Spring files

Juliet · Oct 22, 2015

It's like it reinfected and now I'm just not seeing it.

Right-Click FRST.exe / FRST64.exe and select

Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

~~~~~~~~~~~

Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

Download RogueKiller to your desktop.
Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Don't run any other options, they're not all bad!!
Post back the report which should be located on your desktop.

rudebadger · Oct 22, 2015

Yeah its almost like the infection is worse now

I followed the instructions about updating everything earlier but a few of the times that it has redirected it has popped up that I need to update flashplayer.

Not sure if it helps, but I noticed that a lot of the redirects go to a web page called startnewtab & then to several other pages.

Here are the logs:

RogueKiller V10.11.2.0 [Oct 20 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ollie [Administrator]
Started from : C:\Users\Ollie\Desktop\RogueKiller.exe
Mode : Scan -- Date : 10/22/2015 02:29:24

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-9YN162 ATA Device +++++
--- User ---
[MBR] 24b2680c40d1268291dfa912613e6822
[BSP] 921765b9950be56b821162cd46adb8e1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Corsair Force 3 SSD ATA Device +++++
--- User ---
[MBR] 7c905eea817878e84145ee4d942fe8c4
[BSP] 43eb0f86a7769b95c572877efa27ef7f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 171603 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
Ran by Ollie (administrator) on GAMING-PC (22-10-2015 02:14:55)
Running from C:\Users\Ollie\Desktop
Loaded Profiles: Ollie (Available Profiles: Ollie & Lisa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Edimax Technology Co.) C:\Program Files (x86)\Edimax\Common\RaUI.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M95 Mouse\CorsTra.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(MY.COM B.V.) C:\Users\Ollie\AppData\Local\MyComGames\MyComGames.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-08-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-08-05] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-06] (COMODO)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-17] (Apple Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-17] (Apple Inc.)
HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1771520 2013-08-15] (Corsair Components Inc)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Corsair M65 Mouse] => C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe [1766912 2013-08-15] (Corsair Components Inc)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-21] (Oracle Corporation)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2901584 2015-10-16] (Valve Corporation)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-30] (Safer-Networking Ltd.)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [MyComGames] => C:\Users\Ollie\AppData\Local\MyComGames\MyComGames.exe [4235208 2015-10-22] (MY.COM B.V.)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-17]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk [2012-11-09]
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{023BED95-0A6C-4A68-8987-05741C533FF6}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{603A00DB-9D40-47FE-A688-300242898DC5}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{603A00DB-9D40-47FE-A688-300242898DC5}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3501653021-3640964384-1111194576-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ollie\AppData\Roaming\Mozilla\Firefox\Profiles\utkgrewf.default-1445277530700
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3501653021-3640964384-1111194576-1000: @my.com/Games -> C:\Users\Ollie\AppData\Local\MyComGames\NPMyComDetector.dll [2015-10-01] (My.com, Inc)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-17] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-07] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-06] (COMODO)
S3 DAUpdaterSvc; C:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-10-06] (Futuremark)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-17] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-17] (Malwarebytes)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
R3 CORK70; C:\Windows\System32\drivers\CORK70.sys [25600 2012-10-31] ( )
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
S3 DUKEMS; C:\Windows\System32\drivers\DUKEMS.sys [25600 2012-08-16] ( )
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-02] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-17] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SnakeEyes; C:\Windows\System32\drivers\SnakeEyes.sys [25600 2012-09-05] ( )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-22 02:14 - 2015-10-22 02:15 - 00015908 _____ C:\Users\Ollie\Desktop\FRST.txt
2015-10-21 22:55 - 2015-10-21 23:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-21 22:54 - 2015-10-21 23:05 - 00000000 ____D C:\Users\Ollie\Desktop\mbar
2015-10-21 22:43 - 2015-10-21 22:43 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Sun
2015-10-21 22:43 - 2015-10-21 22:43 - 00000000 ____D C:\Users\Ollie\.oracle_jre_usage
2015-10-21 22:42 - 2015-10-21 22:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-21 22:42 - 2015-10-21 22:42 - 00000000 ____D C:\Users\Ollie\AppData\LocalLow\Oracle
2015-10-21 22:41 - 2015-10-21 22:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-21 22:41 - 2015-10-21 22:41 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-21 22:40 - 2015-10-21 22:40 - 00584288 _____ (Oracle Corporation) C:\Users\Ollie\Downloads\jxpiinstall.exe
2015-10-21 22:37 - 2015-10-21 22:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ollie\Desktop\mbar-1.09.3.1001.exe
2015-10-21 22:00 - 2015-10-21 22:00 - 00000000 ____D C:\Users\Ollie\AppData\LocalLow\Adobe
2015-10-21 21:57 - 2015-10-21 21:57 - 18833096 _____ (Adobe Systems Incorporated) C:\Users\Ollie\Downloads\install_flash_player_19_plugin.exe
2015-10-21 18:56 - 2015-10-21 18:56 - 00022798 _____ C:\ComboFix.txt
2015-10-21 18:41 - 2015-10-21 18:36 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00256000 _____ C:\Windows\PEV.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00208896 _____ C:\Windows\MBR.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00098816 _____ C:\Windows\sed.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00080412 _____ C:\Windows\grep.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00068096 _____ C:\Windows\zip.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-21 18:37 - 2015-10-21 18:57 - 00000000 ____D C:\Qoobox
2015-10-21 18:36 - 2015-10-21 18:53 - 00000000 ____D C:\Windows\erdnt
2015-10-20 23:13 - 2015-10-20 23:13 - 00000877 _____ C:\Users\Ollie\Desktop\checkup.txt
2015-10-20 22:42 - 2015-10-21 18:36 - 05637184 ____R (Swearware) C:\Users\Ollie\Desktop\ComboFix.exe
2015-10-20 22:41 - 2015-10-20 22:41 - 00852720 _____ C:\Users\Ollie\Desktop\SecurityCheck.exe
2015-10-20 19:10 - 2015-10-20 19:10 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-20 19:10 - 2015-10-20 19:10 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-20 19:10 - 2015-10-20 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-20 19:04 - 2015-10-20 19:04 - 42710448 _____ C:\Users\Ollie\Downloads\Firefox Setup 41.0.2.exe
2015-10-20 07:45 - 2015-10-20 07:45 - 00002388 _____ C:\Users\Ollie\Desktop\esetscan.txt
2015-10-18 18:04 - 2015-10-18 18:04 - 00001936 _____ C:\Users\Ollie\Desktop\esetresults.txt
2015-10-18 11:37 - 2015-10-18 11:37 - 00001050 _____ C:\Users\Ollie\Desktop\mbam.txt
2015-10-18 01:53 - 2015-10-18 01:53 - 00319952 _____ C:\Windows\Minidump\101815-13088-01.dmp
2015-10-18 01:45 - 2015-10-18 01:45 - 00000736 _____ C:\Users\Ollie\Desktop\JRT.txt
2015-10-18 01:31 - 2015-10-18 01:31 - 01801288 _____ (Malwarebytes) C:\Users\Ollie\Downloads\JRT.exe
2015-10-18 01:28 - 2015-10-18 01:28 - 00001245 _____ C:\Users\Ollie\Desktop\AdwCleaner[C3].txt
2015-10-18 01:23 - 2015-10-17 02:15 - 01682432 _____ C:\Users\Ollie\Desktop\adwcleaner_5.013.exe
2015-10-18 01:14 - 2015-10-22 02:14 - 00000000 ____D C:\Users\Ollie\Desktop\FRST-OlderVersion
2015-10-17 17:05 - 2015-10-18 01:55 - 00001438 _____ C:\Users\Ollie\Desktop\bsod.txt
2015-10-17 17:03 - 2015-10-17 17:03 - 00276880 _____ C:\Windows\Minidump\101715-13603-01.dmp
2015-10-17 16:27 - 2015-10-17 16:27 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-17 16:27 - 2015-10-17 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-17 16:27 - 2015-10-17 16:27 - 00000000 ____D C:\Program Files\iTunes
2015-10-17 16:27 - 2015-10-17 16:27 - 00000000 ____D C:\Program Files\iPod
2015-10-17 16:26 - 2015-10-17 16:26 - 00000000 ____D C:\Program Files\Bonjour
2015-10-17 16:26 - 2015-10-17 16:26 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-17 12:34 - 2015-10-17 12:43 - 00000000 ____D C:\Users\Ollie\AppData\Local\WinZip
2015-10-17 12:34 - 2015-10-17 12:42 - 00000000 ____D C:\ProgramData\WinZip
2015-10-17 12:34 - 2015-10-17 12:34 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-10-17 12:34 - 2015-10-17 12:34 - 00002281 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\Program Files\WinZip
2015-10-17 04:45 - 2015-10-17 04:45 - 00002301 _____ C:\Users\Ollie\Desktop\aswMBR.txt
2015-10-17 04:45 - 2015-10-17 04:45 - 00000512 _____ C:\Users\Ollie\Desktop\MBR.dat
2015-10-17 04:20 - 2015-10-17 04:20 - 05198336 _____ (AVAST Software) C:\Users\Ollie\Desktop\aswMBR.exe
2015-10-17 04:18 - 2015-10-22 02:14 - 02196480 _____ (Farbar) C:\Users\Ollie\Desktop\FRST64.exe
2015-10-17 04:18 - 2015-10-22 02:14 - 00000000 ____D C:\FRST
2015-10-17 04:16 - 2015-10-18 01:12 - 00000000 ____D C:\Springclean
2015-10-17 04:15 - 2015-10-17 04:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-GAMING-PC-Windows-7-Home-Premium-(64-bit).dat
2015-10-17 04:15 - 2015-10-17 04:15 - 00000000 ____D C:\RegBackup
2015-10-17 04:14 - 2015-10-17 04:14 - 00002239 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-10-17 04:14 - 2015-10-17 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-10-17 04:14 - 2015-10-17 04:14 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-10-17 04:13 - 2015-10-17 04:13 - 04777232 _____ (Tweaking.com) C:\Users\Ollie\Downloads\tweaking.com_registry_backup_setup.exe
2015-10-17 03:50 - 2015-10-17 03:50 - 10357568 _____ (SurfRight B.V.) C:\Users\Ollie\Downloads\HitmanPro.exe
2015-10-17 02:56 - 2015-10-17 02:56 - 02870984 _____ (ESET) C:\Users\Ollie\Desktop\esetsmartinstaller_enu.exe
2015-10-17 02:22 - 2015-10-21 23:05 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-17 02:22 - 2015-10-17 02:22 - 22908888 _____ (Malwarebytes ) C:\Users\Ollie\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-17 02:22 - 2015-10-17 02:22 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-17 02:22 - 2015-10-17 02:22 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-17 02:22 - 2015-10-17 02:22 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-17 02:22 - 2015-10-17 02:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-17 02:22 - 2015-10-17 02:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-17 02:15 - 2015-10-17 02:15 - 01682432 _____ C:\Users\Ollie\Downloads\adwcleaner_5.013.exe
2015-10-17 01:52 - 2015-10-17 01:53 - 00000874 _____ C:\AdwCleaner[S5].txt
2015-10-13 20:38 - 2015-10-13 20:38 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 20:38 - 2015-10-13 20:38 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 20:38 - 2015-10-13 20:38 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 20:38 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 20:38 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 20:38 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 20:38 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 20:37 - 2015-10-13 20:37 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 20:37 - 2015-10-13 20:37 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 20:37 - 2015-10-13 20:37 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 20:37 - 2015-10-13 20:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 20:37 - 2015-10-13 20:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 20:37 - 2015-10-13 20:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-10 12:33 - 2015-10-10 12:33 - 00000812 _____ C:\AdwCleaner[S4].txt
2015-10-06 18:23 - 2015-10-06 18:23 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-10-06 18:22 - 2015-10-06 18:22 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-10-06 18:21 - 2015-10-06 18:23 - 00000000 ____D C:\Users\Ollie\Documents\3DMark 11
2015-10-06 18:21 - 2015-10-06 18:21 - 02883584 _____ C:\Users\Ollie\Downloads\Futuremark_SystemInfo_v440_installer.msi
2015-10-06 18:21 - 2015-10-06 18:21 - 00000000 ____D C:\Users\Ollie\AppData\Local\IsolatedStorage
2015-10-06 18:21 - 2015-10-06 18:21 - 00000000 ____D C:\Users\Ollie\AppData\Local\Futuremark
2015-10-06 18:11 - 2015-10-06 18:11 - 00001227 _____ C:\Users\Public\Desktop\3DMark 11.lnk
2015-10-06 18:11 - 2015-10-06 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-10-06 18:11 - 2015-10-06 18:11 - 00000000 ____D C:\Program Files\Futuremark
2015-10-06 18:05 - 2015-10-06 18:08 - 271860249 _____ C:\Users\Ollie\Downloads\3DMark11-v1-0-132.zip
2015-10-06 18:04 - 2015-10-06 18:05 - 12261072 _____ (Novawave Inc. ) C:\Users\Ollie\Downloads\novabench3.exe
2015-10-05 23:30 - 2015-10-05 23:30 - 01199856 _____ ( ) C:\Users\Ollie\Downloads\hwmonitor_1.28.exe
2015-10-05 23:30 - 2015-10-05 23:30 - 00000930 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-10-05 23:30 - 2015-10-05 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-10-05 23:30 - 2015-10-05 23:30 - 00000000 ____D C:\Program Files\CPUID
2015-10-02 22:04 - 2015-10-02 22:06 - 300806184 _____ (AMD Inc.) C:\Users\Ollie\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2015-10-02 21:57 - 2015-10-02 21:57 - 04288048 _____ C:\Users\Ollie\Downloads\memtest86-iso.zip
2015-10-02 00:54 - 2015-10-02 06:50 - 00000137 _____ C:\Users\Ollie\Desktop\Armored Warfare Open Beta.url
2015-10-02 00:54 - 2015-10-02 00:54 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
2015-10-01 00:06 - 2015-10-01 00:06 - 00002017 _____ C:\Users\Ollie\Desktop\My.com Game Center.lnk
2015-10-01 00:06 - 2015-10-01 00:06 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2015-10-01 00:05 - 2015-10-22 02:10 - 00000000 ____D C:\Users\Ollie\AppData\Local\MyComGames
2015-10-01 00:05 - 2015-10-01 00:05 - 05481456 _____ (MY.COM B.V.) C:\Users\Ollie\Downloads\ArmwarMycomLoader.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-22 02:08 - 2015-03-30 19:20 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-10-22 01:59 - 2013-06-02 23:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-22 00:14 - 2015-05-02 00:44 - 00021141 _____ C:\Windows\setupact.log
2015-10-22 00:03 - 2014-04-12 13:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 22:56 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 22:56 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 22:55 - 2009-07-14 06:13 - 00159100 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-21 22:52 - 2014-09-10 01:23 - 00000000 ____D C:\Users\Ollie\AppData\Local\Adobe
2015-10-21 22:52 - 2012-11-09 17:45 - 01070470 _____ C:\Windows\WindowsUpdate.log
2015-10-21 22:50 - 2013-08-03 00:23 - 00000000 ____D C:\Users\Ollie\AppData\Local\HTC MediaHub
2015-10-21 22:50 - 2013-06-13 20:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-21 22:49 - 2012-11-09 18:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-10-21 22:49 - 2012-11-09 17:55 - 00000144 _____ C:\service.log
2015-10-21 22:49 - 2010-11-21 04:47 - 00426282 _____ C:\Windows\PFRO.log
2015-10-21 22:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 22:44 - 2013-10-19 01:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-21 22:43 - 2014-10-23 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 22:43 - 2014-10-23 22:50 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 22:43 - 2012-11-09 17:45 - 00000000 ____D C:\Users\Ollie
2015-10-21 22:42 - 2014-10-23 22:51 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 22:41 - 2015-07-10 23:13 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-21 22:41 - 2012-11-10 01:52 - 00000000 ____D C:\ProgramData\Adobe
2015-10-21 22:00 - 2012-11-10 01:52 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Adobe
2015-10-21 21:58 - 2013-06-02 23:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-21 21:58 - 2012-11-10 01:52 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-21 21:58 - 2012-11-10 01:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-21 21:57 - 2012-11-10 18:40 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-10-21 21:56 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 18:57 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-10-21 18:52 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-10-21 18:41 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-10-21 00:35 - 2015-04-21 10:26 - 03132778 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-10-20 19:05 - 2014-11-18 01:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-19 22:34 - 2012-11-09 17:45 - 00001160 _____ C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-18 01:53 - 2013-06-01 01:41 - 00000000 ____D C:\Windows\Minidump
2015-10-18 01:26 - 2015-08-06 20:04 - 00000000 ____D C:\AdwCleaner
2015-10-18 01:15 - 2014-02-23 22:55 - 00000000 ____D C:\Users\Ollie\AppData\LocalLow\Temp
2015-10-17 16:27 - 2013-06-08 17:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-17 16:27 - 2013-05-28 14:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-17 16:26 - 2015-08-12 16:03 - 00096528 _____ (Apple Inc.) C:\Windows\system32\dns-sd.exe
2015-10-17 16:26 - 2015-08-12 16:03 - 00084240 _____ (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2015-10-17 16:25 - 2013-05-28 14:09 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-17 11:33 - 2015-05-17 13:17 - 00000000 ____D C:\Windows\rescache
2015-10-17 04:35 - 2014-10-21 22:37 - 00001728 _____ C:\Users\Ollie\Desktop\details.txt
2015-10-14 00:05 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 00:03 - 2012-11-10 17:17 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 20:29 - 2015-07-17 22:36 - 00066544 _____ C:\Users\Lisa\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-13 20:29 - 2015-07-17 22:36 - 00000000 ____D C:\Users\Lisa\AppData\Local\HTC MediaHub
2015-10-11 16:24 - 2015-04-25 19:58 - 00000057 _____ C:\Users\Ollie\Desktop\cooling.txt
2015-10-09 23:33 - 2015-02-21 17:55 - 00000000 ____D C:\Users\Ollie\AppData\Local\Steam
2015-10-06 18:11 - 2012-11-09 20:10 - 00496911 _____ C:\Windows\DirectX.log
2015-10-06 18:10 - 2014-08-05 15:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-05 21:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2012-12-19 23:21 - 2012-12-19 23:21 - 0000111 _____ () C:\Users\Ollie\AppData\Roaming\adu.xml
2014-08-05 17:40 - 2014-08-05 17:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-21 19:19

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by Ollie (2015-10-22 02:15:21)
Running from C:\Users\Ollie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-11-09 16:45:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3501653021-3640964384-1111194576-500 - Administrator - Disabled)
Guest (S-1-5-21-3501653021-3640964384-1111194576-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3501653021-3640964384-1111194576-1002 - Limited - Enabled)
Lisa (S-1-5-21-3501653021-3640964384-1111194576-1009 - Limited - Enabled) => C:\Users\Lisa
Ollie (S-1-5-21-3501653021-3640964384-1111194576-1000 - Administrator - Enabled) => C:\Users\Ollie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 15.06 beta (HKLM-x32\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Armored Warfare MyCom Beta) (Version: 1.45 - My.com B.V.)
Aslain's XVM WoT Modpack version 4.6.8 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 4.6.8 - Aslain)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
COMODO Internet Security Premium (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
Corsair Gaming Headset Software (HKLM-x32\...\{6118E939-08B6-4180-8B5B-97836617813B}) (Version: 2.0.35 - Corsair)
Corsair K70 Firmware Update Application (HKLM-x32\...\{8C9DA353-2101-4658-BAA7-53F88EA0D3AB}_is1) (Version: - )
Corsair M65 Firmware Update Application (HKLM-x32\...\{29484F2D-404A-4EF6-B774-DF5EC5BDF481}_is1) (Version: - )
Corsair M65 Gaming Mouse Driver V1.0 (HKLM-x32\...\{62CC0366-207F-4BC3-97B1-4D4615B5BF0B}_is1) (Version: 1.00.00.11 - )
Corsair M95 Firmware Update Application (HKLM-x32\...\{4E44154D-0699-4D6C-996F-66D47B9A40D2}_is1) (Version: - )
Corsair M95 Gaming Mouse Driver V1.0 (HKLM-x32\...\{9C9EA6B0-2138-4111-BF26-9D0D40D12C0F}_is1) (Version: 1.00.00.14 - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version: - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Easy Tune 6 B12.0509.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0509.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Edimax RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.5.0 - Edimax)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Everything 1.3.4.686 (x86) (HKLM-x32\...\Everything) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - GIGABYTE Technologies, Inc.)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.3.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{F838C3DD-5785-4F19-AD0F-BD532C8A31F4}) (Version: 2.1.46.0 - HTC)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mount & Blade (HKLM-x32\...\Steam App 22100) (Version: - TaleWorlds Entertainment)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.3.1 - Tweaking.com)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

18-10-2015 19:00:03 Windows Backup
19-10-2015 22:34:24 Restore Point Created by FRST
21-10-2015 18:41:45 ComboFix created restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-10-21 18:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21FD3B25-29C2-447F-93CA-F418B38D494D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {2AE452DD-7663-4C08-86D9-150C6FD9B29D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {3FACD55F-1894-47BD-ADAA-04DFE5A5BCFD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {4876F49D-22CB-4F76-99FA-369E2AF0EED8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {4DA682FB-99CB-4AEA-AF79-8060720E11A4} - System32\Tasks\{F792DE50-AA36-4F10-8148-9E7EF9D76636} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {633F2494-35E3-4DE2-A618-4E7E55AE10BB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-10-17] (Apple Inc.)
Task: {73C1E663-DBDF-45F2-BAE0-A9C921E39E62} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {99146579-3923-4B7C-B229-3DA59088957D} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {B3390CAB-97E0-4E55-B694-1DEB10AD59E3} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-10 13:49 - 2011-01-10 13:49 - 00014848 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2012-11-09 17:55 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2012-11-09 18:01 - 2010-09-07 10:46 - 00072280 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2013-08-03 00:22 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-08-01 20:33 - 2013-08-01 20:33 - 00169312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-04-15 17:39 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2012-11-09 17:55 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2013-08-01 20:31 - 2013-08-01 20:31 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-08-01 20:32 - 2013-08-01 20:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-08-01 20:32 - 2013-08-01 20:32 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-08-01 20:32 - 2013-08-01 20:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-08-01 20:33 - 2013-08-01 20:33 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-08-01 20:40 - 2013-08-01 20:40 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-05-06 17:05 - 2015-10-09 23:33 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 21:59 - 2015-07-22 16:57 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 21:59 - 2015-07-22 16:57 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 21:59 - 2015-07-22 16:57 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-07-01 22:21 - 2015-10-16 22:34 - 02423376 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-06-06 14:06 - 2015-10-16 22:34 - 00705104 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 16:57 - 2015-10-16 22:34 - 00193024 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-11-09 18:28 - 2009-10-07 02:35 - 00901120 _____ () C:\Program Files (x86)\Edimax\Common\RaWLAPI.dll
2013-11-14 23:51 - 2013-05-26 15:40 - 00054272 _____ () C:\Program Files (x86)\Corsair\M95 Mouse\hidGetKey.dll
2014-12-28 18:42 - 2012-05-14 13:41 - 00043008 _____ () C:\Program Files (x86)\Corsair\M65 Mouse\hidGetKey.dll
2013-03-26 16:16 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-19 21:59 - 2015-10-09 23:33 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2015-10-01 00:05 - 2015-10-01 00:05 - 00144896 _____ () C:\Users\Ollie\AppData\Local\MyComGames\zlib1.dll
2015-10-01 00:05 - 2015-10-01 00:05 - 00062464 _____ () C:\Users\Ollie\AppData\Local\MyComGames\pxd.dll
2015-10-01 00:05 - 2015-10-01 00:05 - 00179144 _____ () C:\Users\Ollie\AppData\Local\MyComGames\LightUpdate.dll
2015-10-01 00:05 - 2015-10-22 02:10 - 02339784 _____ () C:\Users\Ollie\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Ollie\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID
AlternateDataStreams: C:\Windows\MBR.exe:$CmdTcID
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWXCACLS.exe:$CmdTcID
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdave64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdhcp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdmantle64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdmmcl6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdocl_as64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdocl_ld64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticfx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atidxx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atisamu64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiuxp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\coinst_14.50.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mantle64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mantleaxl64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenVideo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OVDecode64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdave32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdhcp32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdmantle32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdmmcl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdocl_as32.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdocl_ld32.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atisamu32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mantle32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mantleaxl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenVideo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OVDecode.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdacpksd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys.bak:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys.bak:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\adwcleaner_5.013.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\adwcleaner_5.013.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\aswMBR.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\aswMBR.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\autodetectutility.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\autodetectutility.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\ComboFix.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\Display Driver Uninstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\esetsmartinstaller_enu.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\esetsmartinstaller_enu.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\mbar-1.09.3.1001.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\mbar-1.09.3.1001.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\SecurityCheck.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\SecurityCheck.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\11713829_1223641617661299_793691498209012780_o.jpg:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\11713829_1223641617661299_793691498209012780_o.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\3DMark11-v1-0-132.zip:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\3DMark11-v1-0-132.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\7z1506.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\7z1506.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\adwcleaner_5.013.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\adwcleaner_5.013.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-GB.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-GB.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\ArmwarMycomLoader.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\ArmwarMycomLoader.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Aslains_XVM_WoT_Modpack_Installer_v.4.6.8_910.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Aslains_XVM_WoT_Modpack_Installer_v.4.6.8_910.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Firefox Setup 41.0.2.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Firefox Setup 41.0.2.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Futuremark_SystemInfo_v440_installer.msi:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Futuremark_SystemInfo_v440_installer.msi:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\HitmanPro.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\HitmanPro.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\hwmonitor_1.28.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\hwmonitor_1.28.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\install_flash_player_19_plugin.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\install_flash_player_19_plugin.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\JRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\JRT.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\jxpiinstall.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\jxpiinstall.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\mbam-setup-2.2.0.1024.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\mbam-setup-2.2.0.1024.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\memtest86-iso.zip:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\memtest86-iso.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\novabench3.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\novabench3.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\template.jpg:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\template.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\tweaking.com_registry_backup_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\tweaking.com_registry_backup_setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoT_internet_install_eu.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoT_internet_install_eu.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoWS_internet_install_eu.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoWS_internet_install_eu.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 15751 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 156.154.70.22 - 156.154.71.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57693123-6D81-46F1-A29B-103A8316E953}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2D61947-CAAD-42E6-A1B8-CDF82AF738E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EBCF617F-C492-448B-999A-A3A5844F0E06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7F56CF5A-97AA-42E1-8D0D-1449B76DE4FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{073DFCF0-9ED0-4697-8575-3F8EF5288D1C}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{2BEFBC93-C3B9-4AE5-8B4A-8A3313F8E349}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{7BB94A60-90C9-42DD-B8CE-5BD16827DAE2}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{F515A6CB-144F-4EAE-AF36-D0AD592FB656}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{B98CEFF2-7C68-4FD7-BD29-3790DA99F7D8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{A76D94D3-DAC7-434F-A912-06FDFF7FC774}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{0DA5898E-0431-4826-A40E-89F18F20D94D}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{DE42BB9A-911F-44F5-B4EE-E42122737169}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{9419282F-AAF2-477F-872B-79EC07E6036A}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{B8E732A2-36CC-4006-8AE7-333546D71017}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B9DECAD9-B37A-4B88-BA9F-714FE6F5E80F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{CB4DAA4C-C6F2-46B4-8507-95E95EAA86A2}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [{5D2BFE37-EDB7-425E-BAB7-FACC4CB62731}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{CEB19D6D-7926-4B1A-BDC7-D004D0269E3B}] => (Allow) C:\Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{EB9C7AA2-1FB6-492F-A16A-79C7F8924DBD}] => (Allow) C:\Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{6C70A579-A7B5-4B3F-9F4B-3447D62338AA}] => (Allow) C:\Games\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{7373ADBF-766D-4311-A551-A4394298A08A}] => (Allow) C:\Games\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{B2FA87E4-B840-430B-AC2A-03AF545A3923}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{4A5985A9-48CC-4C5F-8375-B9994F4FB513}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{29484216-7ED3-43B7-8B33-491586C04BA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4AD10BE-9F9D-4269-9512-A7D7BA8DB95E}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{4DB5D3D0-3D67-4366-8623-623D3546C952}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{99409EE6-9421-4ABF-9664-0EC0859783CD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7D406204-5B22-458E-858D-C7932BE225EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C1552EF1-8A93-41E5-9971-B99AE37CFE43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{4ADE1AE1-853C-4DD5-B122-72766D01D087}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{1116679B-E214-4A35-9AEF-F20E714CDF90}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{457A1534-EC97-4D86-879B-D1CD6C063DB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{CA9F1D8F-3975-4FBC-A10C-06A235CAA980}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{5799148E-0D9D-492C-B727-C36BB7F3C1B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A737F16D-97CA-4E74-A822-1609AD4403B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{25D9FEB8-19DE-4EBA-9B82-F040D52A6FD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{373E1A11-BD53-4EE1-897B-208B88A47542}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{CBEBAAEA-FA68-4F34-A1A8-A6F72B81794A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{ABDB5590-65E8-48EE-A5CC-9B9551BDD2D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{56742189-4528-4262-89E7-32B844C978EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{089EE90C-4194-45C3-BC1C-30BEC35ED335}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F1F63541-C8CB-4EDD-A100-3A31C55BC1D7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{29F53783-B4AC-47A5-9AD7-77FC64CCC00E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FE627920-BF0F-4AC9-A32D-6AF150A3C4C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0714BF63-3AC9-482C-A9C2-52A3417E87AB}] => (Allow) C:\Program files (x86)\raidxpert2\apache\bin\httpd.exe
FirewallRules: [{D149B3BC-CB0A-4B9B-BB23-E74022673DD2}] => (Allow) E:\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{90C78A4E-7182-413F-8FC8-F38CC5B0A4C9}] => (Allow) E:\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{17C7B4BE-10DF-45D4-9C9D-563A864BBF61}] => (Allow) E:\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{96B1012E-C482-498B-BEF2-29361399D73C}] => (Allow) E:\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{FA4444DB-2D0B-420C-A84A-97E7E3D1D0EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{0BBB55CE-C27E-40B5-ADF0-CC8B2D5687A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{00511F78-33DB-4A77-9F3D-729BEC001482}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount and Blade\runme.exe
FirewallRules: [{FF2BB3D8-7FB3-47A9-BFC4-DF9D247154F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount and Blade\runme.exe
FirewallRules: [{23A3F365-2D78-4926-983C-BE1CEC56B3D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{D0C0D638-3339-4F3A-B85E-3CA9F6CE2D7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{A7968FAC-2277-4DB8-97E8-7C2BBA91DEB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{E3B34F64-938E-4087-A52B-CDC020F56CA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{AEA1C473-53E1-4111-8B6B-DAA9DE279F72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{08F133DF-B3AC-476E-BCA6-6CA3E4B95597}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5FA2A8C0-9FDA-40DB-8894-14F77A579E4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC5ECE49-934D-4572-AF28-B65E6EC42A35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42D7AE02-59D4-49B1-A4AC-5E61BBC7A955}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2015 10:49:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2015 09:56:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2015 07:21:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/21/2015 06:35:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2015 12:35:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2015 11:23:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2015 11:22:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2015 11:19:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2015 11:07:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2015 10:25:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (10/21/2015 06:52:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/21/2015 06:51:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/21/2015 06:48:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/20/2015 12:39:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/20/2015 12:39:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/20/2015 12:39:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/20/2015 12:39:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/20/2015 12:39:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/20/2015 12:39:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/20/2015 12:38:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

CodeIntegrity:
===================================
Date: 2015-10-21 18:51:48.723
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-10-21 18:51:48.676
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD FX(tm)-8120 Eight-Core Processor
Percentage of memory in use: 29%
Total physical RAM: 8173.24 MB
Available physical RAM: 5793.01 MB
Total Virtual: 16344.69 MB
Available Virtual: 13387.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.58 GB) (Free:13.03 GB) NTFS
Drive e: (Data drive) (Fixed) (Total:931.51 GB) (Free:649.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DEAEFB8F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: B8A0EC17)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Juliet · Oct 22, 2015

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
2014-08-05 17:40 - 2014-08-05 17:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
FirewallRules: [{CB4DAA4C-C6F2-46B4-8507-95E95EAA86A2}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [{5D2BFE37-EDB7-425E-BAB7-FACC4CB62731}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{B2FA87E4-B840-430B-AC2A-03AF545A3923}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{A4AD10BE-9F9D-4269-9512-A7D7BA8DB95E}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
~~~~~~~~~~~~~~~~~``

Download the latest version of TDSSKiller from here and save it to your Desktop.

http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe

http://www.bleepingcomputer.com/download/tdsskiller/dl/4/

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please post these 2 logs when finished.

Any improvements?

rudebadger · Oct 22, 2015

Ok TDSSkiller did not find anything here is the first log from it:

15:49:17.0005 0x0fb0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:49:19.0527 0x0fb0 ============================================================
15:49:19.0527 0x0fb0 Current date / time: 2015/10/22 15:49:19.0527
15:49:19.0527 0x0fb0 SystemInfo:
15:49:19.0527 0x0fb0
15:49:19.0527 0x0fb0 OS Version: 6.1.7601 ServicePack: 1.0
15:49:19.0527 0x0fb0 Product type: Workstation
15:49:19.0527 0x0fb0 ComputerName: GAMING-PC
15:49:19.0527 0x0fb0 UserName: Ollie
15:49:19.0527 0x0fb0 Windows directory: C:\Windows
15:49:19.0527 0x0fb0 System windows directory: C:\Windows
15:49:19.0527 0x0fb0 Running under WOW64
15:49:19.0528 0x0fb0 Processor architecture: Intel x64
15:49:19.0528 0x0fb0 Number of processors: 8
15:49:19.0528 0x0fb0 Page size: 0x1000
15:49:19.0528 0x0fb0 Boot type: Normal boot
15:49:19.0528 0x0fb0 ============================================================
15:49:19.0596 0x0fb0 KLMD registered as C:\Windows\system32\drivers\85026493.sys
15:49:19.0771 0x0fb0 System UUID: {ABB56114-858B-C825-6063-BE713EC172DC}
15:49:24.0245 0x0fb0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:24.0245 0x0fb0 Drive \Device\Harddisk1\DR1 - Size: 0x29EB906000 ( 167.68 Gb ), SectorSize: 0x200, Cylinders: 0x5AD9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:49:24.0261 0x0fb0 ============================================================
15:49:24.0261 0x0fb0 \Device\Harddisk0\DR0:
15:49:24.0261 0x0fb0 MBR partitions:
15:49:24.0261 0x0fb0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:49:24.0261 0x0fb0 \Device\Harddisk1\DR1:
15:49:24.0261 0x0fb0 MBR partitions:
15:49:24.0261 0x0fb0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:49:24.0261 0x0fb0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x14F29800
15:49:24.0261 0x0fb0 ============================================================
15:49:24.0261 0x0fb0 C: <-> \Device\Harddisk1\DR1\Partition2
15:49:24.0292 0x0fb0 E: <-> \Device\Harddisk0\DR0\Partition1
15:49:24.0292 0x0fb0 ============================================================
15:49:24.0292 0x0fb0 Initialize success
15:49:24.0292 0x0fb0 ============================================================
15:49:31.0375 0x1448 ============================================================
15:49:31.0375 0x1448 Scan started
15:49:31.0375 0x1448 Mode: Manual; SigCheck; TDLFS;
15:49:31.0375 0x1448 ============================================================
15:49:31.0375 0x1448 KSN ping started
15:49:33.0824 0x1448 KSN ping finished: true
15:49:34.0089 0x1448 ================ Scan system memory ========================
15:49:34.0089 0x1448 System memory - ok
15:49:34.0089 0x1448 ================ Scan services =============================
15:49:34.0105 0x1448 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:49:34.0151 0x1448 !SASCORE - ok
15:49:34.0214 0x1448 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:49:34.0229 0x1448 1394ohci - ok
15:49:34.0245 0x1448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:49:34.0261 0x1448 ACPI - ok
15:49:34.0261 0x1448 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:49:34.0276 0x1448 AcpiPmi - ok
15:49:34.0292 0x1448 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:49:34.0292 0x1448 AdobeARMservice - ok
15:49:34.0323 0x1448 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:34.0339 0x1448 AdobeFlashPlayerUpdateSvc - ok
15:49:34.0354 0x1448 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:49:34.0385 0x1448 adp94xx - ok
15:49:34.0385 0x1448 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:49:34.0401 0x1448 adpahci - ok
15:49:34.0417 0x1448 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:49:34.0432 0x1448 adpu320 - ok
15:49:34.0432 0x1448 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:49:34.0463 0x1448 AeLookupSvc - ok
15:49:34.0479 0x1448 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:49:34.0495 0x1448 AFD - ok
15:49:34.0510 0x1448 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:49:34.0510 0x1448 agp440 - ok
15:49:34.0526 0x1448 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:49:34.0526 0x1448 ALG - ok
15:49:34.0541 0x1448 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:49:34.0541 0x1448 aliide - ok
15:49:34.0557 0x1448 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:49:34.0573 0x1448 AMD External Events Utility - ok
15:49:34.0573 0x1448 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:49:34.0588 0x1448 amdide - ok
15:49:34.0588 0x1448 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:49:34.0604 0x1448 amdiox64 - ok
15:49:34.0619 0x1448 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:49:34.0619 0x1448 AmdK8 - ok
15:49:35.0056 0x1448 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:49:35.0477 0x1448 amdkmdag - ok
15:49:35.0524 0x1448 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:49:35.0555 0x1448 amdkmdap - ok
15:49:35.0571 0x1448 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:49:35.0571 0x1448 AmdPPM - ok
15:49:35.0587 0x1448 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:49:35.0587 0x1448 amdsata - ok
15:49:35.0602 0x1448 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:49:35.0618 0x1448 amdsbs - ok
15:49:35.0618 0x1448 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:49:35.0618 0x1448 amdxata - ok
15:49:35.0633 0x1448 [ B934322C68C30DCECA96C0274A51F7B0, 5A0B10A9E662A0B0EEB951FFD2A82CC71D30939A78DAEBD26B3F58BB24351AC9 ] AODDriver C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys
15:49:35.0633 0x1448 AODDriver - ok
15:49:35.0649 0x1448 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
15:49:35.0649 0x1448 AppID - ok
15:49:35.0665 0x1448 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:49:35.0665 0x1448 AppIDSvc - ok
15:49:35.0680 0x1448 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
15:49:35.0680 0x1448 Appinfo - ok
15:49:35.0696 0x1448 [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:49:35.0696 0x1448 Apple Mobile Device Service - ok
15:49:35.0711 0x1448 [ BA957E7ACD2B44FA3B01FAA64F6A9060, 24824B5B50A0F4BD1E41C2A68682E072387E6E4743538A1C72B261430F743597 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
15:49:35.0711 0x1448 AppleCharger - ok
15:49:35.0727 0x1448 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:49:35.0727 0x1448 AppleChargerSrv - ok
15:49:35.0743 0x1448 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:49:35.0743 0x1448 arc - ok
15:49:35.0758 0x1448 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:49:35.0758 0x1448 arcsas - ok
15:49:35.0774 0x1448 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:49:35.0789 0x1448 aspnet_state - ok
15:49:35.0789 0x1448 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:35.0821 0x1448 AsyncMac - ok
15:49:35.0821 0x1448 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:49:35.0836 0x1448 atapi - ok
15:49:35.0852 0x1448 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:49:35.0883 0x1448 AudioEndpointBuilder - ok
15:49:35.0899 0x1448 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:49:35.0914 0x1448 AudioSrv - ok
15:49:35.0930 0x1448 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:49:35.0945 0x1448 AxInstSV - ok
15:49:35.0961 0x1448 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:49:35.0977 0x1448 b06bdrv - ok
15:49:35.0992 0x1448 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:49:36.0008 0x1448 b57nd60a - ok
15:49:36.0008 0x1448 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:49:36.0023 0x1448 BDESVC - ok
15:49:36.0023 0x1448 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:49:36.0055 0x1448 Beep - ok
15:49:36.0070 0x1448 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:49:36.0101 0x1448 BFE - ok
15:49:36.0133 0x1448 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
15:49:36.0179 0x1448 BITS - ok
15:49:36.0179 0x1448 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:49:36.0195 0x1448 blbdrive - ok
15:49:36.0195 0x1448 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:49:36.0226 0x1448 Bonjour Service - ok
15:49:36.0226 0x1448 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:49:36.0242 0x1448 bowser - ok
15:49:36.0242 0x1448 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:49:36.0257 0x1448 BrFiltLo - ok
15:49:36.0257 0x1448 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:49:36.0273 0x1448 BrFiltUp - ok
15:49:36.0273 0x1448 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:49:36.0304 0x1448 BridgeMP - ok
15:49:36.0304 0x1448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:49:36.0320 0x1448 Browser - ok
15:49:36.0335 0x1448 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:49:36.0351 0x1448 Brserid - ok
15:49:36.0351 0x1448 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:49:36.0367 0x1448 BrSerWdm - ok
15:49:36.0367 0x1448 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:49:36.0382 0x1448 BrUsbMdm - ok
15:49:36.0382 0x1448 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:49:36.0398 0x1448 BrUsbSer - ok
15:49:36.0398 0x1448 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:49:36.0413 0x1448 BTHMODEM - ok
15:49:36.0429 0x1448 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:49:36.0460 0x1448 bthserv - ok
15:49:36.0460 0x1448 catchme - ok
15:49:36.0460 0x1448 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:49:36.0491 0x1448 cdfs - ok
15:49:36.0507 0x1448 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:49:36.0507 0x1448 cdrom - ok
15:49:36.0523 0x1448 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:49:36.0554 0x1448 CertPropSvc - ok
15:49:36.0554 0x1448 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:49:36.0569 0x1448 circlass - ok
15:49:36.0569 0x1448 cleanhlp - ok
15:49:36.0585 0x1448 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:49:36.0601 0x1448 CLFS - ok
15:49:36.0601 0x1448 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:36.0616 0x1448 clr_optimization_v2.0.50727_32 - ok
15:49:36.0616 0x1448 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:49:36.0632 0x1448 clr_optimization_v2.0.50727_64 - ok
15:49:36.0647 0x1448 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:49:36.0663 0x1448 clr_optimization_v4.0.30319_32 - ok
15:49:36.0663 0x1448 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:49:36.0679 0x1448 clr_optimization_v4.0.30319_64 - ok
15:49:36.0679 0x1448 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:49:36.0694 0x1448 CmBatt - ok
15:49:36.0835 0x1448 [ 848B4EBA6C41F33D8B26B909A612BEBD, 3AC44D6A2B864DA9A17D6AB5581257359E961C4AFC627080C3168C8B5D65A00D ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:49:36.0975 0x1448 CmdAgent - ok
15:49:36.0991 0x1448 [ F33404455DBD79B7C85B8969C70537B5, B8975B0F748F02E3178C1148F9F0C5B71726ACBB88ED5C9351779F37001D377A ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
15:49:37.0006 0x1448 cmderd - ok
15:49:37.0022 0x1448 [ 347C6F4A0A2B51BB651DDDE0CA7E300B, 5722CEBEEF87A7BCFB20C9B5C24C8628130A5FF0BF6F6AB3A19CE60313EF4BBA ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
15:49:37.0053 0x1448 cmdGuard - ok
15:49:37.0053 0x1448 [ 12944DDE0FBE29DAE48B2FFE740F3C36, 6B8381131AFFCE362D9D9583B35EFB76FD983EF97A939F4EBEF52E167B72F14F ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
15:49:37.0069 0x1448 cmdHlp - ok
15:49:37.0069 0x1448 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:49:37.0084 0x1448 cmdide - ok
15:49:37.0131 0x1448 [ 7906367DCA033F747F7F0426A9F7C97E, 855BCFF8F71C692AA9B15B0378C4C257104078F0D435F3649C84A1068B568FAB ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
15:49:37.0193 0x1448 cmdvirth - ok
15:49:37.0209 0x1448 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:49:37.0240 0x1448 CNG - ok
15:49:37.0240 0x1448 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:49:37.0240 0x1448 Compbatt - ok
15:49:37.0256 0x1448 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:49:37.0271 0x1448 CompositeBus - ok
15:49:37.0271 0x1448 COMSysApp - ok
15:49:37.0271 0x1448 [ 4C51835FCD734DA98262B3800A41BE7C, 48F2921DA0D6382D4AD57D7D5377DEB4FAC960AD9A08C2CF5619D7C3707D1A49 ] CORK70 C:\Windows\system32\drivers\CORK70.sys
15:49:37.0287 0x1448 CORK70 - ok
15:49:37.0287 0x1448 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:49:37.0303 0x1448 crcdisk - ok
15:49:37.0303 0x1448 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:49:37.0318 0x1448 CryptSvc - ok
15:49:37.0318 0x1448 [ 914A7156B0C0F10BE645A02E13F576B2, C8686CE4DD9C457D56D5535307FD210AE057BFF94AC59665681DA6CF46DBE2E8 ] DAUpdaterSvc C:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
15:49:37.0334 0x1448 DAUpdaterSvc - ok
15:49:37.0349 0x1448 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:49:37.0381 0x1448 DcomLaunch - ok
15:49:37.0396 0x1448 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:49:37.0427 0x1448 defragsvc - ok
15:49:37.0443 0x1448 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:49:37.0474 0x1448 DfsC - ok
15:49:37.0474 0x1448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:49:37.0505 0x1448 Dhcp - ok
15:49:37.0521 0x1448 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:49:37.0552 0x1448 discache - ok
15:49:37.0552 0x1448 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:49:37.0568 0x1448 Disk - ok
15:49:37.0568 0x1448 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:49:37.0583 0x1448 Dnscache - ok
15:49:37.0583 0x1448 [ FA122BC1451B1B35B7814FBE1ACF1924, 4E27B5E6201EC8B02EC578E4D16E8D34AC178081781E70FEA94D9D0A9B4C24D0 ] Dokan C:\Windows\system32\drivers\dokan.sys
15:49:37.0599 0x1448 Dokan - ok
15:49:37.0599 0x1448 [ 8C856E531A1170F53AC6844E89CD0B5F, 64202D7CEF356A1BADE59A8D1F005483B69655D13BCA008110D667855DC6EE89 ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
15:49:37.0615 0x1448 DokanMounter - detected UnsignedFile.Multi.Generic ( 1 )
15:49:40.0017 0x1448 Detect skipped due to KSN trusted
15:49:40.0017 0x1448 DokanMounter - ok
15:49:40.0033 0x1448 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:49:40.0064 0x1448 dot3svc - ok
15:49:40.0079 0x1448 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:49:40.0111 0x1448 DPS - ok
15:49:40.0111 0x1448 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:49:40.0126 0x1448 drmkaud - ok
15:49:40.0126 0x1448 [ 81E4FCAD06C3C770A88F344665CD1000, 736AF1C4A10FAA093FE23124E80ABCCC3169CAB770D17DA9D1011F77FB4BDB3C ] DUKEMS C:\Windows\system32\drivers\DUKEMS.sys
15:49:40.0142 0x1448 DUKEMS - ok
15:49:40.0157 0x1448 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:49:40.0189 0x1448 DXGKrnl - ok
15:49:40.0204 0x1448 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:49:40.0220 0x1448 EapHost - ok
15:49:40.0298 0x1448 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:49:40.0391 0x1448 ebdrv - ok
15:49:40.0391 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe
15:49:40.0407 0x1448 EFS - ok
15:49:40.0423 0x1448 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:49:40.0454 0x1448 ehRecvr - ok
15:49:40.0454 0x1448 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:49:40.0469 0x1448 ehSched - ok
15:49:40.0485 0x1448 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:49:40.0501 0x1448 elxstor - ok
15:49:40.0516 0x1448 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:49:40.0516 0x1448 ErrDev - ok
15:49:40.0532 0x1448 [ B8FA96995726D1FA58476E352C02AD82, 6BBD49B16A19CC3C3337707EFBEB6BC355CB077CBBBC99D8985A3FBB6E871A89 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
15:49:40.0532 0x1448 ES lite Service - ok
15:49:40.0547 0x1448 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
15:49:40.0547 0x1448 etdrv - ok
15:49:40.0547 0x1448 [ DB6AEC32FAF5BD002D9ED6C38692D42B, 8BB85AE88E783B678B05D5937B7EE261BB6ECC9BF82CCB0D9A4009A1535F62B3 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
15:49:40.0563 0x1448 EtronHub3 - ok
15:49:40.0563 0x1448 [ 9CC2F24274741E12F9DF92125EA6D6D8, AC51B2A81A4D285E2E17880597B491EBBFEC533A5009B810E4AD0D9FC589EB22 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
15:49:40.0579 0x1448 EtronXHCI - ok
15:49:40.0594 0x1448 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:49:40.0625 0x1448 EventSystem - ok
15:49:40.0641 0x1448 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:49:40.0672 0x1448 exfat - ok
15:49:40.0672 0x1448 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:49:40.0719 0x1448 fastfat - ok
15:49:40.0735 0x1448 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:49:40.0750 0x1448 Fax - ok
15:49:40.0766 0x1448 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:49:40.0766 0x1448 fdc - ok
15:49:40.0781 0x1448 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:49:40.0797 0x1448 fdPHost - ok
15:49:40.0813 0x1448 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:49:40.0844 0x1448 FDResPub - ok
15:49:40.0844 0x1448 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:49:40.0859 0x1448 FileInfo - ok
15:49:40.0859 0x1448 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:49:40.0891 0x1448 Filetrace - ok
15:49:40.0891 0x1448 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:49:40.0906 0x1448 flpydisk - ok
15:49:40.0906 0x1448 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:49:40.0922 0x1448 FltMgr - ok
15:49:40.0953 0x1448 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
15:49:41.0000 0x1448 FontCache - ok
15:49:41.0000 0x1448 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:41.0015 0x1448 FontCache3.0.0.0 - ok
15:49:41.0015 0x1448 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:49:41.0015 0x1448 FsDepends - ok
15:49:41.0031 0x1448 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:49:41.0031 0x1448 Fs_Rec - ok
15:49:41.0047 0x1448 [ 18AEB680709A01F0FAA74165EE995F39, FBBEDD9A5BA1F620C6F71647550372C0C5A21C342272BB284CF797CC572487E7 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
15:49:41.0062 0x1448 Futuremark SystemInfo Service - ok
15:49:41.0062 0x1448 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:49:41.0078 0x1448 fvevol - ok
15:49:41.0093 0x1448 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:49:41.0093 0x1448 gagp30kx - ok
15:49:41.0109 0x1448 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
15:49:41.0109 0x1448 gdrv - ok
15:49:41.0109 0x1448 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:49:41.0125 0x1448 GEARAspiWDM - ok
15:49:41.0140 0x1448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:49:41.0187 0x1448 gpsvc - ok
15:49:41.0203 0x1448 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
15:49:41.0203 0x1448 GVTDrv64 - ok
15:49:41.0203 0x1448 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:49:41.0218 0x1448 hcw85cir - ok
15:49:41.0234 0x1448 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:49:41.0249 0x1448 HdAudAddService - ok
15:49:41.0249 0x1448 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:49:41.0265 0x1448 HDAudBus - ok
15:49:41.0281 0x1448 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:49:41.0281 0x1448 HidBatt - ok
15:49:41.0296 0x1448 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:49:41.0312 0x1448 HidBth - ok
15:49:41.0312 0x1448 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:49:41.0327 0x1448 HidIr - ok
15:49:41.0327 0x1448 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
15:49:41.0359 0x1448 hidserv - ok
15:49:41.0359 0x1448 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:49:41.0374 0x1448 HidUsb - ok
15:49:41.0374 0x1448 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:49:41.0405 0x1448 hkmsvc - ok
15:49:41.0421 0x1448 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:49:41.0437 0x1448 HomeGroupListener - ok
15:49:41.0437 0x1448 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:49:41.0452 0x1448 HomeGroupProvider - ok
15:49:41.0468 0x1448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:49:41.0468 0x1448 HpSAMD - ok
15:49:41.0468 0x1448 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:49:41.0483 0x1448 HTCAND64 - ok
15:49:41.0499 0x1448 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
15:49:41.0499 0x1448 HTCMonitorService - ok
15:49:41.0515 0x1448 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
15:49:41.0515 0x1448 htcnprot - ok
15:49:41.0546 0x1448 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:49:41.0561 0x1448 HTTP - ok
15:49:41.0561 0x1448 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:49:41.0577 0x1448 hwpolicy - ok
15:49:41.0577 0x1448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:49:41.0593 0x1448 i8042prt - ok
15:49:41.0608 0x1448 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:49:41.0624 0x1448 iaStorV - ok
15:49:41.0639 0x1448 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:49:41.0639 0x1448 ICCS - detected UnsignedFile.Multi.Generic ( 1 )
15:49:44.0026 0x1448 Detect skipped due to KSN trusted
15:49:44.0026 0x1448 ICCS - ok
15:49:44.0026 0x1448 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:49:44.0042 0x1448 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:49:46.0429 0x1448 Detect skipped due to KSN trusted
15:49:46.0429 0x1448 IDriverT - ok
15:49:46.0460 0x1448 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:49:46.0475 0x1448 idsvc - ok
15:49:46.0491 0x1448 IEEtwCollectorService - ok
15:49:46.0491 0x1448 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:49:46.0491 0x1448 iirsp - ok
15:49:46.0522 0x1448 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:49:46.0553 0x1448 IKEEXT - ok
15:49:46.0553 0x1448 [ 0FFA95F1171F64F2A51F69A75B1EFF4A, 1F0001D519756DE74477D9398F300187665EBDF1AD902F68A967C2F95C4F85DF ] inspect C:\Windows\system32\DRIVERS\inspect.sys
15:49:46.0569 0x1448 inspect - ok
15:49:46.0663 0x1448 [ 7A3585C4000C8340AE6B7FA08F9EF50F, B93F23464E7D929B90D80650698372128546CFEDA72216823CBE51A08D3368E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:49:46.0741 0x1448 IntcAzAudAddService - ok
15:49:46.0756 0x1448 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:49:46.0772 0x1448 intelide - ok
15:49:46.0772 0x1448 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:49:46.0787 0x1448 intelppm - ok
15:49:46.0787 0x1448 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:49:46.0819 0x1448 IPBusEnum - ok
15:49:46.0819 0x1448 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:46.0850 0x1448 IpFilterDriver - ok
15:49:46.0865 0x1448 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:49:46.0912 0x1448 iphlpsvc - ok
15:49:46.0912 0x1448 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:49:46.0928 0x1448 IPMIDRV - ok
15:49:46.0928 0x1448 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:49:46.0959 0x1448 IPNAT - ok
15:49:46.0975 0x1448 [ 57A85230DA22ABCFD9AF2E5A3D946F41, 9E9217FF5AB64D06D79632B9F9CEDABA10F744C40896D7622D0FD397FD0E99BF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:49:47.0006 0x1448 iPod Service - ok
15:49:47.0006 0x1448 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:49:47.0021 0x1448 IRENUM - ok
15:49:47.0021 0x1448 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:49:47.0037 0x1448 isapnp - ok
15:49:47.0037 0x1448 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:49:47.0053 0x1448 iScsiPrt - ok
15:49:47.0084 0x1448 [ 0D2DA1C6D8ED85F51E3758EAE22455F2, 73DC4CA53C84287B55410582C26F93AC9064C176B134809E8C2D9C86737E8343 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
15:49:47.0099 0x1448 JMB36X - ok
15:49:47.0099 0x1448 [ C0D9BA660A41EE8A269EF804E6CD0D7B, B69B732FA7178F9FA97E16A1F99EED27ABDEDB37FB610F1D7A823BB24D08340B ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
15:49:47.0115 0x1448 JRAID - ok
15:49:47.0115 0x1448 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:47.0131 0x1448 kbdclass - ok
15:49:47.0131 0x1448 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:47.0146 0x1448 kbdhid - ok
15:49:47.0146 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe
15:49:47.0162 0x1448 KeyIso - ok
15:49:47.0162 0x1448 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:49:47.0177 0x1448 KSecDD - ok
15:49:47.0177 0x1448 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:49:47.0193 0x1448 KSecPkg - ok
15:49:47.0193 0x1448 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:49:47.0224 0x1448 ksthunk - ok
15:49:47.0240 0x1448 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:49:47.0271 0x1448 KtmRm - ok
15:49:47.0287 0x1448 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:49:47.0318 0x1448 LanmanServer - ok
15:49:47.0318 0x1448 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:49:47.0349 0x1448 LanmanWorkstation - ok
15:49:47.0349 0x1448 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
15:49:47.0365 0x1448 LGBusEnum - ok
15:49:47.0365 0x1448 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
15:49:47.0380 0x1448 LGVirHid - ok
15:49:47.0380 0x1448 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:49:47.0396 0x1448 LHidFilt - ok
15:49:47.0396 0x1448 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:49:47.0427 0x1448 lltdio - ok
15:49:47.0427 0x1448 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:49:47.0474 0x1448 lltdsvc - ok
15:49:47.0474 0x1448 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:49:47.0505 0x1448 lmhosts - ok
15:49:47.0505 0x1448 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:49:47.0521 0x1448 LMouFilt - ok
15:49:47.0521 0x1448 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:49:47.0536 0x1448 LSI_FC - ok
15:49:47.0536 0x1448 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:49:47.0552 0x1448 LSI_SAS - ok
15:49:47.0552 0x1448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:49:47.0567 0x1448 LSI_SAS2 - ok
15:49:47.0567 0x1448 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:49:47.0583 0x1448 LSI_SCSI - ok
15:49:47.0583 0x1448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:49:47.0614 0x1448 luafv - ok
15:49:47.0630 0x1448 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:49:47.0630 0x1448 MBAMProtector - ok
15:49:47.0677 0x1448 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
15:49:47.0708 0x1448 MBAMScheduler - ok
15:49:47.0739 0x1448 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
15:49:47.0770 0x1448 MBAMService - ok
15:49:47.0786 0x1448 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:49:47.0801 0x1448 MBAMSwissArmy - ok
15:49:47.0801 0x1448 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:49:47.0817 0x1448 MBAMWebAccessControl - ok
15:49:47.0817 0x1448 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:49:47.0833 0x1448 Mcx2Svc - ok
15:49:47.0833 0x1448 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:49:47.0848 0x1448 megasas - ok
15:49:47.0848 0x1448 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:49:47.0864 0x1448 MegaSR - ok
15:49:47.0879 0x1448 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:49:47.0895 0x1448 MMCSS - ok
15:49:47.0911 0x1448 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:49:47.0942 0x1448 Modem - ok
15:49:47.0942 0x1448 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:49:47.0957 0x1448 monitor - ok
15:49:47.0957 0x1448 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:49:47.0973 0x1448 mouclass - ok
15:49:47.0973 0x1448 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:49:47.0973 0x1448 mouhid - ok
15:49:47.0989 0x1448 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:49:47.0989 0x1448 mountmgr - ok
15:49:48.0004 0x1448 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:49:48.0020 0x1448 mpio - ok
15:49:48.0020 0x1448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:49:48.0051 0x1448 mpsdrv - ok
15:49:48.0067 0x1448 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:49:48.0113 0x1448 MpsSvc - ok
15:49:48.0129 0x1448 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:49:48.0145 0x1448 MRxDAV - ok
15:49:48.0145 0x1448 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:48.0160 0x1448 mrxsmb - ok
15:49:48.0176 0x1448 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:48.0191 0x1448 mrxsmb10 - ok
15:49:48.0191 0x1448 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:48.0207 0x1448 mrxsmb20 - ok
15:49:48.0207 0x1448 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:49:48.0223 0x1448 msahci - ok
15:49:48.0223 0x1448 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:49:48.0238 0x1448 msdsm - ok
15:49:48.0238 0x1448 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:49:48.0254 0x1448 MSDTC - ok
15:49:48.0269 0x1448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:49:48.0285 0x1448 Msfs - ok
15:49:48.0301 0x1448 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:49:48.0316 0x1448 mshidkmdf - ok
15:49:48.0332 0x1448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:49:48.0332 0x1448 msisadrv - ok
15:49:48.0347 0x1448 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:49:48.0379 0x1448 MSiSCSI - ok
15:49:48.0379 0x1448 msiserver - ok
15:49:48.0379 0x1448 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:49:48.0410 0x1448 MSKSSRV - ok
15:49:48.0410 0x1448 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:48.0441 0x1448 MSPCLOCK - ok
15:49:48.0441 0x1448 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:49:48.0472 0x1448 MSPQM - ok
15:49:48.0488 0x1448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:49:48.0503 0x1448 MsRPC - ok
15:49:48.0503 0x1448 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:49:48.0519 0x1448 mssmbios - ok
15:49:48.0519 0x1448 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:49:48.0550 0x1448 MSTEE - ok
15:49:48.0550 0x1448 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:49:48.0550 0x1448 MTConfig - ok
15:49:48.0566 0x1448 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:49:48.0566 0x1448 Mup - ok
15:49:48.0581 0x1448 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:49:48.0628 0x1448 napagent - ok
15:49:48.0644 0x1448 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:49:48.0659 0x1448 NativeWifiP - ok
15:49:48.0691 0x1448 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:49:48.0706 0x1448 NDIS - ok
15:49:48.0722 0x1448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:49:48.0737 0x1448 NdisCap - ok
15:49:48.0753 0x1448 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:48.0769 0x1448 NdisTapi - ok
15:49:48.0784 0x1448 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:48.0815 0x1448 Ndisuio - ok
15:49:48.0815 0x1448 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:48.0847 0x1448 NdisWan - ok
15:49:48.0847 0x1448 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:49:48.0878 0x1448 NDProxy - ok
15:49:48.0878 0x1448 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:49:48.0909 0x1448 NetBIOS - ok
15:49:48.0925 0x1448 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:49:48.0956 0x1448 NetBT - ok
15:49:48.0956 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe
15:49:48.0971 0x1448 Netlogon - ok
15:49:48.0987 0x1448 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:49:49.0018 0x1448 Netman - ok
15:49:49.0034 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0049 0x1448 NetMsmqActivator - ok
15:49:49.0049 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0065 0x1448 NetPipeActivator - ok
15:49:49.0081 0x1448 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:49:49.0112 0x1448 netprofm - ok
15:49:49.0127 0x1448 [ D9A089E17112F04F452D22254B959D87, DE6DD970B224A8A59402793C65E6839F88B0206D13CBB20B4E43AF4743DA64C4 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:49:49.0159 0x1448 netr28x - ok
15:49:49.0174 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0174 0x1448 NetTcpActivator - ok
15:49:49.0190 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0205 0x1448 NetTcpPortSharing - ok
15:49:49.0205 0x1448 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:49:49.0221 0x1448 nfrd960 - ok
15:49:49.0221 0x1448 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:49:49.0237 0x1448 NlaSvc - ok
15:49:49.0237 0x1448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:49:49.0268 0x1448 Npfs - ok
15:49:49.0283 0x1448 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:49:49.0299 0x1448 nsi - ok
15:49:49.0315 0x1448 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:49:49.0346 0x1448 nsiproxy - ok
15:49:49.0377 0x1448 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:49:49.0424 0x1448 Ntfs - ok
15:49:49.0439 0x1448 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:49:49.0455 0x1448 Null - ok
15:49:49.0471 0x1448 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:49:49.0486 0x1448 nvraid - ok
15:49:49.0486 0x1448 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:49:49.0502 0x1448 nvstor - ok
15:49:49.0502 0x1448 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:49:49.0517 0x1448 nv_agp - ok
15:49:49.0517 0x1448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:49:49.0533 0x1448 ohci1394 - ok
15:49:49.0549 0x1448 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:49:49.0564 0x1448 p2pimsvc - ok
15:49:49.0580 0x1448 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:49:49.0595 0x1448 p2psvc - ok
15:49:49.0595 0x1448 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:49:49.0611 0x1448 Parport - ok
15:49:49.0611 0x1448 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:49:49.0627 0x1448 partmgr - ok
15:49:49.0642 0x1448 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:49:49.0642 0x1448 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
15:49:52.0045 0x1448 Detect skipped due to KSN trusted
15:49:52.0045 0x1448 PassThru Service - ok
15:49:52.0060 0x1448 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:49:52.0060 0x1448 PcaSvc - ok
15:49:52.0076 0x1448 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:49:52.0091 0x1448 pci - ok
15:49:52.0091 0x1448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:49:52.0107 0x1448 pciide - ok
15:49:52.0107 0x1448 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:49:52.0123 0x1448 pcmcia - ok
15:49:52.0123 0x1448 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:49:52.0138 0x1448 pcw - ok
15:49:52.0154 0x1448 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:49:52.0185 0x1448 PEAUTH - ok
15:49:52.0185 0x1448 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:49:52.0201 0x1448 PerfHost - ok
15:49:52.0232 0x1448 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:49:52.0294 0x1448 pla - ok
15:49:52.0310 0x1448 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:49:52.0325 0x1448 PlugPlay - ok
15:49:52.0341 0x1448 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:49:52.0341 0x1448 PNRPAutoReg - ok
15:49:52.0357 0x1448 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:49:52.0372 0x1448 PNRPsvc - ok
15:49:52.0388 0x1448 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:49:52.0435 0x1448 PolicyAgent - ok
15:49:52.0435 0x1448 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:49:52.0466 0x1448 Power - ok
15:49:52.0481 0x1448 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:49:52.0513 0x1448 PptpMiniport - ok
15:49:52.0513 0x1448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:49:52.0528 0x1448 Processor - ok
15:49:52.0528 0x1448 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:49:52.0544 0x1448 ProfSvc - ok
15:49:52.0559 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:49:52.0559 0x1448 ProtectedStorage - ok
15:49:52.0575 0x1448 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:49:52.0606 0x1448 Psched - ok
15:49:52.0637 0x1448 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:49:52.0684 0x1448 ql2300 - ok
15:49:52.0684 0x1448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:49:52.0700 0x1448 ql40xx - ok
15:49:52.0715 0x1448 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:49:52.0731 0x1448 QWAVE - ok
15:49:52.0731 0x1448 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:49:52.0747 0x1448 QWAVEdrv - ok
15:49:52.0762 0x1448 [ 720FEA3AAA15FE7E0BEAB10AC2E6D2B0, E1E6A79751B7CAA86F4C7F9DD2A835D5C30FBD433644F916B8E54CD8105D00D2 ] RalinkRegistryWriter C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
15:49:52.0762 0x1448 RalinkRegistryWriter - ok
15:49:52.0778 0x1448 [ 178CEF55E09DC320FF6561D4EEB4F632, 0B11CE080341CAD324F6A46ABE30D71E3BD2C27EA9188A0C9574ED757706E8A7 ] RalinkRegistryWriter64 C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
15:49:52.0778 0x1448 RalinkRegistryWriter64 - ok
15:49:52.0793 0x1448 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:49:52.0809 0x1448 RasAcd - ok
15:49:52.0825 0x1448 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:49:52.0856 0x1448 RasAgileVpn - ok
15:49:52.0856 0x1448 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:49:52.0887 0x1448 RasAuto - ok
15:49:52.0887 0x1448 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:49:52.0918 0x1448 Rasl2tp - ok
15:49:52.0934 0x1448 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:49:52.0965 0x1448 RasMan - ok
15:49:52.0981 0x1448 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:49:53.0012 0x1448 RasPppoe - ok
15:49:53.0012 0x1448 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:49:53.0043 0x1448 RasSstp - ok
15:49:53.0043 0x1448 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:49:53.0090 0x1448 rdbss - ok
15:49:53.0090 0x1448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:49:53.0105 0x1448 rdpbus - ok
15:49:53.0105 0x1448 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:49:53.0137 0x1448 RDPCDD - ok
15:49:53.0137 0x1448 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:49:53.0168 0x1448 RDPENCDD - ok
15:49:53.0168 0x1448 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:49:53.0199 0x1448 RDPREFMP - ok
15:49:53.0199 0x1448 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:49:53.0215 0x1448 RDPWD - ok
15:49:53.0230 0x1448 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:49:53.0246 0x1448 rdyboost - ok
15:49:53.0246 0x1448 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:49:53.0277 0x1448 RemoteAccess - ok
15:49:53.0277 0x1448 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:49:53.0308 0x1448 RemoteRegistry - ok
15:49:53.0324 0x1448 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:49:53.0355 0x1448 RpcEptMapper - ok
15:49:53.0355 0x1448 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:49:53.0371 0x1448 RpcLocator - ok
15:49:53.0386 0x1448 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:49:53.0417 0x1448 RpcSs - ok
15:49:53.0433 0x1448 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:49:53.0464 0x1448 rspndr - ok
15:49:53.0464 0x1448 [ C435AC77704EB16E85C9D630F4D4B4F7, DA508641AC9DFEDEE7E025B13CE0629C316742C4E95765FEDEF1A24112F45435 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:49:53.0480 0x1448 RTHDMIAzAudService - ok
15:49:53.0495 0x1448 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:49:53.0511 0x1448 RTL8167 - ok
15:49:53.0527 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe
15:49:53.0527 0x1448 SamSs - ok
15:49:53.0542 0x1448 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:49:53.0542 0x1448 SASDIFSV - ok
15:49:53.0542 0x1448 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:49:53.0558 0x1448 SASKUTIL - ok
15:49:53.0558 0x1448 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:49:53.0573 0x1448 sbp2port - ok
15:49:53.0589 0x1448 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:49:53.0620 0x1448 SCardSvr - ok
15:49:53.0620 0x1448 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:49:53.0651 0x1448 scfilter - ok
15:49:53.0667 0x1448 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:49:53.0714 0x1448 Schedule - ok
15:49:53.0714 0x1448 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:49:53.0745 0x1448 SCPolicySvc - ok
15:49:53.0745 0x1448 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:49:53.0761 0x1448 SDRSVC - ok
15:49:53.0776 0x1448 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:49:53.0776 0x1448 secdrv - ok
15:49:53.0792 0x1448 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:49:53.0807 0x1448 seclogon - ok
15:49:53.0823 0x1448 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
15:49:53.0854 0x1448 SENS - ok
15:49:53.0854 0x1448 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:49:53.0870 0x1448 SensrSvc - ok
15:49:53.0870 0x1448 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:49:53.0885 0x1448 Serenum - ok
15:49:53.0885 0x1448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:49:53.0901 0x1448 Serial - ok
15:49:53.0901 0x1448 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:49:53.0917 0x1448 sermouse - ok
15:49:53.0917 0x1448 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:49:53.0948 0x1448 SessionEnv - ok
15:49:53.0963 0x1448 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:49:53.0963 0x1448 sffdisk - ok
15:49:53.0979 0x1448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:49:53.0979 0x1448 sffp_mmc - ok
15:49:53.0995 0x1448 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:49:54.0010 0x1448 sffp_sd - ok
15:49:54.0010 0x1448 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:49:54.0010 0x1448 sfloppy - ok
15:49:54.0026 0x1448 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:49:54.0057 0x1448 SharedAccess - ok
15:49:54.0073 0x1448 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:49:54.0104 0x1448 ShellHWDetection - ok
15:49:54.0119 0x1448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:49:54.0119 0x1448 SiSRaid2 - ok
15:49:54.0135 0x1448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:49:54.0135 0x1448 SiSRaid4 - ok
15:49:54.0151 0x1448 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:49:54.0182 0x1448 Smb - ok
15:49:54.0182 0x1448 [ 9E8987EC160B9BFEBEE236D475CD4D43, 63830705A5EFFB4E75C86D088C2863601D85ADC3738648599C53BE91548216E5 ] SnakeEyes C:\Windows\system32\drivers\SnakeEyes.sys
15:49:54.0197 0x1448 SnakeEyes - ok
15:49:54.0197 0x1448 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:49:54.0213 0x1448 SNMPTRAP - ok
15:49:54.0213 0x1448 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:49:54.0229 0x1448 spldr - ok
15:49:54.0244 0x1448 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
15:49:54.0275 0x1448 Spooler - ok
15:49:54.0385 0x1448 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:49:54.0478 0x1448 sppsvc - ok
15:49:54.0494 0x1448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:49:54.0525 0x1448 sppuinotify - ok
15:49:54.0541 0x1448 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:49:54.0556 0x1448 srv - ok
15:49:54.0572 0x1448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:49:54.0587 0x1448 srv2 - ok
15:49:54.0603 0x1448 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:49:54.0603 0x1448 srvnet - ok
15:49:54.0619 0x1448 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:49:54.0650 0x1448 SSDPSRV - ok
15:49:54.0650 0x1448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:49:54.0681 0x1448 SstpSvc - ok
15:49:54.0712 0x1448 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:49:54.0743 0x1448 Steam Client Service - ok
15:49:54.0743 0x1448 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:49:54.0759 0x1448 stexstor - ok
15:49:54.0775 0x1448 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:49:54.0790 0x1448 stisvc - ok
15:49:54.0806 0x1448 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:49:54.0806 0x1448 swenum - ok
15:49:54.0821 0x1448 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:49:54.0868 0x1448 swprv - ok
15:49:54.0915 0x1448 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:49:54.0977 0x1448 SysMain - ok
15:49:54.0977 0x1448 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:49:55.0009 0x1448 TabletInputService - ok
15:49:55.0009 0x1448 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:49:55.0040 0x1448 TapiSrv - ok
15:49:55.0055 0x1448 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:49:55.0087 0x1448 TBS - ok
15:49:55.0133 0x1448 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:49:55.0180 0x1448 Tcpip - ok
15:49:55.0227 0x1448 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:49:55.0289 0x1448 TCPIP6 - ok
15:49:55.0289 0x1448 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:49:55.0321 0x1448 tcpipreg - ok
15:49:55.0336 0x1448 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:49:55.0352 0x1448 TDPIPE - ok
15:49:55.0352 0x1448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:49:55.0367 0x1448 TDTCP - ok
15:49:55.0367 0x1448 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:49:55.0399 0x1448 tdx - ok
15:49:55.0399 0x1448 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:49:55.0414 0x1448 TermDD - ok
15:49:55.0430 0x1448 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:49:55.0461 0x1448 TermService - ok
15:49:55.0477 0x1448 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:49:55.0492 0x1448 Themes - ok
15:49:55.0492 0x1448 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:49:55.0523 0x1448 THREADORDER - ok
15:49:55.0539 0x1448 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:49:55.0570 0x1448 TrkWks - ok
15:49:55.0570 0x1448 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
15:49:55.0586 0x1448 TrueSight - ok
15:49:55.0601 0x1448 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:49:55.0633 0x1448 TrustedInstaller - ok
15:49:55.0633 0x1448 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:55.0648 0x1448 tssecsrv - ok
15:49:55.0648 0x1448 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:49:55.0664 0x1448 TsUsbFlt - ok
15:49:55.0664 0x1448 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:49:55.0679 0x1448 TsUsbGD - ok
15:49:55.0679 0x1448 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:49:55.0726 0x1448 tunnel - ok
15:49:55.0726 0x1448 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:49:55.0742 0x1448 uagp35 - ok
15:49:55.0742 0x1448 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:49:55.0789 0x1448 udfs - ok
15:49:55.0789 0x1448 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:49:55.0804 0x1448 UI0Detect - ok
15:49:55.0820 0x1448 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:49:55.0820 0x1448 uliagpkx - ok
15:49:55.0820 0x1448 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:49:55.0835 0x1448 umbus - ok
15:49:55.0851 0x1448 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:49:55.0851 0x1448 UmPass - ok
15:49:55.0867 0x1448 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:49:55.0913 0x1448 upnphost - ok
15:49:55.0913 0x1448 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:49:55.0913 0x1448 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:49:58.0316 0x1448 Detect skipped due to KSN trusted
15:49:58.0316 0x1448 USBAAPL64 - ok
15:49:58.0316 0x1448 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:49:58.0331 0x1448 usbaudio - ok
15:49:58.0347 0x1448 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:58.0347 0x1448 usbccgp - ok
15:49:58.0363 0x1448 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:49:58.0378 0x1448 usbcir - ok
15:49:58.0378 0x1448 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:49:58.0394 0x1448 usbehci - ok
15:49:58.0394 0x1448 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:49:58.0425 0x1448 usbhub - ok
15:49:58.0425 0x1448 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:49:58.0441 0x1448 usbohci - ok
15:49:58.0441 0x1448 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:49:58.0456 0x1448 usbprint - ok
15:49:58.0472 0x1448 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:58.0487 0x1448 USBSTOR - ok
15:49:58.0487 0x1448 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:49:58.0503 0x1448 usbuhci - ok
15:49:58.0503 0x1448 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:49:58.0539 0x1448 UxSms - ok
15:49:58.0539 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe
15:49:58.0559 0x1448 VaultSvc - ok
15:49:58.0559 0x1448 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:49:58.0569 0x1448 vdrvroot - ok
15:49:58.0589 0x1448 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:49:58.0629 0x1448 vds - ok
15:49:58.0639 0x1448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:58.0649 0x1448 vga - ok
15:49:58.0659 0x1448 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:49:58.0689 0x1448 VgaSave - ok
15:49:58.0689 0x1448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:49:58.0709 0x1448 vhdmp - ok
15:49:58.0709 0x1448 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:49:58.0719 0x1448 viaide - ok
15:49:58.0729 0x1448 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:49:58.0739 0x1448 volmgr - ok
15:49:58.0749 0x1448 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:49:58.0769 0x1448 volmgrx - ok
15:49:58.0779 0x1448 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:49:58.0789 0x1448 volsnap - ok
15:49:58.0799 0x1448 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:49:58.0809 0x1448 vsmraid - ok
15:49:58.0859 0x1448 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:49:58.0921 0x1448 VSS - ok
15:49:58.0921 0x1448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:49:58.0937 0x1448 vwifibus - ok
15:49:58.0952 0x1448 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:49:58.0968 0x1448 vwififlt - ok
15:49:58.0968 0x1448 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:49:58.0983 0x1448 vwifimp - ok
15:49:58.0999 0x1448 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:49:59.0030 0x1448 W32Time - ok
15:49:59.0046 0x1448 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:49:59.0046 0x1448 WacomPen - ok
15:49:59.0061 0x1448 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:49:59.0093 0x1448 WANARP - ok
15:49:59.0093 0x1448 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:49:59.0124 0x1448 Wanarpv6 - ok
15:49:59.0171 0x1448 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:49:59.0202 0x1448 WatAdminSvc - ok
15:49:59.0249 0x1448 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:49:59.0295 0x1448 wbengine - ok
15:49:59.0311 0x1448 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:49:59.0327 0x1448 WbioSrvc - ok
15:49:59.0342 0x1448 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:49:59.0373 0x1448 wcncsvc - ok
15:49:59.0373 0x1448 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:49:59.0389 0x1448 WcsPlugInService - ok
15:49:59.0389 0x1448 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:49:59.0405 0x1448 Wd - ok
15:49:59.0420 0x1448 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:49:59.0451 0x1448 Wdf01000 - ok
15:49:59.0467 0x1448 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:49:59.0483 0x1448 WdiServiceHost - ok
15:49:59.0483 0x1448 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:49:59.0514 0x1448 WdiSystemHost - ok
15:49:59.0514 0x1448 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:49:59.0529 0x1448 WebClient - ok
15:49:59.0545 0x1448 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:49:59.0592 0x1448 Wecsvc - ok
15:49:59.0592 0x1448 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:49:59.0623 0x1448 wercplsupport - ok
15:49:59.0639 0x1448 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:49:59.0670 0x1448 WerSvc - ok
15:49:59.0670 0x1448 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:49:59.0701 0x1448 WfpLwf - ok
15:49:59.0701 0x1448 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:49:59.0717 0x1448 WIMMount - ok
15:49:59.0717 0x1448 WinDefend - ok
15:49:59.0732 0x1448 WinHttpAutoProxySvc - ok
15:49:59.0748 0x1448 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:49:59.0779 0x1448 Winmgmt - ok
15:49:59.0826 0x1448 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
15:49:59.0904 0x1448 WinRM - ok
15:49:59.0919 0x1448 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:49:59.0935 0x1448 WinUsb - ok
15:49:59.0966 0x1448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:49:59.0997 0x1448 Wlansvc - ok
15:50:00.0060 0x1448 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:50:00.0107 0x1448 wlidsvc - ok
15:50:00.0122 0x1448 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
15:50:00.0138 0x1448 WmBEnum - ok
15:50:00.0138 0x1448 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
15:50:00.0153 0x1448 WmFilter - ok
15:50:00.0153 0x1448 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:50:00.0153 0x1448 WmiAcpi - ok
15:50:00.0169 0x1448 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:50:00.0185 0x1448 wmiApSrv - ok
15:50:00.0185 0x1448 WMPNetworkSvc - ok
15:50:00.0200 0x1448 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
15:50:00.0200 0x1448 WmVirHid - ok
15:50:00.0216 0x1448 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
15:50:00.0216 0x1448 WmXlCore - ok
15:50:00.0216 0x1448 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:50:00.0231 0x1448 WPCSvc - ok
15:50:00.0247 0x1448 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:50:00.0263 0x1448 WPDBusEnum - ok
15:50:00.0263 0x1448 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:50:00.0294 0x1448 ws2ifsl - ok
15:50:00.0294 0x1448 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
15:50:00.0325 0x1448 wscsvc - ok
15:50:00.0325 0x1448 WSearch - ok
15:50:00.0403 0x1448 [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv C:\Windows\system32\wuaueng.dll
15:50:00.0481 0x1448 wuauserv - ok
15:50:00.0481 0x1448 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:50:00.0512 0x1448 WudfPf - ok
15:50:00.0528 0x1448 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:50:00.0559 0x1448 WUDFRd - ok
15:50:00.0575 0x1448 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:50:00.0606 0x1448 wudfsvc - ok
15:50:00.0606 0x1448 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:50:00.0637 0x1448 WwanSvc - ok
15:50:00.0637 0x1448 ================ Scan global ===============================
15:50:00.0653 0x1448 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:50:00.0653 0x1448 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:50:00.0668 0x1448 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:50:00.0684 0x1448 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:50:00.0684 0x1448 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:50:00.0699 0x1448 [ Global ] - ok
15:50:00.0699 0x1448 ================ Scan MBR ==================================
15:50:00.0699 0x1448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:50:00.0777 0x1448 \Device\Harddisk0\DR0 - ok
15:50:00.0777 0x1448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:50:00.0887 0x1448 \Device\Harddisk1\DR1 - ok
15:50:00.0887 0x1448 ================ Scan VBR ==================================
15:50:00.0902 0x1448 [ D6DBDA310CBB27542F338A2EF923286B ] \Device\Harddisk0\DR0\Partition1
15:50:00.0933 0x1448 \Device\Harddisk0\DR0\Partition1 - ok
15:50:00.0933 0x1448 [ E5FB75926EBD98286A45B254D7E1683D ] \Device\Harddisk1\DR1\Partition1
15:50:00.0933 0x1448 \Device\Harddisk1\DR1\Partition1 - ok
15:50:00.0933 0x1448 [ F3F20BA4C7C8E2FAE6A795D7EAF1D872 ] \Device\Harddisk1\DR1\Partition2
15:50:00.0933 0x1448 \Device\Harddisk1\DR1\Partition2 - ok
15:50:00.0933 0x1448 ================ Scan generic autorun ======================
15:50:01.0277 0x1448 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:50:01.0604 0x1448 RtHDVCpl - ok
15:50:01.0651 0x1448 [ F31CDC26F3624750C2AE2DEFF1E598DA, 06B606E849FB946A9E4CFC8E6799A6B18C4E3233A77ED62DEBCC375649F3D7A8 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:50:01.0698 0x1448 RtHDVBg_Dolby - ok
15:50:01.0729 0x1448 [ C2C935DB4D88C5CFF1F4C8DCF940743B, 2457C7EC9273BC59051EA0D2DF1013F71E4C1E2A8469C02653E4215EC062C43E ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
15:50:01.0776 0x1448 COMODO Internet Security - ok
15:50:01.0776 0x1448 [ 6D44DE61A0BC7EE359D65992665C6432, 5A3C2D57A293B9BDD7CB1A4AA0ACF19374866F8A88EF132E350E5973CB4F7662 ] C:\Program Files\iTunes\iTunesHelper.exe
15:50:01.0791 0x1448 iTunesHelper - ok
15:50:01.0791 0x1448 [ 881EBEAB57FD063DBF73C9085A00A5A5, 5079808A2648C37DA73979A6DFCC1768D0CCF32AD1ED43EBD49C80552732FC08 ] C:\Windows\RaidTool\xInsIDE.exe
15:50:01.0807 0x1448 JMB36X IDE Setup - ok
15:50:01.0807 0x1448 [ 5AC3EE6985E71C5CA9AF2E4CAA3F7693, ED27AE0FEF951DDC51EFBAA77E4DCB180E65E8C2352535F830CEA3937F0127BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:50:01.0807 0x1448 APSDaemon - ok
15:50:01.0854 0x1448 [ 9E00E2C97447EA29E896B6A3F71443A2, 389768C385A85B58BCD5EBB1C3FCFA0FEAA5121A17D0E3907E95E4A70F706358 ] C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe
15:50:01.0901 0x1448 Corsair Duke - detected UnsignedFile.Multi.Generic ( 1 )
15:50:04.0303 0x1448 Detect skipped due to KSN trusted
15:50:04.0303 0x1448 Corsair Duke - ok
15:50:04.0319 0x1448 [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
15:50:04.0334 0x1448 Dolby Home Theater v4 - ok
15:50:04.0381 0x1448 [ 6AAE25010EB22659B0A65E419370F817, 26B9C51CA59E90B05D2B6F0BF36E572C4D418B9361839E062DAFF344A1196A3A ] C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe
15:50:04.0428 0x1448 Corsair M65 Mouse - detected UnsignedFile.Multi.Generic ( 1 )
15:50:06.0830 0x1448 Detect skipped due to KSN trusted
15:50:06.0830 0x1448 Corsair M65 Mouse - ok
15:50:06.0893 0x1448 [ 618FE6488D7FA07504D45E4BED54A051, CD4987307245B79BBFEE85A91DF5372299EC8A49DE1BE53B27F58AC0F5587CDB ] C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
15:50:06.0971 0x1448 Corsair Gaming Headset Software - ok
15:50:06.0986 0x1448 [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:50:07.0002 0x1448 SunJavaUpdateSched - ok
15:50:07.0189 0x1448 [ EE9CA8192A975011FB41231330AACF73, 61E19AAFC351149AD3C24853FFCB53684D41188650F7D22D4F9D228E68742D63 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
15:50:07.0345 0x1448 SUPERAntiSpyware - ok
15:50:07.0423 0x1448 [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] C:\Program Files (x86)\Steam\Steam.exe
15:50:07.0501 0x1448 Steam - ok
15:50:07.0532 0x1448 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
15:50:07.0548 0x1448 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
15:50:09.0950 0x1448 Detect skipped due to KSN trusted
15:50:09.0950 0x1448 SpybotPostWindows10UpgradeReInstall - ok
15:50:10.0044 0x1448 [ C9B84FCB98AE5DE951C1AA468AA9C96C, C2E860EDD7A6EF8B5F4F74B42032B4C389CE70BCFD8F1C8BD0547A1B3D5F34A7 ] C:\Users\Ollie\AppData\Local\MyComGames\MyComGames.exe
15:50:10.0153 0x1448 MyComGames - ok
15:50:10.0153 0x1448 Waiting for KSN requests completion. In queue: 5
15:50:11.0167 0x1448 Waiting for KSN requests completion. In queue: 5
15:50:12.0181 0x1448 Waiting for KSN requests completion. In queue: 5
15:50:12.0540 0x0ce0 Object required for P2P: [ D5218EE66173405B26B716EBA68133F6 ] C:\Program Files (x86)\Steam\Steam.exe
15:50:13.0195 0x1448 Waiting for KSN requests completion. In queue: 2
15:50:14.0209 0x1448 Waiting for KSN requests completion. In queue: 2
15:50:15.0036 0x0ce0 Object send P2P result: true
15:50:15.0239 0x1448 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61000 ( enabled : updated )
15:50:15.0239 0x1448 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61010 ( enabled )
15:50:17.0641 0x1448 ============================================================
15:50:17.0641 0x1448 Scan finished
15:50:17.0641 0x1448 ============================================================
15:50:17.0641 0x0f84 Detected object count: 0
15:50:17.0641 0x0f84 Actual detected object count: 0

The logs are to big to fit in one post so will continue to next post...

rudebadger · Oct 22, 2015

Here is the second TDSSkiller log:

15:49:17.0005 0x0fb0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:49:19.0527 0x0fb0 ============================================================
15:49:19.0527 0x0fb0 Current date / time: 2015/10/22 15:49:19.0527
15:49:19.0527 0x0fb0 SystemInfo:
15:49:19.0527 0x0fb0
15:49:19.0527 0x0fb0 OS Version: 6.1.7601 ServicePack: 1.0
15:49:19.0527 0x0fb0 Product type: Workstation
15:49:19.0527 0x0fb0 ComputerName: GAMING-PC
15:49:19.0527 0x0fb0 UserName: Ollie
15:49:19.0527 0x0fb0 Windows directory: C:\Windows
15:49:19.0527 0x0fb0 System windows directory: C:\Windows
15:49:19.0527 0x0fb0 Running under WOW64
15:49:19.0528 0x0fb0 Processor architecture: Intel x64
15:49:19.0528 0x0fb0 Number of processors: 8
15:49:19.0528 0x0fb0 Page size: 0x1000
15:49:19.0528 0x0fb0 Boot type: Normal boot
15:49:19.0528 0x0fb0 ============================================================
15:49:19.0596 0x0fb0 KLMD registered as C:\Windows\system32\drivers\85026493.sys
15:49:19.0771 0x0fb0 System UUID: {ABB56114-858B-C825-6063-BE713EC172DC}
15:49:24.0245 0x0fb0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:24.0245 0x0fb0 Drive \Device\Harddisk1\DR1 - Size: 0x29EB906000 ( 167.68 Gb ), SectorSize: 0x200, Cylinders: 0x5AD9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:49:24.0261 0x0fb0 ============================================================
15:49:24.0261 0x0fb0 \Device\Harddisk0\DR0:
15:49:24.0261 0x0fb0 MBR partitions:
15:49:24.0261 0x0fb0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:49:24.0261 0x0fb0 \Device\Harddisk1\DR1:
15:49:24.0261 0x0fb0 MBR partitions:
15:49:24.0261 0x0fb0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:49:24.0261 0x0fb0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x14F29800
15:49:24.0261 0x0fb0 ============================================================
15:49:24.0261 0x0fb0 C: <-> \Device\Harddisk1\DR1\Partition2
15:49:24.0292 0x0fb0 E: <-> \Device\Harddisk0\DR0\Partition1
15:49:24.0292 0x0fb0 ============================================================
15:49:24.0292 0x0fb0 Initialize success
15:49:24.0292 0x0fb0 ============================================================
15:49:31.0375 0x1448 ============================================================
15:49:31.0375 0x1448 Scan started
15:49:31.0375 0x1448 Mode: Manual; SigCheck; TDLFS;
15:49:31.0375 0x1448 ============================================================
15:49:31.0375 0x1448 KSN ping started
15:49:33.0824 0x1448 KSN ping finished: true
15:49:34.0089 0x1448 ================ Scan system memory ========================
15:49:34.0089 0x1448 System memory - ok
15:49:34.0089 0x1448 ================ Scan services =============================
15:49:34.0105 0x1448 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:49:34.0151 0x1448 !SASCORE - ok
15:49:34.0214 0x1448 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:49:34.0229 0x1448 1394ohci - ok
15:49:34.0245 0x1448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:49:34.0261 0x1448 ACPI - ok
15:49:34.0261 0x1448 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:49:34.0276 0x1448 AcpiPmi - ok
15:49:34.0292 0x1448 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:49:34.0292 0x1448 AdobeARMservice - ok
15:49:34.0323 0x1448 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:34.0339 0x1448 AdobeFlashPlayerUpdateSvc - ok
15:49:34.0354 0x1448 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:49:34.0385 0x1448 adp94xx - ok
15:49:34.0385 0x1448 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:49:34.0401 0x1448 adpahci - ok
15:49:34.0417 0x1448 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:49:34.0432 0x1448 adpu320 - ok
15:49:34.0432 0x1448 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:49:34.0463 0x1448 AeLookupSvc - ok
15:49:34.0479 0x1448 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:49:34.0495 0x1448 AFD - ok
15:49:34.0510 0x1448 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:49:34.0510 0x1448 agp440 - ok
15:49:34.0526 0x1448 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:49:34.0526 0x1448 ALG - ok
15:49:34.0541 0x1448 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:49:34.0541 0x1448 aliide - ok
15:49:34.0557 0x1448 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:49:34.0573 0x1448 AMD External Events Utility - ok
15:49:34.0573 0x1448 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:49:34.0588 0x1448 amdide - ok
15:49:34.0588 0x1448 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:49:34.0604 0x1448 amdiox64 - ok
15:49:34.0619 0x1448 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:49:34.0619 0x1448 AmdK8 - ok
15:49:35.0056 0x1448 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:49:35.0477 0x1448 amdkmdag - ok
15:49:35.0524 0x1448 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:49:35.0555 0x1448 amdkmdap - ok
15:49:35.0571 0x1448 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:49:35.0571 0x1448 AmdPPM - ok
15:49:35.0587 0x1448 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:49:35.0587 0x1448 amdsata - ok
15:49:35.0602 0x1448 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:49:35.0618 0x1448 amdsbs - ok
15:49:35.0618 0x1448 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:49:35.0618 0x1448 amdxata - ok
15:49:35.0633 0x1448 [ B934322C68C30DCECA96C0274A51F7B0, 5A0B10A9E662A0B0EEB951FFD2A82CC71D30939A78DAEBD26B3F58BB24351AC9 ] AODDriver C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys
15:49:35.0633 0x1448 AODDriver - ok
15:49:35.0649 0x1448 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
15:49:35.0649 0x1448 AppID - ok
15:49:35.0665 0x1448 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:49:35.0665 0x1448 AppIDSvc - ok
15:49:35.0680 0x1448 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
15:49:35.0680 0x1448 Appinfo - ok
15:49:35.0696 0x1448 [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:49:35.0696 0x1448 Apple Mobile Device Service - ok
15:49:35.0711 0x1448 [ BA957E7ACD2B44FA3B01FAA64F6A9060, 24824B5B50A0F4BD1E41C2A68682E072387E6E4743538A1C72B261430F743597 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
15:49:35.0711 0x1448 AppleCharger - ok
15:49:35.0727 0x1448 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:49:35.0727 0x1448 AppleChargerSrv - ok
15:49:35.0743 0x1448 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:49:35.0743 0x1448 arc - ok
15:49:35.0758 0x1448 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:49:35.0758 0x1448 arcsas - ok
15:49:35.0774 0x1448 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:49:35.0789 0x1448 aspnet_state - ok
15:49:35.0789 0x1448 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:35.0821 0x1448 AsyncMac - ok
15:49:35.0821 0x1448 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:49:35.0836 0x1448 atapi - ok
15:49:35.0852 0x1448 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:49:35.0883 0x1448 AudioEndpointBuilder - ok
15:49:35.0899 0x1448 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:49:35.0914 0x1448 AudioSrv - ok
15:49:35.0930 0x1448 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:49:35.0945 0x1448 AxInstSV - ok
15:49:35.0961 0x1448 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:49:35.0977 0x1448 b06bdrv - ok
15:49:35.0992 0x1448 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:49:36.0008 0x1448 b57nd60a - ok
15:49:36.0008 0x1448 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:49:36.0023 0x1448 BDESVC - ok
15:49:36.0023 0x1448 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:49:36.0055 0x1448 Beep - ok
15:49:36.0070 0x1448 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:49:36.0101 0x1448 BFE - ok
15:49:36.0133 0x1448 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
15:49:36.0179 0x1448 BITS - ok
15:49:36.0179 0x1448 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:49:36.0195 0x1448 blbdrive - ok
15:49:36.0195 0x1448 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:49:36.0226 0x1448 Bonjour Service - ok
15:49:36.0226 0x1448 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:49:36.0242 0x1448 bowser - ok
15:49:36.0242 0x1448 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:49:36.0257 0x1448 BrFiltLo - ok
15:49:36.0257 0x1448 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:49:36.0273 0x1448 BrFiltUp - ok
15:49:36.0273 0x1448 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:49:36.0304 0x1448 BridgeMP - ok
15:49:36.0304 0x1448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:49:36.0320 0x1448 Browser - ok
15:49:36.0335 0x1448 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:49:36.0351 0x1448 Brserid - ok
15:49:36.0351 0x1448 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:49:36.0367 0x1448 BrSerWdm - ok
15:49:36.0367 0x1448 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:49:36.0382 0x1448 BrUsbMdm - ok
15:49:36.0382 0x1448 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:49:36.0398 0x1448 BrUsbSer - ok
15:49:36.0398 0x1448 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:49:36.0413 0x1448 BTHMODEM - ok
15:49:36.0429 0x1448 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:49:36.0460 0x1448 bthserv - ok
15:49:36.0460 0x1448 catchme - ok
15:49:36.0460 0x1448 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:49:36.0491 0x1448 cdfs - ok
15:49:36.0507 0x1448 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:49:36.0507 0x1448 cdrom - ok
15:49:36.0523 0x1448 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:49:36.0554 0x1448 CertPropSvc - ok
15:49:36.0554 0x1448 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:49:36.0569 0x1448 circlass - ok
15:49:36.0569 0x1448 cleanhlp - ok
15:49:36.0585 0x1448 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:49:36.0601 0x1448 CLFS - ok
15:49:36.0601 0x1448 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:36.0616 0x1448 clr_optimization_v2.0.50727_32 - ok
15:49:36.0616 0x1448 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:49:36.0632 0x1448 clr_optimization_v2.0.50727_64 - ok
15:49:36.0647 0x1448 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:49:36.0663 0x1448 clr_optimization_v4.0.30319_32 - ok
15:49:36.0663 0x1448 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:49:36.0679 0x1448 clr_optimization_v4.0.30319_64 - ok
15:49:36.0679 0x1448 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:49:36.0694 0x1448 CmBatt - ok
15:49:36.0835 0x1448 [ 848B4EBA6C41F33D8B26B909A612BEBD, 3AC44D6A2B864DA9A17D6AB5581257359E961C4AFC627080C3168C8B5D65A00D ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:49:36.0975 0x1448 CmdAgent - ok
15:49:36.0991 0x1448 [ F33404455DBD79B7C85B8969C70537B5, B8975B0F748F02E3178C1148F9F0C5B71726ACBB88ED5C9351779F37001D377A ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
15:49:37.0006 0x1448 cmderd - ok
15:49:37.0022 0x1448 [ 347C6F4A0A2B51BB651DDDE0CA7E300B, 5722CEBEEF87A7BCFB20C9B5C24C8628130A5FF0BF6F6AB3A19CE60313EF4BBA ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
15:49:37.0053 0x1448 cmdGuard - ok
15:49:37.0053 0x1448 [ 12944DDE0FBE29DAE48B2FFE740F3C36, 6B8381131AFFCE362D9D9583B35EFB76FD983EF97A939F4EBEF52E167B72F14F ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
15:49:37.0069 0x1448 cmdHlp - ok
15:49:37.0069 0x1448 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:49:37.0084 0x1448 cmdide - ok
15:49:37.0131 0x1448 [ 7906367DCA033F747F7F0426A9F7C97E, 855BCFF8F71C692AA9B15B0378C4C257104078F0D435F3649C84A1068B568FAB ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
15:49:37.0193 0x1448 cmdvirth - ok
15:49:37.0209 0x1448 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:49:37.0240 0x1448 CNG - ok
15:49:37.0240 0x1448 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:49:37.0240 0x1448 Compbatt - ok
15:49:37.0256 0x1448 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:49:37.0271 0x1448 CompositeBus - ok
15:49:37.0271 0x1448 COMSysApp - ok
15:49:37.0271 0x1448 [ 4C51835FCD734DA98262B3800A41BE7C, 48F2921DA0D6382D4AD57D7D5377DEB4FAC960AD9A08C2CF5619D7C3707D1A49 ] CORK70 C:\Windows\system32\drivers\CORK70.sys
15:49:37.0287 0x1448 CORK70 - ok
15:49:37.0287 0x1448 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:49:37.0303 0x1448 crcdisk - ok
15:49:37.0303 0x1448 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:49:37.0318 0x1448 CryptSvc - ok
15:49:37.0318 0x1448 [ 914A7156B0C0F10BE645A02E13F576B2, C8686CE4DD9C457D56D5535307FD210AE057BFF94AC59665681DA6CF46DBE2E8 ] DAUpdaterSvc C:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
15:49:37.0334 0x1448 DAUpdaterSvc - ok
15:49:37.0349 0x1448 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:49:37.0381 0x1448 DcomLaunch - ok
15:49:37.0396 0x1448 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:49:37.0427 0x1448 defragsvc - ok
15:49:37.0443 0x1448 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:49:37.0474 0x1448 DfsC - ok
15:49:37.0474 0x1448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:49:37.0505 0x1448 Dhcp - ok
15:49:37.0521 0x1448 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:49:37.0552 0x1448 discache - ok
15:49:37.0552 0x1448 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:49:37.0568 0x1448 Disk - ok
15:49:37.0568 0x1448 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:49:37.0583 0x1448 Dnscache - ok
15:49:37.0583 0x1448 [ FA122BC1451B1B35B7814FBE1ACF1924, 4E27B5E6201EC8B02EC578E4D16E8D34AC178081781E70FEA94D9D0A9B4C24D0 ] Dokan C:\Windows\system32\drivers\dokan.sys
15:49:37.0599 0x1448 Dokan - ok
15:49:37.0599 0x1448 [ 8C856E531A1170F53AC6844E89CD0B5F, 64202D7CEF356A1BADE59A8D1F005483B69655D13BCA008110D667855DC6EE89 ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
15:49:37.0615 0x1448 DokanMounter - detected UnsignedFile.Multi.Generic ( 1 )
15:49:40.0017 0x1448 Detect skipped due to KSN trusted
15:49:40.0017 0x1448 DokanMounter - ok
15:49:40.0033 0x1448 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:49:40.0064 0x1448 dot3svc - ok
15:49:40.0079 0x1448 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:49:40.0111 0x1448 DPS - ok
15:49:40.0111 0x1448 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:49:40.0126 0x1448 drmkaud - ok
15:49:40.0126 0x1448 [ 81E4FCAD06C3C770A88F344665CD1000, 736AF1C4A10FAA093FE23124E80ABCCC3169CAB770D17DA9D1011F77FB4BDB3C ] DUKEMS C:\Windows\system32\drivers\DUKEMS.sys
15:49:40.0142 0x1448 DUKEMS - ok
15:49:40.0157 0x1448 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:49:40.0189 0x1448 DXGKrnl - ok
15:49:40.0204 0x1448 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:49:40.0220 0x1448 EapHost - ok
15:49:40.0298 0x1448 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:49:40.0391 0x1448 ebdrv - ok
15:49:40.0391 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe
15:49:40.0407 0x1448 EFS - ok
15:49:40.0423 0x1448 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:49:40.0454 0x1448 ehRecvr - ok
15:49:40.0454 0x1448 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:49:40.0469 0x1448 ehSched - ok
15:49:40.0485 0x1448 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:49:40.0501 0x1448 elxstor - ok
15:49:40.0516 0x1448 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:49:40.0516 0x1448 ErrDev - ok
15:49:40.0532 0x1448 [ B8FA96995726D1FA58476E352C02AD82, 6BBD49B16A19CC3C3337707EFBEB6BC355CB077CBBBC99D8985A3FBB6E871A89 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
15:49:40.0532 0x1448 ES lite Service - ok
15:49:40.0547 0x1448 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
15:49:40.0547 0x1448 etdrv - ok
15:49:40.0547 0x1448 [ DB6AEC32FAF5BD002D9ED6C38692D42B, 8BB85AE88E783B678B05D5937B7EE261BB6ECC9BF82CCB0D9A4009A1535F62B3 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
15:49:40.0563 0x1448 EtronHub3 - ok
15:49:40.0563 0x1448 [ 9CC2F24274741E12F9DF92125EA6D6D8, AC51B2A81A4D285E2E17880597B491EBBFEC533A5009B810E4AD0D9FC589EB22 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
15:49:40.0579 0x1448 EtronXHCI - ok
15:49:40.0594 0x1448 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:49:40.0625 0x1448 EventSystem - ok
15:49:40.0641 0x1448 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:49:40.0672 0x1448 exfat - ok
15:49:40.0672 0x1448 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:49:40.0719 0x1448 fastfat - ok
15:49:40.0735 0x1448 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:49:40.0750 0x1448 Fax - ok
15:49:40.0766 0x1448 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:49:40.0766 0x1448 fdc - ok
15:49:40.0781 0x1448 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:49:40.0797 0x1448 fdPHost - ok
15:49:40.0813 0x1448 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:49:40.0844 0x1448 FDResPub - ok
15:49:40.0844 0x1448 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:49:40.0859 0x1448 FileInfo - ok
15:49:40.0859 0x1448 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:49:40.0891 0x1448 Filetrace - ok
15:49:40.0891 0x1448 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:49:40.0906 0x1448 flpydisk - ok
15:49:40.0906 0x1448 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:49:40.0922 0x1448 FltMgr - ok
15:49:40.0953 0x1448 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
15:49:41.0000 0x1448 FontCache - ok
15:49:41.0000 0x1448 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:41.0015 0x1448 FontCache3.0.0.0 - ok
15:49:41.0015 0x1448 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:49:41.0015 0x1448 FsDepends - ok
15:49:41.0031 0x1448 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:49:41.0031 0x1448 Fs_Rec - ok
15:49:41.0047 0x1448 [ 18AEB680709A01F0FAA74165EE995F39, FBBEDD9A5BA1F620C6F71647550372C0C5A21C342272BB284CF797CC572487E7 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
15:49:41.0062 0x1448 Futuremark SystemInfo Service - ok
15:49:41.0062 0x1448 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:49:41.0078 0x1448 fvevol - ok
15:49:41.0093 0x1448 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:49:41.0093 0x1448 gagp30kx - ok
15:49:41.0109 0x1448 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
15:49:41.0109 0x1448 gdrv - ok
15:49:41.0109 0x1448 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:49:41.0125 0x1448 GEARAspiWDM - ok
15:49:41.0140 0x1448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:49:41.0187 0x1448 gpsvc - ok
15:49:41.0203 0x1448 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
15:49:41.0203 0x1448 GVTDrv64 - ok
15:49:41.0203 0x1448 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:49:41.0218 0x1448 hcw85cir - ok
15:49:41.0234 0x1448 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:49:41.0249 0x1448 HdAudAddService - ok
15:49:41.0249 0x1448 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:49:41.0265 0x1448 HDAudBus - ok
15:49:41.0281 0x1448 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:49:41.0281 0x1448 HidBatt - ok
15:49:41.0296 0x1448 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:49:41.0312 0x1448 HidBth - ok
15:49:41.0312 0x1448 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:49:41.0327 0x1448 HidIr - ok
15:49:41.0327 0x1448 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
15:49:41.0359 0x1448 hidserv - ok
15:49:41.0359 0x1448 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:49:41.0374 0x1448 HidUsb - ok
15:49:41.0374 0x1448 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:49:41.0405 0x1448 hkmsvc - ok
15:49:41.0421 0x1448 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:49:41.0437 0x1448 HomeGroupListener - ok
15:49:41.0437 0x1448 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:49:41.0452 0x1448 HomeGroupProvider - ok
15:49:41.0468 0x1448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:49:41.0468 0x1448 HpSAMD - ok
15:49:41.0468 0x1448 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:49:41.0483 0x1448 HTCAND64 - ok
15:49:41.0499 0x1448 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
15:49:41.0499 0x1448 HTCMonitorService - ok
15:49:41.0515 0x1448 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
15:49:41.0515 0x1448 htcnprot - ok
15:49:41.0546 0x1448 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:49:41.0561 0x1448 HTTP - ok
15:49:41.0561 0x1448 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:49:41.0577 0x1448 hwpolicy - ok
15:49:41.0577 0x1448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:49:41.0593 0x1448 i8042prt - ok
15:49:41.0608 0x1448 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:49:41.0624 0x1448 iaStorV - ok
15:49:41.0639 0x1448 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:49:41.0639 0x1448 ICCS - detected UnsignedFile.Multi.Generic ( 1 )
15:49:44.0026 0x1448 Detect skipped due to KSN trusted
15:49:44.0026 0x1448 ICCS - ok
15:49:44.0026 0x1448 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:49:44.0042 0x1448 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:49:46.0429 0x1448 Detect skipped due to KSN trusted
15:49:46.0429 0x1448 IDriverT - ok
15:49:46.0460 0x1448 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:49:46.0475 0x1448 idsvc - ok
15:49:46.0491 0x1448 IEEtwCollectorService - ok
15:49:46.0491 0x1448 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:49:46.0491 0x1448 iirsp - ok
15:49:46.0522 0x1448 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:49:46.0553 0x1448 IKEEXT - ok
15:49:46.0553 0x1448 [ 0FFA95F1171F64F2A51F69A75B1EFF4A, 1F0001D519756DE74477D9398F300187665EBDF1AD902F68A967C2F95C4F85DF ] inspect C:\Windows\system32\DRIVERS\inspect.sys
15:49:46.0569 0x1448 inspect - ok
15:49:46.0663 0x1448 [ 7A3585C4000C8340AE6B7FA08F9EF50F, B93F23464E7D929B90D80650698372128546CFEDA72216823CBE51A08D3368E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:49:46.0741 0x1448 IntcAzAudAddService - ok
15:49:46.0756 0x1448 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:49:46.0772 0x1448 intelide - ok
15:49:46.0772 0x1448 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:49:46.0787 0x1448 intelppm - ok
15:49:46.0787 0x1448 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:49:46.0819 0x1448 IPBusEnum - ok
15:49:46.0819 0x1448 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:46.0850 0x1448 IpFilterDriver - ok
15:49:46.0865 0x1448 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:49:46.0912 0x1448 iphlpsvc - ok
15:49:46.0912 0x1448 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:49:46.0928 0x1448 IPMIDRV - ok
15:49:46.0928 0x1448 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:49:46.0959 0x1448 IPNAT - ok
15:49:46.0975 0x1448 [ 57A85230DA22ABCFD9AF2E5A3D946F41, 9E9217FF5AB64D06D79632B9F9CEDABA10F744C40896D7622D0FD397FD0E99BF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:49:47.0006 0x1448 iPod Service - ok
15:49:47.0006 0x1448 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:49:47.0021 0x1448 IRENUM - ok
15:49:47.0021 0x1448 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:49:47.0037 0x1448 isapnp - ok
15:49:47.0037 0x1448 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:49:47.0053 0x1448 iScsiPrt - ok
15:49:47.0084 0x1448 [ 0D2DA1C6D8ED85F51E3758EAE22455F2, 73DC4CA53C84287B55410582C26F93AC9064C176B134809E8C2D9C86737E8343 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
15:49:47.0099 0x1448 JMB36X - ok
15:49:47.0099 0x1448 [ C0D9BA660A41EE8A269EF804E6CD0D7B, B69B732FA7178F9FA97E16A1F99EED27ABDEDB37FB610F1D7A823BB24D08340B ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
15:49:47.0115 0x1448 JRAID - ok
15:49:47.0115 0x1448 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:47.0131 0x1448 kbdclass - ok
15:49:47.0131 0x1448 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:47.0146 0x1448 kbdhid - ok
15:49:47.0146 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe
15:49:47.0162 0x1448 KeyIso - ok
15:49:47.0162 0x1448 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:49:47.0177 0x1448 KSecDD - ok
15:49:47.0177 0x1448 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:49:47.0193 0x1448 KSecPkg - ok
15:49:47.0193 0x1448 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:49:47.0224 0x1448 ksthunk - ok
15:49:47.0240 0x1448 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:49:47.0271 0x1448 KtmRm - ok
15:49:47.0287 0x1448 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:49:47.0318 0x1448 LanmanServer - ok
15:49:47.0318 0x1448 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:49:47.0349 0x1448 LanmanWorkstation - ok
15:49:47.0349 0x1448 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
15:49:47.0365 0x1448 LGBusEnum - ok
15:49:47.0365 0x1448 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
15:49:47.0380 0x1448 LGVirHid - ok
15:49:47.0380 0x1448 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:49:47.0396 0x1448 LHidFilt - ok
15:49:47.0396 0x1448 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:49:47.0427 0x1448 lltdio - ok
15:49:47.0427 0x1448 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:49:47.0474 0x1448 lltdsvc - ok
15:49:47.0474 0x1448 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:49:47.0505 0x1448 lmhosts - ok
15:49:47.0505 0x1448 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:49:47.0521 0x1448 LMouFilt - ok
15:49:47.0521 0x1448 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:49:47.0536 0x1448 LSI_FC - ok
15:49:47.0536 0x1448 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:49:47.0552 0x1448 LSI_SAS - ok
15:49:47.0552 0x1448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:49:47.0567 0x1448 LSI_SAS2 - ok
15:49:47.0567 0x1448 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:49:47.0583 0x1448 LSI_SCSI - ok
15:49:47.0583 0x1448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:49:47.0614 0x1448 luafv - ok
15:49:47.0630 0x1448 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:49:47.0630 0x1448 MBAMProtector - ok
15:49:47.0677 0x1448 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
15:49:47.0708 0x1448 MBAMScheduler - ok
15:49:47.0739 0x1448 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
15:49:47.0770 0x1448 MBAMService - ok
15:49:47.0786 0x1448 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:49:47.0801 0x1448 MBAMSwissArmy - ok
15:49:47.0801 0x1448 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:49:47.0817 0x1448 MBAMWebAccessControl - ok
15:49:47.0817 0x1448 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:49:47.0833 0x1448 Mcx2Svc - ok
15:49:47.0833 0x1448 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:49:47.0848 0x1448 megasas - ok
15:49:47.0848 0x1448 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:49:47.0864 0x1448 MegaSR - ok
15:49:47.0879 0x1448 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:49:47.0895 0x1448 MMCSS - ok
15:49:47.0911 0x1448 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:49:47.0942 0x1448 Modem - ok
15:49:47.0942 0x1448 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:49:47.0957 0x1448 monitor - ok
15:49:47.0957 0x1448 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:49:47.0973 0x1448 mouclass - ok
15:49:47.0973 0x1448 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:49:47.0973 0x1448 mouhid - ok
15:49:47.0989 0x1448 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:49:47.0989 0x1448 mountmgr - ok
15:49:48.0004 0x1448 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:49:48.0020 0x1448 mpio - ok
15:49:48.0020 0x1448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:49:48.0051 0x1448 mpsdrv - ok
15:49:48.0067 0x1448 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:49:48.0113 0x1448 MpsSvc - ok
15:49:48.0129 0x1448 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:49:48.0145 0x1448 MRxDAV - ok
15:49:48.0145 0x1448 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:48.0160 0x1448 mrxsmb - ok
15:49:48.0176 0x1448 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:48.0191 0x1448 mrxsmb10 - ok
15:49:48.0191 0x1448 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:48.0207 0x1448 mrxsmb20 - ok
15:49:48.0207 0x1448 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:49:48.0223 0x1448 msahci - ok
15:49:48.0223 0x1448 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:49:48.0238 0x1448 msdsm - ok
15:49:48.0238 0x1448 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:49:48.0254 0x1448 MSDTC - ok
15:49:48.0269 0x1448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:49:48.0285 0x1448 Msfs - ok
15:49:48.0301 0x1448 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:49:48.0316 0x1448 mshidkmdf - ok
15:49:48.0332 0x1448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:49:48.0332 0x1448 msisadrv - ok
15:49:48.0347 0x1448 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:49:48.0379 0x1448 MSiSCSI - ok
15:49:48.0379 0x1448 msiserver - ok
15:49:48.0379 0x1448 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:49:48.0410 0x1448 MSKSSRV - ok
15:49:48.0410 0x1448 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:48.0441 0x1448 MSPCLOCK - ok
15:49:48.0441 0x1448 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:49:48.0472 0x1448 MSPQM - ok
15:49:48.0488 0x1448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:49:48.0503 0x1448 MsRPC - ok
15:49:48.0503 0x1448 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:49:48.0519 0x1448 mssmbios - ok
15:49:48.0519 0x1448 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:49:48.0550 0x1448 MSTEE - ok
15:49:48.0550 0x1448 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:49:48.0550 0x1448 MTConfig - ok
15:49:48.0566 0x1448 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:49:48.0566 0x1448 Mup - ok
15:49:48.0581 0x1448 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:49:48.0628 0x1448 napagent - ok
15:49:48.0644 0x1448 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:49:48.0659 0x1448 NativeWifiP - ok
15:49:48.0691 0x1448 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:49:48.0706 0x1448 NDIS - ok
15:49:48.0722 0x1448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:49:48.0737 0x1448 NdisCap - ok
15:49:48.0753 0x1448 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:48.0769 0x1448 NdisTapi - ok
15:49:48.0784 0x1448 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:48.0815 0x1448 Ndisuio - ok
15:49:48.0815 0x1448 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:48.0847 0x1448 NdisWan - ok
15:49:48.0847 0x1448 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:49:48.0878 0x1448 NDProxy - ok
15:49:48.0878 0x1448 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:49:48.0909 0x1448 NetBIOS - ok
15:49:48.0925 0x1448 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:49:48.0956 0x1448 NetBT - ok
15:49:48.0956 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe
15:49:48.0971 0x1448 Netlogon - ok
15:49:48.0987 0x1448 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:49:49.0018 0x1448 Netman - ok
15:49:49.0034 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0049 0x1448 NetMsmqActivator - ok
15:49:49.0049 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0065 0x1448 NetPipeActivator - ok
15:49:49.0081 0x1448 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:49:49.0112 0x1448 netprofm - ok
15:49:49.0127 0x1448 [ D9A089E17112F04F452D22254B959D87, DE6DD970B224A8A59402793C65E6839F88B0206D13CBB20B4E43AF4743DA64C4 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:49:49.0159 0x1448 netr28x - ok
15:49:49.0174 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0174 0x1448 NetTcpActivator - ok
15:49:49.0190 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:49.0205 0x1448 NetTcpPortSharing - ok
15:49:49.0205 0x1448 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:49:49.0221 0x1448 nfrd960 - ok
15:49:49.0221 0x1448 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:49:49.0237 0x1448 NlaSvc - ok
15:49:49.0237 0x1448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:49:49.0268 0x1448 Npfs - ok
15:49:49.0283 0x1448 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:49:49.0299 0x1448 nsi - ok
15:49:49.0315 0x1448 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:49:49.0346 0x1448 nsiproxy - ok
15:49:49.0377 0x1448 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:49:49.0424 0x1448 Ntfs - ok
15:49:49.0439 0x1448 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:49:49.0455 0x1448 Null - ok
15:49:49.0471 0x1448 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:49:49.0486 0x1448 nvraid - ok
15:49:49.0486 0x1448 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:49:49.0502 0x1448 nvstor - ok
15:49:49.0502 0x1448 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:49:49.0517 0x1448 nv_agp - ok
15:49:49.0517 0x1448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:49:49.0533 0x1448 ohci1394 - ok
15:49:49.0549 0x1448 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:49:49.0564 0x1448 p2pimsvc - ok
15:49:49.0580 0x1448 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:49:49.0595 0x1448 p2psvc - ok
15:49:49.0595 0x1448 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:49:49.0611 0x1448 Parport - ok
15:49:49.0611 0x1448 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:49:49.0627 0x1448 partmgr - ok
15:49:49.0642 0x1448 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:49:49.0642 0x1448 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
15:49:52.0045 0x1448 Detect skipped due to KSN trusted
15:49:52.0045 0x1448 PassThru Service - ok
15:49:52.0060 0x1448 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:49:52.0060 0x1448 PcaSvc - ok
15:49:52.0076 0x1448 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:49:52.0091 0x1448 pci - ok
15:49:52.0091 0x1448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:49:52.0107 0x1448 pciide - ok
15:49:52.0107 0x1448 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:49:52.0123 0x1448 pcmcia - ok
15:49:52.0123 0x1448 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:49:52.0138 0x1448 pcw - ok
15:49:52.0154 0x1448 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:49:52.0185 0x1448 PEAUTH - ok
15:49:52.0185 0x1448 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:49:52.0201 0x1448 PerfHost - ok
15:49:52.0232 0x1448 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:49:52.0294 0x1448 pla - ok
15:49:52.0310 0x1448 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:49:52.0325 0x1448 PlugPlay - ok
15:49:52.0341 0x1448 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:49:52.0341 0x1448 PNRPAutoReg - ok
15:49:52.0357 0x1448 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:49:52.0372 0x1448 PNRPsvc - ok
15:49:52.0388 0x1448 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:49:52.0435 0x1448 PolicyAgent - ok
15:49:52.0435 0x1448 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:49:52.0466 0x1448 Power - ok
15:49:52.0481 0x1448 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:49:52.0513 0x1448 PptpMiniport - ok
15:49:52.0513 0x1448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:49:52.0528 0x1448 Processor - ok
15:49:52.0528 0x1448 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:49:52.0544 0x1448 ProfSvc - ok
15:49:52.0559 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:49:52.0559 0x1448 ProtectedStorage - ok
15:49:52.0575 0x1448 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:49:52.0606 0x1448 Psched - ok
15:49:52.0637 0x1448 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:49:52.0684 0x1448 ql2300 - ok
15:49:52.0684 0x1448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:49:52.0700 0x1448 ql40xx - ok
15:49:52.0715 0x1448 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:49:52.0731 0x1448 QWAVE - ok
15:49:52.0731 0x1448 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:49:52.0747 0x1448 QWAVEdrv - ok
15:49:52.0762 0x1448 [ 720FEA3AAA15FE7E0BEAB10AC2E6D2B0, E1E6A79751B7CAA86F4C7F9DD2A835D5C30FBD433644F916B8E54CD8105D00D2 ] RalinkRegistryWriter C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
15:49:52.0762 0x1448 RalinkRegistryWriter - ok
15:49:52.0778 0x1448 [ 178CEF55E09DC320FF6561D4EEB4F632, 0B11CE080341CAD324F6A46ABE30D71E3BD2C27EA9188A0C9574ED757706E8A7 ] RalinkRegistryWriter64 C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
15:49:52.0778 0x1448 RalinkRegistryWriter64 - ok
15:49:52.0793 0x1448 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:49:52.0809 0x1448 RasAcd - ok
15:49:52.0825 0x1448 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:49:52.0856 0x1448 RasAgileVpn - ok
15:49:52.0856 0x1448 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:49:52.0887 0x1448 RasAuto - ok
15:49:52.0887 0x1448 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:49:52.0918 0x1448 Rasl2tp - ok
15:49:52.0934 0x1448 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:49:52.0965 0x1448 RasMan - ok
15:49:52.0981 0x1448 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:49:53.0012 0x1448 RasPppoe - ok
15:49:53.0012 0x1448 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:49:53.0043 0x1448 RasSstp - ok
15:49:53.0043 0x1448 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:49:53.0090 0x1448 rdbss - ok
15:49:53.0090 0x1448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:49:53.0105 0x1448 rdpbus - ok
15:49:53.0105 0x1448 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:49:53.0137 0x1448 RDPCDD - ok
15:49:53.0137 0x1448 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:49:53.0168 0x1448 RDPENCDD - ok
15:49:53.0168 0x1448 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:49:53.0199 0x1448 RDPREFMP - ok
15:49:53.0199 0x1448 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:49:53.0215 0x1448 RDPWD - ok
15:49:53.0230 0x1448 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:49:53.0246 0x1448 rdyboost - ok
15:49:53.0246 0x1448 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:49:53.0277 0x1448 RemoteAccess - ok
15:49:53.0277 0x1448 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:49:53.0308 0x1448 RemoteRegistry - ok
15:49:53.0324 0x1448 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:49:53.0355 0x1448 RpcEptMapper - ok
15:49:53.0355 0x1448 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:49:53.0371 0x1448 RpcLocator - ok
15:49:53.0386 0x1448 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:49:53.0417 0x1448 RpcSs - ok
15:49:53.0433 0x1448 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:49:53.0464 0x1448 rspndr - ok
15:49:53.0464 0x1448 [ C435AC77704EB16E85C9D630F4D4B4F7, DA508641AC9DFEDEE7E025B13CE0629C316742C4E95765FEDEF1A24112F45435 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:49:53.0480 0x1448 RTHDMIAzAudService - ok
15:49:53.0495 0x1448 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:49:53.0511 0x1448 RTL8167 - ok
15:49:53.0527 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe
15:49:53.0527 0x1448 SamSs - ok
15:49:53.0542 0x1448 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:49:53.0542 0x1448 SASDIFSV - ok
15:49:53.0542 0x1448 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:49:53.0558 0x1448 SASKUTIL - ok
15:49:53.0558 0x1448 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:49:53.0573 0x1448 sbp2port - ok
15:49:53.0589 0x1448 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:49:53.0620 0x1448 SCardSvr - ok
15:49:53.0620 0x1448 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:49:53.0651 0x1448 scfilter - ok
15:49:53.0667 0x1448 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:49:53.0714 0x1448 Schedule - ok
15:49:53.0714 0x1448 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:49:53.0745 0x1448 SCPolicySvc - ok
15:49:53.0745 0x1448 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:49:53.0761 0x1448 SDRSVC - ok
15:49:53.0776 0x1448 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:49:53.0776 0x1448 secdrv - ok
15:49:53.0792 0x1448 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:49:53.0807 0x1448 seclogon - ok
15:49:53.0823 0x1448 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
15:49:53.0854 0x1448 SENS - ok
15:49:53.0854 0x1448 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:49:53.0870 0x1448 SensrSvc - ok
15:49:53.0870 0x1448 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:49:53.0885 0x1448 Serenum - ok
15:49:53.0885 0x1448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:49:53.0901 0x1448 Serial - ok
15:49:53.0901 0x1448 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:49:53.0917 0x1448 sermouse - ok
15:49:53.0917 0x1448 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:49:53.0948 0x1448 SessionEnv - ok
15:49:53.0963 0x1448 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:49:53.0963 0x1448 sffdisk - ok
15:49:53.0979 0x1448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:49:53.0979 0x1448 sffp_mmc - ok
15:49:53.0995 0x1448 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:49:54.0010 0x1448 sffp_sd - ok
15:49:54.0010 0x1448 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:49:54.0010 0x1448 sfloppy - ok
15:49:54.0026 0x1448 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:49:54.0057 0x1448 SharedAccess - ok
15:49:54.0073 0x1448 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:49:54.0104 0x1448 ShellHWDetection - ok
15:49:54.0119 0x1448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:49:54.0119 0x1448 SiSRaid2 - ok
15:49:54.0135 0x1448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:49:54.0135 0x1448 SiSRaid4 - ok
15:49:54.0151 0x1448 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:49:54.0182 0x1448 Smb - ok
15:49:54.0182 0x1448 [ 9E8987EC160B9BFEBEE236D475CD4D43, 63830705A5EFFB4E75C86D088C2863601D85ADC3738648599C53BE91548216E5 ] SnakeEyes C:\Windows\system32\drivers\SnakeEyes.sys
15:49:54.0197 0x1448 SnakeEyes - ok
15:49:54.0197 0x1448 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:49:54.0213 0x1448 SNMPTRAP - ok
15:49:54.0213 0x1448 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:49:54.0229 0x1448 spldr - ok
15:49:54.0244 0x1448 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
15:49:54.0275 0x1448 Spooler - ok
15:49:54.0385 0x1448 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:49:54.0478 0x1448 sppsvc - ok
15:49:54.0494 0x1448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:49:54.0525 0x1448 sppuinotify - ok
15:49:54.0541 0x1448 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:49:54.0556 0x1448 srv - ok
15:49:54.0572 0x1448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:49:54.0587 0x1448 srv2 - ok
15:49:54.0603 0x1448 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:49:54.0603 0x1448 srvnet - ok
15:49:54.0619 0x1448 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:49:54.0650 0x1448 SSDPSRV - ok
15:49:54.0650 0x1448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:49:54.0681 0x1448 SstpSvc - ok
15:49:54.0712 0x1448 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:49:54.0743 0x1448 Steam Client Service - ok
15:49:54.0743 0x1448 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:49:54.0759 0x1448 stexstor - ok
15:49:54.0775 0x1448 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:49:54.0790 0x1448 stisvc - ok
15:49:54.0806 0x1448 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:49:54.0806 0x1448 swenum - ok
15:49:54.0821 0x1448 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:49:54.0868 0x1448 swprv - ok
15:49:54.0915 0x1448 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:49:54.0977 0x1448 SysMain - ok
15:49:54.0977 0x1448 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:49:55.0009 0x1448 TabletInputService - ok
15:49:55.0009 0x1448 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:49:55.0040 0x1448 TapiSrv - ok
15:49:55.0055 0x1448 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:49:55.0087 0x1448 TBS - ok
15:49:55.0133 0x1448 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:49:55.0180 0x1448 Tcpip - ok
15:49:55.0227 0x1448 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:49:55.0289 0x1448 TCPIP6 - ok
15:49:55.0289 0x1448 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:49:55.0321 0x1448 tcpipreg - ok
15:49:55.0336 0x1448 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:49:55.0352 0x1448 TDPIPE - ok
15:49:55.0352 0x1448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:49:55.0367 0x1448 TDTCP - ok
15:49:55.0367 0x1448 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:49:55.0399 0x1448 tdx - ok
15:49:55.0399 0x1448 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:49:55.0414 0x1448 TermDD - ok
15:49:55.0430 0x1448 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:49:55.0461 0x1448 TermService - ok
15:49:55.0477 0x1448 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:49:55.0492 0x1448 Themes - ok
15:49:55.0492 0x1448 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:49:55.0523 0x1448 THREADORDER - ok
15:49:55.0539 0x1448 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:49:55.0570 0x1448 TrkWks - ok
15:49:55.0570 0x1448 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
15:49:55.0586 0x1448 TrueSight - ok
15:49:55.0601 0x1448 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:49:55.0633 0x1448 TrustedInstaller - ok
15:49:55.0633 0x1448 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:55.0648 0x1448 tssecsrv - ok
15:49:55.0648 0x1448 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:49:55.0664 0x1448 TsUsbFlt - ok
15:49:55.0664 0x1448 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:49:55.0679 0x1448 TsUsbGD - ok
15:49:55.0679 0x1448 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:49:55.0726 0x1448 tunnel - ok
15:49:55.0726 0x1448 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:49:55.0742 0x1448 uagp35 - ok
15:49:55.0742 0x1448 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:49:55.0789 0x1448 udfs - ok
15:49:55.0789 0x1448 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:49:55.0804 0x1448 UI0Detect - ok
15:49:55.0820 0x1448 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:49:55.0820 0x1448 uliagpkx - ok
15:49:55.0820 0x1448 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:49:55.0835 0x1448 umbus - ok
15:49:55.0851 0x1448 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:49:55.0851 0x1448 UmPass - ok
15:49:55.0867 0x1448 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:49:55.0913 0x1448 upnphost - ok
15:49:55.0913 0x1448 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:49:55.0913 0x1448 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:49:58.0316 0x1448 Detect skipped due to KSN trusted
15:49:58.0316 0x1448 USBAAPL64 - ok
15:49:58.0316 0x1448 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:49:58.0331 0x1448 usbaudio - ok
15:49:58.0347 0x1448 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:58.0347 0x1448 usbccgp - ok
15:49:58.0363 0x1448 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:49:58.0378 0x1448 usbcir - ok
15:49:58.0378 0x1448 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:49:58.0394 0x1448 usbehci - ok
15:49:58.0394 0x1448 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:49:58.0425 0x1448 usbhub - ok
15:49:58.0425 0x1448 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:49:58.0441 0x1448 usbohci - ok
15:49:58.0441 0x1448 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:49:58.0456 0x1448 usbprint - ok
15:49:58.0472 0x1448 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:58.0487 0x1448 USBSTOR - ok
15:49:58.0487 0x1448 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:49:58.0503 0x1448 usbuhci - ok
15:49:58.0503 0x1448 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:49:58.0539 0x1448 UxSms - ok
15:49:58.0539 0x1448 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe
15:49:58.0559 0x1448 VaultSvc - ok
15:49:58.0559 0x1448 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:49:58.0569 0x1448 vdrvroot - ok
15:49:58.0589 0x1448 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:49:58.0629 0x1448 vds - ok
15:49:58.0639 0x1448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:58.0649 0x1448 vga - ok
15:49:58.0659 0x1448 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:49:58.0689 0x1448 VgaSave - ok
15:49:58.0689 0x1448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:49:58.0709 0x1448 vhdmp - ok
15:49:58.0709 0x1448 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:49:58.0719 0x1448 viaide - ok
15:49:58.0729 0x1448 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:49:58.0739 0x1448 volmgr - ok
15:49:58.0749 0x1448 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:49:58.0769 0x1448 volmgrx - ok
15:49:58.0779 0x1448 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:49:58.0789 0x1448 volsnap - ok
15:49:58.0799 0x1448 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:49:58.0809 0x1448 vsmraid - ok
15:49:58.0859 0x1448 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:49:58.0921 0x1448 VSS - ok
15:49:58.0921 0x1448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:49:58.0937 0x1448 vwifibus - ok
15:49:58.0952 0x1448 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:49:58.0968 0x1448 vwififlt - ok
15:49:58.0968 0x1448 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:49:58.0983 0x1448 vwifimp - ok
15:49:58.0999 0x1448 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:49:59.0030 0x1448 W32Time - ok
15:49:59.0046 0x1448 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:49:59.0046 0x1448 WacomPen - ok
15:49:59.0061 0x1448 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:49:59.0093 0x1448 WANARP - ok
15:49:59.0093 0x1448 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:49:59.0124 0x1448 Wanarpv6 - ok
15:49:59.0171 0x1448 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:49:59.0202 0x1448 WatAdminSvc - ok
15:49:59.0249 0x1448 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:49:59.0295 0x1448 wbengine - ok
15:49:59.0311 0x1448 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:49:59.0327 0x1448 WbioSrvc - ok
15:49:59.0342 0x1448 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:49:59.0373 0x1448 wcncsvc - ok
15:49:59.0373 0x1448 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:49:59.0389 0x1448 WcsPlugInService - ok
15:49:59.0389 0x1448 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:49:59.0405 0x1448 Wd - ok
15:49:59.0420 0x1448 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:49:59.0451 0x1448 Wdf01000 - ok
15:49:59.0467 0x1448 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:49:59.0483 0x1448 WdiServiceHost - ok
15:49:59.0483 0x1448 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:49:59.0514 0x1448 WdiSystemHost - ok
15:49:59.0514 0x1448 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:49:59.0529 0x1448 WebClient - ok
15:49:59.0545 0x1448 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:49:59.0592 0x1448 Wecsvc - ok
15:49:59.0592 0x1448 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:49:59.0623 0x1448 wercplsupport - ok
15:49:59.0639 0x1448 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:49:59.0670 0x1448 WerSvc - ok
15:49:59.0670 0x1448 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:49:59.0701 0x1448 WfpLwf - ok
15:49:59.0701 0x1448 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:49:59.0717 0x1448 WIMMount - ok
15:49:59.0717 0x1448 WinDefend - ok
15:49:59.0732 0x1448 WinHttpAutoProxySvc - ok
15:49:59.0748 0x1448 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:49:59.0779 0x1448 Winmgmt - ok
15:49:59.0826 0x1448 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
15:49:59.0904 0x1448 WinRM - ok
15:49:59.0919 0x1448 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:49:59.0935 0x1448 WinUsb - ok
15:49:59.0966 0x1448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:49:59.0997 0x1448 Wlansvc - ok
15:50:00.0060 0x1448 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:50:00.0107 0x1448 wlidsvc - ok
15:50:00.0122 0x1448 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
15:50:00.0138 0x1448 WmBEnum - ok
15:50:00.0138 0x1448 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
15:50:00.0153 0x1448 WmFilter - ok
15:50:00.0153 0x1448 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:50:00.0153 0x1448 WmiAcpi - ok
15:50:00.0169 0x1448 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:50:00.0185 0x1448 wmiApSrv - ok
15:50:00.0185 0x1448 WMPNetworkSvc - ok
15:50:00.0200 0x1448 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
15:50:00.0200 0x1448 WmVirHid - ok
15:50:00.0216 0x1448 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
15:50:00.0216 0x1448 WmXlCore - ok
15:50:00.0216 0x1448 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:50:00.0231 0x1448 WPCSvc - ok
15:50:00.0247 0x1448 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:50:00.0263 0x1448 WPDBusEnum - ok
15:50:00.0263 0x1448 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:50:00.0294 0x1448 ws2ifsl - ok
15:50:00.0294 0x1448 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
15:50:00.0325 0x1448 wscsvc - ok
15:50:00.0325 0x1448 WSearch - ok
15:50:00.0403 0x1448 [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv C:\Windows\system32\wuaueng.dll
15:50:00.0481 0x1448 wuauserv - ok
15:50:00.0481 0x1448 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:50:00.0512 0x1448 WudfPf - ok
15:50:00.0528 0x1448 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:50:00.0559 0x1448 WUDFRd - ok
15:50:00.0575 0x1448 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:50:00.0606 0x1448 wudfsvc - ok
15:50:00.0606 0x1448 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:50:00.0637 0x1448 WwanSvc - ok
15:50:00.0637 0x1448 ================ Scan global ===============================
15:50:00.0653 0x1448 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:50:00.0653 0x1448 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:50:00.0668 0x1448 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:50:00.0684 0x1448 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:50:00.0684 0x1448 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:50:00.0699 0x1448 [ Global ] - ok
15:50:00.0699 0x1448 ================ Scan MBR ==================================
15:50:00.0699 0x1448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:50:00.0777 0x1448 \Device\Harddisk0\DR0 - ok
15:50:00.0777 0x1448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:50:00.0887 0x1448 \Device\Harddisk1\DR1 - ok
15:50:00.0887 0x1448 ================ Scan VBR ==================================
15:50:00.0902 0x1448 [ D6DBDA310CBB27542F338A2EF923286B ] \Device\Harddisk0\DR0\Partition1
15:50:00.0933 0x1448 \Device\Harddisk0\DR0\Partition1 - ok
15:50:00.0933 0x1448 [ E5FB75926EBD98286A45B254D7E1683D ] \Device\Harddisk1\DR1\Partition1
15:50:00.0933 0x1448 \Device\Harddisk1\DR1\Partition1 - ok
15:50:00.0933 0x1448 [ F3F20BA4C7C8E2FAE6A795D7EAF1D872 ] \Device\Harddisk1\DR1\Partition2
15:50:00.0933 0x1448 \Device\Harddisk1\DR1\Partition2 - ok
15:50:00.0933 0x1448 ================ Scan generic autorun ======================
15:50:01.0277 0x1448 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:50:01.0604 0x1448 RtHDVCpl - ok
15:50:01.0651 0x1448 [ F31CDC26F3624750C2AE2DEFF1E598DA, 06B606E849FB946A9E4CFC8E6799A6B18C4E3233A77ED62DEBCC375649F3D7A8 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:50:01.0698 0x1448 RtHDVBg_Dolby - ok
15:50:01.0729 0x1448 [ C2C935DB4D88C5CFF1F4C8DCF940743B, 2457C7EC9273BC59051EA0D2DF1013F71E4C1E2A8469C02653E4215EC062C43E ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
15:50:01.0776 0x1448 COMODO Internet Security - ok
15:50:01.0776 0x1448 [ 6D44DE61A0BC7EE359D65992665C6432, 5A3C2D57A293B9BDD7CB1A4AA0ACF19374866F8A88EF132E350E5973CB4F7662 ] C:\Program Files\iTunes\iTunesHelper.exe
15:50:01.0791 0x1448 iTunesHelper - ok
15:50:01.0791 0x1448 [ 881EBEAB57FD063DBF73C9085A00A5A5, 5079808A2648C37DA73979A6DFCC1768D0CCF32AD1ED43EBD49C80552732FC08 ] C:\Windows\RaidTool\xInsIDE.exe
15:50:01.0807 0x1448 JMB36X IDE Setup - ok
15:50:01.0807 0x1448 [ 5AC3EE6985E71C5CA9AF2E4CAA3F7693, ED27AE0FEF951DDC51EFBAA77E4DCB180E65E8C2352535F830CEA3937F0127BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:50:01.0807 0x1448 APSDaemon - ok
15:50:01.0854 0x1448 [ 9E00E2C97447EA29E896B6A3F71443A2, 389768C385A85B58BCD5EBB1C3FCFA0FEAA5121A17D0E3907E95E4A70F706358 ] C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe
15:50:01.0901 0x1448 Corsair Duke - detected UnsignedFile.Multi.Generic ( 1 )
15:50:04.0303 0x1448 Detect skipped due to KSN trusted
15:50:04.0303 0x1448 Corsair Duke - ok
15:50:04.0319 0x1448 [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
15:50:04.0334 0x1448 Dolby Home Theater v4 - ok
15:50:04.0381 0x1448 [ 6AAE25010EB22659B0A65E419370F817, 26B9C51CA59E90B05D2B6F0BF36E572C4D418B9361839E062DAFF344A1196A3A ] C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe
15:50:04.0428 0x1448 Corsair M65 Mouse - detected UnsignedFile.Multi.Generic ( 1 )
15:50:06.0830 0x1448 Detect skipped due to KSN trusted
15:50:06.0830 0x1448 Corsair M65 Mouse - ok
15:50:06.0893 0x1448 [ 618FE6488D7FA07504D45E4BED54A051, CD4987307245B79BBFEE85A91DF5372299EC8A49DE1BE53B27F58AC0F5587CDB ] C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
15:50:06.0971 0x1448 Corsair Gaming Headset Software - ok
15:50:06.0986 0x1448 [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:50:07.0002 0x1448 SunJavaUpdateSched - ok
15:50:07.0189 0x1448 [ EE9CA8192A975011FB41231330AACF73, 61E19AAFC351149AD3C24853FFCB53684D41188650F7D22D4F9D228E68742D63 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
15:50:07.0345 0x1448 SUPERAntiSpyware - ok
15:50:07.0423 0x1448 [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] C:\Program Files (x86)\Steam\Steam.exe
15:50:07.0501 0x1448 Steam - ok
15:50:07.0532 0x1448 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
15:50:07.0548 0x1448 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
15:50:09.0950 0x1448 Detect skipped due to KSN trusted
15:50:09.0950 0x1448 SpybotPostWindows10UpgradeReInstall - ok
15:50:10.0044 0x1448 [ C9B84FCB98AE5DE951C1AA468AA9C96C, C2E860EDD7A6EF8B5F4F74B42032B4C389CE70BCFD8F1C8BD0547A1B3D5F34A7 ] C:\Users\Ollie\AppData\Local\MyComGames\MyComGames.exe
15:50:10.0153 0x1448 MyComGames - ok
15:50:10.0153 0x1448 Waiting for KSN requests completion. In queue: 5
15:50:11.0167 0x1448 Waiting for KSN requests completion. In queue: 5
15:50:12.0181 0x1448 Waiting for KSN requests completion. In queue: 5
15:50:12.0540 0x0ce0 Object required for P2P: [ D5218EE66173405B26B716EBA68133F6 ] C:\Program Files (x86)\Steam\Steam.exe
15:50:13.0195 0x1448 Waiting for KSN requests completion. In queue: 2
15:50:14.0209 0x1448 Waiting for KSN requests completion. In queue: 2
15:50:15.0036 0x0ce0 Object send P2P result: true
15:50:15.0239 0x1448 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61000 ( enabled : updated )
15:50:15.0239 0x1448 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61010 ( enabled )
15:50:17.0641 0x1448 ============================================================
15:50:17.0641 0x1448 Scan finished
15:50:17.0641 0x1448 ============================================================
15:50:17.0641 0x0f84 Detected object count: 0
15:50:17.0641 0x0f84 Actual detected object count: 0
15:51:08.0204 0x046c Deinitialize success

And the fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by Ollie (2015-10-22 13:11:01) Run:4
Running from C:\Users\Ollie\Desktop
Loaded Profiles: Ollie (Available Profiles: Ollie & Lisa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
2014-08-05 17:40 - 2014-08-05 17:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
FirewallRules: [{CB4DAA4C-C6F2-46B4-8507-95E95EAA86A2}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [{5D2BFE37-EDB7-425E-BAB7-FACC4CB62731}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{B2FA87E4-B840-430B-AC2A-03AF545A3923}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{A4AD10BE-9F9D-4269-9512-A7D7BA8DB95E}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB4DAA4C-C6F2-46B4-8507-95E95EAA86A2} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D2BFE37-EDB7-425E-BAB7-FACC4CB62731} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B2FA87E4-B840-430B-AC2A-03AF545A3923} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4AD10BE-9F9D-4269-9512-A7D7BA8DB95E} => value removed successfully

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset all =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ipv4 reset =========

Reseting Global, OK!
Reseting Interface, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

EmptyTemp: => 382.1 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 13:11:19 ====

I have been browsing for a couple of hours now and no redirects so far

Maybe it is fixed?

Juliet · Oct 22, 2015

I have been browsing for a couple of hours now and no redirects so far Maybe it is fixed?

it's my prayer that last FRST script took it out... phew!
I went over all logs again this morning I think for near 2 hours researching, so I hope it's all paid off.

I feel intimidated, and kinda scared to say we may have got it now.

Use the machine today, then, if all is still ok we will need to remove the tools and quarantine folders because future scans will alert to those.

rudebadger · Oct 22, 2015

So far so good, fingers crossed that it is resolved, I will keep using it for the rest of the day & check back tomorrow.

Thanks very much for all your time & effort, I can't enough how appreciated it is

Juliet · Oct 22, 2015

rudebadger said:
So far so good, fingers crossed that it is resolved, I will keep using it for the rest of the day & check back tomorrow.

Thanks very much for all your time & effort, I can't enough how appreciated it is

Myself and the other members here are glad to help

rudebadger · Oct 23, 2015

Well it seemed to be ok, but then I got a popup from Comodo saying a malicious file had been active & said it was a Trojan. I scanned with Comodo, Superantispyware & Malwarebytes but they did not find anything. I tried eset but all it found was the files that it had been reporting before. Do you think it may have been a false positive?

Juliet · Oct 23, 2015

popup from Comodo saying a malicious file had been active & said it was a Trojan

Would be good if you can find the file COMODO is reporting on?

With the tools and quarantine folders that are still on the machine it's hard to say but, they wouldn't be active.

rudebadger · Oct 23, 2015

This is the virus that was reported TrojWare.Win32.VBObfus.LWG

rudebadger · Oct 23, 2015

Sorry to say, also got a popup on steam earlier, still none on firefox though.

Juliet · Oct 23, 2015

rudebadger said:
This is the virus that was reported TrojWare.Win32.VBObfus.LWG

This is the name attached to what it found. By chance, can you locate the file it was scanning or quarantined?

Delete your copy of FRST (and all fixlogs that were created), I would like for you to download a fresh copy.

Farbar Recovery Scan Tool (FRST) Scan

Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
Right-Click FRST.exe / FRST64.exe and select

Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

rudebadger · Oct 23, 2015

The file was C:\Windows\Skin Pack System Installer\NewFiles\calc.exe.

Here are the logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
Ran by Ollie (administrator) on GAMING-PC (23-10-2015 19:55:26)
Running from C:\Users\Ollie\Desktop
Loaded Profiles: Ollie (Available Profiles: Ollie & Lisa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(MY.COM B.V.) C:\Users\Ollie\AppData\Local\MyComGames\MyComGames.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Edimax Technology Co.) C:\Program Files (x86)\Edimax\Common\RaUI.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M95 Mouse\CorsTra.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-08-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-08-05] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-06] (COMODO)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-17] (Apple Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-17] (Apple Inc.)
HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1771520 2013-08-15] (Corsair Components Inc)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Corsair M65 Mouse] => C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe [1766912 2013-08-15] (Corsair Components Inc)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-21] (Oracle Corporation)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2901584 2015-10-16] (Valve Corporation)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-30] (Safer-Networking Ltd.)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Run: [MyComGames] => C:\Users\Ollie\AppData\Local\MyComGames\MyComGames.exe [4235208 2015-10-22] (MY.COM B.V.)
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-17]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2015-10-22]
ShortcutTarget: RocketDock.lnk -> C:\Windows\Skin Pack System Installer\RocketDock\RocketDock.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk [2012-11-09]
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{023BED95-0A6C-4A68-8987-05741C533FF6}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{603A00DB-9D40-47FE-A688-300242898DC5}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{603A00DB-9D40-47FE-A688-300242898DC5}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3501653021-3640964384-1111194576-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ollie\AppData\Roaming\Mozilla\Firefox\Profiles\utkgrewf.default-1445277530700
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3501653021-3640964384-1111194576-1000: @my.com/Games -> C:\Users\Ollie\AppData\Local\MyComGames\NPMyComDetector.dll [2015-10-01] (My.com, Inc)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-17] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-07] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-06] (COMODO)
S3 DAUpdaterSvc; C:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-10-06] (Futuremark)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-17] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-17] (Malwarebytes)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
R3 CORK70; C:\Windows\System32\drivers\CORK70.sys [25600 2012-10-31] ( )
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
S3 DUKEMS; C:\Windows\System32\drivers\DUKEMS.sys [25600 2012-08-16] ( )
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-02] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-17] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SnakeEyes; C:\Windows\System32\drivers\SnakeEyes.sys [25600 2012-09-05] ( )
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-10-22] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-23 19:55 - 2015-10-23 19:55 - 00015794 _____ C:\Users\Ollie\Desktop\FRST.txt
2015-10-23 19:52 - 2015-10-23 19:52 - 02196480 _____ (Farbar) C:\Users\Ollie\Desktop\FRST64.exe
2015-10-23 12:01 - 2015-10-23 12:01 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-22 23:35 - 2015-10-22 23:40 - 00000000 ____D C:\Program Files (x86)\Skin Pack
2015-10-22 23:35 - 2015-10-22 23:35 - 06376960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2015-10-22 23:35 - 2015-10-22 23:35 - 02872320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-10-22 23:35 - 2015-10-22 23:35 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.tmp
2015-10-22 23:35 - 2015-10-22 23:35 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-10-22 23:35 - 2015-10-22 23:35 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.tmp
2015-10-22 23:35 - 2015-10-22 23:35 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2015-10-22 23:35 - 2015-10-13 20:38 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-22 23:35 - 2015-10-13 20:38 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-22 23:35 - 2015-08-12 20:24 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-10-22 23:35 - 2015-07-15 22:25 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-22 23:35 - 2010-11-21 04:25 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2015-10-22 23:35 - 2010-11-21 04:24 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.backup
2015-10-22 23:35 - 2010-11-21 04:24 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2015-10-22 23:35 - 2010-11-21 04:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2015-10-22 23:35 - 2010-11-21 04:23 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2015-10-22 23:35 - 2009-07-14 02:11 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.backup
2015-10-22 23:35 - 2009-07-14 02:06 - 20268032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imageres.dll
2015-10-22 23:32 - 2015-10-22 23:33 - 00000000 ____D C:\Themes
2015-10-22 23:28 - 2015-10-22 23:28 - 28145672 _____ C:\Users\Ollie\Downloads\death_art_by_devildeathart0-d57aw55.rar
2015-10-22 13:24 - 2015-10-22 13:24 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Ollie\Desktop\tdsskiller.exe
2015-10-22 13:23 - 2015-10-22 13:23 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-10-22 02:30 - 2015-10-22 02:30 - 00003308 _____ C:\Users\Ollie\Desktop\RogueKillerreport.txt
2015-10-22 02:18 - 2015-10-22 02:27 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-10-22 02:18 - 2015-10-22 02:26 - 00000000 ____D C:\ProgramData\RogueKiller
2015-10-22 02:17 - 2015-10-22 02:17 - 18838088 _____ C:\Users\Ollie\Desktop\RogueKiller.exe
2015-10-21 22:55 - 2015-10-21 23:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-21 22:54 - 2015-10-21 23:05 - 00000000 ____D C:\Users\Ollie\Desktop\mbar
2015-10-21 22:43 - 2015-10-21 22:43 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Sun
2015-10-21 22:43 - 2015-10-21 22:43 - 00000000 ____D C:\Users\Ollie\.oracle_jre_usage
2015-10-21 22:42 - 2015-10-21 22:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-21 22:42 - 2015-10-21 22:42 - 00000000 ____D C:\Users\Ollie\AppData\LocalLow\Oracle
2015-10-21 22:41 - 2015-10-21 22:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-21 22:41 - 2015-10-21 22:41 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-10-21 22:40 - 2015-10-21 22:40 - 00584288 _____ (Oracle Corporation) C:\Users\Ollie\Downloads\jxpiinstall.exe
2015-10-21 22:37 - 2015-10-21 22:37 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ollie\Desktop\mbar-1.09.3.1001.exe
2015-10-21 22:00 - 2015-10-21 22:00 - 00000000 ____D C:\Users\Ollie\AppData\LocalLow\Adobe
2015-10-21 21:57 - 2015-10-21 21:57 - 18833096 _____ (Adobe Systems Incorporated) C:\Users\Ollie\Downloads\install_flash_player_19_plugin.exe
2015-10-21 18:56 - 2015-10-21 18:56 - 00022798 _____ C:\ComboFix.txt
2015-10-21 18:41 - 2015-10-21 18:36 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00256000 _____ C:\Windows\PEV.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00208896 _____ C:\Windows\MBR.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00098816 _____ C:\Windows\sed.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00080412 _____ C:\Windows\grep.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00068096 _____ C:\Windows\zip.exe
2015-10-21 18:41 - 2015-10-21 18:36 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-21 18:37 - 2015-10-21 18:57 - 00000000 ____D C:\Qoobox
2015-10-21 18:36 - 2015-10-21 18:53 - 00000000 ____D C:\Windows\erdnt
2015-10-20 23:13 - 2015-10-20 23:13 - 00000877 _____ C:\Users\Ollie\Desktop\checkup.txt
2015-10-20 22:42 - 2015-10-21 18:36 - 05637184 ____R (Swearware) C:\Users\Ollie\Desktop\ComboFix.exe
2015-10-20 22:41 - 2015-10-20 22:41 - 00852720 _____ C:\Users\Ollie\Desktop\SecurityCheck.exe
2015-10-20 19:10 - 2015-10-20 19:10 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-20 19:10 - 2015-10-20 19:10 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-20 19:10 - 2015-10-20 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-20 19:04 - 2015-10-20 19:04 - 42710448 _____ C:\Users\Ollie\Downloads\Firefox Setup 41.0.2.exe
2015-10-20 07:45 - 2015-10-20 07:45 - 00002388 _____ C:\Users\Ollie\Desktop\esetscan.txt
2015-10-18 18:04 - 2015-10-18 18:04 - 00001936 _____ C:\Users\Ollie\Desktop\esetresults.txt
2015-10-18 11:37 - 2015-10-18 11:37 - 00001050 _____ C:\Users\Ollie\Desktop\mbam.txt
2015-10-18 01:53 - 2015-10-18 01:53 - 00319952 _____ C:\Windows\Minidump\101815-13088-01.dmp
2015-10-18 01:45 - 2015-10-18 01:45 - 00000736 _____ C:\Users\Ollie\Desktop\JRT.txt
2015-10-18 01:31 - 2015-10-18 01:31 - 01801288 _____ (Malwarebytes) C:\Users\Ollie\Downloads\JRT.exe
2015-10-18 01:28 - 2015-10-18 01:28 - 00001245 _____ C:\Users\Ollie\Desktop\AdwCleaner[C3].txt
2015-10-18 01:23 - 2015-10-17 02:15 - 01682432 _____ C:\Users\Ollie\Desktop\adwcleaner_5.013.exe
2015-10-18 01:14 - 2015-10-22 02:14 - 00000000 ____D C:\Users\Ollie\Desktop\FRST-OlderVersion
2015-10-17 17:05 - 2015-10-18 01:55 - 00001438 _____ C:\Users\Ollie\Desktop\bsod.txt
2015-10-17 17:03 - 2015-10-17 17:03 - 00276880 _____ C:\Windows\Minidump\101715-13603-01.dmp
2015-10-17 16:27 - 2015-10-17 16:27 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-17 16:27 - 2015-10-17 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-17 16:27 - 2015-10-17 16:27 - 00000000 ____D C:\Program Files\iTunes
2015-10-17 16:27 - 2015-10-17 16:27 - 00000000 ____D C:\Program Files\iPod
2015-10-17 16:26 - 2015-10-17 16:26 - 00000000 ____D C:\Program Files\Bonjour
2015-10-17 16:26 - 2015-10-17 16:26 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-17 12:34 - 2015-10-17 12:43 - 00000000 ____D C:\Users\Ollie\AppData\Local\WinZip
2015-10-17 12:34 - 2015-10-17 12:42 - 00000000 ____D C:\ProgramData\WinZip
2015-10-17 12:34 - 2015-10-17 12:34 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-10-17 12:34 - 2015-10-17 12:34 - 00002281 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\Program Files\WinZip
2015-10-17 04:45 - 2015-10-17 04:45 - 00002301 _____ C:\Users\Ollie\Desktop\aswMBR.txt
2015-10-17 04:45 - 2015-10-17 04:45 - 00000512 _____ C:\Users\Ollie\Desktop\MBR.dat
2015-10-17 04:20 - 2015-10-17 04:20 - 05198336 _____ (AVAST Software) C:\Users\Ollie\Desktop\aswMBR.exe
2015-10-17 04:18 - 2015-10-23 19:55 - 00000000 ____D C:\FRST
2015-10-17 04:16 - 2015-10-18 01:12 - 00000000 ____D C:\Springclean
2015-10-17 04:15 - 2015-10-17 04:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-GAMING-PC-Windows-7-Home-Premium-(64-bit).dat
2015-10-17 04:15 - 2015-10-17 04:15 - 00000000 ____D C:\RegBackup
2015-10-17 04:14 - 2015-10-17 04:14 - 00002239 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-10-17 04:14 - 2015-10-17 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-10-17 04:14 - 2015-10-17 04:14 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-10-17 04:13 - 2015-10-17 04:13 - 04777232 _____ (Tweaking.com) C:\Users\Ollie\Downloads\tweaking.com_registry_backup_setup.exe
2015-10-17 03:50 - 2015-10-17 03:50 - 10357568 _____ (SurfRight B.V.) C:\Users\Ollie\Downloads\HitmanPro.exe
2015-10-17 02:56 - 2015-10-17 02:56 - 02870984 _____ (ESET) C:\Users\Ollie\Desktop\esetsmartinstaller_enu.exe
2015-10-17 02:22 - 2015-10-21 23:05 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-17 02:22 - 2015-10-17 02:22 - 22908888 _____ (Malwarebytes ) C:\Users\Ollie\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-17 02:22 - 2015-10-17 02:22 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-17 02:22 - 2015-10-17 02:22 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-17 02:22 - 2015-10-17 02:22 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-17 02:22 - 2015-10-17 02:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-17 02:22 - 2015-10-17 02:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-17 02:15 - 2015-10-17 02:15 - 01682432 _____ C:\Users\Ollie\Downloads\adwcleaner_5.013.exe
2015-10-17 01:52 - 2015-10-17 01:53 - 00000874 _____ C:\AdwCleaner[S5].txt
2015-10-13 20:38 - 2015-10-13 20:38 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 20:38 - 2015-10-13 20:38 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 20:38 - 2015-10-13 20:38 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 20:38 - 2015-10-13 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 20:38 - 2015-10-13 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 20:38 - 2015-10-13 20:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 20:38 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 20:38 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 20:38 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 20:38 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 20:37 - 2015-10-13 20:37 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 20:37 - 2015-10-13 20:37 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 20:37 - 2015-10-13 20:37 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 20:37 - 2015-10-13 20:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 20:37 - 2015-10-13 20:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 20:37 - 2015-10-13 20:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 20:37 - 2015-10-13 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-10 12:33 - 2015-10-10 12:33 - 00000812 _____ C:\AdwCleaner[S4].txt
2015-10-06 18:23 - 2015-10-06 18:23 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-10-06 18:22 - 2015-10-06 18:22 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-10-06 18:21 - 2015-10-06 18:23 - 00000000 ____D C:\Users\Ollie\Documents\3DMark 11
2015-10-06 18:21 - 2015-10-06 18:21 - 02883584 _____ C:\Users\Ollie\Downloads\Futuremark_SystemInfo_v440_installer.msi
2015-10-06 18:21 - 2015-10-06 18:21 - 00000000 ____D C:\Users\Ollie\AppData\Local\IsolatedStorage
2015-10-06 18:21 - 2015-10-06 18:21 - 00000000 ____D C:\Users\Ollie\AppData\Local\Futuremark
2015-10-06 18:11 - 2015-10-06 18:11 - 00001227 _____ C:\Users\Public\Desktop\3DMark 11.lnk
2015-10-06 18:11 - 2015-10-06 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-10-06 18:11 - 2015-10-06 18:11 - 00000000 ____D C:\Program Files\Futuremark
2015-10-06 18:05 - 2015-10-06 18:08 - 271860249 _____ C:\Users\Ollie\Downloads\3DMark11-v1-0-132.zip
2015-10-06 18:04 - 2015-10-06 18:05 - 12261072 _____ (Novawave Inc. ) C:\Users\Ollie\Downloads\novabench3.exe
2015-10-05 23:30 - 2015-10-05 23:30 - 01199856 _____ ( ) C:\Users\Ollie\Downloads\hwmonitor_1.28.exe
2015-10-05 23:30 - 2015-10-05 23:30 - 00000930 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-10-05 23:30 - 2015-10-05 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-10-05 23:30 - 2015-10-05 23:30 - 00000000 ____D C:\Program Files\CPUID
2015-10-02 22:04 - 2015-10-02 22:06 - 300806184 _____ (AMD Inc.) C:\Users\Ollie\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2015-10-02 21:57 - 2015-10-02 21:57 - 04288048 _____ C:\Users\Ollie\Downloads\memtest86-iso.zip
2015-10-02 00:54 - 2015-10-02 06:50 - 00000137 _____ C:\Users\Ollie\Desktop\Armored Warfare Open Beta.url
2015-10-02 00:54 - 2015-10-02 00:54 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
2015-10-01 00:06 - 2015-10-01 00:06 - 00002017 _____ C:\Users\Ollie\Desktop\My.com Game Center.lnk
2015-10-01 00:06 - 2015-10-01 00:06 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2015-10-01 00:05 - 2015-10-23 17:31 - 00000000 ____D C:\Users\Ollie\AppData\Local\MyComGames
2015-10-01 00:05 - 2015-10-01 00:05 - 05481456 _____ (MY.COM B.V.) C:\Users\Ollie\Downloads\ArmwarMycomLoader.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-23 19:55 - 2015-04-21 10:26 - 03184556 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-10-23 19:49 - 2015-03-30 19:20 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-10-23 18:59 - 2013-06-02 23:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-23 18:37 - 2012-11-09 17:45 - 01207257 _____ C:\Windows\WindowsUpdate.log
2015-10-23 18:25 - 2014-04-12 13:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-23 17:32 - 2015-05-02 00:44 - 00021701 _____ C:\Windows\setupact.log
2015-10-23 12:07 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-23 12:07 - 2009-07-14 05:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-23 12:06 - 2009-07-14 06:13 - 00159100 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-23 12:00 - 2013-08-03 00:23 - 00000000 ____D C:\Users\Ollie\AppData\Local\HTC MediaHub
2015-10-23 12:00 - 2013-06-13 20:27 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-23 11:59 - 2012-11-09 18:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-10-23 11:59 - 2012-11-09 17:55 - 00000144 _____ C:\service.log
2015-10-23 11:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-22 23:43 - 2012-11-10 18:40 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-10-22 23:41 - 2010-11-21 04:47 - 00435060 _____ C:\Windows\PFRO.log
2015-10-22 23:40 - 2015-03-11 23:23 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-22 23:40 - 2014-10-14 21:14 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-22 23:35 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2015-10-22 23:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2015-10-22 16:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-10-21 22:52 - 2014-09-10 01:23 - 00000000 ____D C:\Users\Ollie\AppData\Local\Adobe
2015-10-21 22:44 - 2013-10-19 01:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-21 22:43 - 2014-10-23 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 22:43 - 2014-10-23 22:50 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 22:43 - 2012-11-09 17:45 - 00000000 ____D C:\Users\Ollie
2015-10-21 22:42 - 2014-10-23 22:51 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 22:41 - 2015-07-10 23:13 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-21 22:41 - 2012-11-10 01:52 - 00000000 ____D C:\ProgramData\Adobe
2015-10-21 22:00 - 2012-11-10 01:52 - 00000000 ____D C:\Users\Ollie\AppData\Roaming\Adobe
2015-10-21 21:58 - 2013-06-02 23:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-21 21:58 - 2012-11-10 01:52 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-21 21:58 - 2012-11-10 01:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-21 21:56 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 18:57 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-10-21 18:52 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-10-21 18:41 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-10-20 19:05 - 2014-11-18 01:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-19 22:34 - 2012-11-09 17:45 - 00001160 _____ C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-18 01:53 - 2013-06-01 01:41 - 00000000 ____D C:\Windows\Minidump
2015-10-18 01:26 - 2015-08-06 20:04 - 00000000 ____D C:\AdwCleaner
2015-10-18 01:15 - 2014-02-23 22:55 - 00000000 ____D C:\Users\Ollie\AppData\LocalLow\Temp
2015-10-17 16:27 - 2013-06-08 17:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-17 16:27 - 2013-05-28 14:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-17 16:26 - 2015-08-12 16:03 - 00096528 _____ (Apple Inc.) C:\Windows\system32\dns-sd.exe
2015-10-17 16:26 - 2015-08-12 16:03 - 00084240 _____ (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2015-10-17 16:25 - 2013-05-28 14:09 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-17 11:33 - 2015-05-17 13:17 - 00000000 ____D C:\Windows\rescache
2015-10-17 04:35 - 2014-10-21 22:37 - 00001728 _____ C:\Users\Ollie\Desktop\details.txt
2015-10-14 00:05 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 00:03 - 2012-11-10 17:17 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 20:29 - 2015-07-17 22:36 - 00066544 _____ C:\Users\Lisa\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-13 20:29 - 2015-07-17 22:36 - 00000000 ____D C:\Users\Lisa\AppData\Local\HTC MediaHub
2015-10-11 16:24 - 2015-04-25 19:58 - 00000057 _____ C:\Users\Ollie\Desktop\cooling.txt
2015-10-09 23:33 - 2015-02-21 17:55 - 00000000 ____D C:\Users\Ollie\AppData\Local\Steam
2015-10-06 18:11 - 2012-11-09 20:10 - 00496911 _____ C:\Windows\DirectX.log
2015-10-06 18:10 - 2014-08-05 15:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-05 21:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2012-12-19 23:21 - 2012-12-19 23:21 - 0000111 _____ () C:\Users\Ollie\AppData\Roaming\adu.xml
2015-10-22 13:23 - 2015-10-22 13:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-21 19:19

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by Ollie (2015-10-23 19:55:54)
Running from C:\Users\Ollie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-11-09 16:45:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3501653021-3640964384-1111194576-500 - Administrator - Disabled)
Guest (S-1-5-21-3501653021-3640964384-1111194576-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3501653021-3640964384-1111194576-1002 - Limited - Enabled)
Lisa (S-1-5-21-3501653021-3640964384-1111194576-1009 - Limited - Enabled) => C:\Users\Lisa
Ollie (S-1-5-21-3501653021-3640964384-1111194576-1000 - Administrator - Enabled) => C:\Users\Ollie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 15.06 beta (HKLM-x32\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Aslain's XVM WoT Modpack version 4.6.8 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 4.6.8 - Aslain)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
COMODO Internet Security Premium (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
Corsair Gaming Headset Software (HKLM-x32\...\{6118E939-08B6-4180-8B5B-97836617813B}) (Version: 2.0.35 - Corsair)
Corsair K70 Firmware Update Application (HKLM-x32\...\{8C9DA353-2101-4658-BAA7-53F88EA0D3AB}_is1) (Version: - )
Corsair M65 Firmware Update Application (HKLM-x32\...\{29484F2D-404A-4EF6-B774-DF5EC5BDF481}_is1) (Version: - )
Corsair M65 Gaming Mouse Driver V1.0 (HKLM-x32\...\{62CC0366-207F-4BC3-97B1-4D4615B5BF0B}_is1) (Version: 1.00.00.11 - )
Corsair M95 Firmware Update Application (HKLM-x32\...\{4E44154D-0699-4D6C-996F-66D47B9A40D2}_is1) (Version: - )
Corsair M95 Gaming Mouse Driver V1.0 (HKLM-x32\...\{9C9EA6B0-2138-4111-BF26-9D0D40D12C0F}_is1) (Version: 1.00.00.14 - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version: - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Easy Tune 6 B12.0509.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0509.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Edimax RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.5.0 - Edimax)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Everything 1.3.4.686 (x86) (HKLM-x32\...\Everything) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - GIGABYTE Technologies, Inc.)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.3.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{F838C3DD-5785-4F19-AD0F-BD532C8A31F4}) (Version: 2.1.46.0 - HTC)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mount & Blade (HKLM-x32\...\Steam App 22100) (Version: - TaleWorlds Entertainment)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.3.1 - Tweaking.com)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

19-10-2015 22:34:24 Restore Point Created by FRST
21-10-2015 18:41:45 ComboFix created restore point
22-10-2015 13:11:02 Restore Point Created by FRST

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-10-21 18:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21FD3B25-29C2-447F-93CA-F418B38D494D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {2AE452DD-7663-4C08-86D9-150C6FD9B29D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {3FACD55F-1894-47BD-ADAA-04DFE5A5BCFD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {4876F49D-22CB-4F76-99FA-369E2AF0EED8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {4DA682FB-99CB-4AEA-AF79-8060720E11A4} - System32\Tasks\{F792DE50-AA36-4F10-8148-9E7EF9D76636} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {633F2494-35E3-4DE2-A618-4E7E55AE10BB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-10-17] (Apple Inc.)
Task: {73C1E663-DBDF-45F2-BAE0-A9C921E39E62} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {99146579-3923-4B7C-B229-3DA59088957D} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {B3390CAB-97E0-4E55-B694-1DEB10AD59E3} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-10 13:49 - 2011-01-10 13:49 - 00014848 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2012-11-09 17:55 - 2009-08-24 15:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2012-11-09 18:01 - 2010-09-07 10:46 - 00072280 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2013-08-03 00:22 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-08-01 20:33 - 2013-08-01 20:33 - 00169312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-04-15 17:39 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2012-11-09 17:55 - 2009-03-13 12:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2013-08-01 20:31 - 2013-08-01 20:31 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-08-01 20:32 - 2013-08-01 20:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-08-01 20:32 - 2013-08-01 20:32 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-08-01 20:32 - 2013-08-01 20:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-08-01 20:33 - 2013-08-01 20:33 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-08-01 20:40 - 2013-08-01 20:40 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-05-06 17:05 - 2015-10-09 23:33 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 21:59 - 2015-07-22 16:57 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 21:59 - 2015-07-22 16:57 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 21:59 - 2015-07-22 16:57 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-07-01 22:21 - 2015-10-16 22:34 - 02423376 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 20:56 - 2015-10-09 23:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-06-06 14:06 - 2015-10-16 22:34 - 00705104 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 16:57 - 2015-10-16 22:34 - 00193024 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-01 00:05 - 2015-10-01 00:05 - 00144896 _____ () C:\Users\Ollie\AppData\Local\MyComGames\zlib1.dll
2015-10-01 00:05 - 2015-10-01 00:05 - 00062464 _____ () C:\Users\Ollie\AppData\Local\MyComGames\pxd.dll
2015-10-01 00:05 - 2015-10-01 00:05 - 00179144 _____ () C:\Users\Ollie\AppData\Local\MyComGames\LightUpdate.dll
2015-10-01 00:05 - 2015-10-22 02:10 - 02339784 _____ () C:\Users\Ollie\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Ollie\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2012-11-09 18:28 - 2009-10-07 02:35 - 00901120 _____ () C:\Program Files (x86)\Edimax\Common\RaWLAPI.dll
2013-11-14 23:51 - 2013-05-26 15:40 - 00054272 _____ () C:\Program Files (x86)\Corsair\M95 Mouse\hidGetKey.dll
2014-12-28 18:42 - 2012-05-14 13:41 - 00043008 _____ () C:\Program Files (x86)\Corsair\M65 Mouse\hidGetKey.dll
2013-03-26 16:16 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-19 21:59 - 2015-10-09 23:33 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID
AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID
AlternateDataStreams: C:\Windows\MBR.exe:$CmdTcID
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWXCACLS.exe:$CmdTcID
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdave64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdhcp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdmantle64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdmmcl6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdocl_as64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdocl_ld64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticfx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atidxx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atisamu64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiuxp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\coinst_14.50.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mantle64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mantleaxl64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenVideo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OVDecode64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdave32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdhcp32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdmantle32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdmmcl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdocl_as32.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdocl_ld32.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atisamu32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\calc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mantle32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mantleaxl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mspaint.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenVideo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OVDecode.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\taskmgr.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdacpksd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys.bak:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys.bak:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\adwcleaner_5.013.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\adwcleaner_5.013.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\aswMBR.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\aswMBR.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\autodetectutility.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\autodetectutility.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\ComboFix.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\Display Driver Uninstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\esetsmartinstaller_enu.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\esetsmartinstaller_enu.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\mbar-1.09.3.1001.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\mbar-1.09.3.1001.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\RogueKiller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\RogueKiller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\SecurityCheck.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\SecurityCheck.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Desktop\tdsskiller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Desktop\tdsskiller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\11713829_1223641617661299_793691498209012780_o.jpg:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\11713829_1223641617661299_793691498209012780_o.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\3DMark11-v1-0-132.zip:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\3DMark11-v1-0-132.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\7z1506.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\7z1506.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\adwcleaner_5.013.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\adwcleaner_5.013.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-GB.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-GB.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\ArmwarMycomLoader.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\ArmwarMycomLoader.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Aslains_XVM_WoT_Modpack_Installer_v.4.6.8_910.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Aslains_XVM_WoT_Modpack_Installer_v.4.6.8_910.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\death_art_by_devildeathart0-d57aw55.rar:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\death_art_by_devildeathart0-d57aw55.rar:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Firefox Setup 41.0.2.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Firefox Setup 41.0.2.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\Futuremark_SystemInfo_v440_installer.msi:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\Futuremark_SystemInfo_v440_installer.msi:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\HitmanPro.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\HitmanPro.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\hwmonitor_1.28.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\hwmonitor_1.28.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\install_flash_player_19_plugin.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\install_flash_player_19_plugin.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\JRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\JRT.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\jxpiinstall.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\jxpiinstall.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\mbam-setup-2.2.0.1024.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\mbam-setup-2.2.0.1024.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\memtest86-iso.zip:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\memtest86-iso.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\novabench3.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\novabench3.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\template.jpg:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\template.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\tweaking.com_registry_backup_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\tweaking.com_registry_backup_setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoT_internet_install_eu.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoT_internet_install_eu.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoWS_internet_install_eu.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ollie\Downloads\WoWS_internet_install_eu.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 15751 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ollie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 156.154.70.22 - 156.154.71.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57693123-6D81-46F1-A29B-103A8316E953}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2D61947-CAAD-42E6-A1B8-CDF82AF738E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EBCF617F-C492-448B-999A-A3A5844F0E06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7F56CF5A-97AA-42E1-8D0D-1449B76DE4FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{073DFCF0-9ED0-4697-8575-3F8EF5288D1C}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{2BEFBC93-C3B9-4AE5-8B4A-8A3313F8E349}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{7BB94A60-90C9-42DD-B8CE-5BD16827DAE2}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{F515A6CB-144F-4EAE-AF36-D0AD592FB656}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{B98CEFF2-7C68-4FD7-BD29-3790DA99F7D8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{A76D94D3-DAC7-434F-A912-06FDFF7FC774}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{0DA5898E-0431-4826-A40E-89F18F20D94D}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{DE42BB9A-911F-44F5-B4EE-E42122737169}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{9419282F-AAF2-477F-872B-79EC07E6036A}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{B8E732A2-36CC-4006-8AE7-333546D71017}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B9DECAD9-B37A-4B88-BA9F-714FE6F5E80F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{CEB19D6D-7926-4B1A-BDC7-D004D0269E3B}] => (Allow) C:\Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{EB9C7AA2-1FB6-492F-A16A-79C7F8924DBD}] => (Allow) C:\Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{6C70A579-A7B5-4B3F-9F4B-3447D62338AA}] => (Allow) C:\Games\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{7373ADBF-766D-4311-A551-A4394298A08A}] => (Allow) C:\Games\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{4A5985A9-48CC-4C5F-8375-B9994F4FB513}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{29484216-7ED3-43B7-8B33-491586C04BA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4DB5D3D0-3D67-4366-8623-623D3546C952}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{99409EE6-9421-4ABF-9664-0EC0859783CD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7D406204-5B22-458E-858D-C7932BE225EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C1552EF1-8A93-41E5-9971-B99AE37CFE43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{4ADE1AE1-853C-4DD5-B122-72766D01D087}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{1116679B-E214-4A35-9AEF-F20E714CDF90}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{457A1534-EC97-4D86-879B-D1CD6C063DB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{CA9F1D8F-3975-4FBC-A10C-06A235CAA980}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{5799148E-0D9D-492C-B727-C36BB7F3C1B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A737F16D-97CA-4E74-A822-1609AD4403B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{25D9FEB8-19DE-4EBA-9B82-F040D52A6FD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{373E1A11-BD53-4EE1-897B-208B88A47542}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{CBEBAAEA-FA68-4F34-A1A8-A6F72B81794A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{ABDB5590-65E8-48EE-A5CC-9B9551BDD2D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{56742189-4528-4262-89E7-32B844C978EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{089EE90C-4194-45C3-BC1C-30BEC35ED335}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F1F63541-C8CB-4EDD-A100-3A31C55BC1D7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{29F53783-B4AC-47A5-9AD7-77FC64CCC00E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FE627920-BF0F-4AC9-A32D-6AF150A3C4C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0714BF63-3AC9-482C-A9C2-52A3417E87AB}] => (Allow) C:\Program files (x86)\raidxpert2\apache\bin\httpd.exe
FirewallRules: [{D149B3BC-CB0A-4B9B-BB23-E74022673DD2}] => (Allow) E:\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{90C78A4E-7182-413F-8FC8-F38CC5B0A4C9}] => (Allow) E:\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{17C7B4BE-10DF-45D4-9C9D-563A864BBF61}] => (Allow) E:\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{96B1012E-C482-498B-BEF2-29361399D73C}] => (Allow) E:\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{FA4444DB-2D0B-420C-A84A-97E7E3D1D0EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{0BBB55CE-C27E-40B5-ADF0-CC8B2D5687A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{00511F78-33DB-4A77-9F3D-729BEC001482}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount and Blade\runme.exe
FirewallRules: [{FF2BB3D8-7FB3-47A9-BFC4-DF9D247154F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount and Blade\runme.exe
FirewallRules: [{23A3F365-2D78-4926-983C-BE1CEC56B3D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{D0C0D638-3339-4F3A-B85E-3CA9F6CE2D7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{A7968FAC-2277-4DB8-97E8-7C2BBA91DEB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{E3B34F64-938E-4087-A52B-CDC020F56CA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{AEA1C473-53E1-4111-8B6B-DAA9DE279F72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{08F133DF-B3AC-476E-BCA6-6CA3E4B95597}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5FA2A8C0-9FDA-40DB-8894-14F77A579E4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC5ECE49-934D-4572-AF28-B65E6EC42A35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42D7AE02-59D4-49B1-A4AC-5E61BBC7A955}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2015 01:10:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/23/2015 12:01:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/23/2015 12:01:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/23/2015 12:01:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/23/2015 12:01:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/23/2015 12:01:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/23/2015 11:59:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2015 11:41:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (10/22/2015 11:41:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2015 11:36:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

System errors:
=============
Error: (10/23/2015 12:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/23/2015 12:43:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/23/2015 12:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/23/2015 12:43:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/23/2015 12:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/23/2015 12:43:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/23/2015 12:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/23/2015 12:43:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/23/2015 12:43:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (10/23/2015 12:43:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Ollie\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

CodeIntegrity:
===================================
Date: 2015-10-21 18:51:48.723
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-10-21 18:51:48.676
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD FX(tm)-8120 Eight-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 8173.24 MB
Available physical RAM: 5430.09 MB
Total Virtual: 16344.69 MB
Available Virtual: 13149.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.58 GB) (Free:12.15 GB) NTFS
Drive e: (Data drive) (Fixed) (Total:931.51 GB) (Free:649.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DEAEFB8F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: B8A0EC17)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Juliet · Oct 23, 2015

C:\Windows\Skin Pack System Installer

Is this something you installed or did it come pre-loaded on your computer.
Looking on the internet there appears to be places where this can be downloaded?

We can take that file out then it's possible your computers calculator wont work?

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3501653021-3640964384-1111194576-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
2015-10-22 13:23 - 2015-10-22 13:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
EmptyTemp:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

rudebadger · Oct 23, 2015

It was a windows theme that I downloaded, I scanned the downloaded files with Comodo & Superantispyware both of which cleared them. Then after I installed the theme I got the Comodo warning. At that point I uninstalled the whole theme, the directory and file are no longer on my computer.

Here is the fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by Ollie (2015-10-23 21:44:52) Run:5
Running from C:\Users\Ollie\Desktop
Loaded Profiles: Ollie (Available Profiles: Ollie & Lisa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3501653021-3640964384-1111194576-1000 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
2015-10-22 13:23 - 2015-10-22 13:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-3501653021-3640964384-1111194576-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}" => key removed successfully
HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => key not found.
C:\ProgramData\DP45977C.lfl => moved successfully
EmptyTemp: => 514.2 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 21:45:06 ====

Juliet · Oct 23, 2015

Then after I installed the theme I got the Comodo warning. At that point I uninstalled the whole theme, the directory and file are no longer on my computer.

So, after posting what Comodo found you have deleted?
C:\Windows\Skin Pack System Installer\NewFiles\calc.exe

If not let me know and we'll try to get FRST to take it out.

Whats the computer doing now?

rudebadger · Oct 23, 2015

Yes I uninstalled it.

I still get the popups in steam but don't seem to be getting any in firefox.

Juliet · Oct 23, 2015

Short of uninstalling and reinstalling Steam we're kinda running out of options.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CloseProcesses:
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Delete your version of AdwCleaner and JRT

AdwCleaner

Please download AdwCleaner and save the file to your Desktop.
Right-Click AdwCleaner.exe and select
Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[SX].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[SX].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download Junkware Removal Tool
or from here http://downloads.malwarebytes.org/file/jrt
to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

please post
Fixlog.txt
AdwCleaner[CX].txt
JRT.txt

rudebadger · Oct 24, 2015

Adwcleaner & JRT did not find anything, but here are the logs:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Ollie on 24/10/2015 at 0:19:44.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/10/2015 at 0:32:31.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v5.014 - Logfile created 24/10/2015 at 00:15:31
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ollie - GAMING-PC
# Running from : C:\Users\Ollie\Desktop\adwcleaner_5.014.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

C:\AdwCleaner[C2].txt - [841 bytes] - [15/08/2015 14:39:36]
C:\AdwCleaner[S3].txt - [688 bytes] - [15/08/2015 14:30:10]
C:\AdwCleaner[S4].txt - [812 bytes] - [10/10/2015 12:33:14]
C:\AdwCleaner[S5].txt - [874 bytes] - [17/10/2015 01:52:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [865 bytes] ##########

Fix result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by Ollie (2015-10-24 00:09:44) Run:6
Running from C:\Users\Ollie\Desktop
Loaded Profiles: Ollie (Available Profiles: Ollie & Lisa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
End
*****************

Processes closed successfully.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset all =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ipv4 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh int ipv6 reset =========

There's no user specified settings to be reset.

========= End of CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

The system needed a reboot.

==== End of Fixlog 00:09:47 ====

I have just got another blue screen as I was typing up this reply.

But no popup in steam

Spring files

Security Expert-emeritus

New member

Security Expert-emeritus

New member

New member

Security Expert-emeritus

New member

Security Expert-emeritus

New member

Security Expert-emeritus

New member

New member

Security Expert-emeritus

New member

Security Expert-emeritus

New member

Security Expert-emeritus

New member

Security Expert-emeritus

New member