PDA

View Full Version : Occasional freezes, possibly infected


Notawiz
2014-07-30, 21:48
My PC occasionally "freezes" for about 0.5-3 seconds at a time. During such a freeze, I can move the mouse and see the cursor moving, but if I mouse over a button, the button isn't highlighted. If I type, I'll only see the text I typed after the freeze ends. It happens often enough to be a nuisance, especially in games. I disabled as much bloat as possible, defragmented, scanned with MSE and spybot, and didn't manage to get rid of it. It wasn't happening when the PC was new, so I suspect a virus.

The log files are too large to post, so I attached a zip.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by ndjokic (administrator) on NDJOKIC-PC on 30-07-2014 19:12:15
Running from C:\Users\ndjokic\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-132009455-2026092721-3990303557-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-132009455-2026092721-3990303557-1000\...\MountPoints2: {6a70d0d2-ff26-11e1-b4b9-806e6f6e6963} - F:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-21-132009455-2026092721-3990303557-1000\...\MountPoints2: {daf1934d-3319-11e2-b636-930c393050a1} - H:\Setup.exe
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0623424AC3A4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871
FF Homepage: hxxp://www.google.co.uk/
FF NetworkProxy: "autoconfig_url", "http://r-1.ch/twitch.pac"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ndjokic\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ndjokic\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ndjokic\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ndjokic\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\ndjokic\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Users\ndjokic\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ndjokic\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: FoxyProxy Standard - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\foxyproxy@eric.h.jung [2014-02-04]
FF Extension: Classic Theme Restorer - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-02]
FF Extension: YouTube Center - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-09-15]
FF Extension: Adblock Plus - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-19]
FF Extension: Team Liquid Streams - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\{db09811d-efff-4339-a548-8550c7238a30}.xpi [2013-11-08]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S4 ImDskSvc; C:\Windows\system32\imdsksvc.exe [11264 2012-07-30] (Olof Lagerkvist) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-12-13] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-10] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
S4 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [18384 2012-02-16] (Olof Lagerkvist)
R2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [38416 2012-07-30] (Olof Lagerkvist)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [26712 2011-01-18] (JMicron Technology Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [105816 2012-09-13] (Oracle Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31384 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
S3 ALSysIO; \??\C:\Users\ndjokic\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 19:12 - 2014-07-30 19:13 - 00016948 _____ () C:\Users\ndjokic\Desktop\FRST.txt
2014-07-30 19:10 - 2014-07-30 19:12 - 00000000 ____D () C:\FRST
2014-07-30 19:10 - 2014-07-30 19:10 - 02093568 _____ (Farbar) C:\Users\ndjokic\Desktop\FRST64.exe
2014-07-30 19:09 - 2014-07-30 19:09 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NDJOKIC-PC-Microsoft-Windows-7-Professional-(64-bit).dat
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\RegBackup
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Registry Backup
2014-07-29 22:10 - 2014-07-29 22:10 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\LOVE
2014-07-29 22:02 - 2014-07-29 22:02 - 00000000 ____D () C:\Users\ndjokic\Desktop\mari0
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\movies
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\food
2014-07-27 11:54 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-27 11:54 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-27 11:54 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-27 11:54 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-27 11:54 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-27 11:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-27 11:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-27 11:54 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-27 11:54 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-27 11:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-27 11:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-27 11:54 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-27 11:54 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-27 11:53 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-27 11:53 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-27 11:53 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-27 11:53 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-27 11:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-27 11:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-27 11:53 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-27 11:53 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-27 11:53 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-27 11:53 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-27 11:53 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-27 11:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-27 11:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-27 11:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-27 11:53 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-27 11:52 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-27 11:52 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 11:52 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-27 11:52 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-27 11:52 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-27 11:52 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-27 11:52 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-27 11:52 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-27 11:52 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-27 11:52 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-27 11:52 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-27 11:52 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-27 11:52 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-27 11:52 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-27 11:52 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-27 11:52 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-27 11:52 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-27 11:52 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-27 11:52 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-27 11:52 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 11:52 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 11:52 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-27 11:52 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-27 11:52 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-27 11:52 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-27 11:52 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-27 11:52 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-27 11:52 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-27 11:52 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 11:52 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 11:52 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-27 11:52 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-27 11:52 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 11:52 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-27 11:52 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-27 11:52 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-27 11:52 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-27 11:52 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 11:52 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 11:52 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 11:52 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 11:52 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-27 11:52 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 11:52 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-27 11:52 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 11:52 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-27 11:52 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-27 11:52 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 11:52 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 11:52 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 11:52 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-27 11:52 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-27 11:52 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-27 11:52 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-27 11:52 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-27 11:52 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 11:52 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-27 11:52 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-27 11:52 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-27 11:52 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-27 11:52 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-27 11:52 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-27 11:52 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-27 11:52 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-27 11:52 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-27 11:52 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-27 11:52 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-27 11:52 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-27 11:52 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-27 08:31 - 2014-07-27 08:46 - 00000169 _____ () C:\Users\ndjokic\Desktop\useless.txt
2014-07-26 07:28 - 2014-07-30 17:57 - 00000467 _____ () C:\Users\ndjokic\Desktop\db.txt
2014-07-25 07:27 - 2014-07-25 07:27 - 00002376 _____ () C:\Users\ndjokic\Documents\MumbleAutomaticCertificateBackup.p12
2014-07-25 07:22 - 2014-07-25 07:57 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Mumble
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-07-24 22:20 - 2014-07-24 23:01 - 00000007 _____ () C:\Users\ndjokic\Desktop\New Text Document.txt
2014-07-24 15:05 - 2014-07-24 15:08 - 00000073 _____ () C:\Users\ndjokic\Desktop\acm reimb.txt
2014-07-23 15:36 - 2014-07-23 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 19:00 - 2014-07-27 13:53 - 00000000 ____D () C:\Users\ndjokic\Desktop\bill
2014-07-22 12:12 - 2014-07-30 06:09 - 00000840 _____ () C:\Windows\setupact.log
2014-07-20 18:06 - 2014-07-20 18:06 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 18:00 - 2014-07-20 18:00 - 00056100 _____ () C:\Windows\SysWOW64\CCCInstall_201407201800525336.log
2014-07-20 18:00 - 2014-07-20 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Program Files\AMD
2014-07-20 17:52 - 2014-07-20 17:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 00:48 - 2014-07-20 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-07-19 22:22 - 2014-07-19 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-18 01:09 - 2014-07-18 01:21 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\Hero_Siege
2014-07-17 23:07 - 2014-07-17 23:38 - 00000065 _____ () C:\Users\ndjokic\Desktop\hercules pw.txt
2014-07-14 19:26 - 2014-07-14 19:31 - 00000000 ____D () C:\Users\ndjokic\Desktop\hair progress
2014-07-12 00:24 - 2014-07-20 17:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\XGen Studios, Inc
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\XGen Studios, Inc
2014-07-11 22:46 - 2014-07-18 00:13 - 00000657 _____ () C:\Users\ndjokic\Desktop\local contest tasks.txt
2014-07-03 21:29 - 2014-07-18 01:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-03 21:29 - 2014-07-03 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-03 00:10 - 2014-07-03 00:10 - 00000000 ____D () C:\ProgramData\WaLMaRT
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trendy Entertainment
2014-07-02 14:20 - 2014-07-02 14:20 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 19:13 - 2014-07-30 19:12 - 00016948 _____ () C:\Users\ndjokic\Desktop\FRST.txt
2014-07-30 19:12 - 2014-07-30 19:10 - 00000000 ____D () C:\FRST
2014-07-30 19:10 - 2014-07-30 19:10 - 02093568 _____ (Farbar) C:\Users\ndjokic\Desktop\FRST64.exe
2014-07-30 19:10 - 2013-02-02 21:17 - 00000000 ____D () C:\Users\ndjokic\Desktop\dls
2014-07-30 19:09 - 2014-07-30 19:09 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NDJOKIC-PC-Microsoft-Windows-7-Professional-(64-bit).dat
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\RegBackup
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Registry Backup
2014-07-30 18:56 - 2014-01-27 21:49 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 18:26 - 2014-06-29 22:21 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000UA.job
2014-07-30 17:57 - 2014-07-26 07:28 - 00000467 _____ () C:\Users\ndjokic\Desktop\db.txt
2014-07-30 17:49 - 2013-12-19 10:13 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\Battle.net
2014-07-30 16:52 - 2012-09-15 13:19 - 02006456 _____ () C:\Windows\WindowsUpdate.log
2014-07-30 09:33 - 2014-01-27 21:49 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-30 09:30 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-30 09:30 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-30 09:25 - 2013-08-30 23:00 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-30 09:25 - 2013-08-30 23:00 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-30 09:24 - 2012-12-31 19:09 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\TSVNCache
2014-07-30 06:09 - 2014-07-22 12:12 - 00000840 _____ () C:\Windows\setupact.log
2014-07-30 06:09 - 2012-10-11 14:18 - 00000000 ____D () C:\ProgramData\VMware
2014-07-30 06:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 22:30 - 2014-06-29 22:21 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000Core.job
2014-07-29 22:10 - 2014-07-29 22:10 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\LOVE
2014-07-29 22:02 - 2014-07-29 22:02 - 00000000 ____D () C:\Users\ndjokic\Desktop\mari0
2014-07-28 20:54 - 2012-09-18 08:37 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Skype
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\movies
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\food
2014-07-28 18:52 - 2014-06-18 20:37 - 00000134 _____ () C:\Users\ndjokic\Desktop\spb stuff.txt
2014-07-28 18:52 - 2014-02-17 15:18 - 00000000 ____D () C:\Users\ndjokic\Desktop\stuff
2014-07-28 18:52 - 2013-12-13 18:48 - 00000000 ____D () C:\Users\ndjokic\Desktop\games
2014-07-27 13:53 - 2014-07-22 19:00 - 00000000 ____D () C:\Users\ndjokic\Desktop\bill
2014-07-27 13:21 - 2012-10-11 21:28 - 00000000 ____D () C:\Users\ndjokic\.VirtualBox
2014-07-27 12:13 - 2013-09-28 18:09 - 00000000 ____D () C:\Windows\pss
2014-07-27 12:13 - 2012-12-02 18:20 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\LogMeIn Hamachi
2014-07-27 12:06 - 2009-07-14 06:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-27 12:04 - 2014-05-06 06:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-27 12:04 - 2009-07-14 09:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-27 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-27 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-27 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-27 12:01 - 2013-07-22 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-27 11:28 - 2014-04-23 06:45 - 00003240 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-27 11:27 - 2014-04-23 06:45 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-27 08:46 - 2014-07-27 08:31 - 00000169 _____ () C:\Users\ndjokic\Desktop\useless.txt
2014-07-26 16:02 - 2014-02-22 21:52 - 00000691 _____ () C:\Users\ndjokic\Desktop\6sm skipped.txt
2014-07-25 23:04 - 2013-11-06 21:10 - 00001162 _____ () C:\Users\ndjokic\Desktop\blu.txt
2014-07-25 07:57 - 2014-07-25 07:22 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Mumble
2014-07-25 07:27 - 2014-07-25 07:27 - 00002376 _____ () C:\Users\ndjokic\Documents\MumbleAutomaticCertificateBackup.p12
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-07-25 00:17 - 2013-12-19 10:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-24 23:01 - 2014-07-24 22:20 - 00000007 _____ () C:\Users\ndjokic\Desktop\New Text Document.txt
2014-07-24 15:08 - 2014-07-24 15:05 - 00000073 _____ () C:\Users\ndjokic\Desktop\acm reimb.txt
2014-07-24 03:38 - 2012-09-15 13:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 15:37 - 2014-07-23 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 23:27 - 2013-10-04 22:23 - 00002108 _____ () C:\Users\ndjokic\Desktop\iou.txt
2014-07-21 21:54 - 2013-02-01 13:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-20 22:40 - 2013-07-11 18:26 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\vlc
2014-07-20 20:41 - 2012-09-18 10:23 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\uTorrent
2014-07-20 19:37 - 2012-09-22 19:40 - 00000000 ____D () C:\movies
2014-07-20 18:06 - 2014-07-20 18:06 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 18:00 - 2014-07-20 18:00 - 00056100 _____ () C:\Windows\SysWOW64\CCCInstall_201407201800525336.log
2014-07-20 18:00 - 2014-07-20 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 18:00 - 2013-12-22 14:40 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Program Files\AMD
2014-07-20 17:52 - 2014-07-20 17:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 17:52 - 2014-07-12 00:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 17:44 - 2013-12-22 14:24 - 00000000 ____D () C:\AMD
2014-07-20 00:48 - 2014-07-20 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-07-20 00:41 - 2012-09-15 16:09 - 00000000 ____D () C:\games
2014-07-19 22:22 - 2014-07-19 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-18 01:21 - 2014-07-18 01:09 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\Hero_Siege
2014-07-18 01:08 - 2014-07-03 21:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 00:13 - 2014-07-11 22:46 - 00000657 _____ () C:\Users\ndjokic\Desktop\local contest tasks.txt
2014-07-17 23:38 - 2014-07-17 23:07 - 00000065 _____ () C:\Users\ndjokic\Desktop\hercules pw.txt
2014-07-17 22:32 - 2012-11-20 23:07 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-16 16:01 - 2009-07-14 07:13 - 00786766 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-14 19:31 - 2014-07-14 19:26 - 00000000 ____D () C:\Users\ndjokic\Desktop\hair progress
2014-07-13 13:58 - 2014-05-15 02:45 - 00000225 _____ () C:\Users\ndjokic\Desktop\topc.txt
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\XGen Studios, Inc
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\XGen Studios, Inc
2014-07-06 03:18 - 2013-06-18 14:40 - 00000688 _____ () C:\Users\ndjokic\contestapplet.conf
2014-07-06 03:14 - 2013-06-18 14:40 - 00000688 _____ () C:\Users\ndjokic\contestapplet.conf.bak
2014-07-03 21:29 - 2014-07-03 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-03 00:10 - 2014-07-03 00:10 - 00000000 ____D () C:\ProgramData\WaLMaRT
2014-07-02 23:20 - 2013-09-06 20:32 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\TS3Client
2014-07-02 22:40 - 2012-12-13 23:02 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\SKIDROW
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trendy Entertainment
2014-07-02 14:20 - 2014-07-02 14:20 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-07-02 14:20 - 2014-02-09 20:57 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-30 12:18 - 2014-05-12 21:58 - 00000046 _____ () C:\Users\ndjokic\jagex_cl_runescape_LIVE.dat
2014-06-30 12:18 - 2014-05-12 21:58 - 00000024 _____ () C:\Users\ndjokic\random.dat
2014-06-30 04:09 - 2014-07-27 11:54 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-27 11:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\ndjokic\jagex_cl_oldschool_LIVE.dat
C:\Users\ndjokic\jagex_cl_runescape_LIVE.dat
C:\Users\ndjokic\random.dat


Some content of TEMP:
====================
C:\Users\ndjokic\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\ndjokic\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\ndjokic\AppData\Local\Temp\jna5155314657774875577.dll
C:\Users\ndjokic\AppData\Local\Temp\lowproc.exe
C:\Users\ndjokic\AppData\Local\Temp\SIInvoker.exe
C:\Users\ndjokic\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ndjokic\AppData\Local\Temp\SRLDetectionLibrary5122638381083391501.dll
C:\Users\ndjokic\AppData\Local\Temp\SRLDetectionLibrary6002148792366687404.dll
C:\Users\ndjokic\AppData\Local\Temp\stubhelper.dll
C:\Users\ndjokic\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\ndjokic\AppData\Local\Temp\Uninstall.exe
C:\Users\ndjokic\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\ndjokic\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 19:34

==================== End Of Log ============================

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-30 19:28:26
-----------------------------
19:28:26.517 OS Version: Windows x64 6.1.7601 Service Pack 1
19:28:26.517 Number of processors: 4 586 0x2A07
19:28:26.517 ComputerName: NDJOKIC-PC UserName: ndjokic
19:28:28.005 Initialize success
19:28:28.050 VM: initialized successfully
19:28:28.073 VM: Intel CPU BiosDisabled
19:28:37.973 VM: supported disk I/O iaStor.sys
19:32:33.425 AVAST engine defs: 14073001
19:33:42.590 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:33:42.590 Disk 0 Vendor: TOSHIBA_ MH00 Size: 476940MB BusType: 3
19:33:44.135 Disk 0 MBR read successfully
19:33:44.135 Disk 0 MBR scan
19:33:44.135 Disk 0 Windows 7 default MBR code
19:33:44.135 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
19:33:44.135 Disk 0 default boot code
19:33:44.150 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 455269 MB offset 616448
19:33:44.197 Disk 0 Partition 3 00 07 HPFS/NTFS 16247 MB offset 933007360
19:33:44.197 Disk 0 Partition 4 00 0C FAT32 LBA 5115 MB offset 966281216
19:33:44.275 Disk 0 scanning C:\Windows\system32\drivers
19:34:03.985 Service scanning
19:34:47.861 Modules scanning
19:34:47.861 Disk 0 trace - called modules:
19:34:49.609 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
19:34:49.610 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800971a060]
19:34:49.610 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800956e870]
19:34:49.610 5 hpdskflt.sys[fffff88001861361] -> nt!IofCallDriver -> [0xfffffa8007bb5e40]
19:34:49.610 7 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007bbe050]
19:34:51.098 AVAST engine scan C:\Windows
19:34:54.612 AVAST engine scan C:\Windows\system32
19:39:06.443 AVAST engine scan C:\Windows\system32\drivers
19:39:29.664 AVAST engine scan C:\Users\ndjokic
19:57:48.401 AVAST engine scan C:\ProgramData
20:14:25.729 Scan finished successfully
20:21:50.361 Disk 0 MBR has been saved successfully to "C:\Users\ndjokic\Desktop\july 2014 virus\MBR.dat"
20:21:50.384 The log file has been saved successfully to "C:\Users\ndjokic\Desktop\july 2014 virus\aswMBR.txt"
ken545
2014-07-31, 13:59
:snwelcome:

Not looking at anything earth shattering in your logs, what we can do is run a few scans to clean up your system and if no malware is found than I can link you to a good windows forum for help . I wanted to add that i see markers in your log for uTorrent, using any form of File Sharing is dangerous, the program itself is safe but your downloading that file from an unknown source and not all but a large percentage of those files can be infected, its like playing Russian Roulette malwarewise. Also it looks like you have a ton a games installed, these sometimes cause issues.


Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean







=============================================================




Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"


http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)


On the Dashboard click on Update Now
Go to the Setting Tab
Under Setting go to Detection and Protection
Under PUP and PUM make sure both are set to show Treat Detections as Malware
Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
Then on the Dashboard click on Scan
Make sure to select THREAT SCAN
Then click on Scan
When the scan is finished and the log pops up...select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes
Notawiz
2014-07-31, 14:24
Thanks. TFC removed about 2GB total.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 31/07/2014
Scan Time: 13:14:35
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.31.04
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ndjokic

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291297
Time Elapsed: 8 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [35db9610403b1a1ccfbdb43ec33f48b8],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
ken545
2014-07-31, 14:30
This is a good read about P2P (File Sharing)

http://www.zonealarm.com/blog/2014/06/what-you-need-to-know-about-peer-to-peer-file-sharing/



-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner (http://www.bleepingcomputer.com/download/adwcleaner/)
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.


Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



===============================================================================


http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.





Then when your done run a new scan with FRST and post the logs please, besure to check Additions
Notawiz
2014-07-31, 15:25
The file is called C:\AdwCleaner\AdwCleaner[S0].txt for me, not C:\AdwCleaner[S1].txt.

# AdwCleaner v3.302 - Report created 31/07/2014 at 13:51:09
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : ndjokic - NDJOKIC-PC
# Running from : C:\Users\ndjokic\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\prefs.js ]


*************************

AdwCleaner[R0].txt - [1120 octets] - [31/07/2014 13:50:14]
AdwCleaner[S0].txt - [1052 octets] - [31/07/2014 13:51:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1112 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by ndjokic on 31/07/2014 at 13:58:16.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\ndjokic\AppData\Roaming\mozilla\firefox\profiles\arbmcia9.default-1362714903871\minidumps [772 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/07/2014 at 14:02:10.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by ndjokic (administrator) on NDJOKIC-PC on 31-07-2014 14:12:09
Running from C:\Users\ndjokic\Desktop\july 2014 virus
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-132009455-2026092721-3990303557-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-132009455-2026092721-3990303557-1000\...\MountPoints2: {6a70d0d2-ff26-11e1-b4b9-806e6f6e6963} - F:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-21-132009455-2026092721-3990303557-1000\...\MountPoints2: {daf1934d-3319-11e2-b636-930c393050a1} - H:\Setup.exe
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0623424AC3A4CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871
FF Homepage: hxxp://www.google.co.uk/
FF NetworkProxy: "autoconfig_url", "http://r-1.ch/twitch.pac"
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ndjokic\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ndjokic\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ndjokic\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ndjokic\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\ndjokic\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Users\ndjokic\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ndjokic\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: FoxyProxy Standard - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\foxyproxy@eric.h.jung [2014-02-04]
FF Extension: Classic Theme Restorer - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-02]
FF Extension: YouTube Center - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-09-15]
FF Extension: Adblock Plus - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-19]
FF Extension: Team Liquid Streams - C:\Users\ndjokic\AppData\Roaming\Mozilla\Firefox\Profiles\arbmcia9.default-1362714903871\Extensions\{db09811d-efff-4339-a548-8550c7238a30}.xpi [2013-11-08]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S4 ImDskSvc; C:\Windows\system32\imdsksvc.exe [11264 2012-07-30] (Olof Lagerkvist) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-12-13] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-10] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
S4 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [18384 2012-02-16] (Olof Lagerkvist)
R2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [38416 2012-07-30] (Olof Lagerkvist)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [26712 2011-01-18] (JMicron Technology Corp.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [105816 2012-09-13] (Oracle Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31384 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
S3 ALSysIO; \??\C:\Users\ndjokic\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 14:02 - 2014-07-31 14:02 - 00000846 _____ () C:\Users\ndjokic\Desktop\JRT.txt
2014-07-31 13:58 - 2014-07-31 13:58 - 00000000 ____D () C:\Windows\ERUNT
2014-07-31 13:55 - 2014-07-31 13:55 - 01016261 _____ (Thisisu) C:\Users\ndjokic\Desktop\JRT.exe
2014-07-31 13:50 - 2014-07-31 13:51 - 00000000 ____D () C:\AdwCleaner
2014-07-31 13:49 - 2014-07-31 13:49 - 01361309 _____ () C:\Users\ndjokic\Desktop\AdwCleaner.exe
2014-07-31 13:12 - 2014-07-31 13:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-31 13:11 - 2014-07-31 13:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-31 13:11 - 2014-07-31 13:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-31 13:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-31 13:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-31 13:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-31 13:02 - 2014-07-31 13:02 - 00448512 _____ (OldTimer Tools) C:\Users\ndjokic\Desktop\TFC.exe
2014-07-30 19:27 - 2014-07-31 14:12 - 00000000 ____D () C:\Users\ndjokic\Desktop\july 2014 virus
2014-07-30 19:10 - 2014-07-31 14:12 - 00000000 ____D () C:\FRST
2014-07-30 19:09 - 2014-07-30 19:09 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NDJOKIC-PC-Microsoft-Windows-7-Professional-(64-bit).dat
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\RegBackup
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Registry Backup
2014-07-29 22:10 - 2014-07-29 22:10 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\LOVE
2014-07-29 22:02 - 2014-07-29 22:02 - 00000000 ____D () C:\Users\ndjokic\Desktop\mari0
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\movies
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\food
2014-07-27 11:54 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-27 11:54 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-27 11:54 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-27 11:54 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-27 11:54 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-27 11:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-27 11:54 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-27 11:54 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-27 11:54 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-27 11:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-27 11:54 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-27 11:54 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-27 11:54 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-27 11:53 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-27 11:53 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-27 11:53 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-27 11:53 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-27 11:53 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-27 11:53 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-27 11:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-27 11:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-27 11:53 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-27 11:53 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-27 11:53 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-27 11:53 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-27 11:53 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-27 11:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-27 11:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-27 11:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-27 11:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-27 11:53 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-27 11:52 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-27 11:52 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 11:52 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-27 11:52 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-27 11:52 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-27 11:52 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-27 11:52 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-27 11:52 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-27 11:52 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-27 11:52 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-27 11:52 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-27 11:52 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-27 11:52 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-27 11:52 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-27 11:52 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-27 11:52 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-27 11:52 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-27 11:52 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-27 11:52 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-27 11:52 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 11:52 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-27 11:52 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-27 11:52 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-27 11:52 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-27 11:52 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-27 11:52 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-27 11:52 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-27 11:52 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-27 11:52 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-27 11:52 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-27 11:52 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-27 11:52 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-27 11:52 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-27 11:52 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-27 11:52 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-27 11:52 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-27 11:52 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-27 11:52 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-27 11:52 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-27 11:52 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-27 11:52 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-27 11:52 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-27 11:52 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-27 11:52 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-27 11:52 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-27 11:52 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-27 11:52 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-27 11:52 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-27 11:52 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-27 11:52 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-27 11:52 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-27 11:52 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-27 11:52 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-27 11:52 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-27 11:52 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-27 11:52 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-27 11:52 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-27 11:52 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-27 11:52 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-27 11:52 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-27 11:52 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-27 11:52 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-27 11:52 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-27 11:52 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-27 11:52 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-27 11:52 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-27 11:52 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-27 11:52 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-27 11:52 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-27 08:31 - 2014-07-27 08:46 - 00000169 _____ () C:\Users\ndjokic\Desktop\useless.txt
2014-07-26 07:28 - 2014-07-30 17:57 - 00000467 _____ () C:\Users\ndjokic\Desktop\db.txt
2014-07-25 07:27 - 2014-07-25 07:27 - 00002376 _____ () C:\Users\ndjokic\Documents\MumbleAutomaticCertificateBackup.p12
2014-07-25 07:22 - 2014-07-25 07:57 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Mumble
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-07-24 22:20 - 2014-07-24 23:01 - 00000007 _____ () C:\Users\ndjokic\Desktop\New Text Document.txt
2014-07-24 15:05 - 2014-07-24 15:08 - 00000073 _____ () C:\Users\ndjokic\Desktop\acm reimb.txt
2014-07-23 15:36 - 2014-07-23 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 19:00 - 2014-07-27 13:53 - 00000000 ____D () C:\Users\ndjokic\Desktop\bill
2014-07-22 12:12 - 2014-07-31 13:52 - 00001008 _____ () C:\Windows\setupact.log
2014-07-20 18:06 - 2014-07-20 18:06 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 18:00 - 2014-07-20 18:00 - 00056100 _____ () C:\Windows\SysWOW64\CCCInstall_201407201800525336.log
2014-07-20 18:00 - 2014-07-20 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Program Files\AMD
2014-07-20 17:52 - 2014-07-20 17:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 00:48 - 2014-07-20 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-07-19 22:22 - 2014-07-19 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-18 01:09 - 2014-07-18 01:21 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\Hero_Siege
2014-07-17 23:07 - 2014-07-17 23:38 - 00000065 _____ () C:\Users\ndjokic\Desktop\hercules pw.txt
2014-07-14 19:26 - 2014-07-14 19:31 - 00000000 ____D () C:\Users\ndjokic\Desktop\hair progress
2014-07-12 00:24 - 2014-07-20 17:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\XGen Studios, Inc
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\XGen Studios, Inc
2014-07-11 22:46 - 2014-07-18 00:13 - 00000657 _____ () C:\Users\ndjokic\Desktop\local contest tasks.txt
2014-07-03 21:29 - 2014-07-18 01:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-03 21:29 - 2014-07-03 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-03 00:10 - 2014-07-03 00:10 - 00000000 ____D () C:\ProgramData\WaLMaRT
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trendy Entertainment
2014-07-02 14:20 - 2014-07-02 14:20 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 14:12 - 2014-07-30 19:27 - 00000000 ____D () C:\Users\ndjokic\Desktop\july 2014 virus
2014-07-31 14:12 - 2014-07-30 19:10 - 00000000 ____D () C:\FRST
2014-07-31 14:02 - 2014-07-31 14:02 - 00000846 _____ () C:\Users\ndjokic\Desktop\JRT.txt
2014-07-31 13:59 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 13:59 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 13:58 - 2014-07-31 13:58 - 00000000 ____D () C:\Windows\ERUNT
2014-07-31 13:57 - 2014-01-27 21:49 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-31 13:57 - 2013-11-06 21:10 - 00001189 _____ () C:\Users\ndjokic\Desktop\blu.txt
2014-07-31 13:56 - 2013-02-02 21:17 - 00000000 ____D () C:\Users\ndjokic\Desktop\dls
2014-07-31 13:56 - 2012-09-15 13:19 - 02058417 _____ () C:\Windows\WindowsUpdate.log
2014-07-31 13:55 - 2014-07-31 13:55 - 01016261 _____ (Thisisu) C:\Users\ndjokic\Desktop\JRT.exe
2014-07-31 13:54 - 2014-07-31 13:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-31 13:54 - 2013-08-30 23:00 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-31 13:54 - 2013-08-30 23:00 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-31 13:53 - 2014-01-27 21:49 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 13:52 - 2014-07-22 12:12 - 00001008 _____ () C:\Windows\setupact.log
2014-07-31 13:52 - 2012-10-11 14:18 - 00000000 ____D () C:\ProgramData\VMware
2014-07-31 13:52 - 2012-09-15 13:09 - 00162976 _____ () C:\Windows\PFRO.log
2014-07-31 13:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-31 13:51 - 2014-07-31 13:50 - 00000000 ____D () C:\AdwCleaner
2014-07-31 13:49 - 2014-07-31 13:49 - 01361309 _____ () C:\Users\ndjokic\Desktop\AdwCleaner.exe
2014-07-31 13:43 - 2013-12-19 10:13 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\Battle.net
2014-07-31 13:26 - 2014-06-29 22:21 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000UA.job
2014-07-31 13:11 - 2014-07-31 13:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-31 13:11 - 2014-07-31 13:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-31 13:03 - 2012-09-18 08:37 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Skype
2014-07-31 13:02 - 2014-07-31 13:02 - 00448512 _____ (OldTimer Tools) C:\Users\ndjokic\Desktop\TFC.exe
2014-07-31 08:01 - 2014-04-23 06:45 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-31 08:01 - 2014-04-23 06:45 - 00003240 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-132009455-2026092721-3990303557-1000
2014-07-31 08:01 - 2012-12-31 19:09 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\TSVNCache
2014-07-30 22:39 - 2014-06-29 22:21 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000Core.job
2014-07-30 20:12 - 2014-04-17 03:31 - 00000428 _____ () C:\Users\ndjokic\Desktop\gns.txt
2014-07-30 19:09 - 2014-07-30 19:09 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NDJOKIC-PC-Microsoft-Windows-7-Professional-(64-bit).dat
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\RegBackup
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-30 19:07 - 2014-07-30 19:07 - 00000000 ____D () C:\Program Files (x86)\Registry Backup
2014-07-30 17:57 - 2014-07-26 07:28 - 00000467 _____ () C:\Users\ndjokic\Desktop\db.txt
2014-07-29 22:10 - 2014-07-29 22:10 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\LOVE
2014-07-29 22:02 - 2014-07-29 22:02 - 00000000 ____D () C:\Users\ndjokic\Desktop\mari0
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\movies
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Users\ndjokic\Desktop\food
2014-07-28 18:52 - 2014-06-18 20:37 - 00000134 _____ () C:\Users\ndjokic\Desktop\spb stuff.txt
2014-07-28 18:52 - 2014-02-17 15:18 - 00000000 ____D () C:\Users\ndjokic\Desktop\stuff
2014-07-28 18:52 - 2013-12-13 18:48 - 00000000 ____D () C:\Users\ndjokic\Desktop\games
2014-07-27 13:53 - 2014-07-22 19:00 - 00000000 ____D () C:\Users\ndjokic\Desktop\bill
2014-07-27 13:21 - 2012-10-11 21:28 - 00000000 ____D () C:\Users\ndjokic\.VirtualBox
2014-07-27 12:13 - 2013-09-28 18:09 - 00000000 ____D () C:\Windows\pss
2014-07-27 12:13 - 2012-12-02 18:20 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\LogMeIn Hamachi
2014-07-27 12:06 - 2009-07-14 06:45 - 00268856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-27 12:04 - 2014-05-06 06:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-27 12:04 - 2009-07-14 09:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-27 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-27 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-27 12:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-27 12:01 - 2013-07-22 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-27 08:46 - 2014-07-27 08:31 - 00000169 _____ () C:\Users\ndjokic\Desktop\useless.txt
2014-07-26 16:02 - 2014-02-22 21:52 - 00000691 _____ () C:\Users\ndjokic\Desktop\6sm skipped.txt
2014-07-25 07:57 - 2014-07-25 07:22 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Mumble
2014-07-25 07:27 - 2014-07-25 07:27 - 00002376 _____ () C:\Users\ndjokic\Documents\MumbleAutomaticCertificateBackup.p12
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-07-25 03:30 - 2014-07-25 03:30 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-07-25 00:17 - 2013-12-19 10:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-24 23:01 - 2014-07-24 22:20 - 00000007 _____ () C:\Users\ndjokic\Desktop\New Text Document.txt
2014-07-24 15:08 - 2014-07-24 15:05 - 00000073 _____ () C:\Users\ndjokic\Desktop\acm reimb.txt
2014-07-24 03:38 - 2012-09-15 13:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 15:37 - 2014-07-23 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 23:27 - 2013-10-04 22:23 - 00002108 _____ () C:\Users\ndjokic\Desktop\iou.txt
2014-07-21 21:54 - 2013-02-01 13:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-20 22:40 - 2013-07-11 18:26 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\vlc
2014-07-20 20:41 - 2012-09-18 10:23 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\uTorrent
2014-07-20 19:37 - 2012-09-22 19:40 - 00000000 ____D () C:\movies
2014-07-20 18:06 - 2014-07-20 18:06 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 18:01 - 2014-07-20 18:01 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 18:00 - 2014-07-20 18:00 - 00056100 _____ () C:\Windows\SysWOW64\CCCInstall_201407201800525336.log
2014-07-20 18:00 - 2014-07-20 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 18:00 - 2013-12-22 14:40 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-20 17:54 - 2014-07-20 17:54 - 00000000 ____D () C:\Program Files\AMD
2014-07-20 17:52 - 2014-07-20 17:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 17:52 - 2014-07-12 00:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 17:44 - 2013-12-22 14:24 - 00000000 ____D () C:\AMD
2014-07-20 00:48 - 2014-07-20 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-07-20 00:41 - 2012-09-15 16:09 - 00000000 ____D () C:\games
2014-07-19 22:22 - 2014-07-19 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-18 01:21 - 2014-07-18 01:09 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\Hero_Siege
2014-07-18 01:08 - 2014-07-03 21:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 00:13 - 2014-07-11 22:46 - 00000657 _____ () C:\Users\ndjokic\Desktop\local contest tasks.txt
2014-07-17 23:38 - 2014-07-17 23:07 - 00000065 _____ () C:\Users\ndjokic\Desktop\hercules pw.txt
2014-07-17 22:32 - 2012-11-20 23:07 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-16 16:01 - 2009-07-14 07:13 - 00786766 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-14 19:31 - 2014-07-14 19:26 - 00000000 ____D () C:\Users\ndjokic\Desktop\hair progress
2014-07-13 13:58 - 2014-05-15 02:45 - 00000225 _____ () C:\Users\ndjokic\Desktop\topc.txt
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\XGen Studios, Inc
2014-07-12 00:18 - 2014-07-12 00:18 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\XGen Studios, Inc
2014-07-06 03:18 - 2013-06-18 14:40 - 00000688 _____ () C:\Users\ndjokic\contestapplet.conf
2014-07-06 03:14 - 2013-06-18 14:40 - 00000688 _____ () C:\Users\ndjokic\contestapplet.conf.bak
2014-07-03 21:29 - 2014-07-03 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-03 00:10 - 2014-07-03 00:10 - 00000000 ____D () C:\ProgramData\WaLMaRT
2014-07-02 23:20 - 2013-09-06 20:32 - 00000000 ____D () C:\Users\ndjokic\AppData\Roaming\TS3Client
2014-07-02 22:40 - 2012-12-13 23:02 - 00000000 ____D () C:\Users\ndjokic\AppData\Local\SKIDROW
2014-07-02 22:37 - 2014-07-02 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trendy Entertainment
2014-07-02 14:20 - 2014-07-02 14:20 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-07-02 14:20 - 2014-02-09 20:57 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\ndjokic\jagex_cl_oldschool_LIVE.dat
C:\Users\ndjokic\jagex_cl_runescape_LIVE.dat
C:\Users\ndjokic\random.dat


Some content of TEMP:
====================
C:\Users\ndjokic\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 19:34

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 01
Ran by ndjokic at 2014-07-31 14:13:27
Running from C:\Users\ndjokic\Desktop\july 2014 virus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
Å‹*‚̈͌é CrazyStone —DŸ‹L”O”Å (HKLM-x32\...\{F051B726-4DFD-4DDC-B999-496D27E14AD2}) (Version: 1.00.0000 - UNBALANCE)
3DMark (HKLM-x32\...\{F1A6C690-C12C-4E7A-B4BD-958678215418}) (Version: 1.0 - Futuremark)
ŸÀÌÁª¹ÙµÏ 2.0 (HKLM-x32\...\ŸÀÌÁª¹ÙµÏ 2.0) (Version: - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.16.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.16.0 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Celemony Melodyne version 2.1 (HKLM\...\Celemony Melodyne_is1) (Version: - Copyright (C) 2001-2012 Celemony Software GmbH)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Core Temp 1.0 RC4 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DirectVobSub 2.41.7036 (HKLM-x32\...\vsfilter_is1) (Version: 2.41.7036 - MPC-HC Team)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dungeon Defenders (HKLM-x32\...\Dungeon Defenders_is1) (Version: - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
FTL version 1.03.3 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.3 - Subset Games)
Fur Fighters PC (HKLM-x32\...\{9E49481C-37C8-4EEF-9AA1-45103A547462}) (Version: 1.00.0000 - Acclaim Entertainment Inc.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Goat Simulator (HKLM-x32\...\R29hdFNpbXVsYXRvcg==_is1) (Version: 1 - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
ImDisk Virtual Disk Driver (HKLM\...\ImDisk) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Jamestown (HKLM-x32\...\JamestownFinal) (Version: Final - AllSmartGames)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.20.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.56.1 - JMicron Technology Corp.)
K-Lite Codec Pack 9.9.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - )
Liquid War 5.6.4 (HKLM-x32\...\Liquid_War_5) (Version: - )
Livestreamer 1.6.1 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.114 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.114 - LogMeIn, Inc.) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Many Faces of Go 12 (HKLM-x32\...\{59772D11-9D88-4020-838C-6F4864D0DE8A}) (Version: 12.0 - Smart Games)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Mercury (HKLM\...\{69ebe133-29a9-4c62-ae28-1509b988d81e}.sdb) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 17.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 17.0.3 (x86 en-GB)) (Version: 17.0.3 - Mozilla)
MultiGo Version 4 (HKLM-x32\...\MultiGo 4_is1) (Version: - )
Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)
Opera Stable 16.0.1196.62 (HKLM-x32\...\Opera 16.0.1196.62) (Version: 16.0.1196.62 - Opera Software ASA)
Oracle VM VirtualBox 4.2.0 (HKLM\...\{8ECC12DC-7819-402A-B54E-A991558C81B1}) (Version: 4.2.0 - Oracle Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PartyPoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.5 (HKLM-x32\...\{DBDD570E-0952-475f-9453-AB88F3DD5659}) (Version: 2.7.5150 - Python Software Foundation)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Rayman Legends (HKLM-x32\...\UmF5bWFuTGVnZW5kcw==_is1) (Version: 1 - )
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Red Faction Guerrilla (HKLM-x32\...\InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}) (Version: 1.00.0000 - Volition Inc.)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Volition Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.0.0.4 - GOG.com)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic Generations (HKLM-x32\...\Sonic Generations_is1) (Version: 1.0 - SEGA)
Spelunky HD 1.0 (HKLM-x32\...\Spelunky HD 1.0) (Version: 1.0 - Cat-A-Cat)
Spiral Knights (HKCU\...\Spiral Knights) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.1.1 - Krzysztof Kowalczyk)
Super Motherload ver. 1.3.1.0 (HKLM-x32\...\{70D31D4C-D93B-4AB1-B4E3-A1AB216EEBC3}_is1) (Version: 1.3.1.0 - XGen Studios)
Super Panda Adventures 1.0 (HKLM-x32\...\Super Panda Adventures 1.0) (Version: 1.0 - Cat-A-Cat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
Terrafirma (HKLM-x32\...\{72E80496-C446-4389-B4F2-CC46DF704A7F}) (Version: 1.9.8 - Sean Kasun)
TextCrawler 2.4 (HKLM-x32\...\TextCrawler) (Version: 2.4 - DigitalVolcano Software)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version: - )
Thumbnail me 3.0 (HKCU\...\Thumbnail me 3.0) (Version: - )
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
tools-linux (x32 Version: 9.2.0.812388 - VMware, Inc.) Hidden
TortoiseSVN 1.7.11.23600 (64 bit) (HKLM\...\{6B13A3F1-F66A-42FB-9E62-98952D582187}) (Version: 1.7.23600 - TortoiseSVN)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
TygemBaduk Remove (HKLM-x32\...\Tygem Baduk) (Version: - )
United States-International - Programming (HKLM\...\{FCF2574C-AFE2-42BA-BBD6-7263C3BDA308}) (Version: 1.0.3.40 - Company)
United States-International (no dead keys) (HKLM\...\{17C35B8C-73BD-448B-A89B-70AE5D2873DC}) (Version: 1.0.3.40 - Freeman2222)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.0 - VMware, Inc)
VMwarePlayer_x64 (Version: 5.0.0 - VMware, Inc.) Hidden
Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version: - Yeti Trunk)
Warcraft III eSK 1.26.0.6401 (HKLM-x32\...\Warcraft III eSK 1.26.0.6401) (Version: - )
WinHTTrack Website Copier 3.47-11 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.11 - HTTrack)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-132009455-2026092721-3990303557-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ndjokic\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-132009455-2026092721-3990303557-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ndjokic\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-03-29 20:50 - 00445162 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FEC6997-2F06-4811-A458-48203A8BC7F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000UA => C:\Users\ndjokic\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
Task: {126B21B3-2A9D-421D-A962-ECB0D47649D2} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {23F39ACE-F555-4759-A059-ADADFB6DC44F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {2B8BE232-7CB1-4BCB-BC68-CF862AA71A61} - System32\Tasks\{71778D02-BE03-44C6-BC77-3AB1822E4347} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar
Task: {3883A749-F225-46AD-9657-84686314A48E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {49755AD9-FA2D-4509-ABE3-B846DED1129B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000Core => C:\Users\ndjokic\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-19] (Google Inc.)
Task: {870352A1-50AD-40CF-837D-0D7B70403B2B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-132009455-2026092721-3990303557-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {874F78F7-679A-4687-ABB6-0CC7BFB87BCC} - System32\Tasks\{BDA6F1C7-BBAD-4388-A0B7-F4354809B991} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar
Task: {95716BD6-F91B-428B-B77D-462AE7A2F557} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-132009455-2026092721-3990303557-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AB1C1E3A-449B-475B-8A2C-026256128654} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {B3C27511-508E-4779-9DC2-4492D1F75CEB} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-132009455-2026092721-3990303557-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B67B9C05-5E05-44E5-A938-0F3D2283DDB0} - System32\Tasks\{3175FDAB-0B7B-4511-8EDD-E83A1649A565} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000Core.job => C:\Users\ndjokic\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-132009455-2026092721-3990303557-1000UA.job => C:\Users\ndjokic\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-04 19:44 - 2014-02-10 00:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-12-12 22:37 - 2012-12-12 22:37 - 00088968 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-02-01 13:30 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2013-02-01 13:30 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-02-01 13:30 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-02-01 13:30 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-02-01 13:30 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:BC359956

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpHotkeyMonitor => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ImDskSvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: vcsFPService => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ndjokic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\ndjokic\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

==================== Faulty Device Manager Devices =============

Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 8142.36 MB
Available physical RAM: 6710.07 MB
Total Pagefile: 16282.9 MB
Available Pagefile: 14863.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:444.6 GB) (Free:71.6 GB) NTFS
Drive h: (Dungeon Defender) (CDROM) (Total:1.76 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5893164C)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End Of Log ============================
ken545
2014-07-31, 15:47
Did you set these proxies

FF NetworkProxy: "autoconfig_url", "http://r-1.ch/twitch.pac"
FF NetworkProxy: "socks_remote_dns", true
Notawiz
2014-07-31, 15:54
I don't recognize either of those names.
ken545
2014-07-31, 16:18
Open notepad (Start =>All Programs => Accessories => Notepad).
Please copy the entire contents of the code box below.
(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
Save it to the same directory as frst.exe (or frst64.exe) as fixlist.txt. (it has to be right next to FRST/64)



Start
FF NetworkProxy: "autoconfig_url", "http://r-1.ch/twitch.pac"
FF NetworkProxy: "socks_remote_dns", true
C:\ProgramData\hash.dat
C:\Users\ndjokic\jagex_cl_oldschool_LIVE.dat
C:\Users\ndjokic\jagex_cl_runescape_LIVE.dat
C:\Users\ndjokic\random.dat
C:\Users\ndjokic\AppData\Local\Temp\Quarantine.exe
Hosts:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Then open FRST64 and click on fix
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply



Let me know if you see any improvement to your system ?
Notawiz
2014-07-31, 16:46
I'm still having the same problem.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 01
Ran by ndjokic at 2014-07-31 15:35:00 Run:1
Running from C:\Users\ndjokic\Desktop\july 2014 virus
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
FF NetworkProxy: "autoconfig_url", "http://r-1.ch/twitch.pac"
FF NetworkProxy: "socks_remote_dns", true
C:\ProgramData\hash.dat
C:\Users\ndjokic\jagex_cl_oldschool_LIVE.dat
C:\Users\ndjokic\jagex_cl_runescape_LIVE.dat
C:\Users\ndjokic\random.dat
C:\Users\ndjokic\AppData\Local\Temp\Quarantine.exe
Hosts:
End

*****************

Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\ProgramData\hash.dat => Moved successfully.
C:\Users\ndjokic\jagex_cl_oldschool_LIVE.dat => Moved successfully.
C:\Users\ndjokic\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\ndjokic\random.dat => Moved successfully.
C:\Users\ndjokic\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====
ken545
2014-07-31, 17:04
I'm going to have you run one more program, read the instructions as I only want to see the report, sometimes rootkit type of infections hide from us and this may find one if present. Take your time as I will be offline until maybe mid afternoon

Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip)

Extract it to your desktop
Double click TDSSKiller.exe
when the window opens, click on Change Parameters
under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
click OK
Press Start Scan

As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
Then click Continue > Reboot now

Copy and paste the log in your next reply

A copy of the log will be saved automatically to the root of the drive (typically C:\)
Notawiz
2014-07-31, 17:15
16:08:22.0856 0x0e1c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
16:08:28.0183 0x0e1c ============================================================
16:08:28.0183 0x0e1c Current date / time: 2014/07/31 16:08:28.0183
16:08:28.0183 0x0e1c SystemInfo:
16:08:28.0183 0x0e1c
16:08:28.0183 0x0e1c OS Version: 6.1.7601 ServicePack: 1.0
16:08:28.0183 0x0e1c Product type: Workstation
16:08:28.0183 0x0e1c ComputerName: NDJOKIC-PC
16:08:28.0183 0x0e1c UserName: ndjokic
16:08:28.0183 0x0e1c Windows directory: C:\Windows
16:08:28.0183 0x0e1c System windows directory: C:\Windows
16:08:28.0183 0x0e1c Running under WOW64
16:08:28.0183 0x0e1c Processor architecture: Intel x64
16:08:28.0183 0x0e1c Number of processors: 4
16:08:28.0183 0x0e1c Page size: 0x1000
16:08:28.0183 0x0e1c Boot type: Normal boot
16:08:28.0183 0x0e1c ============================================================
16:08:29.0486 0x0e1c KLMD registered as C:\Windows\system32\drivers\01796790.sys
16:08:29.0773 0x0e1c System UUID: {27DEDB60-DB91-7D8E-121D-12E1158F42AB}
16:08:30.0318 0x0e1c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:08:30.0322 0x0e1c ============================================================
16:08:30.0322 0x0e1c \Device\Harddisk0\DR0:
16:08:30.0322 0x0e1c MBR partitions:
16:08:30.0323 0x0e1c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
16:08:30.0323 0x0e1c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x37932800
16:08:30.0323 0x0e1c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x379C9000, BlocksNum 0x1FBB800
16:08:30.0323 0x0e1c \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39984800, BlocksNum 0x9FD800
16:08:30.0323 0x0e1c ============================================================
16:08:30.0342 0x0e1c C: <-> \Device\Harddisk0\DR0\Partition2
16:08:30.0376 0x0e1c ============================================================
16:08:30.0376 0x0e1c Initialize success
16:08:30.0376 0x0e1c ============================================================
16:09:05.0082 0x03d8 ============================================================
16:09:05.0082 0x03d8 Scan started
16:09:05.0082 0x03d8 Mode: Manual; TDLFS;
16:09:05.0082 0x03d8 ============================================================
16:09:05.0082 0x03d8 KSN ping started
16:09:08.0642 0x03d8 KSN ping finished: true
16:09:09.0062 0x03d8 ================ Scan system memory ========================
16:09:09.0062 0x03d8 System memory - ok
16:09:09.0062 0x03d8 ================ Scan services =============================
16:09:09.0222 0x03d8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:09:09.0222 0x03d8 1394ohci - ok
16:09:09.0272 0x03d8 [ 7A330A42870EB1FA81F88BE514D2D566, FFE4F37992A7855FD5308462054BCA91B275EFC52F3402C99ED1C716CCC0E43C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:09:09.0272 0x03d8 Accelerometer - ok
16:09:09.0342 0x03d8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:09:09.0342 0x03d8 ACPI - ok
16:09:09.0362 0x03d8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:09:09.0362 0x03d8 AcpiPmi - ok
16:09:09.0432 0x03d8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:09:09.0432 0x03d8 adp94xx - ok
16:09:09.0452 0x03d8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:09:09.0462 0x03d8 adpahci - ok
16:09:09.0472 0x03d8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:09:09.0472 0x03d8 adpu320 - ok
16:09:09.0512 0x03d8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:09:09.0512 0x03d8 AeLookupSvc - ok
16:09:09.0612 0x03d8 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:09:09.0612 0x03d8 AESTFilters - ok
16:09:09.0662 0x03d8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:09:09.0672 0x03d8 AFD - ok
16:09:09.0742 0x03d8 [ 48008D4EA73C1058F36D323A644410D4, D0219AE0197BBD4C7BD75CD7564013B11497562F71C97918856B176942D86F65 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
16:09:09.0752 0x03d8 AgereModemAudio - ok
16:09:09.0782 0x03d8 [ DDF52C4C92D831A4CDB7788B37585E36, 604EB7E1F254A085364F652C41F560044439EA9B3D98EF0FEBC0B5AB8C6FFFC0 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
16:09:09.0802 0x03d8 AgereSoftModem - ok
16:09:09.0862 0x03d8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:09:09.0862 0x03d8 agp440 - ok
16:09:09.0912 0x03d8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:09:09.0912 0x03d8 ALG - ok
16:09:09.0972 0x03d8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:09:09.0972 0x03d8 aliide - ok
16:09:10.0082 0x03d8 ALSysIO - ok
16:09:10.0152 0x03d8 [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:09:10.0162 0x03d8 AMD External Events Utility - ok
16:09:10.0212 0x03d8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:09:10.0212 0x03d8 amdide - ok
16:09:10.0272 0x03d8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:09:10.0272 0x03d8 AmdK8 - ok
16:09:10.0622 0x03d8 [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:09:10.0842 0x03d8 amdkmdag - ok
16:09:10.0942 0x03d8 [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:09:10.0952 0x03d8 amdkmdap - ok
16:09:10.0982 0x03d8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:09:10.0982 0x03d8 AmdPPM - ok
16:09:11.0012 0x03d8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:09:11.0012 0x03d8 amdsata - ok
16:09:11.0062 0x03d8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:09:11.0062 0x03d8 amdsbs - ok
16:09:11.0082 0x03d8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:09:11.0082 0x03d8 amdxata - ok
16:09:11.0132 0x03d8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:09:11.0132 0x03d8 AppID - ok
16:09:11.0182 0x03d8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:09:11.0182 0x03d8 AppIDSvc - ok
16:09:11.0232 0x03d8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:09:11.0232 0x03d8 Appinfo - ok
16:09:11.0282 0x03d8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:09:11.0292 0x03d8 AppMgmt - ok
16:09:11.0322 0x03d8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:09:11.0322 0x03d8 arc - ok
16:09:11.0342 0x03d8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:09:11.0342 0x03d8 arcsas - ok
16:09:11.0482 0x03d8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:09:11.0482 0x03d8 aspnet_state - ok
16:09:11.0542 0x03d8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:09:11.0542 0x03d8 AsyncMac - ok
16:09:11.0582 0x03d8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:09:11.0582 0x03d8 atapi - ok
16:09:11.0642 0x03d8 [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:09:11.0642 0x03d8 AtiHDAudioService - ok
16:09:11.0732 0x03d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:09:11.0742 0x03d8 AudioEndpointBuilder - ok
16:09:11.0752 0x03d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:09:11.0762 0x03d8 AudioSrv - ok
16:09:11.0832 0x03d8 [ 7F36970A26407210AC32F1624BFE5D8B, F8EC60B3E64CB0D335C4B012E89027EB392F0E7CED379D746075C56FB14E2AA5 ] AWEAlloc C:\Windows\system32\DRIVERS\awealloc.sys
16:09:11.0832 0x03d8 AWEAlloc - ok
16:09:11.0892 0x03d8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:09:11.0892 0x03d8 AxInstSV - ok
16:09:11.0952 0x03d8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:09:11.0952 0x03d8 b06bdrv - ok
16:09:12.0022 0x03d8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:09:12.0022 0x03d8 b57nd60a - ok
16:09:12.0072 0x03d8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:09:12.0072 0x03d8 BDESVC - ok
16:09:12.0092 0x03d8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:09:12.0092 0x03d8 Beep - ok
16:09:12.0162 0x03d8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:09:12.0182 0x03d8 BFE - ok
16:09:12.0212 0x03d8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:09:12.0222 0x03d8 BITS - ok
16:09:12.0242 0x03d8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:09:12.0242 0x03d8 blbdrive - ok
16:09:12.0292 0x03d8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:09:12.0292 0x03d8 bowser - ok
16:09:12.0312 0x03d8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:09:12.0312 0x03d8 BrFiltLo - ok
16:09:12.0332 0x03d8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:09:12.0332 0x03d8 BrFiltUp - ok
16:09:12.0362 0x03d8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:09:12.0362 0x03d8 Browser - ok
16:09:12.0392 0x03d8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:09:12.0402 0x03d8 Brserid - ok
16:09:12.0402 0x03d8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:09:12.0402 0x03d8 BrSerWdm - ok
16:09:12.0402 0x03d8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:09:12.0402 0x03d8 BrUsbMdm - ok
16:09:12.0412 0x03d8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:09:12.0412 0x03d8 BrUsbSer - ok
16:09:12.0462 0x03d8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:09:12.0462 0x03d8 BthEnum - ok
16:09:12.0472 0x03d8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:09:12.0472 0x03d8 BTHMODEM - ok
16:09:12.0532 0x03d8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:09:12.0532 0x03d8 BthPan - ok
16:09:12.0562 0x03d8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:09:12.0572 0x03d8 BTHPORT - ok
16:09:12.0602 0x03d8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:09:12.0602 0x03d8 bthserv - ok
16:09:12.0622 0x03d8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:09:12.0622 0x03d8 BTHUSB - ok
16:09:12.0682 0x03d8 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:09:12.0692 0x03d8 btwampfl - ok
16:09:12.0732 0x03d8 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:09:12.0732 0x03d8 btwaudio - ok
16:09:12.0762 0x03d8 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:09:12.0762 0x03d8 btwavdt - ok
16:09:12.0862 0x03d8 [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:09:12.0872 0x03d8 btwdins - ok
16:09:12.0892 0x03d8 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:09:12.0892 0x03d8 btwl2cap - ok
16:09:12.0902 0x03d8 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:09:12.0902 0x03d8 btwrchid - ok
16:09:12.0962 0x03d8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:09:12.0962 0x03d8 cdfs - ok
16:09:13.0002 0x03d8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:09:13.0002 0x03d8 cdrom - ok
16:09:13.0062 0x03d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:09:13.0062 0x03d8 CertPropSvc - ok
16:09:13.0082 0x03d8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:09:13.0082 0x03d8 circlass - ok
16:09:13.0142 0x03d8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:09:13.0142 0x03d8 CLFS - ok
16:09:13.0222 0x03d8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:09:13.0222 0x03d8 clr_optimization_v2.0.50727_32 - ok
16:09:13.0272 0x03d8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:09:13.0272 0x03d8 clr_optimization_v2.0.50727_64 - ok
16:09:13.0382 0x03d8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:09:13.0382 0x03d8 clr_optimization_v4.0.30319_32 - ok
16:09:13.0392 0x03d8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:09:13.0392 0x03d8 clr_optimization_v4.0.30319_64 - ok
16:09:13.0442 0x03d8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:09:13.0442 0x03d8 CmBatt - ok
16:09:13.0472 0x03d8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:09:13.0472 0x03d8 cmdide - ok
16:09:13.0542 0x03d8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:09:13.0542 0x03d8 CNG - ok
16:09:13.0572 0x03d8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:09:13.0572 0x03d8 Compbatt - ok
16:09:13.0592 0x03d8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:09:13.0592 0x03d8 CompositeBus - ok
16:09:13.0612 0x03d8 COMSysApp - ok
16:09:13.0652 0x03d8 cpuz136 - ok
16:09:13.0682 0x03d8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:09:13.0692 0x03d8 crcdisk - ok
16:09:13.0752 0x03d8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:09:13.0752 0x03d8 CryptSvc - ok
16:09:13.0802 0x03d8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:09:13.0812 0x03d8 CSC - ok
16:09:13.0852 0x03d8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:09:13.0862 0x03d8 CscService - ok
16:09:13.0892 0x03d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:09:13.0892 0x03d8 DcomLaunch - ok
16:09:13.0952 0x03d8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:09:13.0962 0x03d8 defragsvc - ok
16:09:14.0002 0x03d8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:09:14.0012 0x03d8 DfsC - ok
16:09:14.0062 0x03d8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:09:14.0072 0x03d8 Dhcp - ok
16:09:14.0112 0x03d8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:09:14.0122 0x03d8 discache - ok
16:09:14.0142 0x03d8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:09:14.0142 0x03d8 Disk - ok
16:09:14.0202 0x03d8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:09:14.0202 0x03d8 Dnscache - ok
16:09:14.0252 0x03d8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:09:14.0252 0x03d8 dot3svc - ok
16:09:14.0302 0x03d8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:09:14.0302 0x03d8 DPS - ok
16:09:14.0362 0x03d8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:09:14.0362 0x03d8 drmkaud - ok
16:09:14.0422 0x03d8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:09:14.0432 0x03d8 DXGKrnl - ok
16:09:14.0492 0x03d8 [ DC1776D086AA9733B1929A3D979D9FDD, C7EEF160C615948CCCDE3B56C43F8A1E348B4E1212E0DDDB8A9EC2EC14FF73EE ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:09:14.0502 0x03d8 e1cexpress - ok
16:09:14.0572 0x03d8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:09:14.0572 0x03d8 EapHost - ok
16:09:14.0692 0x03d8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:09:14.0742 0x03d8 ebdrv - ok
16:09:14.0782 0x03d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:09:14.0782 0x03d8 EFS - ok
16:09:14.0832 0x03d8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:09:14.0842 0x03d8 ehRecvr - ok
16:09:14.0882 0x03d8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:09:14.0892 0x03d8 ehSched - ok
16:09:14.0952 0x03d8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:09:14.0962 0x03d8 elxstor - ok
16:09:15.0002 0x03d8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:09:15.0002 0x03d8 ErrDev - ok
16:09:15.0072 0x03d8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:09:15.0082 0x03d8 EventSystem - ok
16:09:15.0092 0x03d8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:09:15.0102 0x03d8 exfat - ok
16:09:15.0122 0x03d8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:09:15.0122 0x03d8 fastfat - ok
16:09:15.0182 0x03d8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:09:15.0192 0x03d8 Fax - ok
16:09:15.0202 0x03d8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:09:15.0202 0x03d8 fdc - ok
16:09:15.0232 0x03d8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:09:15.0232 0x03d8 fdPHost - ok
16:09:15.0242 0x03d8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:09:15.0242 0x03d8 FDResPub - ok
16:09:15.0292 0x03d8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:09:15.0292 0x03d8 FileInfo - ok
16:09:15.0312 0x03d8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:09:15.0312 0x03d8 Filetrace - ok
16:09:15.0312 0x03d8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:09:15.0312 0x03d8 flpydisk - ok
16:09:15.0332 0x03d8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:09:15.0332 0x03d8 FltMgr - ok
16:09:15.0422 0x03d8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:09:15.0432 0x03d8 FontCache - ok
16:09:15.0502 0x03d8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:09:15.0502 0x03d8 FontCache3.0.0.0 - ok
16:09:15.0502 0x03d8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:09:15.0512 0x03d8 FsDepends - ok
16:09:15.0532 0x03d8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:09:15.0532 0x03d8 Fs_Rec - ok
16:09:15.0632 0x03d8 [ 290EBA98AD0CE0D1B880B5D71194B069, 60CF4DBCFBF5EABE127663322E0CA2B324DB8A92039E7B7C044ACD64DBD324AB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
16:09:15.0632 0x03d8 Futuremark SystemInfo Service - ok
16:09:15.0702 0x03d8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:09:15.0702 0x03d8 fvevol - ok
16:09:15.0752 0x03d8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:09:15.0752 0x03d8 gagp30kx - ok
16:09:15.0812 0x03d8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:09:15.0822 0x03d8 gpsvc - ok
16:09:15.0902 0x03d8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:09:15.0912 0x03d8 gupdate - ok
16:09:15.0922 0x03d8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:09:15.0922 0x03d8 gupdatem - ok
16:09:15.0972 0x03d8 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:09:15.0972 0x03d8 hamachi - ok
16:09:16.0142 0x03d8 [ 8ED7438466D005B0BFEBB9C4FB1738BC, A61AED801C9EF015FBA0E3E09D1F99E92B9871FEA66A5514FEB11FD1DE62F70F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:09:16.0172 0x03d8 Hamachi2Svc - ok
16:09:16.0222 0x03d8 [ 49FF998B490B4AEF6C71A669FD10F09B, 371C77B1EC06E05D9BF77158605B62420A1591924731112A49A73382E752B0EA ] hcmon C:\Windows\system32\drivers\hcmon.sys
16:09:16.0222 0x03d8 hcmon - ok
16:09:16.0262 0x03d8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:09:16.0262 0x03d8 hcw85cir - ok
16:09:16.0302 0x03d8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:09:16.0312 0x03d8 HdAudAddService - ok
16:09:16.0332 0x03d8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:09:16.0332 0x03d8 HDAudBus - ok
16:09:16.0342 0x03d8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:09:16.0342 0x03d8 HidBatt - ok
16:09:16.0352 0x03d8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:09:16.0352 0x03d8 HidBth - ok
16:09:16.0382 0x03d8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:09:16.0382 0x03d8 HidIr - ok
16:09:16.0432 0x03d8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:09:16.0432 0x03d8 hidserv - ok
16:09:16.0492 0x03d8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:09:16.0492 0x03d8 HidUsb - ok
16:09:16.0542 0x03d8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:09:16.0542 0x03d8 hkmsvc - ok
16:09:16.0592 0x03d8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:09:16.0592 0x03d8 HomeGroupListener - ok
16:09:16.0632 0x03d8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:09:16.0642 0x03d8 HomeGroupProvider - ok
16:09:16.0742 0x03d8 [ 7265EA277DE1F4CD7F270AF3DA01F203, 87E055AA4E1E8B66DE7B3A6F65F4A12572D8A4BAD4CFB3D30AE7146231C50316 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:09:16.0742 0x03d8 HPDrvMntSvc.exe - ok
16:09:16.0792 0x03d8 [ A4BE23C451ADEB252CD17A0532CAE220, 612CF3B9CB11557C98DD0D036580C987E52585077529B8CBACD88778E2D8E31E ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:09:16.0792 0x03d8 hpdskflt - ok
16:09:16.0822 0x03d8 [ 0ADC6AFAB2B17FFC9C6E24DD1583F888, 328D8353F06C7D24CFBF1264640C58315ECC7575B0FADB6DB1528D0C1085C383 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
16:09:16.0822 0x03d8 hpHotkeyMonitor - ok
16:09:16.0842 0x03d8 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:09:16.0842 0x03d8 HpqKbFiltr - ok
16:09:16.0872 0x03d8 [ DB3072C61D56F5CEA4AEBE3042CD76A1, 8C03BF6B5AC3830DBB71C7E53B8177B57E14F2D5054168722D7138170935EFB6 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:09:16.0882 0x03d8 hpqwmiex - ok
16:09:16.0942 0x03d8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:09:16.0942 0x03d8 HpSAMD - ok
16:09:16.0952 0x03d8 [ A88A45E82BC54BFFB49C63973010226A, A96FC7C9A7E71347756581C682F27ED0EB8B80FE8F5D2F83C3129EB75F9264C6 ] hpsrv C:\Windows\system32\Hpservice.exe
16:09:16.0952 0x03d8 hpsrv - ok
16:09:17.0022 0x03d8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:09:17.0032 0x03d8 HTTP - ok
16:09:17.0082 0x03d8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:09:17.0082 0x03d8 hwpolicy - ok
16:09:17.0132 0x03d8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:09:17.0142 0x03d8 i8042prt - ok
16:09:17.0192 0x03d8 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:09:17.0202 0x03d8 iaStor - ok
16:09:17.0262 0x03d8 [ 117FF657E0D9BBD61B5C3E71E63D3919, F8AD1C861F018754A9BF348C9F1D6503854ED9D7DEEBF40E6B4E2FEA9FC6E56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:09:17.0262 0x03d8 IAStorDataMgrSvc - ok
16:09:17.0302 0x03d8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:09:17.0312 0x03d8 iaStorV - ok
16:09:17.0412 0x03d8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:09:17.0422 0x03d8 idsvc - ok
16:09:17.0462 0x03d8 IEEtwCollectorService - ok
16:09:17.0502 0x03d8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:09:17.0502 0x03d8 iirsp - ok
16:09:17.0562 0x03d8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:09:17.0582 0x03d8 IKEEXT - ok
16:09:17.0592 0x03d8 [ 58B0FBF9254CCB589B4B2AB5C05E6951, 9E4DBAE244B953D98E47A66469FB0F49AF17F70843A4C8C110E1B6D2F7FD6292 ] ImDisk C:\Windows\system32\DRIVERS\imdisk.sys
16:09:17.0592 0x03d8 ImDisk - ok
16:09:17.0632 0x03d8 [ 83CCE484311FBE4263A1D9F5A34A2BB9, 52C5D3ADFC3C87A250B45805758D18D1076A14F608DD0A512516B746423AA28E ] ImDskSvc C:\Windows\system32\imdsksvc.exe
16:09:17.0632 0x03d8 ImDskSvc - ok
16:09:17.0682 0x03d8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:09:17.0682 0x03d8 intelide - ok
16:09:17.0702 0x03d8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:09:17.0702 0x03d8 intelppm - ok
16:09:17.0742 0x03d8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:09:17.0742 0x03d8 IPBusEnum - ok
16:09:17.0782 0x03d8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:09:17.0782 0x03d8 IpFilterDriver - ok
16:09:17.0862 0x03d8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:09:17.0872 0x03d8 iphlpsvc - ok
16:09:17.0902 0x03d8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:09:17.0902 0x03d8 IPMIDRV - ok
16:09:17.0952 0x03d8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:09:17.0952 0x03d8 IPNAT - ok
16:09:17.0982 0x03d8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:09:17.0982 0x03d8 IRENUM - ok
16:09:18.0022 0x03d8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:09:18.0022 0x03d8 isapnp - ok
16:09:18.0072 0x03d8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:09:18.0072 0x03d8 iScsiPrt - ok
16:09:18.0142 0x03d8 [ DF4265062DB60A2A72E8E04C358BD3D1, B97E719F4E68D508BB715BDEAB0C347CD107E21BA1D322FB10EC00CED878C17D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:09:18.0142 0x03d8 JMCR - ok
16:09:18.0182 0x03d8 [ 885B4A3134E8F35A272DA63496F6E789, 97941212D0561F9EED5956C4FFE7CBFDAFFD04BF4E5942E20DA0A39D9ADCEFD8 ] johci C:\Windows\system32\DRIVERS\johci.sys
16:09:18.0182 0x03d8 johci - ok
16:09:18.0192 0x03d8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:09:18.0192 0x03d8 kbdclass - ok
16:09:18.0212 0x03d8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:09:18.0212 0x03d8 kbdhid - ok
16:09:18.0232 0x03d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:09:18.0242 0x03d8 KeyIso - ok
16:09:18.0272 0x03d8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:09:18.0272 0x03d8 KSecDD - ok
16:09:18.0292 0x03d8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:09:18.0292 0x03d8 KSecPkg - ok
16:09:18.0332 0x03d8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:09:18.0332 0x03d8 ksthunk - ok
16:09:18.0382 0x03d8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:09:18.0392 0x03d8 KtmRm - ok
16:09:18.0442 0x03d8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:09:18.0442 0x03d8 LanmanServer - ok
16:09:18.0492 0x03d8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:09:18.0492 0x03d8 LanmanWorkstation - ok
16:09:18.0522 0x03d8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:09:18.0532 0x03d8 lltdio - ok
16:09:18.0582 0x03d8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:09:18.0582 0x03d8 lltdsvc - ok
16:09:18.0612 0x03d8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:09:18.0612 0x03d8 lmhosts - ok
16:09:18.0652 0x03d8 [ 659486446A7475FAB4C05C1190E6767B, 51699F7DFE030698FBC595804666E3552FE0A41B090F4D3E762174F2618A70CE ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
16:09:18.0662 0x03d8 LMIGuardianSvc - ok
16:09:18.0722 0x03d8 [ DE75F2EA497DA4B3A764D4EAC43135E9, D3F610AB375E8789DF8203BDE2E4D437BD5F0F91A22BA39DC518912A6A9AB7FD ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:09:18.0732 0x03d8 LMS - ok
16:09:18.0782 0x03d8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:09:18.0782 0x03d8 LSI_FC - ok
16:09:18.0802 0x03d8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:09:18.0802 0x03d8 LSI_SAS - ok
16:09:18.0812 0x03d8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:09:18.0812 0x03d8 LSI_SAS2 - ok
16:09:18.0822 0x03d8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:09:18.0822 0x03d8 LSI_SCSI - ok
16:09:18.0842 0x03d8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:09:18.0842 0x03d8 luafv - ok
16:09:18.0892 0x03d8 [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:09:18.0892 0x03d8 MBAMProtector - ok
16:09:18.0952 0x03d8 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
16:09:18.0982 0x03d8 MBAMScheduler - ok
16:09:19.0022 0x03d8 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:09:19.0032 0x03d8 MBAMService - ok
16:09:19.0062 0x03d8 [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:09:19.0062 0x03d8 MBAMWebAccessControl - ok
16:09:19.0122 0x03d8 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
16:09:19.0122 0x03d8 mcdbus - ok
16:09:19.0172 0x03d8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:09:19.0172 0x03d8 Mcx2Svc - ok
16:09:19.0212 0x03d8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:09:19.0212 0x03d8 megasas - ok
16:09:19.0252 0x03d8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:09:19.0262 0x03d8 MegaSR - ok
16:09:19.0312 0x03d8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:09:19.0312 0x03d8 MEIx64 - ok
16:09:19.0342 0x03d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:09:19.0352 0x03d8 MMCSS - ok
16:09:19.0362 0x03d8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:09:19.0362 0x03d8 Modem - ok
16:09:19.0382 0x03d8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:09:19.0382 0x03d8 monitor - ok
16:09:19.0432 0x03d8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:09:19.0432 0x03d8 mouclass - ok
16:09:19.0462 0x03d8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:09:19.0462 0x03d8 mouhid - ok
16:09:19.0512 0x03d8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:09:19.0522 0x03d8 mountmgr - ok
16:09:19.0572 0x03d8 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:09:19.0582 0x03d8 MozillaMaintenance - ok
16:09:19.0652 0x03d8 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:09:19.0652 0x03d8 MpFilter - ok
16:09:19.0672 0x03d8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:09:19.0672 0x03d8 mpio - ok
16:09:19.0742 0x03d8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:09:19.0742 0x03d8 mpsdrv - ok
16:09:19.0802 0x03d8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:09:19.0812 0x03d8 MpsSvc - ok
16:09:19.0852 0x03d8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:09:19.0852 0x03d8 MRxDAV - ok
16:09:19.0902 0x03d8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:09:19.0902 0x03d8 mrxsmb - ok
16:09:19.0912 0x03d8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:09:19.0922 0x03d8 mrxsmb10 - ok
16:09:19.0932 0x03d8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:09:19.0932 0x03d8 mrxsmb20 - ok
16:09:19.0972 0x03d8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:09:19.0982 0x03d8 msahci - ok
16:09:20.0002 0x03d8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:09:20.0002 0x03d8 msdsm - ok
16:09:20.0022 0x03d8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:09:20.0022 0x03d8 MSDTC - ok
16:09:20.0072 0x03d8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:09:20.0072 0x03d8 Msfs - ok
16:09:20.0082 0x03d8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:09:20.0082 0x03d8 mshidkmdf - ok
16:09:20.0132 0x03d8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:09:20.0132 0x03d8 msisadrv - ok
16:09:20.0182 0x03d8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:09:20.0182 0x03d8 MSiSCSI - ok
16:09:20.0182 0x03d8 msiserver - ok
16:09:20.0202 0x03d8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:09:20.0202 0x03d8 MSKSSRV - ok
16:09:20.0302 0x03d8 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:09:20.0302 0x03d8 MsMpSvc - ok
16:09:20.0312 0x03d8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:09:20.0312 0x03d8 MSPCLOCK - ok
16:09:20.0312 0x03d8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:09:20.0312 0x03d8 MSPQM - ok
16:09:20.0362 0x03d8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:09:20.0362 0x03d8 MsRPC - ok
16:09:20.0402 0x03d8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:09:20.0412 0x03d8 mssmbios - ok
16:09:20.0442 0x03d8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:09:20.0442 0x03d8 MSTEE - ok
16:09:20.0452 0x03d8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:09:20.0452 0x03d8 MTConfig - ok
16:09:20.0462 0x03d8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:09:20.0462 0x03d8 Mup - ok
16:09:20.0482 0x03d8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:09:20.0492 0x03d8 napagent - ok
16:09:20.0522 0x03d8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:09:20.0532 0x03d8 NativeWifiP - ok
16:09:20.0592 0x03d8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:09:20.0602 0x03d8 NDIS - ok
16:09:20.0632 0x03d8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:09:20.0632 0x03d8 NdisCap - ok
16:09:20.0682 0x03d8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:09:20.0692 0x03d8 NdisTapi - ok
16:09:20.0732 0x03d8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:09:20.0732 0x03d8 Ndisuio - ok
16:09:20.0782 0x03d8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:09:20.0782 0x03d8 NdisWan - ok
16:09:20.0822 0x03d8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:09:20.0822 0x03d8 NDProxy - ok
16:09:20.0832 0x03d8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:09:20.0832 0x03d8 NetBIOS - ok
16:09:20.0872 0x03d8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:09:20.0872 0x03d8 NetBT - ok
16:09:20.0902 0x03d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:09:20.0902 0x03d8 Netlogon - ok
16:09:20.0942 0x03d8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:09:20.0952 0x03d8 Netman - ok
16:09:20.0992 0x03d8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:09:20.0992 0x03d8 NetMsmqActivator - ok
16:09:21.0002 0x03d8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:09:21.0002 0x03d8 NetPipeActivator - ok
16:09:21.0022 0x03d8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:09:21.0032 0x03d8 netprofm - ok
16:09:21.0042 0x03d8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:09:21.0042 0x03d8 NetTcpActivator - ok
16:09:21.0042 0x03d8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:09:21.0052 0x03d8 NetTcpPortSharing - ok
16:09:21.0332 0x03d8 [ 5D262402B0634C998F8CBCEAD7DD8676, 535C869C4522B012A7FB600382D46D6E5F242C18F28590FD26A918648B19EDFD ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:09:21.0452 0x03d8 NETwNs64 - ok
16:09:21.0522 0x03d8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:09:21.0522 0x03d8 nfrd960 - ok
16:09:21.0582 0x03d8 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:09:21.0582 0x03d8 NisDrv - ok
16:09:21.0592 0x03d8 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:09:21.0602 0x03d8 NisSrv - ok
16:09:21.0652 0x03d8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:09:21.0652 0x03d8 NlaSvc - ok
16:09:21.0722 0x03d8 [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF C:\Windows\system32\drivers\npf.sys
16:09:21.0722 0x03d8 NPF - ok
16:09:21.0732 0x03d8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:09:21.0732 0x03d8 Npfs - ok
16:09:21.0772 0x03d8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:09:21.0782 0x03d8 nsi - ok
16:09:21.0792 0x03d8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:09:21.0792 0x03d8 nsiproxy - ok
16:09:21.0872 0x03d8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:09:21.0902 0x03d8 Ntfs - ok
16:09:21.0942 0x03d8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:09:21.0942 0x03d8 Null - ok
16:09:21.0992 0x03d8 [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:09:22.0002 0x03d8 nusb3hub - ok
16:09:22.0012 0x03d8 [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:09:22.0012 0x03d8 nusb3xhc - ok
16:09:22.0052 0x03d8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:09:22.0052 0x03d8 nvraid - ok
16:09:22.0072 0x03d8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:09:22.0082 0x03d8 nvstor - ok
16:09:22.0142 0x03d8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:09:22.0142 0x03d8 nv_agp - ok
16:09:22.0182 0x03d8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:09:22.0182 0x03d8 ohci1394 - ok
16:09:22.0232 0x03d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:09:22.0232 0x03d8 p2pimsvc - ok
16:09:22.0252 0x03d8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:09:22.0262 0x03d8 p2psvc - ok
16:09:22.0312 0x03d8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:09:22.0322 0x03d8 Parport - ok
16:09:22.0362 0x03d8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:09:22.0372 0x03d8 partmgr - ok
16:09:22.0382 0x03d8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:09:22.0382 0x03d8 PcaSvc - ok
16:09:22.0432 0x03d8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:09:22.0432 0x03d8 pci - ok
16:09:22.0472 0x03d8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:09:22.0472 0x03d8 pciide - ok
16:09:22.0492 0x03d8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:09:22.0492 0x03d8 pcmcia - ok
16:09:22.0502 0x03d8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:09:22.0502 0x03d8 pcw - ok
16:09:22.0522 0x03d8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:09:22.0532 0x03d8 PEAUTH - ok
16:09:22.0622 0x03d8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:09:22.0642 0x03d8 PeerDistSvc - ok
16:09:22.0722 0x03d8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:09:22.0722 0x03d8 PerfHost - ok
16:09:22.0792 0x03d8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:09:22.0812 0x03d8 pla - ok
16:09:22.0872 0x03d8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:09:22.0882 0x03d8 PlugPlay - ok
16:09:22.0912 0x03d8 PnkBstrA - ok
16:09:22.0912 0x03d8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:09:22.0922 0x03d8 PNRPAutoReg - ok
16:09:22.0932 0x03d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:09:22.0942 0x03d8 PNRPsvc - ok
16:09:22.0962 0x03d8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:09:22.0972 0x03d8 PolicyAgent - ok
16:09:23.0022 0x03d8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:09:23.0022 0x03d8 Power - ok
16:09:23.0072 0x03d8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:09:23.0072 0x03d8 PptpMiniport - ok
16:09:23.0092 0x03d8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:09:23.0092 0x03d8 Processor - ok
16:09:23.0142 0x03d8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:09:23.0142 0x03d8 ProfSvc - ok
16:09:23.0182 0x03d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:09:23.0182 0x03d8 ProtectedStorage - ok
16:09:23.0242 0x03d8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:09:23.0252 0x03d8 Psched - ok
16:09:23.0332 0x03d8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:09:23.0352 0x03d8 ql2300 - ok
16:09:23.0362 0x03d8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:09:23.0362 0x03d8 ql40xx - ok
16:09:23.0412 0x03d8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:09:23.0412 0x03d8 QWAVE - ok
16:09:23.0422 0x03d8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:09:23.0432 0x03d8 QWAVEdrv - ok
16:09:23.0442 0x03d8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:09:23.0442 0x03d8 RasAcd - ok
16:09:23.0492 0x03d8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:09:23.0502 0x03d8 RasAgileVpn - ok
16:09:23.0512 0x03d8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:09:23.0512 0x03d8 RasAuto - ok
16:09:23.0552 0x03d8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:09:23.0552 0x03d8 Rasl2tp - ok
16:09:23.0612 0x03d8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:09:23.0612 0x03d8 RasMan - ok
16:09:23.0662 0x03d8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:09:23.0662 0x03d8 RasPppoe - ok
16:09:23.0672 0x03d8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:09:23.0672 0x03d8 RasSstp - ok
16:09:23.0722 0x03d8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:09:23.0722 0x03d8 rdbss - ok
16:09:23.0732 0x03d8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:09:23.0732 0x03d8 rdpbus - ok
16:09:23.0752 0x03d8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:09:23.0752 0x03d8 RDPCDD - ok
16:09:23.0802 0x03d8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:09:23.0802 0x03d8 RDPDR - ok
16:09:23.0822 0x03d8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:09:23.0822 0x03d8 RDPENCDD - ok
16:09:23.0822 0x03d8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:09:23.0822 0x03d8 RDPREFMP - ok
16:09:23.0862 0x03d8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:09:23.0872 0x03d8 RDPWD - ok
16:09:23.0932 0x03d8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:09:23.0932 0x03d8 rdyboost - ok
16:09:24.0062 0x03d8 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
16:09:24.0062 0x03d8 RealNetworks Downloader Resolver Service - ok
16:09:24.0112 0x03d8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:09:24.0112 0x03d8 RemoteAccess - ok
16:09:24.0162 0x03d8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:09:24.0162 0x03d8 RemoteRegistry - ok
16:09:24.0222 0x03d8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:09:24.0222 0x03d8 RFCOMM - ok
16:09:24.0292 0x03d8 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9, 9F66C47D49AADDC946C20945685C1B8BDFAF011D9CD840AC9F3130B5BA09946C ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
16:09:24.0292 0x03d8 rpcapd - ok
16:09:24.0312 0x03d8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:09:24.0312 0x03d8 RpcEptMapper - ok
16:09:24.0362 0x03d8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:09:24.0362 0x03d8 RpcLocator - ok
16:09:24.0412 0x03d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:09:24.0422 0x03d8 RpcSs - ok
16:09:24.0482 0x03d8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:09:24.0482 0x03d8 rspndr - ok
16:09:24.0502 0x03d8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:09:24.0502 0x03d8 s3cap - ok
16:09:24.0532 0x03d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:09:24.0532 0x03d8 SamSs - ok
16:09:24.0572 0x03d8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:09:24.0572 0x03d8 sbp2port - ok
16:09:24.0622 0x03d8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:09:24.0632 0x03d8 SCardSvr - ok
16:09:24.0672 0x03d8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:09:24.0672 0x03d8 scfilter - ok
16:09:24.0742 0x03d8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:09:24.0752 0x03d8 Schedule - ok
16:09:24.0802 0x03d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:09:24.0802 0x03d8 SCPolicySvc - ok
16:09:24.0832 0x03d8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:09:24.0832 0x03d8 sdbus - ok
16:09:24.0882 0x03d8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:09:24.0882 0x03d8 SDRSVC - ok
16:09:25.0012 0x03d8 [ 206387AB881E93A1A6EB89966C8651F1, 3BF9DFF3E70F0787F7F94BE5B9717DFADD9E13AB8154FAE295CEAC834F0835E5 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:09:25.0022 0x03d8 SDScannerService - ok
16:09:25.0082 0x03d8 [ A529CFE32565C0B145578FFB2B32C9A5, 4B1596CBDDA74D510707FD475AAB3A89B1203E0B95ECAE3756CAA56555F9F66D ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:09:25.0102 0x03d8 SDUpdateService - ok
16:09:25.0122 0x03d8 [ CB63BDB77BB86549FC3303C2F11EDC18, 1C96C082B9CE08C8F3C088D5DE68BA8783E6F6A837A88E2654BC4CBCF7B81846 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:09:25.0122 0x03d8 SDWSCService - ok
16:09:25.0172 0x03d8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:09:25.0182 0x03d8 secdrv - ok
16:09:25.0222 0x03d8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:09:25.0222 0x03d8 seclogon - ok
16:09:25.0262 0x03d8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:09:25.0272 0x03d8 SENS - ok
16:09:25.0302 0x03d8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:09:25.0302 0x03d8 SensrSvc - ok
16:09:25.0332 0x03d8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:09:25.0332 0x03d8 Serenum - ok
16:09:25.0342 0x03d8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:09:25.0342 0x03d8 Serial - ok
16:09:25.0402 0x03d8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:09:25.0402 0x03d8 sermouse - ok
16:09:25.0452 0x03d8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:09:25.0462 0x03d8 SessionEnv - ok
16:09:25.0482 0x03d8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:09:25.0482 0x03d8 sffdisk - ok
16:09:25.0502 0x03d8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:09:25.0502 0x03d8 sffp_mmc - ok
16:09:25.0512 0x03d8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:09:25.0512 0x03d8 sffp_sd - ok
16:09:25.0552 0x03d8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:09:25.0552 0x03d8 sfloppy - ok
16:09:25.0602 0x03d8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:09:25.0612 0x03d8 SharedAccess - ok
16:09:25.0652 0x03d8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:09:25.0662 0x03d8 ShellHWDetection - ok
16:09:25.0682 0x03d8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:09:25.0682 0x03d8 SiSRaid2 - ok
16:09:25.0682 0x03d8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:09:25.0692 0x03d8 SiSRaid4 - ok
16:09:25.0742 0x03d8 SkypeUpdate - ok
16:09:25.0752 0x03d8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:09:25.0752 0x03d8 Smb - ok
16:09:25.0802 0x03d8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:09:25.0802 0x03d8 SNMPTRAP - ok
16:09:25.0912 0x03d8 [ 43FBAA2C9E6B01B6AFC40B69019C27EC, 43772CACDD280A8E9D6B01BD967BE2970CA40CDB6F7FB322B64D487D36EA3754 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:09:25.0932 0x03d8 SNP2UVC - ok
16:09:25.0982 0x03d8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:09:25.0982 0x03d8 spldr - ok
16:09:26.0042 0x03d8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:09:26.0042 0x03d8 Spooler - ok
16:09:26.0172 0x03d8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:09:26.0222 0x03d8 sppsvc - ok
16:09:26.0272 0x03d8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:09:26.0272 0x03d8 sppuinotify - ok
16:09:26.0322 0x03d8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:09:26.0332 0x03d8 srv - ok
16:09:26.0352 0x03d8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:09:26.0362 0x03d8 srv2 - ok
16:09:26.0382 0x03d8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:09:26.0382 0x03d8 srvnet - ok
16:09:26.0402 0x03d8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:09:26.0402 0x03d8 SSDPSRV - ok
16:09:26.0412 0x03d8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:09:26.0412 0x03d8 SstpSvc - ok
16:09:26.0492 0x03d8 [ 0CDEA5ACBB69C45F642E96D81E906CCD, F7F4E9D5CBE0161611A8F66D9950D4CC8F408B6A42B80454962F3C059D60400E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:09:26.0492 0x03d8 STacSV - ok
16:09:26.0582 0x03d8 [ 5917F7D372503710EF6D4F2B9FB0503A, B5F0303BCA5FB01E6F267DD8F16112799BAA30F3262CB17EC738F62695ECBCFF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:09:26.0592 0x03d8 Steam Client Service - ok
16:09:26.0622 0x03d8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:09:26.0622 0x03d8 stexstor - ok
16:09:26.0662 0x03d8 [ 5C8D6072D1D09F11789C6A014688048A, 06D762E8C0201600E9F3F5A8FC2D943789572903C3DCAA1C8A8166F9F76BE608 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:09:26.0662 0x03d8 STHDA - ok
16:09:26.0722 0x03d8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:09:26.0732 0x03d8 stisvc - ok
16:09:26.0752 0x03d8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:09:26.0752 0x03d8 storflt - ok
16:09:26.0792 0x03d8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:09:26.0792 0x03d8 StorSvc - ok
16:09:26.0802 0x03d8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:09:26.0812 0x03d8 storvsc - ok
16:09:26.0832 0x03d8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:09:26.0832 0x03d8 swenum - ok
16:09:26.0872 0x03d8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:09:26.0882 0x03d8 swprv - ok
16:09:26.0972 0x03d8 [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF708096204B1714 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:09:26.0992 0x03d8 SynTP - ok
16:09:27.0072 0x03d8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:09:27.0102 0x03d8 SysMain - ok
16:09:27.0142 0x03d8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:09:27.0142 0x03d8 TabletInputService - ok
16:09:27.0202 0x03d8 [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
16:09:27.0202 0x03d8 tap0901t - ok
16:09:27.0242 0x03d8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:09:27.0252 0x03d8 TapiSrv - ok
16:09:27.0292 0x03d8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:09:27.0302 0x03d8 TBS - ok
16:09:27.0422 0x03d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:09:27.0452 0x03d8 Tcpip - ok
16:09:27.0512 0x03d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:09:27.0532 0x03d8 TCPIP6 - ok
16:09:27.0582 0x03d8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:09:27.0582 0x03d8 tcpipreg - ok
16:09:27.0622 0x03d8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:09:27.0622 0x03d8 TDPIPE - ok
16:09:27.0672 0x03d8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:09:27.0672 0x03d8 TDTCP - ok
16:09:27.0712 0x03d8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:09:27.0712 0x03d8 tdx - ok
16:09:27.0762 0x03d8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:09:27.0762 0x03d8 TermDD - ok
16:09:27.0782 0x03d8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:09:27.0792 0x03d8 TermService - ok
16:09:27.0832 0x03d8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:09:27.0832 0x03d8 Themes - ok
16:09:27.0872 0x03d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:09:27.0872 0x03d8 THREADORDER - ok
16:09:27.0922 0x03d8 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
16:09:27.0922 0x03d8 TPM - ok
16:09:27.0932 0x03d8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:09:27.0942 0x03d8 TrkWks - ok
16:09:28.0002 0x03d8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:09:28.0012 0x03d8 TrustedInstaller - ok
16:09:28.0052 0x03d8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:09:28.0052 0x03d8 tssecsrv - ok
16:09:28.0102 0x03d8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:09:28.0112 0x03d8 TsUsbFlt - ok
16:09:28.0162 0x03d8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:09:28.0172 0x03d8 tunnel - ok
16:09:28.0242 0x03d8 [ 97D6177C2DCCDA2BA25F053B3C75D74E, DFB449E51978433F21BD85E42C5012DE64992CC0101FD9FFA6BA418233C6E70A ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
16:09:28.0252 0x03d8 TunngleService - ok
16:09:28.0292 0x03d8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:09:28.0292 0x03d8 uagp35 - ok
16:09:28.0342 0x03d8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:09:28.0352 0x03d8 udfs - ok
16:09:28.0392 0x03d8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:09:28.0392 0x03d8 UI0Detect - ok
16:09:28.0442 0x03d8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:09:28.0442 0x03d8 uliagpkx - ok
16:09:28.0472 0x03d8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:09:28.0472 0x03d8 umbus - ok
16:09:28.0482 0x03d8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:09:28.0482 0x03d8 UmPass - ok
16:09:28.0532 0x03d8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:09:28.0532 0x03d8 UmRdpService - ok
16:09:28.0832 0x03d8 [ 2955A9ADBC618B6A09E3D3BECC3CCB3D, E4258A01E9DCF66F0E91A691DD0CDBF3E0EBB92D2B041CF63FC66B7991B9D6AD ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:09:28.0872 0x03d8 UNS - ok
16:09:28.0932 0x03d8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:09:28.0932 0x03d8 upnphost - ok
16:09:28.0992 0x03d8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:09:28.0992 0x03d8 usbccgp - ok
16:09:29.0042 0x03d8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:09:29.0042 0x03d8 usbcir - ok
16:09:29.0082 0x03d8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:09:29.0082 0x03d8 usbehci - ok
16:09:29.0112 0x03d8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:09:29.0122 0x03d8 usbhub - ok
16:09:29.0162 0x03d8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:09:29.0162 0x03d8 usbohci - ok
16:09:29.0202 0x03d8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:09:29.0202 0x03d8 usbprint - ok
16:09:29.0232 0x03d8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:09:29.0232 0x03d8 USBSTOR - ok
16:09:29.0242 0x03d8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:09:29.0242 0x03d8 usbuhci - ok
16:09:29.0272 0x03d8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:09:29.0272 0x03d8 usbvideo - ok
16:09:29.0322 0x03d8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:09:29.0322 0x03d8 UxSms - ok
16:09:29.0362 0x03d8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:09:29.0362 0x03d8 VaultSvc - ok
16:09:29.0432 0x03d8 [ 70BF30C45553F4A6DBB5D86053F8FBF1, 6152FD74C91FBF98D9508022E7240E52F8BB9B29F754A4832E6645B8C0597C46 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
16:09:29.0442 0x03d8 VBoxDrv - ok
16:09:29.0482 0x03d8 [ 034464B8FAC64660FFF0C734552594B1, 95C5D14EDD49E2BEF7FD06E4AF565F0DF6C66BBBFFA72EDE6358B904A67FA825 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
16:09:29.0482 0x03d8 VBoxUSB - ok
16:09:29.0492 0x03d8 [ F5EB0B5663D56D6F68EF84DD19333F73, C55C3329290A3CB4B528A5D8768C5FCB1A5B94483230F7CC7EEED49E9760ADB3 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:09:29.0502 0x03d8 VBoxUSBMon - ok
16:09:29.0622 0x03d8 [ 41EEF971DD82A3674D07F275A4DEF702, 67F5CAAD5FCDAFBF6C5140662B00921BEBF2F65C368D42E50047E596465F1451 ] vcsFPService C:\Windows\system32\vcsFPService.exe
16:09:29.0662 0x03d8 vcsFPService - ok
16:09:29.0732 0x03d8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:09:29.0732 0x03d8 vdrvroot - ok
16:09:29.0782 0x03d8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:09:29.0792 0x03d8 vds - ok
16:09:29.0842 0x03d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:09:29.0842 0x03d8 vga - ok
16:09:29.0852 0x03d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:09:29.0852 0x03d8 VgaSave - ok
16:09:29.0882 0x03d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:09:29.0882 0x03d8 vhdmp - ok
16:09:29.0912 0x03d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:09:29.0912 0x03d8 viaide - ok
16:09:30.0012 0x03d8 [ 7171B884DA8BFB1CE5C8BAE46D993CB1, 41FDD5973D7F02F0C568041E959C13EF2EA42334683C718B7443FFC5810322E6 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
16:09:30.0012 0x03d8 VMAuthdService - ok
16:09:30.0042 0x03d8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:09:30.0042 0x03d8 vmbus - ok
16:09:30.0062 0x03d8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:09:30.0062 0x03d8 VMBusHID - ok
16:09:30.0102 0x03d8 [ 6203C901DEFF10631AAD919B3BD1489B, 2CF99A56EEBB444A30736982647FBECC037D03F4EC3A7B06C147FF62876F438B ] vmci C:\Windows\system32\DRIVERS\vmci.sys
16:09:30.0112 0x03d8 vmci - ok
16:09:30.0112 0x03d8 [ AF3FAAE90D4BE41ECB510969A05C1842, D39B44E4EC4F09B48C934C113E94004BEC76A28F975C716C0C73ED39A87C65F3 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
16:09:30.0112 0x03d8 vmkbd - ok
16:09:30.0132 0x03d8 [ AEF53B47E960F227BF7638A6A1A9D5C6, 21280177B404F27A5C9725AE50D6E8595CFFED59837741C9FEEF6013CE7C8CF6 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
16:09:30.0132 0x03d8 VMnetAdapter - ok
16:09:30.0132 0x03d8 [ C234A1DC2F06A15B9210787F54253810, B1A25D9F84752294BEE643EB9E17CC0538E5C26B7C741E32F7AEFE6514B1F5C6 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
16:09:30.0142 0x03d8 VMnetBridge - ok
16:09:30.0142 0x03d8 VMnetDHCP - ok
16:09:30.0142 0x03d8 [ B19B92D57515D3DE3330ADD34AB6AB05, 3F53F699E2C1B5A064EB5C7BC6F2985A326CF0A05729AA26BEFBCBF7F7623255 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
16:09:30.0142 0x03d8 VMnetuserif - ok
16:09:30.0152 0x03d8 [ 6755C5E0A4E7B69563D8B4EA419EBC43, C15BA76A93EB74D676941D6F654F0EC388E8FA16DF182FC6575E86BEB5557D05 ] VMparport C:\Windows\system32\drivers\VMparport.sys
16:09:30.0152 0x03d8 VMparport - ok
16:09:30.0232 0x03d8 [ 105CC87FF31CB3C911ED6C515EC82F75, 0390345E917C5625AC196BCF8A1B3103099C3D380983456C3FD781E6BB58EE5D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
16:09:30.0242 0x03d8 VMUSBArbService - ok
16:09:30.0252 0x03d8 VMware NAT Service - ok
16:09:30.0262 0x03d8 [ B95C74CB53894249F43A8302E9AF7E23, FA7BD256875669DF9CA550F3E58F754BB3AE4E13E93F84C33C8D10D651A0EFC7 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
16:09:30.0262 0x03d8 vmx86 - ok
16:09:30.0302 0x03d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:09:30.0302 0x03d8 volmgr - ok
16:09:30.0352 0x03d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:09:30.0352 0x03d8 volmgrx - ok
16:09:30.0392 0x03d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:09:30.0392 0x03d8 volsnap - ok
16:09:30.0452 0x03d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:09:30.0462 0x03d8 vsmraid - ok
16:09:30.0502 0x03d8 [ 1BD504B8678825B40C515BEF5BFB08E7, 3C1A06E2CC6CC7F72A926AE2D30757ADB0CB9AFC222EA44C89500FBC1DFFBA33 ] vsock C:\Windows\system32\drivers\vsock.sys
16:09:30.0502 0x03d8 vsock - ok
16:09:30.0582 0x03d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:09:30.0602 0x03d8 VSS - ok
16:09:30.0622 0x03d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:09:30.0622 0x03d8 vwifibus - ok
16:09:30.0632 0x03d8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:09:30.0632 0x03d8 vwififlt - ok
16:09:30.0682 0x03d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:09:30.0682 0x03d8 W32Time - ok
16:09:30.0702 0x03d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:09:30.0702 0x03d8 WacomPen - ok
16:09:30.0752 0x03d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:09:30.0752 0x03d8 WANARP - ok
16:09:30.0772 0x03d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:09:30.0772 0x03d8 Wanarpv6 - ok
16:09:30.0852 0x03d8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:09:30.0872 0x03d8 WatAdminSvc - ok
16:09:30.0982 0x03d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:09:31.0002 0x03d8 wbengine - ok
16:09:31.0042 0x03d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:09:31.0052 0x03d8 WbioSrvc - ok
16:09:31.0102 0x03d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:09:31.0112 0x03d8 wcncsvc - ok
16:09:31.0122 0x03d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:09:31.0122 0x03d8 WcsPlugInService - ok
16:09:31.0172 0x03d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:09:31.0172 0x03d8 Wd - ok
16:09:31.0242 0x03d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:09:31.0252 0x03d8 Wdf01000 - ok
16:09:31.0272 0x03d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:09:31.0272 0x03d8 WdiServiceHost - ok
16:09:31.0282 0x03d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:09:31.0282 0x03d8 WdiSystemHost - ok
16:09:31.0342 0x03d8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:09:31.0342 0x03d8 WebClient - ok
16:09:31.0382 0x03d8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:09:31.0392 0x03d8 Wecsvc - ok
16:09:31.0432 0x03d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:09:31.0432 0x03d8 wercplsupport - ok
16:09:31.0462 0x03d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:09:31.0462 0x03d8 WerSvc - ok
16:09:31.0522 0x03d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:09:31.0522 0x03d8 WfpLwf - ok
16:09:31.0532 0x03d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:09:31.0532 0x03d8 WIMMount - ok
16:09:31.0552 0x03d8 WinDefend - ok
16:09:31.0572 0x03d8 WinHttpAutoProxySvc - ok
16:09:31.0632 0x03d8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:09:31.0642 0x03d8 Winmgmt - ok
16:09:31.0732 0x03d8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:09:31.0762 0x03d8 WinRM - ok
16:09:31.0802 0x03d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
16:09:31.0802 0x03d8 WinUSB - ok
16:09:31.0862 0x03d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:09:31.0882 0x03d8 Wlansvc - ok
16:09:31.0932 0x03d8 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
16:09:31.0932 0x03d8 WmBEnum - ok
16:09:31.0992 0x03d8 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
16:09:31.0992 0x03d8 WmFilter - ok
16:09:32.0032 0x03d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:09:32.0032 0x03d8 WmiAcpi - ok
16:09:32.0092 0x03d8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:09:32.0092 0x03d8 wmiApSrv - ok
16:09:32.0132 0x03d8 WMPNetworkSvc - ok
16:09:32.0152 0x03d8 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
16:09:32.0152 0x03d8 WmVirHid - ok
16:09:32.0162 0x03d8 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
16:09:32.0172 0x03d8 WmXlCore - ok
16:09:32.0212 0x03d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:09:32.0212 0x03d8 WPCSvc - ok
16:09:32.0262 0x03d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:09:32.0262 0x03d8 WPDBusEnum - ok
16:09:32.0302 0x03d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:09:32.0302 0x03d8 ws2ifsl - ok
16:09:32.0312 0x03d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:09:32.0322 0x03d8 wscsvc - ok
16:09:32.0322 0x03d8 WSearch - ok
16:09:32.0422 0x03d8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
16:09:32.0452 0x03d8 wuauserv - ok
16:09:32.0502 0x03d8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:09:32.0502 0x03d8 WudfPf - ok
16:09:32.0562 0x03d8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:09:32.0562 0x03d8 WUDFRd - ok
16:09:32.0582 0x03d8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:09:32.0582 0x03d8 wudfsvc - ok
16:09:32.0622 0x03d8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:09:32.0622 0x03d8 WwanSvc - ok
16:09:32.0652 0x03d8 ================ Scan global ===============================
16:09:32.0692 0x03d8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:09:32.0732 0x03d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:09:32.0742 0x03d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:09:32.0802 0x03d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:09:32.0852 0x03d8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:09:32.0852 0x03d8 [ Global ] - ok
16:09:32.0852 0x03d8 ================ Scan MBR ==================================
16:09:32.0862 0x03d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:09:33.0552 0x03d8 \Device\Harddisk0\DR0 - ok
16:09:33.0552 0x03d8 ================ Scan VBR ==================================
16:09:33.0562 0x03d8 [ AA72F53BD2FE2A8DDA88983409CBDFBD ] \Device\Harddisk0\DR0\Partition1
16:09:33.0582 0x03d8 \Device\Harddisk0\DR0\Partition1 - ok
16:09:33.0602 0x03d8 [ 44ED5B1019FA73CEE26092D324DB230C ] \Device\Harddisk0\DR0\Partition2
16:09:33.0602 0x03d8 \Device\Harddisk0\DR0\Partition2 - ok
16:09:33.0622 0x03d8 [ 0B5EBE98034766A9E5BE4C3E299F19E5 ] \Device\Harddisk0\DR0\Partition3
16:09:33.0622 0x03d8 \Device\Harddisk0\DR0\Partition3 - ok
16:09:33.0662 0x03d8 [ 0B5EBE98034766A9E5BE4C3E299F19E5 ] \Device\Harddisk0\DR0\Partition4
16:09:33.0662 0x03d8 \Device\Harddisk0\DR0\Partition4 - ok
16:09:33.0662 0x03d8 ================ Scan generic autorun ======================
16:09:33.0722 0x03d8 [ AF891F9CA22113D229B5EF18AFAEEFB7, 0CFC5326C819542CFCEDE22B8AA059F7C93E66552C4F995D11D6C4CB7D57A458 ] C:\Program Files\IDT\WDM\sttray64.exe
16:09:33.0732 0x03d8 SysTrayApp - ok
16:09:33.0732 0x03d8 SynTPEnh - ok
16:09:33.0812 0x03d8 [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
16:09:33.0822 0x03d8 Start WingMan Profiler - ok
16:09:33.0942 0x03d8 [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
16:09:33.0962 0x03d8 MSC - ok
16:09:34.0092 0x03d8 [ B5A4EBA9487F08BECC843A87422B8052, EA905E9169CE8C934F2D6F7E319A75E31EA9E1840CC455298BEB3F92E22FCAAE ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
16:09:34.0152 0x03d8 SDTray - ok
16:09:34.0232 0x03d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:09:34.0252 0x03d8 Sidebar - ok
16:09:34.0302 0x03d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:09:34.0302 0x03d8 mctadmin - ok
16:09:34.0322 0x03d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:09:34.0342 0x03d8 Sidebar - ok
16:09:34.0342 0x03d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:09:34.0342 0x03d8 mctadmin - ok
16:09:34.0442 0x03d8 [ 1B2B3215F4B6B735813844AC1769E239, FCC4D5E52329531904637C19F0BA6EBD857CDFB814D3DCD799062D049FF2E485 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
16:09:34.0492 0x03d8 Spybot-S&D Cleaning - ok
16:09:34.0492 0x03d8 Waiting for KSN requests completion. In queue: 59
16:09:35.0492 0x03d8 Waiting for KSN requests completion. In queue: 59
16:09:36.0492 0x03d8 Waiting for KSN requests completion. In queue: 59
16:09:37.0492 0x03d8 Waiting for KSN requests completion. In queue: 59
16:09:38.0492 0x03d8 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
16:09:38.0502 0x03d8 Win FW state via NFP2: enabled
16:09:42.0062 0x03d8 ============================================================
16:09:42.0062 0x03d8 Scan finished
16:09:42.0062 0x03d8 ============================================================
16:09:42.0062 0x10b8 Detected object count: 0
16:09:42.0062 0x10b8 Actual detected object count: 0
16:10:09.0932 0x079c Deinitialize success
ken545
2014-07-31, 20:37
Looking good, at this point I don't think that your problem is Malware related, I suspect like I said before that sometimes games are poorly written and can sometimes cause problems

Think back, what was the last program , games or otherwise that you installed prior to the problems your having
Notawiz
2014-07-31, 22:18
Thanks for the help, at least it's good to know I don't have a virus.

It started a long time ago, I have no idea when or how. I didn't have a need to fix it until now, since I wasn't doing anything where it's a big inconvenience.

How can a game cause this when it's not running? Would uninstalling some unneeded stuff have a chance of fixing it?
ken545
2014-07-31, 22:49
Been at this for a long time, and it appears to me that gamers or people that have a lot of games installed seem to have other problems, just saying.

If you could somewhat pinpoint when this started happening maybe doing a system restore prior to that date may help

This what I would like you to do since this forum is for malware removal only
Go here and register, like Safer it free
http://forums.whatthetech.com/



Once your registered than post in there windows forum
http://forums.whatthetech.com/index.php?showforum=119

You can link them back to this thread if you wish so they can see what we have done



Double click on AdwCleaner.exe to run the tool again.

Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.






Please download DelFix (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix) and save the file to your Desktop.


Double-click DelFix.exe to run the program.
Place a checkmark next to the following items:

*Activate UAC
*Remove disinfection tools
*Create registry backup
*Reset System Settings


Click the Run button

This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually






How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/index.php?showtopic=57817)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)



Safe Surfn
Ken