Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

I think something is wrong?

0
0
I forgot to answer your questions:

I was using FireFox when I get these errors, so yea, it was while I was on the internet.

The only program I had open when MBAM gave me an alert was FireFox.No P2P programs or anything else.

possible virus/malware

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Enterprise, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz, Intel64 Family 6 Model 23 Stepping 6
Processor Count: 2
RAM: 2022 Mb
Graphics Card: Mobile Intel(R) 965 Express Chipset Family, 384 Mb
Hard Drives: C: Total - 97471 MB, Free - 22482 MB;
Motherboard: LENOVO, 7733UN2
Antivirus: Symantec Endpoint Protection, Updated and Enabled

My Computer runs very slow in all aspects (startup, web browsing, opening programs, downloads etc). It takes on average 5-10 minutes to startup and when browsing the web I consistently run into problems opening pages, my browser will either say it is unable to connect to the internet when it is connected or it will say webpage is not available. it always takes at least a minute to load a webpage and pictures and videos will not load that used to load easily before. I also run into a few programs that crash or will not open at all, all of which used to open easily. I have tried to disable a few programs in startup and have attempted to run a few diagnostics but I am stuck and don't know what to do. I believe my anti virus is still current but I have not gotten anything that ended up taking action on a virus or anything like that. Please help to revive my laptop. Thanks in advanced.

Access Violation at address XXXX / WXP

0
0
Every time I leave my desktop alone for any length of time (more than 5-10min), when I return to it, I have many, many windows open that state:
Access violation at address 13183580 in Module '10LOSM~1.DLL' Read address of XXXXX (didn't get this part - let me know if it's important and I'll include it)

Will appreciate any help you can give me. Here's the results of TSG utility:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel Pentium III Xeon processor, x86 Family 6 Model 23 Stepping 6
Processor Count: 2
RAM: 3061 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 128 Mb
Hard Drives: C: Total - 473493 MB, Free - 413286 MB;
Motherboard: Dell Inc., 0RY007
Antivirus: Norton Security Suite, Updated: Yes, On-Demand Scanner: Enabled

Help!!!

0
0
First of all, I'm a total newb. I don't know how to back up my stuff at all and I'm pretty sure that my grandpa has banking information stored on here (it's his computer). Secondly, I am pretty sure I have some sort of virus going on. I get random pop up ads every time I click on a page to allow me to scroll down using the arrow keys. I get the low disc space warnings. Comp is running extremely slow, videos wont play or even load all the way. I'm pretty sure it all started when I tried to download a demo version of fruity loops (11) which I now know was not from a reliable source and may have been illegal but I wouldn't have done it if I would have known this was the case. Pages will frequently, randomly change to say "error 502 the page you are trying to access is experiencing technical difficulties please try again later". I'm using Windows 7 and for some reason the desktop is now black and in the bottom right corner it says this version of windows is not genuine. Not sure why that happened all of a sudden but I could really use some help and it would be greatly appreciated.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, 32 bit
Processor: Mobile AMD Sempron(tm) Processor 3600+, x64 Family 15 Model 76 Stepping 2
Processor Count: 1
RAM: 1918 Mb
Graphics Card: ATI Radeon Xpress Series, 128 Mb
Hard Drives: C: Total - 57128 MB, Free - 40440 MB;
Motherboard: Dell Inc., 0UW744
Antivirus: None

main.exe - repeated "bing" noise & typed q continuously

0
0
THIS SOLUTION WORKED FOR ME, DOESN'T MEAN IT WILL WORK FOR YOU. IF YOU ARE UNSURE OF ANYTHING KINDLY DO NOT GO AHEAD & TAKE ASSISTANCE FROM AN EXPERT. I HAVE POSTED THIS THREAD FOR ADVISORY PURPOSE ONLY & I AM NOT RESPONSIBLE FOR ANY DAMAGES CAUSED.

My PC used to make a repeated "ping" noise & continuously type "q" in MS Excel, Firefox & Chrome (address bar) if these was open. This was happening after I touched the mouse or keyboard after the PC was idle for sometime (even a few seconds). I tried to scan my PC for viruses & malware, but nothing could be detected. I even tried to look for help on the internet but couldn't find any solution. I didn't want to go through the hassle of re-formatting so I continued to use my PC with this annoying problem

After some system update, I started to get another problem "main.exe has stopped working". Luckily I had an application which allowed me to debug this error and I realized this file was was located at;

C:\Users\MK\AppData\Local\Temp\route

Now I started to look for solutions on the internet for this problem when I stumbled upon the following post:

http://forums.techguy.org/virus-othe...ing-noise.html

In his solution he mentioned that he found dummy svchost.exe or svhost.exe running. I immediately started the "Windows Task Manager", clicked on "Show processes from all users" and bang, there was a file "svchost.exe" running from

C:\Users\MK\AppData\Roaming\WebEx\svchost.exe

I deleted this folder and my problem was resolved. "svchost.exe" is generally a system process/service, you need to be very careful before trying to stop the service or deleting files with this name. In my case, I notice that the system process/service was having a description "Host process for Windows services". Whereas, the malware was showing "svchost.exe" in the description as well, hence it was easy to spot it.

I even searched for the entries in registry for this file and deleted all the entries referring to this file. There was an entry in the registry in "......\Software\Microsoft\Windows\CurrentVersion\Run" which was invoking this file on start-up.

Note: You need to be careful while playing with Windows registry or system processes & services. IF YOU ARE UNSURE OF ANYTHING KINDLY DO NOT GO AHEAD & TAKE ASSISTANCE FROM AN EXPERT.

iexplorer.exe using 100% CPU

0
0
Part 2

tdskiller.txt

08:02:29.0695 0x0f08 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
08:02:33.0639 0x0f08 ============================================================
08:02:33.0639 0x0f08 Current date / time: 2014/08/14 08:02:33.0639
08:02:33.0639 0x0f08 SystemInfo:
08:02:33.0639 0x0f08
08:02:33.0639 0x0f08 OS Version: 6.1.7601 ServicePack: 1.0
08:02:33.0639 0x0f08 Product type: Workstation
08:02:33.0639 0x0f08 ComputerName: ROGER-PC
08:02:33.0639 0x0f08 UserName: roger
08:02:33.0639 0x0f08 Windows directory: C:\Windows
08:02:33.0639 0x0f08 System windows directory: C:\Windows
08:02:33.0639 0x0f08 Running under WOW64
08:02:33.0639 0x0f08 Processor architecture: Intel x64
08:02:33.0639 0x0f08 Number of processors: 4
08:02:33.0639 0x0f08 Page size: 0x1000
08:02:33.0639 0x0f08 Boot type: Normal boot
08:02:33.0639 0x0f08 ============================================================
08:02:34.0627 0x0f08 KLMD registered as C:\Windows\system32\drivers\51250051.sys
08:02:34.0754 0x0f08 System UUID: {C935D37A-8059-152E-5237-AB332400CF95}
08:02:35.0042 0x0f08 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:02:35.0074 0x0f08 ============================================================
08:02:35.0074 0x0f08 \Device\Harddisk0\DR0:
08:02:35.0075 0x0f08 MBR partitions:
08:02:35.0075 0x0f08 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:02:35.0075 0x0f08 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
08:02:35.0075 0x0f08 ============================================================
08:02:35.0081 0x0f08 C: <-> \Device\Harddisk0\DR0\Partition2
08:02:35.0081 0x0f08 ============================================================
08:02:35.0082 0x0f08 Initialize success
08:02:35.0082 0x0f08 ============================================================
08:02:36.0628 0x1560 ============================================================
08:02:36.0628 0x1560 Scan started
08:02:36.0628 0x1560 Mode: Manual;
08:02:36.0628 0x1560 ============================================================
08:02:36.0628 0x1560 KSN ping started
08:02:48.0620 0x1560 KSN ping finished: true
08:02:50.0298 0x1560 ================ Scan system memory ========================
08:02:50.0298 0x1560 System memory - ok
08:02:50.0795 0x1560 ================ Scan services =============================
08:02:50.0890 0x1560 [ 620C92D6EEFA9853A3EAD41B5EB9B5FD, 72DD7297179AC6629B816DD9656D5EC3F02BE677EA01A05A5EB808180F0D775F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
08:02:50.0893 0x1560 !SASCORE - ok
08:02:51.0085 0x1560 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
08:02:51.0091 0x1560 1394ohci - ok
08:02:51.0110 0x1560 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:02:51.0118 0x1560 ACPI - ok
08:02:51.0139 0x1560 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:02:51.0140 0x1560 AcpiPmi - ok
08:02:51.0219 0x1560 [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:02:51.0221 0x1560 AdobeARMservice - ok
08:02:51.0352 0x1560 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:02:51.0358 0x1560 AdobeFlashPlayerUpdateSvc - ok
08:02:51.0464 0x1560 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:02:51.0475 0x1560 adp94xx - ok
08:02:51.0500 0x1560 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:02:51.0508 0x1560 adpahci - ok
08:02:51.0519 0x1560 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:02:51.0524 0x1560 adpu320 - ok
08:02:51.0545 0x1560 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:02:51.0547 0x1560 AeLookupSvc - ok
08:02:51.0594 0x1560 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
08:02:51.0679 0x1560 AFD - ok
08:02:51.0796 0x1560 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
08:02:51.0798 0x1560 agp440 - ok
08:02:52.0258 0x1560 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
08:02:52.0260 0x1560 ALG - ok
08:02:52.0298 0x1560 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
08:02:52.0299 0x1560 aliide - ok
08:02:52.0889 0x1560 [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:02:52.0895 0x1560 AMD External Events Utility - ok
08:02:52.0926 0x1560 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
08:02:52.0927 0x1560 amdide - ok
08:02:53.0067 0x1560 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:02:53.0069 0x1560 AmdK8 - ok
08:02:53.0788 0x1560 [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:02:54.0360 0x1560 amdkmdag - ok
08:02:54.0425 0x1560 [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:02:54.0436 0x1560 amdkmdap - ok
08:02:54.0465 0x1560 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:02:54.0467 0x1560 AmdPPM - ok
08:02:54.0505 0x1560 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:02:54.0508 0x1560 amdsata - ok
08:02:54.0525 0x1560 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:02:54.0529 0x1560 amdsbs - ok
08:02:54.0544 0x1560 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:02:54.0545 0x1560 amdxata - ok
08:02:54.0586 0x1560 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
08:02:54.0588 0x1560 AppID - ok
08:02:54.0611 0x1560 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:02:54.0634 0x1560 AppIDSvc - ok
08:02:54.0697 0x1560 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
08:02:54.0718 0x1560 Appinfo - ok
08:02:55.0179 0x1560 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:02:55.0181 0x1560 Apple Mobile Device - ok
08:02:55.0199 0x1560 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
08:02:55.0201 0x1560 arc - ok
08:02:55.0224 0x1560 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:02:55.0227 0x1560 arcsas - ok
08:02:55.0329 0x1560 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:02:55.0331 0x1560 aspnet_state - ok
08:02:55.0348 0x1560 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:02:55.0348 0x1560 AsyncMac - ok
08:02:55.0384 0x1560 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
08:02:55.0385 0x1560 atapi - ok
08:02:55.0429 0x1560 [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:02:55.0431 0x1560 AtiHDAudioService - ok
08:02:55.0476 0x1560 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:02:55.0492 0x1560 AudioEndpointBuilder - ok
08:02:55.0509 0x1560 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:02:55.0521 0x1560 AudioSrv - ok
08:02:55.0547 0x1560 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:02:55.0550 0x1560 AxInstSV - ok
08:02:55.0590 0x1560 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:02:55.0601 0x1560 b06bdrv - ok
08:02:55.0620 0x1560 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:02:55.0627 0x1560 b57nd60a - ok
08:02:55.0651 0x1560 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
08:02:55.0654 0x1560 BDESVC - ok
08:02:55.0658 0x1560 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
08:02:55.0658 0x1560 Beep - ok
08:02:55.0696 0x1560 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
08:02:55.0712 0x1560 BFE - ok
08:02:55.0754 0x1560 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
08:02:55.0774 0x1560 BITS - ok
08:02:55.0808 0x1560 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:02:55.0809 0x1560 blbdrive - ok
08:02:55.0859 0x1560 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:02:55.0870 0x1560 Bonjour Service - ok
08:02:55.0888 0x1560 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:02:55.0891 0x1560 bowser - ok
08:02:55.0914 0x1560 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:02:55.0915 0x1560 BrFiltLo - ok
08:02:55.0921 0x1560 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:02:55.0922 0x1560 BrFiltUp - ok
08:02:55.0957 0x1560 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
08:02:55.0960 0x1560 Browser - ok
08:02:55.0978 0x1560 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:02:55.0985 0x1560 Brserid - ok
08:02:55.0995 0x1560 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:02:55.0996 0x1560 BrSerWdm - ok
08:02:56.0005 0x1560 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:02:56.0006 0x1560 BrUsbMdm - ok
08:02:56.0014 0x1560 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:02:56.0015 0x1560 BrUsbSer - ok
08:02:56.0023 0x1560 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:02:56.0025 0x1560 BTHMODEM - ok
08:02:56.0050 0x1560 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
08:02:56.0052 0x1560 bthserv - ok
08:02:56.0069 0x1560 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:02:56.0072 0x1560 cdfs - ok
08:02:56.0096 0x1560 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:02:56.0099 0x1560 cdrom - ok
08:02:56.0120 0x1560 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
08:02:56.0123 0x1560 CertPropSvc - ok
08:02:56.0136 0x1560 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
08:02:56.0138 0x1560 circlass - ok
08:02:56.0159 0x1560 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
08:02:56.0167 0x1560 CLFS - ok
08:02:56.0207 0x1560 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:02:56.0210 0x1560 clr_optimization_v2.0.50727_32 - ok
08:02:56.0236 0x1560 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:02:56.0238 0x1560 clr_optimization_v2.0.50727_64 - ok
08:02:56.0320 0x1560 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:02:56.0323 0x1560 clr_optimization_v4.0.30319_32 - ok
08:02:56.0335 0x1560 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:02:56.0338 0x1560 clr_optimization_v4.0.30319_64 - ok
08:02:56.0365 0x1560 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
08:02:56.0365 0x1560 CmBatt - ok
08:02:56.0576 0x1560 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:02:56.0577 0x1560 cmdide - ok
08:02:56.0631 0x1560 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
08:02:56.0641 0x1560 CNG - ok
08:02:56.0654 0x1560 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:02:56.0655 0x1560 Compbatt - ok
08:02:56.0683 0x1560 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:02:56.0685 0x1560 CompositeBus - ok
08:02:56.0687 0x1560 COMSysApp - ok
08:02:56.0706 0x1560 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:02:56.0707 0x1560 crcdisk - ok
08:02:56.0752 0x1560 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:02:56.0756 0x1560 CryptSvc - ok
08:02:56.0909 0x1560 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:02:56.0919 0x1560 DcomLaunch - ok
08:02:56.0943 0x1560 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
08:02:56.0950 0x1560 defragsvc - ok
08:02:56.0957 0x1560 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:02:56.0959 0x1560 DfsC - ok
08:02:56.0979 0x1560 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:02:56.0987 0x1560 Dhcp - ok
08:02:57.0006 0x1560 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
08:02:57.0007 0x1560 discache - ok
08:02:57.0021 0x1560 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
08:02:57.0023 0x1560 Disk - ok
08:02:57.0056 0x1560 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:02:57.0061 0x1560 Dnscache - ok
08:02:57.0089 0x1560 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
08:02:57.0095 0x1560 dot3svc - ok
08:02:57.0111 0x1560 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
08:02:57.0116 0x1560 DPS - ok
08:02:57.0136 0x1560 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:02:57.0136 0x1560 drmkaud - ok
08:02:57.0171 0x1560 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:02:57.0176 0x1560 dtsoftbus01 - ok
08:02:57.0231 0x1560 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:02:57.0249 0x1560 DXGKrnl - ok
08:02:57.0281 0x1560 [ BF3AF22106627DFF3EF7BAB133C969EA, B761363FA16CE2A1EBB1AF05784A10C225E61A45D5B4A69E6D1A21FD221F47B0 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
08:02:57.0288 0x1560 e1kexpress - ok
08:02:57.0317 0x1560 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
08:02:57.0320 0x1560 EapHost - ok
08:02:57.0431 0x1560 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:02:57.0503 0x1560 ebdrv - ok
08:02:57.0534 0x1560 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
08:02:57.0535 0x1560 EFS - ok
08:02:57.0598 0x1560 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:02:57.0742 0x1560 ehRecvr - ok
08:02:57.0768 0x1560 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
08:02:57.0771 0x1560 ehSched - ok
08:02:57.0808 0x1560 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:02:57.0820 0x1560 elxstor - ok
08:02:57.0830 0x1560 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:02:57.0830 0x1560 ErrDev - ok
08:02:57.0873 0x1560 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
08:02:57.0882 0x1560 EventSystem - ok
08:02:57.0902 0x1560 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
08:02:57.0907 0x1560 exfat - ok
08:02:57.0922 0x1560 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:02:57.0927 0x1560 fastfat - ok
08:02:57.0989 0x1560 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
08:02:58.0005 0x1560 Fax - ok
08:02:58.0023 0x1560 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
08:02:58.0024 0x1560 fdc - ok
08:02:58.0041 0x1560 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
08:02:58.0042 0x1560 fdPHost - ok
08:02:58.0054 0x1560 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
08:02:58.0056 0x1560 FDResPub - ok
08:02:58.0069 0x1560 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:02:58.0071 0x1560 FileInfo - ok
08:02:58.0082 0x1560 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:02:58.0083 0x1560 Filetrace - ok
08:02:58.0098 0x1560 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:02:58.0099 0x1560 flpydisk - ok
08:02:58.0117 0x1560 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:02:58.0123 0x1560 FltMgr - ok
08:02:58.0301 0x1560 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
08:02:58.0327 0x1560 FontCache - ok
08:02:58.0458 0x1560 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:02:58.0459 0x1560 FontCache3.0.0.0 - ok
08:02:58.0480 0x1560 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:02:58.0481 0x1560 FsDepends - ok
08:02:58.0511 0x1560 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:02:58.0512 0x1560 Fs_Rec - ok
08:02:58.0551 0x1560 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:02:58.0556 0x1560 fvevol - ok
08:02:58.0574 0x1560 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:02:58.0576 0x1560 gagp30kx - ok
08:02:58.0633 0x1560 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:02:58.0634 0x1560 GEARAspiWDM - ok
08:02:58.0686 0x1560 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
08:02:58.0703 0x1560 gpsvc - ok
08:02:58.0778 0x1560 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:58.0781 0x1560 gupdate - ok
08:02:58.0789 0x1560 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:02:58.0793 0x1560 gupdatem - ok
08:02:58.0823 0x1560 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
08:02:58.0824 0x1560 hamachi - ok
08:02:58.0854 0x1560 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:02:58.0855 0x1560 hcw85cir - ok
08:02:58.0890 0x1560 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:02:58.0898 0x1560 HdAudAddService - ok
08:02:58.0918 0x1560 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:02:58.0921 0x1560 HDAudBus - ok
08:02:58.0934 0x1560 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:02:58.0935 0x1560 HidBatt - ok
08:02:58.0945 0x1560 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:02:58.0947 0x1560 HidBth - ok
08:02:58.0957 0x1560 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
08:02:58.0958 0x1560 HidIr - ok
08:02:58.0979 0x1560 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
08:02:58.0980 0x1560 hidserv - ok
08:02:59.0021 0x1560 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:02:59.0022 0x1560 HidUsb - ok
08:02:59.0041 0x1560 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:02:59.0044 0x1560 hkmsvc - ok
08:02:59.0061 0x1560 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:02:59.0067 0x1560 HomeGroupListener - ok
08:02:59.0131 0x1560 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:02:59.0136 0x1560 HomeGroupProvider - ok
08:02:59.0154 0x1560 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:02:59.0157 0x1560 HpSAMD - ok
08:02:59.0831 0x1560 [ CFF11ABBC6B0C69B80EC5BC472228607, 62D47B5DCCADAB7AD1E8A68FAB1D15CE1C0383CC3F61108FE46D53509F4C6749 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
08:02:59.0955 0x1560 hshld - ok
08:03:00.0030 0x1560 [ 83D5717F961F26B1C221AD8A0FE9C8A0, 674F6F682AC987F97FFF94F38CF97CEC0F2422820BDAB3B93D3EEAB4D9C2460A ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
08:03:00.0031 0x1560 HssDRV6 - ok
08:03:00.0081 0x1560 [ 0560681B4544AD25316EEB58369E6FA2, D330C3B25F195BE77208399154CA41011BF2CDE6F484BBA352ABAE5B944D4ADB ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
08:03:00.0083 0x1560 HssTrayService - ok
08:03:00.0128 0x1560 [ 51CB81FA5A1BE7D1B860CF64E05FF990, DBA185B60D52893B36FE14D5A9872DA59C9C78468F4C88F780B86CF82F1B4BF7 ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
08:03:00.0140 0x1560 HssWd - ok
08:03:00.0176 0x1560 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:03:00.0193 0x1560 HTTP - ok
08:03:00.0248 0x1560 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:03:00.0249 0x1560 hwpolicy - ok
08:03:00.0277 0x1560 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:03:00.0280 0x1560 i8042prt - ok
08:03:00.0480 0x1560 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:03:00.0489 0x1560 iaStorV - ok
08:03:00.0533 0x1560 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:03:00.0552 0x1560 idsvc - ok
08:03:00.0570 0x1560 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:03:00.0571 0x1560 iirsp - ok
08:03:00.0626 0x1560 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
08:03:00.0645 0x1560 IKEEXT - ok
08:03:00.0789 0x1560 [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:03:00.0968 0x1560 IntcAzAudAddService - ok
08:03:01.0005 0x1560 [ 4A9EB8AC8959C580ADCADDBDBBEBE033, F7386FB51D4A2138A3BA0B76FE0FB6D0F6DF8AC4837345FCBD51308863D46D01 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
08:03:01.0010 0x1560 Intel(R) PROSet Monitoring Service - ok
08:03:01.0043 0x1560 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
08:03:01.0043 0x1560 intelide - ok
08:03:01.0067 0x1560 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:03:01.0069 0x1560 intelppm - ok
08:03:01.0093 0x1560 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:03:01.0096 0x1560 IPBusEnum - ok
08:03:01.0105 0x1560 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:03:01.0107 0x1560 IpFilterDriver - ok
08:03:01.0235 0x1560 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:03:01.0247 0x1560 iphlpsvc - ok
08:03:01.0258 0x1560 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:03:01.0261 0x1560 IPMIDRV - ok
08:03:01.0266 0x1560 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:03:01.0269 0x1560 IPNAT - ok
08:03:01.0356 0x1560 [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:03:01.0370 0x1560 iPod Service - ok
08:03:01.0395 0x1560 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:03:01.0396 0x1560 IRENUM - ok
08:03:01.0412 0x1560 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:03:01.0413 0x1560 isapnp - ok
08:03:01.0431 0x1560 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:03:01.0438 0x1560 iScsiPrt - ok
08:03:01.0460 0x1560 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:03:01.0461 0x1560 kbdclass - ok
08:03:01.0476 0x1560 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:03:01.0477 0x1560 kbdhid - ok
08:03:01.0492 0x1560 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
08:03:01.0494 0x1560 KeyIso - ok
08:03:01.0529 0x1560 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:03:01.0531 0x1560 KSecDD - ok
08:03:01.0543 0x1560 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:03:01.0547 0x1560 KSecPkg - ok
08:03:01.0557 0x1560 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:03:01.0558 0x1560 ksthunk - ok
08:03:01.0586 0x1560 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
08:03:01.0595 0x1560 KtmRm - ok
08:03:01.0621 0x1560 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:03:01.0628 0x1560 LanmanServer - ok
08:03:01.0650 0x1560 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:03:01.0654 0x1560 LanmanWorkstation - ok
08:03:01.0679 0x1560 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:03:01.0680 0x1560 lltdio - ok
08:03:01.0730 0x1560 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:03:01.0738 0x1560 lltdsvc - ok
08:03:01.0768 0x1560 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:03:01.0770 0x1560 lmhosts - ok
08:03:01.0784 0x1560 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:03:01.0787 0x1560 LSI_FC - ok
08:03:01.0803 0x1560 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:03:01.0806 0x1560 LSI_SAS - ok
08:03:01.0820 0x1560 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:03:01.0821 0x1560 LSI_SAS2 - ok
08:03:01.0838 0x1560 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:03:01.0841 0x1560 LSI_SCSI - ok
08:03:01.0859 0x1560 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
08:03:01.0862 0x1560 luafv - ok
08:03:01.0878 0x1560 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:03:01.0879 0x1560 MBAMProtector - ok
08:03:01.0926 0x1560 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:03:01.0935 0x1560 MBAMScheduler - ok
08:03:01.0959 0x1560 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:03:01.0975 0x1560 MBAMService - ok
08:03:01.0996 0x1560 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:03:01.0999 0x1560 Mcx2Svc - ok
08:03:02.0019 0x1560 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
08:03:02.0020 0x1560 megasas - ok
08:03:02.0058 0x1560 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:03:02.0064 0x1560 MegaSR - ok
08:03:02.0084 0x1560 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
08:03:02.0086 0x1560 MMCSS - ok
08:03:02.0093 0x1560 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
08:03:02.0094 0x1560 Modem - ok
08:03:02.0101 0x1560 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:03:02.0102 0x1560 monitor - ok
08:03:02.0109 0x1560 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:03:02.0110 0x1560 mouclass - ok
08:03:02.0114 0x1560 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:03:02.0115 0x1560 mouhid - ok
08:03:02.0139 0x1560 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:03:02.0141 0x1560 mountmgr - ok
08:03:02.0197 0x1560 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:03:02.0200 0x1560 MozillaMaintenance - ok
08:03:02.0213 0x1560 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
08:03:02.0217 0x1560 mpio - ok
08:03:02.0236 0x1560 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:03:02.0238 0x1560 mpsdrv - ok
08:03:02.0283 0x1560 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:03:02.0315 0x1560 MpsSvc - ok
08:03:02.0347 0x1560 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:03:02.0351 0x1560 MRxDAV - ok
08:03:02.0367 0x1560 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:03:02.0370 0x1560 mrxsmb - ok
08:03:02.0384 0x1560 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:03:02.0391 0x1560 mrxsmb10 - ok
08:03:02.0406 0x1560 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:03:02.0409 0x1560 mrxsmb20 - ok
08:03:02.0440 0x1560 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
08:03:02.0440 0x1560 msahci - ok
08:03:02.0456 0x1560 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:03:02.0459 0x1560 msdsm - ok
08:03:02.0471 0x1560 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
08:03:02.0475 0x1560 MSDTC - ok
08:03:02.0571 0x1560 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:03:02.0572 0x1560 Msfs - ok
08:03:02.0588 0x1560 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:03:02.0589 0x1560 mshidkmdf - ok
08:03:02.0602 0x1560 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:03:02.0602 0x1560 msisadrv - ok
08:03:02.0618 0x1560 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:03:02.0622 0x1560 MSiSCSI - ok
08:03:02.0625 0x1560 msiserver - ok
08:03:02.0642 0x1560 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:03:02.0643 0x1560 MSKSSRV - ok
08:03:02.0651 0x1560 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:03:02.0652 0x1560 MSPCLOCK - ok
08:03:02.0664 0x1560 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:03:02.0665 0x1560 MSPQM - ok
08:03:02.0685 0x1560 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:03:02.0694 0x1560 MsRPC - ok
08:03:02.0713 0x1560 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:03:02.0713 0x1560 mssmbios - ok
08:03:02.0725 0x1560 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:03:02.0726 0x1560 MSTEE - ok
08:03:02.0733 0x1560 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:03:02.0734 0x1560 MTConfig - ok
08:03:02.0743 0x1560 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
08:03:02.0744 0x1560 Mup - ok
08:03:02.0766 0x1560 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
08:03:02.0911 0x1560 napagent - ok
08:03:02.0940 0x1560 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:03:02.0947 0x1560 NativeWifiP - ok
08:03:02.0999 0x1560 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
08:03:03.0020 0x1560 NDIS - ok
08:03:03.0335 0x1560 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:03:03.0336 0x1560 NdisCap - ok
08:03:03.0353 0x1560 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:03:03.0354 0x1560 NdisTapi - ok
08:03:03.0366 0x1560 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:03:03.0368 0x1560 Ndisuio - ok
08:03:03.0379 0x1560 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:03:03.0383 0x1560 NdisWan - ok
08:03:03.0391 0x1560 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:03:03.0393 0x1560 NDProxy - ok
08:03:03.0432 0x1560 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
08:03:03.0433 0x1560 Netaapl - ok
08:03:03.0460 0x1560 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:03:03.0461 0x1560 NetBIOS - ok
08:03:03.0481 0x1560 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:03:03.0487 0x1560 NetBT - ok
08:03:03.0500 0x1560 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
08:03:03.0502 0x1560 Netlogon - ok
08:03:03.0529 0x1560 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
08:03:03.0538 0x1560 Netman - ok
08:03:03.0586 0x1560 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:03.0589 0x1560 NetMsmqActivator - ok
08:03:03.0594 0x1560 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:03.0597 0x1560 NetPipeActivator - ok
08:03:03.0622 0x1560 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
08:03:03.0633 0x1560 netprofm - ok
08:03:03.0719 0x1560 [ ED41E38C3F96C1025BFD4B8A06DEFDC7, 230F7787395BAA66D5CD94C18C7C1ED6B985AA53A869B694FF0E2684B6C8DC84 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
08:03:03.0757 0x1560 netr28ux - ok
08:03:03.0797 0x1560 [ B72BB9496A126FCFC7FC5945DED9B411, FA5CC4E93761FB2B59B9B34C699B1486560BDB39280AB1125DE42DB7C4BE303A ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
08:03:03.0811 0x1560 netr28x - ok
08:03:03.0817 0x1560 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:03.0820 0x1560 NetTcpActivator - ok
08:03:03.0825 0x1560 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:03:03.0827 0x1560 NetTcpPortSharing - ok
08:03:03.0861 0x1560 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:03:03.0863 0x1560 nfrd960 - ok
08:03:03.0901 0x1560 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:03:03.0908 0x1560 NlaSvc - ok
08:03:03.0960 0x1560 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF C:\Windows\system32\drivers\npf.sys
08:03:03.0962 0x1560 NPF - ok
08:03:03.0970 0x1560 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:03:03.0972 0x1560 Npfs - ok
08:03:03.0983 0x1560 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
08:03:03.0984 0x1560 nsi - ok
08:03:03.0993 0x1560 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:03:03.0994 0x1560 nsiproxy - ok
08:03:04.0069 0x1560 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:03:04.0107 0x1560 Ntfs - ok
08:03:04.0134 0x1560 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
08:03:04.0135 0x1560 Null - ok
08:03:04.0147 0x1560 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:03:04.0151 0x1560 nvraid - ok
08:03:04.0193 0x1560 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:03:04.0197 0x1560 nvstor - ok
08:03:04.0206 0x1560 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:03:04.0209 0x1560 nv_agp - ok
08:03:04.0217 0x1560 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:03:04.0219 0x1560 ohci1394 - ok
08:03:04.0248 0x1560 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:03:04.0256 0x1560 p2pimsvc - ok
08:03:04.0275 0x1560 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
08:03:04.0286 0x1560 p2psvc - ok
08:03:04.0300 0x1560 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
08:03:04.0302 0x1560 Parport - ok
08:03:04.0335 0x1560 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:03:04.0337 0x1560 partmgr - ok
08:03:04.0352 0x1560 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
08:03:04.0357 0x1560 PcaSvc - ok
08:03:04.0374 0x1560 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
08:03:04.0378 0x1560 pci - ok
08:03:04.0406 0x1560 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
08:03:04.0406 0x1560 pciide - ok
08:03:04.0427 0x1560 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:03:04.0432 0x1560 pcmcia - ok
08:03:04.0451 0x1560 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
08:03:04.0452 0x1560 pcw - ok
08:03:04.0473 0x1560 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:03:04.0488 0x1560 PEAUTH - ok
08:03:04.0593 0x1560 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:03:04.0594 0x1560 PerfHost - ok
08:03:04.0790 0x1560 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
08:03:04.0822 0x1560 pla - ok
08:03:05.0007 0x1560 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:03:05.0017 0x1560 PlugPlay - ok
08:03:05.0038 0x1560 PnkBstrA - ok
08:03:05.0050 0x1560 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:03:05.0052 0x1560 PNRPAutoReg - ok
08:03:05.0073 0x1560 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:03:05.0080 0x1560 PNRPsvc - ok
08:03:05.0113 0x1560 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:03:05.0125 0x1560 PolicyAgent - ok
08:03:05.0147 0x1560 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
08:03:05.0151 0x1560 Power - ok
08:03:05.0183 0x1560 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:03:05.0185 0x1560 PptpMiniport - ok
08:03:05.0196 0x1560 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
08:03:05.0198 0x1560 Processor - ok
08:03:05.0238 0x1560 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
08:03:05.0244 0x1560 ProfSvc - ok
08:03:05.0250 0x1560 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:03:05.0251 0x1560 ProtectedStorage - ok
08:03:05.0265 0x1560 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:03:05.0268 0x1560 Psched - ok
08:03:05.0456 0x1560 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:03:05.0489 0x1560 ql2300 - ok
08:03:05.0661 0x1560 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:03:05.0665 0x1560 ql40xx - ok
08:03:05.0685 0x1560 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
08:03:05.0692 0x1560 QWAVE - ok
08:03:05.0703 0x1560 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:03:05.0705 0x1560 QWAVEdrv - ok
08:03:05.0764 0x1560 [ F502A4B72524D21C5CA7183E61FB522E, 819B5DF8916776E7ACBFB0FDFBD0CDCFD173E750DF3A16D8462EDA13BB013DE0 ] RalinkRegistryWriter C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
08:03:05.0773 0x1560 RalinkRegistryWriter - ok
08:03:05.0809 0x1560 [ 56B2EED5F1F150519DFAC03AA9825AF5, BEA2A41ECCB596A81E865B0CE128E2CA5967C072D03F9E040C27ED483AAFE8A3 ] RalinkRegistryWriter64 C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
08:03:05.0820 0x1560 RalinkRegistryWriter64 - ok
08:03:05.0841 0x1560 [ CBC738221E5B80C4566E4AC0DC16CC8C, 13A2AFCE5D88E49EE509244A780ED30D85CE8F2CB8DA40C7E12B00C33D9743C0 ] RaMediaServer C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe
08:03:05.0993 0x1560 RaMediaServer - ok
08:03:06.0003 0x1560 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:03:06.0004 0x1560 RasAcd - ok
08:03:06.0028 0x1560 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:03:06.0029 0x1560 RasAgileVpn - ok
08:03:06.0051 0x1560 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
08:03:06.0054 0x1560 RasAuto - ok
08:03:06.0076 0x1560 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:03:06.0079 0x1560 Rasl2tp - ok
08:03:06.0094 0x1560 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
08:03:06.0103 0x1560 RasMan - ok
08:03:06.0110 0x1560 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:03:06.0112 0x1560 RasPppoe - ok
08:03:06.0126 0x1560 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:03:06.0128 0x1560 RasSstp - ok
08:03:06.0144 0x1560 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:03:06.0151 0x1560 rdbss - ok
08:03:06.0163 0x1560 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:03:06.0164 0x1560 rdpbus - ok
08:03:06.0281 0x1560 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:03:06.0282 0x1560 RDPCDD - ok
08:03:06.0299 0x1560 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:03:06.0300 0x1560 RDPENCDD - ok
08:03:06.0311 0x1560 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:03:06.0312 0x1560 RDPREFMP - ok
08:03:06.0348 0x1560 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:03:06.0353 0x1560 RDPWD - ok
08:03:06.0372 0x1560 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:03:06.0377 0x1560 rdyboost - ok
08:03:06.0396 0x1560 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:03:06.0399 0x1560 RemoteAccess - ok
08:03:06.0421 0x1560 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:03:06.0426 0x1560 RemoteRegistry - ok
08:03:06.0477 0x1560 [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
08:03:06.0480 0x1560 rpcapd - ok
08:03:06.0502 0x1560 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:03:06.0504 0x1560 RpcEptMapper - ok
08:03:06.0509 0x1560 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
08:03:06.0510 0x1560 RpcLocator - ok
08:03:06.0533 0x1560 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
08:03:06.0544 0x1560 RpcSs - ok
08:03:06.0575 0x1560 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:03:06.0577 0x1560 rspndr - ok
08:03:06.0583 0x1560 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
08:03:06.0585 0x1560 SamSs - ok
08:03:06.0656 0x1560 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
08:03:06.0656 0x1560 SASDIFSV - ok
08:03:06.0983 0x1560 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
08:03:06.0983 0x1560 SASKUTIL - ok
08:03:06.0997 0x1560 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:03:07.0000 0x1560 sbp2port - ok
08:03:07.0017 0x1560 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:03:07.0022 0x1560 SCardSvr - ok
08:03:07.0085 0x1560 [ DD8C29C96307FDBD2DFA6F1730FBCE9A, C0B5DA32EF9913634C0ABFDADA371AC4A909CD83ED174B311EF00AFFA13B3A38 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
08:03:07.0087 0x1560 SCDEmu - ok
08:03:07.0100 0x1560 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:03:07.0101 0x1560 scfilter - ok
08:03:07.0142 0x1560 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
08:03:07.0167 0x1560 Schedule - ok
08:03:07.0186 0x1560 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:03:07.0188 0x1560 SCPolicySvc - ok
08:03:07.0204 0x1560 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:03:07.0209 0x1560 SDRSVC - ok
08:03:07.0224 0x1560 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:03:07.0224 0x1560 secdrv - ok
08:03:07.0238 0x1560 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
08:03:07.0240 0x1560 seclogon - ok
08:03:07.0247 0x1560 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
08:03:07.0249 0x1560 SENS - ok
08:03:07.0271 0x1560 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:03:07.0273 0x1560 SensrSvc - ok
08:03:07.0284 0x1560 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
08:03:07.0285 0x1560 Serenum - ok
08:03:07.0319 0x1560 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
08:03:07.0322 0x1560 Serial - ok
08:03:07.0331 0x1560 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:03:07.0332 0x1560 sermouse - ok
08:03:07.0345 0x1560 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
08:03:07.0348 0x1560 SessionEnv - ok
08:03:07.0358 0x1560 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:03:07.0359 0x1560 sffdisk - ok
08:03:07.0369 0x1560 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:03:07.0370 0x1560 sffp_mmc - ok
08:03:07.0381 0x1560 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:03:07.0382 0x1560 sffp_sd - ok
08:03:07.0389 0x1560 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:03:07.0389 0x1560 sfloppy - ok
08:03:07.0414 0x1560 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:03:07.0422 0x1560 SharedAccess - ok
08:03:07.0447 0x1560 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:03:07.0456 0x1560 ShellHWDetection - ok
08:03:07.0479 0x1560 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:03:07.0480 0x1560 SiSRaid2 - ok
08:03:07.0494 0x1560 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:03:07.0496 0x1560 SiSRaid4 - ok
08:03:07.0651 0x1560 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
08:03:07.0871 0x1560 Skype C2C Service - ok
08:03:07.0959 0x1560 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:03:07.0963 0x1560 SkypeUpdate - ok
08:03:08.0255 0x1560 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:03:08.0257 0x1560 Smb - ok
08:03:08.0281 0x1560 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:03:08.0283 0x1560 SNMPTRAP - ok
08:03:08.0291 0x1560 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
08:03:08.0291 0x1560 spldr - ok
08:03:08.0332 0x1560 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
08:03:08.0346 0x1560 Spooler - ok
08:03:08.0456 0x1560 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
08:03:08.0533 0x1560 sppsvc - ok
08:03:08.0550 0x1560 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:03:08.0552 0x1560 sppuinotify - ok
08:03:08.0579 0x1560 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:03:08.0751 0x1560 srv - ok
08:03:08.0770 0x1560 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:03:08.0779 0x1560 srv2 - ok
08:03:08.0796 0x1560 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:03:08.0800 0x1560 srvnet - ok
08:03:08.0818 0x1560 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:03:08.0823 0x1560 SSDPSRV - ok
08:03:08.0832 0x1560 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:03:08.0834 0x1560 SstpSvc - ok
08:03:08.0906 0x1560 [ 4A8AF45FE81A22EE309D6C0FFC6E4096, BEC42910C9CEE5BD8B240961A91A034A627126C208D4E351699B40CCB7832FE5 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
08:03:08.0919 0x1560 Steam Client Service - ok
08:03:08.0943 0x1560 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:03:08.0944 0x1560 stexstor - ok
08:03:08.0988 0x1560 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
08:03:09.0002 0x1560 stisvc - ok
08:03:09.0015 0x1560 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:03:09.0016 0x1560 swenum - ok
08:03:09.0042 0x1560 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
08:03:09.0054 0x1560 swprv - ok
08:03:09.0112 0x1560 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
08:03:09.0151 0x1560 SysMain - ok
08:03:09.0165 0x1560 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:03:09.0168 0x1560 TabletInputService - ok
08:03:09.0201 0x1560 [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
08:03:09.0202 0x1560 taphss6 - ok
08:03:09.0220 0x1560 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
08:03:09.0229 0x1560 TapiSrv - ok
08:03:09.0247 0x1560 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
08:03:09.0249 0x1560 TBS - ok
08:03:09.0343 0x1560 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:03:09.0385 0x1560 Tcpip - ok
08:03:09.0433 0x1560 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:03:09.0468 0x1560 TCPIP6 - ok
08:03:09.0511 0x1560 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:03:09.0512 0x1560 tcpipreg - ok
08:03:09.0531 0x1560 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:03:09.0531 0x1560 TDPIPE - ok
08:03:09.0563 0x1560 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:03:09.0564 0x1560 TDTCP - ok
08:03:09.0584 0x1560 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:03:09.0587 0x1560 tdx - ok
08:03:09.0599 0x1560 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:03:09.0601 0x1560 TermDD - ok
08:03:09.0635 0x1560 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
08:03:09.0651 0x1560 TermService - ok
08:03:09.0657 0x1560 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
08:03:09.0659 0x1560 Themes - ok
08:03:09.0675 0x1560 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
08:03:09.0677 0x1560 THREADORDER - ok
08:03:09.0690 0x1560 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
08:03:09.0693 0x1560 TrkWks - ok
08:03:09.0759 0x1560 [ 6D95A713F03A9AE56E99D00E809F2F90, BAECF0B7C21DA3868555179D51084CE956D38C53CD9384831F5D25DF8E989971 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
08:03:09.0760 0x1560 TrueSight - ok
08:03:09.0799 0x1560 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:03:09.0804 0x1560 TrustedInstaller - ok
08:03:09.0842 0x1560 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:03:09.0844 0x1560 tssecsrv - ok
08:03:09.0985 0x1560 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:03:09.0987 0x1560 TsUsbFlt - ok
08:03:10.0000 0x1560 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:03:10.0001 0x1560 TsUsbGD - ok
08:03:10.0017 0x1560 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:03:10.0020 0x1560 tunnel - ok
08:03:10.0037 0x1560 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:03:10.0039 0x1560 uagp35 - ok
08:03:10.0058 0x1560 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:03:10.0065 0x1560 udfs - ok
08:03:10.0088 0x1560 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:03:10.0090 0x1560 UI0Detect - ok
08:03:10.0100 0x1560 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:03:10.0102 0x1560 uliagpkx - ok
08:03:10.0122 0x1560 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:03:10.0123 0x1560 umbus - ok
08:03:10.0138 0x1560 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
08:03:10.0139 0x1560 UmPass - ok
08:03:10.0156 0x1560 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
08:03:10.0165 0x1560 upnphost - ok
08:03:10.0194 0x1560 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:03:10.0195 0x1560 USBAAPL64 - ok
08:03:10.0226 0x1560 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:03:10.0229 0x1560 usbccgp - ok
08:03:10.0262 0x1560 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:03:10.0265 0x1560 usbcir - ok
08:03:10.0387 0x1560 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:03:10.0389 0x1560 usbehci - ok
08:03:10.0417 0x1560 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:03:10.0425 0x1560 usbhub - ok
08:03:10.0463 0x1560 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:03:10.0464 0x1560 usbohci - ok
08:03:10.0481 0x1560 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
08:03:10.0482 0x1560 usbprint - ok
08:03:10.0496 0x1560 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:03:10.0498 0x1560 USBSTOR - ok
08:03:10.0510 0x1560 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:03:10.0511 0x1560 usbuhci - ok
08:03:10.0525 0x1560 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
08:03:10.0527 0x1560 UxSms - ok
08:03:10.0541 0x1560 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
08:03:10.0542 0x1560 VaultSvc - ok
08:03:10.0552 0x1560 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:03:10.0553 0x1560 vdrvroot - ok
08:03:10.0572 0x1560 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
08:03:10.0585 0x1560 vds - ok
08:03:10.0595 0x1560 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:03:10.0597 0x1560 vga - ok
08:03:10.0608 0x1560 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:03:10.0609 0x1560 VgaSave - ok
08:03:10.0634 0x1560 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:03:10.0639 0x1560 vhdmp - ok
08:03:10.0668 0x1560 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
08:03:10.0669 0x1560 viaide - ok
08:03:10.0682 0x1560 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:03:10.0684 0x1560 volmgr - ok
08:03:10.0699 0x1560 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:03:10.0708 0x1560 volmgrx - ok
08:03:10.0727 0x1560 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:03:10.0733 0x1560 volsnap - ok
08:03:10.0758 0x1560 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:03:10.0762 0x1560 vsmraid - ok
08:03:10.0820 0x1560 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
08:03:10.0857 0x1560 VSS - ok
08:03:10.0869 0x1560 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:03:10.0870 0x1560 vwifibus - ok
08:03:10.0945 0x1560 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:03:10.0947 0x1560 vwififlt - ok
08:03:10.0962 0x1560 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:03:10.0962 0x1560 vwifimp - ok
08:03:10.0987 0x1560 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
08:03:10.0996 0x1560 W32Time - ok
08:03:11.0015 0x1560 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:03:11.0017 0x1560 WacomPen - ok
08:03:11.0041 0x1560 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:03:11.0043 0x1560 WANARP - ok
08:03:11.0047 0x1560 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:03:11.0049 0x1560 Wanarpv6 - ok
08:03:11.0105 0x1560 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:03:11.0133 0x1560 WatAdminSvc - ok
08:03:11.0289 0x1560 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
08:03:11.0323 0x1560 wbengine - ok
08:03:11.0336 0x1560 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:03:11.0342 0x1560 WbioSrvc - ok
08:03:11.0361 0x1560 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:03:11.0370 0x1560 wcncsvc - ok
08:03:11.0377 0x1560 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:03:11.0379 0x1560 WcsPlugInService - ok
08:03:11.0396 0x1560 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
08:03:11.0397 0x1560 Wd - ok
08:03:11.0455 0x1560 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:03:11.0472 0x1560 Wdf01000 - ok
08:03:11.0498 0x1560 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:03:11.0501 0x1560 WdiServiceHost - ok
08:03:11.0505 0x1560 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:03:11.0508 0x1560 WdiSystemHost - ok
08:03:11.0523 0x1560 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
08:03:11.0530 0x1560 WebClient - ok
08:03:11.0548 0x1560 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:03:11.0554 0x1560 Wecsvc - ok
08:03:11.0565 0x1560 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:03:11.0568 0x1560 wercplsupport - ok
08:03:11.0583 0x1560 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
08:03:11.0586 0x1560 WerSvc - ok
08:03:11.0610 0x1560 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:03:11.0611 0x1560 WfpLwf - ok
08:03:11.0618 0x1560 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:03:11.0619 0x1560 WIMMount - ok
08:03:11.0640 0x1560 WinDefend - ok
08:03:11.0653 0x1560 WinHttpAutoProxySvc - ok
08:03:11.0689 0x1560 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:03:11.0695 0x1560 Winmgmt - ok
08:03:11.0867 0x1560 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
08:03:11.0913 0x1560 WinRM - ok
08:03:11.0956 0x1560 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:03:11.0957 0x1560 WinUsb - ok
08:03:11.0986 0x1560 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:03:12.0161 0x1560 Wlansvc - ok
08:03:12.0264 0x1560 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:03:12.0314 0x1560 wlidsvc - ok
08:03:12.0388 0x1560 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:03:12.0389 0x1560 WmiAcpi - ok
08:03:12.0410 0x1560 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:03:12.0415 0x1560 wmiApSrv - ok
08:03:12.0423 0x1560 WMPNetworkSvc - ok
08:03:12.0433 0x1560 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:03:12.0435 0x1560 WPCSvc - ok
08:03:12.0444 0x1560 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:03:12.0448 0x1560 WPDBusEnum - ok
08:03:12.0454 0x1560 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:03:12.0455 0x1560 ws2ifsl - ok
08:03:12.0466 0x1560 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
08:03:12.0470 0x1560 wscsvc - ok
08:03:12.0472 0x1560 WSearch - ok
08:03:12.0571 0x1560 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
08:03:12.0627 0x1560 wuauserv - ok
08:03:12.0667 0x1560 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:03:12.0669 0x1560 WudfPf - ok
08:03:12.0704 0x1560 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:03:12.0708 0x1560 WUDFRd - ok
08:03:12.0740 0x1560 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:03:12.0743 0x1560 wudfsvc - ok
08:03:12.0778 0x1560 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
08:03:12.0784 0x1560 WwanSvc - ok
08:03:12.0821 0x1560 [ FF39BAD372473F8CB9B755B2B877CA0D, F2F309C76D7A570E99FFCAA55F800E11BA77F31A1BF896C576887E5679586F1D ] {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64 C:\Windows\system32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys
08:03:12.0822 0x1560 {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64 - ok
08:03:12.0837 0x1560 ================ Scan global ===============================
08:03:12.0857 0x1560 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:03:12.0893 0x1560 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:03:12.0905 0x1560 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:03:12.0922 0x1560 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:03:12.0943 0x1560 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:03:12.0951 0x1560 [ Global ] - ok
08:03:12.0951 0x1560 ================ Scan MBR ==================================
08:03:12.0955 0x1560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:03:13.0283 0x1560 \Device\Harddisk0\DR0 - ok
08:03:13.0283 0x1560 ================ Scan VBR ==================================
08:03:13.0285 0x1560 [ C623B43A619261241E7F395235861EC1 ] \Device\Harddisk0\DR0\Partition1
08:03:13.0331 0x1560 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
08:03:13.0331 0x1560 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
08:03:17.0889 0x1560 [ 974169241C9F2F67375DB6B492CE1B3E ] \Device\Harddisk0\DR0\Partition2
08:03:17.0935 0x1560 \Device\Harddisk0\DR0\Partition2 - ok
08:03:17.0935 0x1560 ================ Scan generic autorun ======================
08:03:18.0023 0x1560 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
08:03:18.0029 0x1560 SunJavaUpdateSched - ok
08:03:18.0218 0x1560 [ 06BB3578BE06B0980AF9917EC94488EC, 4C66DC5C55E7AC80838D21AA04D194ACE62D70FF0D469FAB910FFE05B1C2A4E7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
08:03:18.0235 0x1560 StartCCC - ok
08:03:18.0300 0x1560 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:03:18.0483 0x1560 Sidebar - ok
08:03:18.0792 0x1560 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:03:18.0795 0x1560 mctadmin - ok
08:03:18.0823 0x1560 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:03:18.0843 0x1560 Sidebar - ok
08:03:18.0865 0x1560 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:03:18.0867 0x1560 mctadmin - ok
08:03:18.0868 0x1560 iFunBox Price Watch - ok
08:03:18.0993 0x1560 [ B455B50779CFC054FC3C607706CAFF04, 558D807BC27B382F2919E502A8E8865B1F41A205C1FB9AB1B8CF477BC918C30E ] C:\PROGRA~2\Raptr\raptrstub.exe
08:03:18.0994 0x1560 Raptr - ok
08:03:19.0341 0x1560 [ 4BC008AE9C231723C6C71CD1BB712753, 7EA70360940811BCC3664759E3AF1CF8B24AFEEFC4B86985E9A9136866F12787 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
08:03:19.0782 0x1560 SUPERAntiSpyware - ok
08:03:19.0789 0x1560 EveckAcyur - ok
08:03:19.0834 0x1560 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:03:19.0855 0x1560 Sidebar - ok
08:03:19.0867 0x1560 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
08:03:19.0870 0x1560 mctadmin - ok
08:03:19.0870 0x1560 Waiting for KSN requests completion. In queue: 169
08:03:20.0870 0x1560 Waiting for KSN requests completion. In queue: 169
08:03:21.0870 0x1560 Waiting for KSN requests completion. In queue: 10
08:03:22.0870 0x1560 Waiting for KSN requests completion. In queue: 10
08:03:23.0870 0x1560 Waiting for KSN requests completion. In queue: 10
08:03:24.0870 0x1560 Waiting for KSN requests completion. In queue: 10
08:03:25.0870 0x1560 Waiting for KSN requests completion. In queue: 10
08:03:26.0870 0x1560 Waiting for KSN requests completion. In queue: 10
08:03:29.0032 0x1560 Win FW state via NFP2: enabled
08:03:36.0780 0x1560 ============================================================
08:03:36.0780 0x1560 Scan finished
08:03:36.0780 0x1560 ============================================================
08:03:36.0828 0x11d4 Detected object count: 1
08:03:36.0828 0x11d4 Actual detected object count: 1
08:03:56.0721 0x11d4 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
08:03:56.0722 0x11d4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Quarantine
08:04:08.0951 0x1830 Deinitialize success


And unfortunately, I cannot find anything in C:\Windows\System32\dot3svc.dll

Sorry about that! Maybe I didn't do something right. But I followed the instructions in the exact order posted.

HijackThis Log File

0
0
Any help with this log file would be appreciated. I would like to remove empty entries, toolbar entries, and any malware/virus entries. Thanks! :D

Code:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 8119 Mb
Graphics Card: NVIDIA GeForce 310, 512 Mb
Hard Drives: C: Total - 937382 MB, Free - 764972 MB; E: Total - 610477 MB, Free - 79938 MB;
Motherboard: Gateway, H57M01
Antivirus: Microsoft Security Essentials, Disabled

Code:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:21:10 AM, on 8/14/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
CHROME: 36.0.1985.125

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\ArcSoft\MediaConverter 3\Monitor.exe
C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files (x86)\HRBlockDirect\HRBlockDirect.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\tom & louise lively\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://att.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Produtools Manuals 2.1 E2 Toolbar - {c050a3b4-59e7-42b1-9956-369806f31d20} - C:\Program Files (x86)\Produtools_Manuals_2.1_E2\prxtbProd.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Produtools Manuals 2.1 E2 - {c050a3b4-59e7-42b1-9956-369806f31d20} - C:\Program Files (x86)\Produtools_Manuals_2.1_E2\prxtbProd.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Produtools Manuals 2.1 E2 Toolbar - {c050a3b4-59e7-42b1-9956-369806f31d20} - C:\Program Files (x86)\Produtools_Manuals_2.1_E2\prxtbProd.dll (file missing)
O3 - Toolbar: (no name) - {4F524A2D-5637-4300-76A7-7A786E7484D7} - (no file)
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\tom & louise lively\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_69979126FFABBA1628F64DB199C31597] "C:\Users\tom & louise lively\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: WkCalRem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
O4 - Global Startup: Device Monitor.lnk = C:\Program Files (x86)\ArcSoft\MediaConverter 3\Monitor.exe
O4 - Global Startup: forteManager.lnk = C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
O4 - Global Startup: HRBlockDirect.lnk = C:\Program Files (x86)\HRBlockDirect\HRBlockDirect.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:       
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: VPDAgent (Agent) - Two Pilots - C:\Windows\VPDAgent_x64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Neat Startup Service - The Neat Company - C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 18355 bytes

It Gets Hung Up after 5 minutes!

0
0
Work Desktop running into some kind of issue. We can only run in safe mode to access programs at any length. After 5 minutes in normal mode, some program in the background causes the machine to become "hung up" and we cannot access anything at all. Hijack this log enclosed. Any assistance is appreciated.

Attached Files
File Type: txt hijackthis 8-14-14.txt (10.9 KB)

pop-up hell

0
0
Is this your chosen start page in Internet Explorer?

swspecialists.com

Please uninstall the following via the Control Panel:

FineDeAlSoft

Please download the attached fixlist.txt file and save it where you saved FRST (which is your downloads folder).

NOTE: It's important that both files, FRST and fixlist.txt are in the same location (preferably on the desktop) or the fix will not work.

Run FRST/FRST64 and press the Fix button just once and then wait.

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after the restart.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

The tool will make a log on the Desktop (Fixlog.txt). Please post it in your reply.

Attached Files
File Type: txt Fixlist.txt (2.2 KB)

Right mouse button bound to ad aware installer, win 7

0
0
Ah, so it's the torrents themselves. I don't really use torrents aside from books or something for studies or my D&D habit, but these guys I'm not sure what they download. I'll just have to tell them to get their own computer if they want to run stuff like that.

Unfortunately it still tried to run the ad aware installer even though it's not even present on my computer (if I leave the window alone it gives me an error message about not being able to find it). When I booted up today I opened the task manager instead of just closing the window and saw it's msiexec that runs, I think that's the windows installer program? I did a search and came up with this: http://support.microsoft.com/kb/290301. After using that tool it no longer tries to run the ad aware installer when right clicking a file or folder but msiexec still blinks for a split second and appears in my task manager window.

Though I have to say I've noticed a few seconds faster startup after running your custom OTL fix, it's gone from arout 30 seconds to 20 or so.

static.www.calottery.com

0
0
A window from this site keeps popping up and I can't close it. I have to restart my PC to clear it out, but it always comes back. Other info, part of message reads prod-pri-cs0.cloudapp.net. The screen that comes up asks for my user name and password. Also this message appears: Warning your user name and password will be sent using basic authentication on a connection that isn't secure. Can anyone help me stop this window from popping up.

I think that I have rootkit or other malware on my computer.

0
0
Okay, I know you're having this issue when installing, so make sure its definatly uninstalled then close all windows, and run this tool:

http://downloads.malwarebytes.org/file/mbam_clean

Doubleclick to run the tool, and it will run quickly. It will ask to restart your computer, please allow it to do so very important.

Next Download & SAVE the latest version of Malwarebytes' Anti-Malware from

http://downloads.malwarebytes.org/file/mbam

(I know you already have, but just delete the previous one you tried, and get this fresh one, just to be safe)


Right-click on mbam-setup.exe and select Run as Administrator and allow to run.

Then after the setup has finished, on the Dashboard screen, press the Update now link.

Let me know if the update succeeds.

eddie

I think I have a virus, malware, something.....

0
0
HI! Thank you for looking at this mess.

My computer is running hurky jerky...as I am typing this, I'm waiting for 10 seconds for it to catch up with me typing at a realatively slow pace.

I'm getting all sorts of script messages....I click on STOP SCRIPT, and it still runs in slow motion.

It's taking forever for my programs to load. My email service is incredibly slow. I click on an email, and it may or may not open.

Trying to get an internet site to open is a joke. Sometimes it will open, most often my computer just freezes.

My anti-virus software says I'm up to date and all is good. ??? Wassup with that? This is a MESS!

Please help!!


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, x64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3036 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1294 Mb
Hard Drives: C: Total - 223377 MB, Free - 83001 MB;
Motherboard: Dell Inc., 0JJW8N
Antivirus: avast! Antivirus, Updated and Enabled


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2014 02
Ran by Deni (administrator) on NEWFAMCOMP on 14-08-2014 13:55:47
Running from C:\Users\Deni\Desktop
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\wkcalrem.exe
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
(Dropbox, Inc.) C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Digital Image 2006\pi.exe
(Microsoft Corporation) C:\Program Files\Microsoft Home Publishing 2000\HPUB.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Farbar) C:\Users\Deni\Desktop\FRST(2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056 2013-02-16] (Siber Systems)
HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Windows\Installer\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}\A12970B7.exe ()
Startup: C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\50f30f2v.default-1400260260566
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-18]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-02-16]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=AV01
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=AV01"
CHR StartupUrls: "hxxp://www.msn.com/?pc=AV01"
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.140.8) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U14) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (BlackBerry AppWorld) - C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-28]
CHR Extension: (Poppit) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-28]
CHR Extension: (Google Wallet) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-13] (AVAST Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2012-11-05] (Livescribe) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-05-16] (WDC) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-13] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-13] ()
S3 JRAID; C:\Windows\system32\DRIVERS\jraid.sys [89048 2009-05-21] (JMicron Technology Corp.)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2012-11-05] (Windows (R) Win 7 DDK provider) [File not signed]
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
S3 Wdm1; C:\Windows\System32\Drivers\usbbc.sys [15576 2003-07-01] ()
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 13:55 - 2014-08-14 13:57 - 00018647 _____ () C:\Users\Deni\Desktop\FRST.txt
2014-08-14 13:54 - 2014-08-14 13:54 - 00001429 _____ () C:\Users\Deni\Desktop\FRST(2) - Shortcut.lnk
2014-08-14 13:53 - 2014-08-14 13:53 - 01092096 _____ (Farbar) C:\Users\Deni\Desktop\FRST(2).exe
2014-08-13 13:47 - 2014-08-13 13:47 - 00001253 _____ () C:\Users\Deni\Desktop\HP Solution Center.lnk
2014-08-13 13:39 - 2014-08-13 13:39 - 00000000 ____D () C:\Windows\LastGood
2014-08-13 13:37 - 2014-08-13 13:37 - 00002087 _____ () C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2014-08-13 13:37 - 2014-08-13 13:37 - 00001028 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001241 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001235 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001081 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-08-13 13:07 - 2014-08-13 13:14 - 327118416 _____ () C:\Users\Deni\Downloads\PS_AIO_02_Net_Full_Win_WW_130_140(3).exe
2014-08-11 09:35 - 2014-08-11 09:35 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\gnupg
2014-08-11 09:35 - 2014-08-11 02:41 - 00000000 __SHD () C:\Jumpshot
2014-08-11 09:22 - 2014-08-11 11:26 - 00000000 ____D () C:\Windows\jumpshot.com
2014-08-11 09:22 - 2014-08-11 09:22 - 14482352 _____ (AVAST Software) C:\Users\Deni\Downloads\grimefighter.exe
2014-08-03 20:39 - 2014-08-03 20:39 - 00222915 _____ () C:\Users\Deni\Documents\triad 2014.hmk
2014-07-25 13:09 - 2014-07-25 13:10 - 00042313 _____ () C:\Users\Deni\Downloads\Addition.txt
2014-07-25 13:08 - 2014-07-25 13:10 - 00031218 _____ () C:\Users\Deni\Downloads\FRST.txt
2014-07-25 13:07 - 2014-07-25 13:07 - 01084416 _____ (Farbar) C:\Users\Deni\Downloads\FRST(1).exe
2014-07-25 12:55 - 2014-07-25 12:55 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(2).exe
2014-07-25 12:46 - 2014-07-25 12:46 - 00348187 _____ () C:\Users\Deni\AppData\Local\census.cache
2014-07-25 12:46 - 2014-07-25 12:46 - 00159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:37 - 2014-07-25 12:37 - 00000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2014-07-25 12:35 - 2014-07-25 12:35 - 00509440 _____ (Tech Support Guy System) C:\Users\Deni\Downloads\SysInfo(3).exe
2014-07-25 12:23 - 2014-07-25 12:23 - 00000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2014-07-25 12:22 - 2014-07-25 12:22 - 02055784 _____ (Trend Micro Inc.) C:\Users\Deni\Downloads\HousecallLauncher.exe
2014-07-24 13:51 - 2014-07-24 13:52 - 00135071 _____ () C:\Users\Deni\Documents\qtr env NO add bday.hmk
2014-07-22 18:53 - 2014-07-22 18:53 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(1).exe
2014-07-22 18:50 - 2014-07-22 18:50 - 00000000 ____D () C:\Trend Micro
2014-07-22 18:47 - 2014-07-22 18:47 - 01402880 _____ () C:\Users\Deni\Downloads\HiJackThis.msi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 13:57 - 2014-08-14 13:55 - 00018647 _____ () C:\Users\Deni\Desktop\FRST.txt
2014-08-14 13:56 - 2014-05-12 01:56 - 00000000 ____D () C:\FRST
2014-08-14 13:54 - 2014-08-14 13:54 - 00001429 _____ () C:\Users\Deni\Desktop\FRST(2) - Shortcut.lnk
2014-08-14 13:53 - 2014-08-14 13:53 - 01092096 _____ (Farbar) C:\Users\Deni\Desktop\FRST(2).exe
2014-08-14 13:40 - 2013-03-07 13:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-14 13:39 - 2010-02-05 16:15 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 13:33 - 2009-07-13 21:55 - 01072655 _____ () C:\Windows\WindowsUpdate.log
2014-08-14 13:31 - 2009-11-18 18:43 - 00000000 ____D () C:\Users\Deni\Documents\RECIPES
2014-08-14 12:39 - 2010-02-05 16:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-13 15:28 - 2013-01-29 17:55 - 00000000 ____D () C:\Users\Deni\Documents\ICE IMPT INFO
2014-08-13 15:10 - 2006-05-24 23:05 - 02184704 ___SH () C:\Users\Deni\Documents\Thumbs.db
2014-08-13 13:47 - 2014-08-13 13:47 - 00001253 _____ () C:\Users\Deni\Desktop\HP Solution Center.lnk
2014-08-13 13:47 - 2009-11-18 18:40 - 00000000 ____D () C:\Users\Deni\Documents\My Scans
2014-08-13 13:44 - 2009-11-16 15:17 - 00162944 _____ () C:\Users\Deni\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 13:41 - 2013-04-02 22:15 - 00210562 _____ () C:\Windows\hpoins21.dat
2014-08-13 13:41 - 2009-11-18 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-13 13:41 - 2009-11-18 12:20 - 00063160 _____ () C:\ProgramData\hpzinstall.log
2014-08-13 13:41 - 2009-07-13 19:04 - 00000534 _____ () C:\Windows\win.ini
2014-08-13 13:39 - 2014-08-13 13:39 - 00000000 ____D () C:\Windows\LastGood
2014-08-13 13:39 - 2009-07-13 21:52 - 00000000 ____D () C:\Windows\twain_32
2014-08-13 13:37 - 2014-08-13 13:37 - 00002087 _____ () C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2014-08-13 13:37 - 2014-08-13 13:37 - 00001028 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-08-13 13:37 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:37 - 2009-07-13 21:34 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:36 - 2014-08-13 13:36 - 00001241 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001235 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00001081 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-08-13 13:36 - 2014-08-13 13:36 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-13 13:36 - 2009-11-18 12:29 - 00000000 ____D () C:\Program Files\HP
2014-08-13 13:36 - 2009-11-18 12:19 - 00000000 ____D () C:\ProgramData\HP
2014-08-13 13:34 - 2014-08-13 13:34 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-08-13 13:28 - 2014-05-11 15:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-13 13:28 - 2012-06-23 09:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-13 13:27 - 2013-04-09 13:35 - 00000000 ___RD () C:\Users\Deni\Dropbox
2014-08-13 13:27 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Dropbox
2014-08-13 13:26 - 2013-12-10 15:05 - 00010484 _____ () C:\Windows\setupact.log
2014-08-13 13:26 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-13 13:26 - 2009-07-13 21:33 - 00520928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 13:25 - 2009-10-29 18:33 - 01384718 _____ () C:\Windows\PFRO.log
2014-08-13 13:16 - 2009-11-19 22:54 - 00209898 ____N () C:\Windows\hpoins21.dat.temp
2014-08-13 13:14 - 2014-08-13 13:07 - 327118416 _____ () C:\Users\Deni\Downloads\PS_AIO_02_Net_Full_Win_WW_130_140(3).exe
2014-08-13 13:05 - 2010-07-21 13:45 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\HpUpdate
2014-08-13 12:35 - 2014-01-13 13:51 - 00001928 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-08-11 11:27 - 2011-01-13 11:02 - 00000000 ____D () C:\Users\Guest
2014-08-11 11:27 - 2009-11-16 14:25 - 00000000 ____D () C:\Users\Deni
2014-08-11 11:26 - 2014-08-11 09:22 - 00000000 ____D () C:\Windows\jumpshot.com
2014-08-11 09:41 - 2009-07-13 19:03 - 62652416 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-08-11 09:41 - 2009-07-13 19:03 - 15728640 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
2014-08-11 09:40 - 2009-11-16 14:25 - 07864320 ___SH () C:\Users\Deni\.ghost-ntfs-3g-00000000000000000009
2014-08-11 09:35 - 2014-08-11 09:35 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\gnupg
2014-08-11 09:22 - 2014-08-11 09:22 - 14482352 _____ (AVAST Software) C:\Users\Deni\Downloads\grimefighter.exe
2014-08-11 02:41 - 2014-08-11 09:35 - 00000000 __SHD () C:\Jumpshot
2014-08-03 20:48 - 2014-04-23 17:35 - 00000027 _____ () C:\Users\Deni\Documents\Hallmark Card Studio 2008.txt
2014-08-03 20:39 - 2014-08-03 20:39 - 00222915 _____ () C:\Users\Deni\Documents\triad 2014.hmk
2014-07-25 13:22 - 2009-11-18 19:21 - 00000000 ____D () C:\Program Files\Google
2014-07-25 13:22 - 2009-11-18 19:05 - 00000000 ____D () C:\Users\Deni\AppData\Local\Google
2014-07-25 13:10 - 2014-07-25 13:09 - 00042313 _____ () C:\Users\Deni\Downloads\Addition.txt
2014-07-25 13:10 - 2014-07-25 13:08 - 00031218 _____ () C:\Users\Deni\Downloads\FRST.txt
2014-07-25 13:07 - 2014-07-25 13:07 - 01084416 _____ (Farbar) C:\Users\Deni\Downloads\FRST(1).exe
2014-07-25 13:04 - 2013-04-09 13:35 - 00001020 _____ () C:\Users\Deni\Desktop\Dropbox.lnk
2014-07-25 13:04 - 2013-04-09 13:34 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 13:00 - 2014-06-17 11:06 - 00000000 ____D () C:\AdwCleaner
2014-07-25 12:55 - 2014-07-25 12:55 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(2).exe
2014-07-25 12:46 - 2014-07-25 12:46 - 00348187 _____ () C:\Users\Deni\AppData\Local\census.cache
2014-07-25 12:46 - 2014-07-25 12:46 - 00159672 _____ () C:\Users\Deni\AppData\Local\ars.cache
2014-07-25 12:37 - 2014-07-25 12:37 - 00000010 _____ () C:\Users\Deni\AppData\Local\sponge.last.runtime.cache
2014-07-25 12:35 - 2014-07-25 12:35 - 00509440 _____ (Tech Support Guy System) C:\Users\Deni\Downloads\SysInfo(3).exe
2014-07-25 12:23 - 2014-07-25 12:23 - 00000036 _____ () C:\Users\Deni\AppData\Local\housecall.guid.cache
2014-07-25 12:22 - 2014-07-25 12:22 - 02055784 _____ (Trend Micro Inc.) C:\Users\Deni\Downloads\HousecallLauncher.exe
2014-07-24 13:52 - 2014-07-24 13:51 - 00135071 _____ () C:\Users\Deni\Documents\qtr env NO add bday.hmk
2014-07-24 13:48 - 2009-11-18 19:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 13:48 - 2009-11-18 19:04 - 00000000 ____D () C:\Users\Deni\AppData\Roaming\Malwarebytes
2014-07-22 18:53 - 2014-07-22 18:53 - 01354223 _____ () C:\Users\Deni\Downloads\AdwCleaner(1).exe
2014-07-22 18:50 - 2014-07-22 18:50 - 00000000 ____D () C:\Trend Micro
2014-07-22 18:47 - 2014-07-22 18:47 - 01402880 _____ () C:\Users\Deni\Downloads\HiJackThis.msi
2014-07-18 07:02 - 2010-09-27 12:04 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 13:55 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Deni\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgkzq8s.dll
C:\Users\Deni\AppData\Local\Temp\HPInstaller.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-13 20:47

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-08-2014 02
Ran by Deni at 2014-08-14 14:01:42
Running from C:\Users\Deni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Kindle For PC v1.1 (HKCU\...\Amazon Kindle For PC) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
avast! EasyPass (HKLM\...\AI RoboForm) (Version: 7-7-8-128 - AVAST Software)
avast! Internet Security (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Avery Template (HKLM\...\{A760067A-C07E-1033-0000-A764AC000010}) (Version: 2.0.0.0 - Avery)
BlackBerry Desktop Software 6.0.2 (HKLM\...\BlackBerry_Desktop) (Version: 6.0.2.42 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.0.2 (Version: 6.0.2.42 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C8100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C8100_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Click'N Design 3D (V5) (HKLM\...\Click'N Design 3D (V5)) (Version: v5.x.x - Stomp Inc.)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}) (Version: 1.1.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileOpen Client (HKLM\...\{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}) (Version: 3.0.16.879 - FileOpen Systems, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hallmark Card Studio 2008 Deluxe (HKLM\...\{747A6A10-DA58-48C2-A1F0-C15514419C8A}) (Version: 9.0.0.9 - Creative Home)
Hallmark Card Studio 2011 Deluxe (HKLM\...\{62687EAC-F27D-49AC-A0E2-3899B0459113}) (Version: 12.0.2.6 - Hallmark Software)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP RC Mirror Driver (Version: 2.0.0.0 - Hewlett-Packard) Hidden
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
IntelliMover (HKLM\...\{B6751A10-2389-4AEF-870A-4DD925F48733}) (Version: 3.63 - Detto Technologies)
iPod for Windows 2006-06-28 (Version: 4.7.0 - Apple Computer, Inc.) Hidden
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - )
Livescribe Helper (HKLM\...\Livescribe Helper 1.0.2) (Version: 1.0.2 - Livescribe Inc)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Digital Image Suite 2006 (HKLM\...\PictureItSuite_v11) (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Digital Image Suite 2006 Editor (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Digital Image Suite 2006 Library (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Greetings 2000 (HKLM\...\{5264E937-B015-11D2-8C0E-00C04FBBCFF9}) (Version: 4.0.0000 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{B6AC9178-8DE8-4654-97C8-7B71C7CBE683}) (Version: 3.50.242.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Picture It! 2000 (HKLM\...\{E78FC917-C21B-11D2-99FE-00105A98B681}) (Version: 4.0.0.0 - Microsoft)
Microsoft Search Enhancement Pack (HKLM\...\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}) (Version: 3.0.133.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OverDrive Media Console (HKLM\...\{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}) (Version: 3.2.5 - OverDrive, Inc.)
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PHOTOfunSTUDIO 5.0 (HKLM\...\{959282E3-55A9-49D8-B885-D27CF8A2FD82}) (Version: 5.00.209 - Panasonic Corporation)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
PictureProject In Touch Downloader 1.0 (HKLM\...\PictureProject In Touch Downloader) (Version: 1.0 - Fotonation Inc.)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
PS_AIO_02_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Roxio Creator DE 10.3 (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
vanBasco's Karaoke Player (HKLM\...\VMidi) (Version: - )
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WD Drive Manager (x86) (HKLM\...\{E934E2A2-BE3B-4C1A-A3D9-753FFB2B38B4}) (Version: 2.103 - Western Digital)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - WebEx Communications, Inc)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2470467007-3615624817-2011931734-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deni\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

16-05-2014 19:03:56 End of disinfection
14-06-2014 00:59:29 Windows Update
02-07-2014 21:53:34 Windows Update
13-07-2014 20:33:24 avast! antivirus system restore point
13-07-2014 20:35:46 Device Driver Package Install: Avast Network Service
23-07-2014 01:49:06 Installed HiJackThis
25-07-2014 20:20:56 Removed HiJackThis
25-07-2014 20:21:33 Removed Google Drive
25-07-2014 20:25:54 Installed HiJackThis
13-08-2014 20:04:25 Installed HP Update.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09CDC56C-157C-4D97-B694-C954514959BD} - System32\Tasks\{14B3793A-EB0B-422F-9A42-9840F1BD94A4} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {14EB18A4-C6D1-4E57-8086-943D4491AA10} - System32\Tasks\{B8026622-9AD3-4356-8649-B6B687800D4C} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {1A135B76-F544-477F-905E-E8E0903CDFED} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-13] (AVAST Software)
Task: {25047F3E-1D94-4C4B-9639-E0F1CE75905E} - System32\Tasks\{5EDCAD6D-F5A7-4BDD-BB73-50652E6D0048} => C:\Program Files\Creative Home\Hallmark Card Studio 2008 Deluxe\Hallmark Card Studio 2008.exe [2007-10-03] (Creative Home)
Task: {515DB207-623C-4113-BCD9-7CAD89430F3B} - System32\Tasks\{12C2787B-FF61-4A21-B1FB-12256565DB97} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {5C1C2EAC-91A1-4E3A-898D-3D455E8529A6} - System32\Tasks\{A4FC6B95-5BA4-46AA-834C-E96B9DD9D4BD} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {6E42190C-26A9-407B-9641-114B8F5FAE2E} - System32\Tasks\{E82068A0-FCC9-41A4-BD07-6E61187E06C8} => C:\Users\Deni\Desktop\vanBasco's Karaoke Player\vmidi.exe
Task: {7B2E5C77-7568-4BF2-8D53-55C324331B18} - System32\Tasks\{2329800E-0AD0-4363-9316-EE9B55B62659} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
Task: {7DD1BF38-B372-4F4D-BA7C-67B81F8BE552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05] (Google Inc.)
Task: {943DD186-E7C3-407F-AB57-AFE4169C1ADF} - System32\Tasks\{C85B9E07-8AA4-4E03-8465-4E7EA3A1FFC2} => C:\Program Files\vanBasco's Karaoke Player\vmidi.exe [2004-03-11] ()
Task: {A3E48FAA-E243-4D8D-B1A7-A7F71243A6C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05] (Google Inc.)
Task: {A4B7423F-40AC-4344-A0DA-50AE8A9AE8EB} - System32\Tasks\{161DDA94-2C3D-4DDC-BA23-B03CD141F01C} => C:\Program Files\vanBasco's Karaoke Player\vmidi.exe [2004-03-11] ()
Task: {AD59AF74-8CB1-4C46-8AC3-88FA20F20A86} - \Run RoboForm TaskBar Icon No Task File <==== ATTENTION
Task: {C23D22D1-CED1-40FB-9A75-37C886B6F8B8} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {C77D8EC2-3DF7-4E15-8A7A-D6EA547C6F85} - System32\Tasks\{BF77CC00-8B94-40BD-9C4C-FE8F78DC379A} => C:\Users\Deni\Desktop\vanBasco's Karaoke Player\vmidi.exe
Task: {E5511BA7-A903-43F2-BEDC-881905872DCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E92A3065-6C71-42FE-A543-591E058F4B66} - System32\Tasks\{E4304D56-C64D-4DC0-AA38-55849AE050EE} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {FEE56706-F5E7-491D-A629-3F3F85D78F4B} - System32\Tasks\{67DC3A3E-113B-4C67-8274-E7FAAB80CC76} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-13 13:35 - 2014-07-13 13:35 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-13 11:27 - 2014-08-13 11:27 - 02797056 _____ () C:\Program Files\AVAST Software\Avast\defs\14081301\algo.dll
2014-08-14 11:19 - 2014-08-14 11:19 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081401\algo.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-05 16:35 - 2012-11-05 16:35 - 00276992 ____N () C:\Program Files\Common Files\Livescribe\PenComm\PenCommSdk.dll
2014-07-13 13:35 - 2014-07-13 13:35 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-13 13:27 - 2014-08-13 13:27 - 00043008 _____ () c:\users\deni\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgkzq8s.dll
2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\Deni\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-09 17:12 - 2014-03-09 17:12 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc 7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-06-30 13:25 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-27 13:51 - 2012-07-27 13:51 - 06549432 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\authplay.dll
2013-05-10 00:57 - 2013-05-10 00:57 - 00305728 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
2014-05-11 15:57 - 2014-08-13 13:28 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-07-09 09:40 - 2014-07-09 09:40 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Deni\Documents\FwBlondeBreakdown.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\FWRulestoLiveByFw.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\Hi + resume.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\HMO.eml:OECustomProperty
AlternateDataStreams: C:\Users\Deni\Documents\MarriageOne-liners.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-2470467007-3615624817-2011931734-1000\Software\Classes\.exe: => <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder 2008.lnk => C:\Windows\pss\Event Planner Reminder 2008.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\Windows\pss\Event Planner Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupreg: AddressBookReminderApp => C:\Program Files\Creative Home\Hallmark Card Studio 2011 Deluxe\ReminderApp.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Faulty Device Manager Devices =============

Name: Photosmart C8100 series
Description: Photosmart C8100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2014 00:46:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8845

Error: (08/14/2014 00:46:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8845

Error: (08/14/2014 00:46:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/14/2014 00:46:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7831

Error: (08/14/2014 00:46:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7831

Error: (08/14/2014 00:46:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/14/2014 00:46:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6786

Error: (08/14/2014 00:46:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6786

Error: (08/14/2014 00:46:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/14/2014 00:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5772


System errors:
=============
Error: (08/14/2014 10:28:19 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/14/2014 10:27:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (08/13/2014 01:39:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{10DA4F3C-CC99-4190-BE4D-58330754E882}{7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/13/2014 01:39:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{10DA4F3C-CC99-4190-BE4D-58330754E882}{7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/13/2014 01:39:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{10DA4F3C-CC99-4190-BE4D-58330754E882}{7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/13/2014 01:18:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (08/13/2014 01:18:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (08/13/2014 01:18:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (08/13/2014 01:04:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126

Error: (08/13/2014 00:36:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (12/17/2013 01:13:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 779 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/22/2013 09:39:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 64 seconds with 60 seconds of active time. This session ended with a crash.

Error: (04/18/2012 05:37:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1016 seconds with 600 seconds of active time. This session ended with a crash.

Error: (12/29/2011 05:54:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2555 seconds with 1920 seconds of active time. This session ended with a crash.

Error: (05/11/2011 03:20:21 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 321570 seconds with 720 seconds of active time. This session ended with a crash.

Error: (05/11/2011 03:20:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 135227 seconds with 1860 seconds of active time. This session ended with a crash.

Error: (09/16/2010 03:24:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1271506 seconds with 180 seconds of active time. This session ended with a crash.

Error: (12/21/2009 09:35:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2010-03-08 09:34:44.958
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-08 08:45:42.610
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-08 00:35:05.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-04 17:59:37.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-03 09:16:53.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-03 08:59:52.204
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-02 22:30:15.184
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-02 22:14:03.854
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-02 21:48:30.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-03-02 21:32:27.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_59\midas32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 48%
Total physical RAM: 3036.99 MB
Available physical RAM: 1549.2 MB
Total Pagefile: 6072.27 MB
Available Pagefile: 3838.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:81.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 71B1E4FB)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218 GB) - (Type=07 NTFS)

==================== End Of Log ============================

TDSS rootkit removing tool on next post:

Yahoo has hijacked my searches!!!!

0
0
Have a Lenovo Thinkpad, running Windows 7, Mozilla Firefox browser.

When I boot up my start page is still Firefox. When I type any search terms in the address box, instead of going to Google, it goes to Yahoo./

How do I get rid of Yahoo

Malware or windows problem?

0
0
Hi, there has been something seriously wrong with my laptop since yesterday, I suspected malware but I haven't been able to detect any.


Windows is extremely slow to do almost anything, and most programs will not run at all (often an error or exception occurs while loading). Also a message saying that my copy of Windows is not an official copy (or something to that effect) has appeared on the bottom right of the desktop a couple of times, though it isn't there right now.


Programs which run OK and at the correct speed (once loaded): Windows Explorer, Task Manager, Remote Desktop, Excel, FRST
Programs which run but are very slow/unstable: Opera, Advanced SystemCare, AdwCleaner
Programs which DO NOT run: Internet Explorer, Chrome, Firefox, Calibre, TSG SysInfo, MBAM installer


Attempts to fix so far:
Tried to boot in Safe Mode, but the problem is still present (with or without Networking enabled).
Scanned with Advanced SystemCare and Adware Cleaner but nothing detected.
Scanned disk boot sectors and hidden startup objects with Kaspersky Rescue Disk but nothing detected.


TSG SysInfo will not run, but here's the info about my PC that I could find:

OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit (Japanese)
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10 GHz
RAM: 4.00 GB
Hard Drives: C: Total - 398 GB, Free - 167 GB; D: Total - 49.9 GB, Free - 852 MB;


FRST will run if you need the output from that.


It could be malware, but I don't get why the problem is still present in Safe Mode. How can I go about trying to fix it?


Thanks in advance.

"CryptoWall" virus on desktop - please help!!!!

0
0
The instructions with the link for the download are in post 2 which you have already followed.

The log is clean when it shows nothing listed as Deleted, if in doubt post the log for me to check.

Removing iminet help

0
0
Hi folks

I've followed the insructions on the web to get rid of iminet.

removed from control panel, and manualy deleted all files containing iminet from regedit.

have also reset firefox

I am still getting iminet browser hijack when I open tabbs

About:config still shows

iminent.AppInstanceUid;562451C9-9EE0-4F7A-BDE2-6C7CCC9648D8
iminent.BagKey;exyHvxUP
iminent.CurrentLcid;1033

these are are in unblocked txt so unable to reset the values

anyides how i can get rid of this thing

p.s this is an xp laptop

thanks Mike

All exe files have dissapeared

0
0
Hi!

First, sorry for my english...

My problem is that all .exe files have dissapeaared from Desktop and Program files...so I can not run any program I have on pc. I check Progam files and all programs are there (still occupy disk space) but without any .exe files to run it.

What is the problem.

Thanks

Driver Support Programs impossible to Uninstall

0
0
Hello,

My computer is running so slowly. There are programs that are impossible to uninstall - like Driver Update - I've tried
yes" and "no" on the uninstall prompt - neither succeeds in removing the program - and frankly, probably others.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 4008 Mb
Graphics Card: AMD Radeon HD 7900 Series, -1024 Mb
Hard Drives: C: Total - 715301 MB, Free - 538550 MB;
Motherboard: MSI, H87M-G43 (MS-7823)
Antivirus: Microsoft Security Essentials, Updated and Enabled

I have included attachments of suggested scans.

Thanks very much for any help with this mess.

Skye

Attached Files
File Type: txt FRST.txt (64.7 KB)
File Type: txt Addition.txt (111.2 KB)

Am I Infected?

0
0
TSG SysInfo says Windows Defender is turned off but it seems to perform normally. Also noticed on the HJT Log that some files are missing. I would appreciate it very much if you could take a look at my computer.


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 8108 Mb
Graphics Card: Intel(R) HD Graphics 4600, -2016 Mb
Hard Drives: C: Total - 944976 MB, Free - 911852 MB;
Motherboard: Dell Inc., 088DT1
Antivirus: Windows Defender, Disabled


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:29:47 PM, on 8/15/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal
Running processes:
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\D\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ShopAtHomeWatcher] C:\Users\D\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.ex e
O4 - HKLM\..\Run: [ShopAtHomeUpdater] C:\Users\D\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.ex e
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wyse PocketCloud (WysePocketCloud) - Unknown owner - C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
O23 - Service: Wyse RemoteAccess (WyseRemoteAccess) - DELL Inc. - C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
--
End of file - 7845 bytes
Viewing all 4746 articles
Browse latest View live




Latest Images