 09:41 - 2014-07-23 17:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 09:41 - 2014-07-23 17:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-15 09:41 - 2014-07-11 18:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-15 09:41 - 2014-07-11 17:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-15 09:41 - 2014-07-11 17:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-15 09:41 - 2014-07-04 01:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-15 09:41 - 2014-07-03 23:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-15 09:41 - 2014-07-03 23:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-15 09:41 - 2014-07-03 23:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-15 09:41 - 2014-07-03 23:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-15 09:41 - 2014-06-26 19:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-15 09:41 - 2014-06-25 13:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-15 09:41 - 2014-06-19 12:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-15 09:41 - 2014-06-07 01:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-15 09:41 - 2014-06-06 23:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-15 09:41 - 2014-06-05 03:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-15 09:41 - 2014-05-30 18:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-15 09:41 - 2014-05-30 17:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-15 09:41 - 2014-05-28 19:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-15 09:41 - 2014-05-28 18:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-15 09:41 - 2014-05-28 18:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-15 09:41 - 2014-05-28 17:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-15 09:41 - 2014-05-25 20:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-15 09:41 - 2014-05-09 23:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-15 09:41 - 2014-05-09 21:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-15 09:41 - 2014-03-24 15:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-15 09:41 - 2014-03-24 15:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-15 09:41 - 2014-03-24 14:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-15 09:41 - 2014-03-24 14:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-15 09:40 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-15 09:40 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 09:40 - 2014-07-24 00:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-15 09:40 - 2014-07-24 00:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-15 09:40 - 2014-07-24 00:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-15 09:40 - 2014-07-23 23:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 09:40 - 2014-07-23 23:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-15 09:40 - 2014-07-23 23:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 09:40 - 2014-07-23 23:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 09:40 - 2014-07-23 23:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 09:40 - 2014-07-23 23:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 09:40 - 2014-07-23 22:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-15 09:40 - 2014-07-23 22:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-15 09:40 - 2014-07-23 21:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-15 09:40 - 2014-07-23 21:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 09:40 - 2014-07-23 21:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-15 09:40 - 2014-07-23 21:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-15 09:40 - 2014-07-23 21:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-15 09:40 - 2014-07-23 21:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 09:40 - 2014-07-23 21:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-15 09:40 - 2014-07-23 21:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 09:40 - 2014-07-11 18:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-15 09:40 - 2014-07-11 17:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-15 09:40 - 2014-07-09 12:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-15 09:32 - 2014-08-14 13:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-12 13:59 - 2014-08-15 14:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 13:59 - 2014-08-15 14:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 13:59 - 2014-08-15 14:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 13:59 - 2014-08-15 14:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 13:59 - 2014-08-15 14:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 13:59 - 2014-08-15 14:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 13:59 - 2014-08-15 14:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 13:59 - 2014-08-15 14:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 13:59 - 2014-08-15 14:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 13:59 - 2014-08-15 14:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 13:59 - 2014-08-15 14:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 13:59 - 2014-08-15 14:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 13:59 - 2014-08-15 14:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 13:59 - 2014-08-15 13:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 13:59 - 2014-08-15 13:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 13:59 - 2014-08-15 13:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 13:59 - 2014-08-15 13:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 13:59 - 2014-05-29 22:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 13:59 - 2014-05-29 21:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 13:58 - 2014-08-15 15:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 13:58 - 2014-08-15 15:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 13:58 - 2014-08-15 15:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 13:58 - 2014-08-15 15:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 13:58 - 2014-08-15 14:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 13:58 - 2014-08-15 14:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 13:58 - 2014-08-15 14:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 13:58 - 2014-08-15 14:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 13:58 - 2014-08-15 13:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 13:58 - 2014-08-15 13:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 13:58 - 2014-08-15 13:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 13:58 - 2014-08-15 13:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 13:58 - 2014-08-15 13:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 13:58 - 2014-08-15 13:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 13:58 - 2014-08-15 13:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 13:58 - 2014-08-15 13:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 13:58 - 2014-08-15 13:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 13:58 - 2014-08-15 13:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 10:32 - 2014-08-01 13:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-12 10:31 - 2014-09-04 15:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-12 10:31 - 2014-09-04 15:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 10:31 - 2014-09-04 13:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 10:31 - 2014-07-23 16:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-12 10:31 - 2014-07-23 16:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 16:39 - 2014-09-11 16:40 - 05238582 _____ () C:\Users\Kelsey\Desktop\pf7-setup-en.exe
2014-09-01 09:58 - 2014-09-01 09:58 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library (1).itl
2014-09-01 09:56 - 2014-09-01 09:56 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library.itl
2014-09-01 09:02 - 2014-09-01 09:03 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-01 09:02 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-09-01 09:01 - 2014-09-01 09:02 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-01 09:01 - 2014-09-01 09:02 - 00000000 ____D () C:\Program Files\iTunes
2014-09-01 09:01 - 2014-09-01 09:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files\iPod
2014-09-01 09:00 - 2014-09-01 09:00 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-01 08:59 - 2014-09-01 09:00 - 00000000 ____D () C:\ProgramData\Apple
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-01 08:57 - 2014-09-01 08:58 - 113492816 _____ (Apple Inc.) C:\Users\Kelsey\Downloads\iTunes64Setup.exe
2014-08-28 00:31 - 2014-08-22 13:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 00:31 - 2014-08-06 15:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 00:31 - 2014-08-01 16:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 12:38 - 2014-09-25 12:37 - 00011933 _____ () C:\Users\Kelsey\Downloads\FRST.txt
2014-09-25 12:37 - 2014-09-25 12:36 - 00000000 ____D () C:\FRST
2014-09-25 12:35 - 2014-09-25 12:35 - 02106880 _____ (Farbar) C:\Users\Kelsey\Downloads\FRST64.exe
2014-09-25 12:35 - 2014-06-10 19:17 - 01220284 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 12:34 - 2014-09-24 10:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 12:32 - 2014-09-25 12:32 - 00001507 _____ () C:\Users\Kelsey\Desktop\JRT.txt
2014-09-25 12:27 - 2014-09-25 12:27 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 12:22 - 2014-08-16 07:05 - 00000000 ___DO () C:\Users\Kelsey\OneDrive
2014-09-25 12:22 - 2014-08-16 07:03 - 00000074 _____ () C:\Users\Kelsey\AppData\Roaming\sp_data.sys
2014-09-25 12:21 - 2014-09-21 15:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 12:20 - 2014-09-23 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 12:20 - 2014-03-17 22:39 - 00007834 _____ () C:\Windows\PFRO.log
2014-09-25 12:20 - 2013-08-22 03:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 12:20 - 2013-08-22 02:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-25 12:19 - 2014-09-25 01:48 - 00000000 ____D () C:\AdwCleaner
2014-09-25 12:00 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-25 11:58 - 2014-09-25 11:58 - 01024790 _____ (Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
2014-09-25 11:38 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-25 11:14 - 2014-09-25 11:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kelsey\Downloads\tdsskiller.exe
2014-09-25 07:39 - 2014-08-16 07:43 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{099FC3AF-D0CB-4CC8-A360-C9E99D3D5F45}
2014-09-25 04:09 - 2014-08-16 14:47 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Skype
2014-09-25 01:46 - 2014-09-25 01:46 - 01373475 _____ () C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
2014-09-25 00:10 - 2014-09-25 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 23:48 - 2014-09-24 23:48 - 00000000 ____D () C:\Users\Kelsey\Desktop\Old Firefox Data
2014-09-24 14:46 - 2013-08-22 04:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-24 14:44 - 2014-08-16 07:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1984596698-3233877183-1367041420-1001
2014-09-24 10:20 - 2014-09-24 10:20 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Macromedia
2014-09-24 10:19 - 2014-09-24 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 10:19 - 2014-09-24 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-24 10:19 - 2014-09-24 10:18 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Adobe
2014-09-23 16:00 - 2014-08-16 07:48 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Google
2014-09-23 16:00 - 2014-08-16 07:48 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-23 15:56 - 2014-09-23 15:56 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-22 14:02 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\rescache
2014-09-22 07:44 - 2014-09-22 07:44 - 00002259 _____ () C:\Windows\epplauncher.mif
2014-09-22 07:40 - 2014-09-22 07:35 - 14087848 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall (1).exe
2014-09-22 07:37 - 2014-09-22 07:35 - 11447608 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall.exe
2014-09-22 07:07 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\Registration
2014-09-22 06:43 - 2014-03-17 22:47 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 06:41 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-21 19:42 - 2014-08-16 07:28 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 15:35 - 2014-09-21 15:35 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-21 15:34 - 2014-09-21 15:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kelsey\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 04:36 - 2013-08-22 03:44 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 04:27 - 2014-09-21 04:26 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\Program Files (x86)\AdFender
2014-09-21 04:25 - 2014-09-21 04:24 - 02735032 _____ (AdFender, Inc.) C:\Users\Kelsey\Downloads\Setup.exe
2014-09-20 04:57 - 2014-09-20 04:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-20 04:57 - 2014-08-16 14:47 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-20 04:57 - 2014-08-16 14:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-20 04:57 - 2014-08-16 14:47 - 00000000 ____D () C:\ProgramData\Skype
2014-09-20 04:50 - 2014-03-17 22:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-20 04:50 - 2013-08-22 02:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-20 02:08 - 2014-08-18 10:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-20 02:01 - 2014-08-18 10:59 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-18 05:34 - 2014-08-24 09:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-14 15:39 - 2014-08-21 10:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 13:59 - 2014-04-18 12:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 13:59 - 2014-04-18 12:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 13:59 - 2014-04-18 12:43 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 13:59 - 2014-04-18 12:43 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 13:59 - 2014-04-18 12:43 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 13:59 - 2014-04-18 12:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 16:40 - 2014-09-11 16:39 - 05238582 _____ () C:\Users\Kelsey\Desktop\pf7-setup-en.exe
2014-09-07 15:30 - 2014-08-24 09:16 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 15:29 - 2014-08-24 09:19 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Origin
2014-09-04 15:36 - 2014-09-12 10:31 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-04 15:31 - 2014-09-12 10:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 13:48 - 2014-09-12 10:31 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-02 09:06 - 2014-08-21 10:52 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 09:06 - 2014-08-21 10:52 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 09:58 - 2014-09-01 09:58 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library (1).itl
2014-09-01 09:56 - 2014-09-01 09:56 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library.itl
2014-09-01 09:03 - 2014-09-01 09:02 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-01 09:02 - 2014-09-01 09:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-01 09:02 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files\iTunes
2014-09-01 09:02 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files\iPod
2014-09-01 09:00 - 2014-09-01 09:00 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-01 09:00 - 2014-09-01 08:59 - 00000000 ____D () C:\ProgramData\Apple
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-01 08:58 - 2014-09-01 08:57 - 113492816 _____ (Apple Inc.) C:\Users\Kelsey\Downloads\iTunes64Setup.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Kelsey\AppData\Local\Temp\Quarantine.exe
C:\Users\Kelsey\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-21 06:11

==================== End Of Log ============================

Link to post
Share on other sites

Hello, 
 
No problem about the log. 
They look pretty good. :)
 
Please look at the following report on the IP addresses below. Do you recognise anything?

  • 208.69.150.252
  • 208.69.150.250
     

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • (!) Navigate to C:\Users\Kelsey\Downloads. Cut FRST64.exe and paste onto your Desktop.
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    startFile: C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dllFile: C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dllC:\ProgramData\SetStretch.exeC:\ProgramData\SetStretch.VBSCMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: bitsadmin /reset /allusersEmptyTemp:end
  • Click File, Save As and type fixlist.txt as the File Name.
  • Important: The file must be saved in the same location as FRST64.exe.

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

Please provide an update on your computer after carrying out the instructions above. Are there any outstanding issues?

Link to post
Share on other sites

Here's the log;

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Kelsey (administrator) on ROCKET on 25-09-2014 13:29:52
Running from C:\Users\Kelsey\Desktop
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHWA.EXE
(AOL Inc.) C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AdFender, Inc.) C:\Program Files (x86)\AdFender\AdFender.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-24] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [AIM for Windows] => C:\Users\Kelsey\AppData\Local\AOL\AIM\aim.exe [1075144 2014-02-04] (AOL Inc.)
HKU\S-1-5-21-1984596698-3233877183-1367041420-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA0793E948FD7CF01
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{22E7428A-D459-4ABD-AC59-50051B78086C}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5930C68C-6818-4556-90A6-F28B141CBA7F}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{DC9548E0-34DC-4B41-BCC4-42F9A6ABB174}: [NameServer] 208.69.150.252,208.69.150.250

FireFox:
========
FF ProfilePath: C:\Users\Kelsey\AppData\Roaming\Mozilla\Firefox\Profiles\qxdx0cjx.default-1411642132038
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-24] (ASUS Cloud Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S1 MpKslec46e7a9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA68BD0B-9EAA-4970-8C89-C4F13587F6FE}\MpKslec46e7a9.sys [X]
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 13:29 - 2014-09-25 13:29 - 00011886 _____ () C:\Users\Kelsey\Desktop\FRST.txt
2014-09-25 13:29 - 2014-09-25 13:29 - 00000308 _____ () C:\Users\Kelsey\Downloads\fixlist.text
2014-09-25 12:40 - 2014-09-25 12:41 - 00019746 _____ () C:\Users\Kelsey\Downloads\Addition.txt
2014-09-25 12:37 - 2014-09-25 12:41 - 00062185 _____ () C:\Users\Kelsey\Downloads\FRST.txt
2014-09-25 12:36 - 2014-09-25 13:29 - 00000000 ____D () C:\FRST
2014-09-25 12:35 - 2014-09-25 12:35 - 02106880 _____ (Farbar) C:\Users\Kelsey\Desktop\FRST64.exe
2014-09-25 12:32 - 2014-09-25 12:32 - 00001507 _____ () C:\Users\Kelsey\Desktop\JRT.txt
2014-09-25 12:27 - 2014-09-25 12:27 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 11:58 - 2014-09-25 11:58 - 01024790 _____ (Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
2014-09-25 11:14 - 2014-09-25 11:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kelsey\Downloads\tdsskiller.exe
2014-09-25 01:48 - 2014-09-25 12:19 - 00000000 ____D () C:\AdwCleaner
2014-09-25 01:46 - 2014-09-25 01:46 - 01373475 _____ () C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
2014-09-25 00:09 - 2014-09-25 00:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 23:48 - 2014-09-24 23:48 - 00000000 ____D () C:\Users\Kelsey\Desktop\Old Firefox Data
2014-09-24 10:20 - 2014-09-24 10:20 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Macromedia
2014-09-24 10:19 - 2014-09-25 12:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 10:19 - 2014-09-24 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 10:19 - 2014-09-24 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-24 10:18 - 2014-09-24 10:19 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Adobe
2014-09-23 15:56 - 2014-09-25 12:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-23 15:56 - 2014-09-23 15:56 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-22 07:44 - 2014-09-22 07:44 - 00002259 _____ () C:\Windows\epplauncher.mif
2014-09-22 07:35 - 2014-09-22 07:40 - 14087848 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall (1).exe
2014-09-22 07:35 - 2014-09-22 07:37 - 11447608 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall.exe
2014-09-21 15:35 - 2014-09-25 12:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 15:35 - 2014-09-21 15:35 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-21 15:35 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-21 15:35 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-21 15:35 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-21 15:33 - 2014-09-21 15:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kelsey\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 04:26 - 2014-09-21 04:27 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\Program Files (x86)\AdFender
2014-09-21 04:24 - 2014-09-21 04:25 - 02735032 _____ (AdFender, Inc.) C:\Users\Kelsey\Downloads\Setup.exe
2014-09-20 04:57 - 2014-09-20 04:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-15 09:43 - 2014-08-22 20:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-15 09:43 - 2014-08-22 20:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-15 09:43 - 2014-08-22 19:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 09:43 - 2014-08-22 18:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 09:43 - 2014-08-22 17:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-15 09:43 - 2014-08-22 17:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-15 09:43 - 2014-08-22 17:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-15 09:43 - 2014-08-22 17:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-15 09:43 - 2014-08-22 17:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-15 09:43 - 2014-07-29 14:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-15 09:43 - 2014-07-28 18:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-15 09:42 - 2014-07-24 04:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-15 09:42 - 2014-07-24 04:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-15 09:42 - 2014-07-24 04:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-15 09:42 - 2014-07-24 04:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-15 09:42 - 2014-07-24 04:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-15 09:42 - 2014-07-24 04:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 09:42 - 2014-07-24 04:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-15 09:42 - 2014-07-24 04:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-15 09:42 - 2014-07-24 04:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-15 09:42 - 2014-07-24 04:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-15 09:42 - 2014-07-24 04:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-15 09:42 - 2014-07-24 03:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-15 09:42 - 2014-07-24 03:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-15 09:42 - 2014-07-24 02:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-15 09:42 - 2014-07-24 02:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-15 09:42 - 2014-07-24 02:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-15 09:42 - 2014-07-24 00:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-15 09:42 - 2014-07-24 00:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-15 09:42 - 2014-07-24 00:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-15 09:42 - 2014-07-23 23:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-15 09:42 - 2014-07-23 23:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-15 09:42 - 2014-07-23 22:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 09:42 - 2014-07-23 22:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 09:42 - 2014-07-23 22:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-15 09:42 - 2014-07-23 22:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 09:42 - 2014-07-23 22:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-15 09:42 - 2014-07-23 21:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-15 09:42 - 2014-07-23 21:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-15 09:42 - 2014-07-23 21:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-15 09:42 - 2014-07-23 21:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-15 09:42 - 2014-07-23 21:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 09:42 - 2014-07-23 21:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-15 09:42 - 2014-07-23 21:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-15 09:42 - 2014-07-23 21:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-15 09:42 - 2014-07-23 21:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-15 09:42 - 2014-07-23 21:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-15 09:42 - 2014-07-23 21:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-15 09:42 - 2014-07-23 21:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-15 09:42 - 2014-07-23 21:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-15 09:42 - 2014-07-23 21:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-15 09:42 - 2014-07-23 20:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-15 09:42 - 2014-07-23 20:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-15 09:42 - 2014-07-23 20:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-15 09:42 - 2014-07-23 20:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-15 09:42 - 2014-07-23 20:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-15 09:42 - 2014-07-23 20:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-15 09:42 - 2014-07-23 20:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-15 09:42 - 2014-07-23 20:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-15 09:42 - 2014-07-23 20:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-15 09:42 - 2014-07-03 22:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-15 09:42 - 2014-07-03 22:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-15 09:42 - 2014-06-25 13:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-15 09:42 - 2014-06-18 15:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-15 09:42 - 2014-06-13 19:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-15 09:42 - 2014-06-13 18:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-15 09:42 - 2014-06-04 23:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-15 09:42 - 2014-06-04 22:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-15 09:42 - 2014-05-05 17:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-15 09:42 - 2014-05-05 13:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-15 09:41 - 2014-07-24 04:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-15 09:41 - 2014-07-24 04:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-15 09:41 - 2014-07-24 04:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-15 09:41 - 2014-07-24 04:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-15 09:41 - 2014-07-24 04:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-15 09:41 - 2014-07-24 04:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-15 09:41 - 2014-07-24 04:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 09:41 - 2014-07-24 04:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-15 09:41 - 2014-07-24 04:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-15 09:41 - 2014-07-24 04:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-15 09:41 - 2014-07-24 04:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-15 09:41 - 2014-07-24 04:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-15 09:41 - 2014-07-24 04:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-15 09:41 - 2014-07-24 04:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-15 09:41 - 2014-07-24 02:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-15 09:41 - 2014-07-24 02:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-15 09:41 - 2014-07-24 02:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-15 09:41 - 2014-07-24 02:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-15 09:41 - 2014-07-24 00:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 09:41 - 2014-07-24 00:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 09:41 - 2014-07-24 00:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-15 09:41 - 2014-07-24 00:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-15 09:41 - 2014-07-24 00:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-15 09:41 - 2014-07-24 00:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-15 09:41 - 2014-07-24 00:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-15 09:41 - 2014-07-24 00:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-15 09:41 - 2014-07-24 00:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-15 09:41 - 2014-07-24 00:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-15 09:41 - 2014-07-24 00:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-15 09:41 - 2014-07-24 00:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-15 09:41 - 2014-07-23 23:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-15 09:41 - 2014-07-23 23:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 09:41 - 2014-07-23 23:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-15 09:41 - 2014-07-23 23:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-15 09:41 - 2014-07-23 23:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-15 09:41 - 2014-07-23 23:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-15 09:41 - 2014-07-23 23:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-15 09:41 - 2014-07-23 23:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-15 09:41 - 2014-07-23 23:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-15 09:41 - 2014-07-23 23:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-15 09:41 - 2014-07-23 23:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-15 09:41 - 2014-07-23 23:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 09:41 - 2014-07-23 22:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-15 09:41 - 2014-07-23 22:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-15 09:41 - 2014-07-23 22:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-15 09:41 - 2014-07-23 22:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-15 09:41 - 2014-07-23 22:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-15 09:41 - 2014-07-23 22:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-15 09:41 - 2014-07-23 22:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-15 09:41 - 2014-07-23 22:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-15 09:41 - 2014-07-23 22:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-15 09:41 - 2014-07-23 22:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-15 09:41 - 2014-07-23 22:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-15 09:41 - 2014-07-23 22:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-15 09:41 - 2014-07-23 22:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-15 09:41 - 2014-07-23 22:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-15 09:41 - 2014-07-23 22:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-15 09:41 - 2014-07-23 22:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-15 09:41 - 2014-07-23 22:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-15 09:41 - 2014-07-23 22:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-15 09:41 - 2014-07-23 22:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-15 09:41 - 2014-07-23 22:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-15 09:41 - 2014-07-23 21:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-15 09:41 - 2014-07-23 21:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-15 09:41 - 2014-07-23 21:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-15 09:41 - 2014-07-23 21:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-15 09:41 - 2014-07-23 21:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-15 09:41 - 2014-07-23 21:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 09:41 - 2014-07-23 21:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-15 09:41 - 2014-07-23 21:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-15 09:41 - 2014-07-23 21:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-15 09:41 - 2014-07-23 21:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-15 09:41 - 2014-07-23 21:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-15 09:41 - 2014-07-23 21:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-15 09:41 - 2014-07-23 21:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-15 09:41 - 2014-07-23 21:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-15 09:41 - 2014-07-23 21:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-15 09:41 - 2014-07-23 21:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-15 09:41 - 2014-07-23 21:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-15 09:41 - 2014-07-23 21:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-15 09:41 - 2014-07-23 21:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-15 09:41 - 2014-07-23 21:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-15 09:41 - 2014-07-23 21:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-15 09:41 - 2014-07-23 21:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-15 09:41 - 2014-07-23 21:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-15 09:41 - 2014-07-23 21:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-15 09:41 - 2014-07-23 21:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-15 09:41 - 2014-07-23 21:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-15 09:41 - 2014-07-23 21:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-15 09:41 - 2014-07-23 21:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-15 09:41 - 2014-07-23 20:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-15 09:41 - 2014-07-23 20:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-15 09:41 - 2014-07-23 20:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-15 09:41 - 2014-07-23 20:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-15 09:41 - 2014-07-23 20:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-15 09:41 - 2014-07-23 20:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-15 09:41 - 2014-07-23 20:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-15 09:41 - 2014-07-23 20:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-15 09:41 - 2014-07-23 20:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-15 09:41 - 2014-07-23 20:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-15 09:41 - 2014-07-23 17:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 09:41 - 2014-07-23 17:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-15 09:41 - 2014-07-11 18:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-15 09:41 - 2014-07-11 17:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-15 09:41 - 2014-07-11 17:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-15 09:41 - 2014-07-04 01:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-15 09:41 - 2014-07-03 23:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-15 09:41 - 2014-07-03 23:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-15 09:41 - 2014-07-03 23:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-15 09:41 - 2014-07-03 23:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-15 09:41 - 2014-06-26 19:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-15 09:41 - 2014-06-25 13:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-15 09:41 - 2014-06-19 12:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-15 09:41 - 2014-06-07 01:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-15 09:41 - 2014-06-06 23:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-15 09:41 - 2014-06-05 03:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-15 09:41 - 2014-05-30 18:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-15 09:41 - 2014-05-30 17:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-15 09:41 - 2014-05-28 19:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-15 09:41 - 2014-05-28 18:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-15 09:41 - 2014-05-28 18:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-15 09:41 - 2014-05-28 17:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-15 09:41 - 2014-05-25 20:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-15 09:41 - 2014-05-09 23:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-15 09:41 - 2014-05-09 21:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-15 09:41 - 2014-03-24 15:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-15 09:41 - 2014-03-24 15:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-15 09:41 - 2014-03-24 14:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-15 09:41 - 2014-03-24 14:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-15 09:40 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-15 09:40 - 2014-07-24 00:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 09:40 - 2014-07-24 00:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-15 09:40 - 2014-07-24 00:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-15 09:40 - 2014-07-24 00:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-15 09:40 - 2014-07-23 23:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 09:40 - 2014-07-23 23:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-15 09:40 - 2014-07-23 23:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 09:40 - 2014-07-23 23:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 09:40 - 2014-07-23 23:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 09:40 - 2014-07-23 23:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 09:40 - 2014-07-23 22:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-15 09:40 - 2014-07-23 22:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-15 09:40 - 2014-07-23 21:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-15 09:40 - 2014-07-23 21:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 09:40 - 2014-07-23 21:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-15 09:40 - 2014-07-23 21:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-15 09:40 - 2014-07-23 21:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-15 09:40 - 2014-07-23 21:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 09:40 - 2014-07-23 21:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-15 09:40 - 2014-07-23 21:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 09:40 - 2014-07-11 18:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-15 09:40 - 2014-07-11 17:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-15 09:40 - 2014-07-09 12:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-15 09:32 - 2014-08-14 13:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-12 13:59 - 2014-08-15 14:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 13:59 - 2014-08-15 14:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 13:59 - 2014-08-15 14:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 13:59 - 2014-08-15 14:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 13:59 - 2014-08-15 14:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 13:59 - 2014-08-15 14:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 13:59 - 2014-08-15 14:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 13:59 - 2014-08-15 14:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 13:59 - 2014-08-15 14:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 13:59 - 2014-08-15 14:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 13:59 - 2014-08-15 14:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 13:59 - 2014-08-15 14:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 13:59 - 2014-08-15 14:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 13:59 - 2014-08-15 13:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 13:59 - 2014-08-15 13:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 13:59 - 2014-08-15 13:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 13:59 - 2014-08-15 13:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 13:59 - 2014-05-29 22:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 13:59 - 2014-05-29 21:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 13:58 - 2014-08-15 15:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 13:58 - 2014-08-15 15:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 13:58 - 2014-08-15 15:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 13:58 - 2014-08-15 15:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 13:58 - 2014-08-15 14:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 13:58 - 2014-08-15 14:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 13:58 - 2014-08-15 14:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 13:58 - 2014-08-15 14:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 13:58 - 2014-08-15 13:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 13:58 - 2014-08-15 13:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 13:58 - 2014-08-15 13:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 13:58 - 2014-08-15 13:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 13:58 - 2014-08-15 13:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 13:58 - 2014-08-15 13:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 13:58 - 2014-08-15 13:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 13:58 - 2014-08-15 13:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 13:58 - 2014-08-15 13:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 13:58 - 2014-08-15 13:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 10:32 - 2014-08-01 13:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-12 10:31 - 2014-09-04 15:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-12 10:31 - 2014-09-04 15:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 10:31 - 2014-09-04 13:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 10:31 - 2014-07-23 16:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-12 10:31 - 2014-07-23 16:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 16:39 - 2014-09-11 16:40 - 05238582 _____ () C:\Users\Kelsey\Desktop\pf7-setup-en.exe
2014-09-01 09:58 - 2014-09-01 09:58 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library (1).itl
2014-09-01 09:56 - 2014-09-01 09:56 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library.itl
2014-09-01 09:02 - 2014-09-01 09:03 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-01 09:02 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-09-01 09:01 - 2014-09-01 09:02 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-01 09:01 - 2014-09-01 09:02 - 00000000 ____D () C:\Program Files\iTunes
2014-09-01 09:01 - 2014-09-01 09:02 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files\iPod
2014-09-01 09:00 - 2014-09-01 09:00 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-01 08:59 - 2014-09-01 09:00 - 00000000 ____D () C:\ProgramData\Apple
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-01 08:57 - 2014-09-01 08:58 - 113492816 _____ (Apple Inc.) C:\Users\Kelsey\Downloads\iTunes64Setup.exe
2014-08-28 00:31 - 2014-08-22 13:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 00:31 - 2014-08-06 15:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 00:31 - 2014-08-01 16:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 13:30 - 2014-09-25 13:29 - 00011886 _____ () C:\Users\Kelsey\Desktop\FRST.txt
2014-09-25 13:29 - 2014-09-25 13:29 - 00000308 _____ () C:\Users\Kelsey\Downloads\fixlist.text
2014-09-25 13:29 - 2014-09-25 12:36 - 00000000 ____D () C:\FRST
2014-09-25 13:00 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-25 12:41 - 2014-09-25 12:40 - 00019746 _____ () C:\Users\Kelsey\Downloads\Addition.txt
2014-09-25 12:41 - 2014-09-25 12:37 - 00062185 _____ () C:\Users\Kelsey\Downloads\FRST.txt
2014-09-25 12:35 - 2014-09-25 12:35 - 02106880 _____ (Farbar) C:\Users\Kelsey\Desktop\FRST64.exe
2014-09-25 12:35 - 2014-06-10 19:17 - 01220284 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 12:34 - 2014-09-24 10:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 12:32 - 2014-09-25 12:32 - 00001507 _____ () C:\Users\Kelsey\Desktop\JRT.txt
2014-09-25 12:27 - 2014-09-25 12:27 - 00000000 ____D () C:\Windows\ERUNT
2014-09-25 12:22 - 2014-08-16 07:05 - 00000000 ___DO () C:\Users\Kelsey\OneDrive
2014-09-25 12:22 - 2014-08-16 07:03 - 00000074 _____ () C:\Users\Kelsey\AppData\Roaming\sp_data.sys
2014-09-25 12:21 - 2014-09-21 15:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 12:20 - 2014-09-23 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 12:20 - 2014-03-17 22:39 - 00007834 _____ () C:\Windows\PFRO.log
2014-09-25 12:20 - 2013-08-22 03:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 12:20 - 2013-08-22 02:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-25 12:19 - 2014-09-25 01:48 - 00000000 ____D () C:\AdwCleaner
2014-09-25 11:58 - 2014-09-25 11:58 - 01024790 _____ (Thisisu) C:\Users\Kelsey\Downloads\JRT.exe
2014-09-25 11:38 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-25 11:14 - 2014-09-25 11:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kelsey\Downloads\tdsskiller.exe
2014-09-25 07:39 - 2014-08-16 07:43 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{099FC3AF-D0CB-4CC8-A360-C9E99D3D5F45}
2014-09-25 04:09 - 2014-08-16 14:47 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Skype
2014-09-25 01:46 - 2014-09-25 01:46 - 01373475 _____ () C:\Users\Kelsey\Downloads\adwcleaner_3.310.exe
2014-09-25 00:10 - 2014-09-25 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 23:48 - 2014-09-24 23:48 - 00000000 ____D () C:\Users\Kelsey\Desktop\Old Firefox Data
2014-09-24 14:46 - 2013-08-22 04:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-24 14:44 - 2014-08-16 07:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1984596698-3233877183-1367041420-1001
2014-09-24 10:20 - 2014-09-24 10:20 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Macromedia
2014-09-24 10:19 - 2014-09-24 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 10:19 - 2014-09-24 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-24 10:19 - 2014-09-24 10:18 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Adobe
2014-09-23 16:00 - 2014-08-16 07:48 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Google
2014-09-23 16:00 - 2014-08-16 07:48 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-23 15:56 - 2014-09-23 15:56 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Mozilla
2014-09-23 15:56 - 2014-09-23 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-22 14:02 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\rescache
2014-09-22 07:44 - 2014-09-22 07:44 - 00002259 _____ () C:\Windows\epplauncher.mif
2014-09-22 07:40 - 2014-09-22 07:35 - 14087848 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall (1).exe
2014-09-22 07:37 - 2014-09-22 07:35 - 11447608 _____ (Microsoft Corporation) C:\Users\Kelsey\Downloads\MSEInstall.exe
2014-09-22 07:07 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\Registration
2014-09-22 06:43 - 2014-03-17 22:47 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 06:41 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-21 19:42 - 2014-08-16 07:28 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 15:35 - 2014-09-21 15:35 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 15:35 - 2014-09-21 15:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-21 15:34 - 2014-09-21 15:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kelsey\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 04:36 - 2013-08-22 03:44 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 04:27 - 2014-09-21 04:26 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\ProgramData\AdFender
2014-09-21 04:26 - 2014-09-21 04:26 - 00000000 ____D () C:\Program Files (x86)\AdFender
2014-09-21 04:25 - 2014-09-21 04:24 - 02735032 _____ (AdFender, Inc.) C:\Users\Kelsey\Downloads\Setup.exe
2014-09-20 04:57 - 2014-09-20 04:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-20 04:57 - 2014-08-16 14:47 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-20 04:57 - 2014-08-16 14:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-20 04:57 - 2014-08-16 14:47 - 00000000 ____D () C:\ProgramData\Skype
2014-09-20 04:50 - 2014-03-17 22:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-20 04:50 - 2013-08-22 04:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-20 04:50 - 2013-08-22 02:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-20 02:08 - 2014-08-18 10:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-20 02:01 - 2014-08-18 10:59 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-18 05:34 - 2014-08-24 09:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-14 15:39 - 2014-08-21 10:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 13:59 - 2014-04-18 12:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 13:59 - 2014-04-18 12:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 13:59 - 2014-04-18 12:43 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 13:59 - 2014-04-18 12:43 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 13:59 - 2014-04-18 12:43 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 13:59 - 2014-04-18 12:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 13:59 - 2014-04-18 12:43 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 16:40 - 2014-09-11 16:39 - 05238582 _____ () C:\Users\Kelsey\Desktop\pf7-setup-en.exe
2014-09-07 15:30 - 2014-08-24 09:16 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 15:29 - 2014-08-24 09:19 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Origin
2014-09-04 15:36 - 2014-09-12 10:31 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-04 15:31 - 2014-09-12 10:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 13:48 - 2014-09-12 10:31 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-02 09:06 - 2014-08-21 10:52 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 09:06 - 2014-08-21 10:52 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 09:58 - 2014-09-01 09:58 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library (1).itl
2014-09-01 09:56 - 2014-09-01 09:56 - 00235398 _____ () C:\Users\Kelsey\Downloads\iTunes+Library.itl
2014-09-01 09:03 - 2014-09-01 09:02 - 00000000 ____D () C:\Users\Kelsey\AppData\Roaming\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple Computer
2014-09-01 09:02 - 2014-09-01 09:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-01 09:02 - 2014-09-01 09:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-01 09:02 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files\iTunes
2014-09-01 09:02 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-01 09:01 - 2014-09-01 09:01 - 00000000 ____D () C:\Program Files\iPod
2014-09-01 09:00 - 2014-09-01 09:00 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Users\Kelsey\AppData\Local\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-01 09:00 - 2014-09-01 09:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-01 09:00 - 2014-09-01 08:59 - 00000000 ____D () C:\ProgramData\Apple
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-01 08:59 - 2014-09-01 08:59 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-01 08:58 - 2014-09-01 08:57 - 113492816 _____ (Apple Inc.) C:\Users\Kelsey\Downloads\iTunes64Setup.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Kelsey\AppData\Local\Temp\Quarantine.exe
C:\Users\Kelsey\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-21 06:11

==================== End Of Log ============================

Link to post
Share on other sites

The IP I don't recognize anything, what am I supposed to be looking for?

So far my computer seems to be back to normal. I searched something, and my browser didn't switch me to Yahoo. It seems to be faster.
The only thing I've noticed is I have Adfender installed on my computer, and it's not blocking ads. Could I have disabled it by mistake?

Link to post
Share on other sites

Fix log, finally! Sorry for the wait!


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-09-2014
Ran by Kelsey at 2014-09-25 13:56:38 Run:1
Running from C:\Users\Kelsey\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
File: C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll
File: C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: bitsadmin /reset /allusers
EmptyTemp:
end
*****************


========================= File: C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll ========================

"C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll" not found.
====== End Of File: ======


========================= File: C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll ========================

"C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll" not found.
====== End Of File: ======

C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh winsock reset all =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 996.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Link to post
Share on other sites

OK! Lets run one final check for remnants. 

 

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    startTcpip\..\Interfaces\{22E7428A-D459-4ABD-AC59-50051B78086C}: [NameServer] 208.69.150.252,208.69.150.250Tcpip\..\Interfaces\{5930C68C-6818-4556-90A6-F28B141CBA7F}: [NameServer] 208.69.150.252,208.69.150.250Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.252,208.69.150.250Tcpip\..\Interfaces\{DC9548E0-34DC-4B41-BCC4-42F9A6ABB174}: [NameServer] 208.69.150.252,208.69.150.250EmptyTemp: end
  • Click File, Save As and type fixlist.txt as the File Name.
  • Important: The file must be saved in the same location as FRST64.exe.

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme.
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points.
  • Click esetExport.png and save the file to your Desktop, naming it something unique such as MyEsetScan.
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • ESET Online Scan log
Link to post
Share on other sites

Good morning.

Okay here is the Fixlog

11:31 PM 9/25/2014Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-09-2014 01
Ran by Kelsey at 2014-09-25 23:28:46 Run:2
Running from C:\Users\Kelsey\Desktop
Loaded Profile: Kelsey (Available profiles: Kelsey)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
Tcpip\..\Interfaces\{22E7428A-D459-4ABD-AC59-50051B78086C}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5930C68C-6818-4556-90A6-F28B141CBA7F}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{DC9548E0-34DC-4B41-BCC4-42F9A6ABB174}: [NameServer] 208.69.150.252,208.69.150.250
EmptyTemp:
end
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{22E7428A-D459-4ABD-AC59-50051B78086C}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5930C68C-6818-4556-90A6-F28B141CBA7F}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DC9548E0-34DC-4B41-BCC4-42F9A6ABB174}\\NameServer => value deleted successfully.
EmptyTemp: => Removed 71 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====



I am about to run the second scan now.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.