Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

InterYield and other pop-ups reappears after uninstall [Solved]

Started by alamosis , Aug 15 2015 09:01 PM

  • This topic is locked This topic is locked

#1
alamosis
Posted 15 August 2015 - 09:01 PM

alamosis

    Member

  • Member
  • PipPip
  • 36 posts

Hello,

 

I would like to know if you can solve these pop-ups and ads that include fake customer support sites and video players that would still show up even after uninstalling and using so many different adware removal systems. Its steadily making my internet connection have traffic but this one (or so i am thinking) adware/malware that is so significant is called tr553.com or InterYield. This particular one even transfers to some online games that are installed on my laptop.

 

Please send a reply but take your time with other customers.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Ken-2020 (administrator) on KEN-2020-PC (15-08-2015 21:39:16)
Running from C:\Users\Ken-2020\Downloads
Loaded Profiles: Ken-2020 (Available Profiles: Ken-2020)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
() C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.251\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.35\deploy\LoLPatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NCSOFT Corporation) C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.155\deploy\LolClient.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011312 2013-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Alienware Survey] => c:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe [7396920 2013-04-23] (Alienware, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4434224 2013-08-20] ()
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2014-05-21] (NCSOFT Corporation)
HKLM-x32\...\Run: [VFPROguard] => C:\Program Files (x86)\Fighters\VIRUSfighter\vfprotray.exe
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-07-30] (SUPERAntiSpyware)
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002 -> {6E1882B2-87B0-486F-AE48-2B71E4B0B0E8} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-09] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{115CBB2A-19CD-45F7-A4F9-AD13A6B88B46}: [NameServer] 8.8.8.8
 
FireFox:
========
FF ProfilePath: C:\Users\Ken-2020\AppData\Roaming\Mozilla\Firefox\Profiles\9wb79m8e.default-1438530300307
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Ken-2020\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-14]
CHR Extension: (YouTube) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-14]
CHR Extension: (Adblock Plus) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-14]
CHR Extension: (Google Search) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-14]
CHR Extension: (Gmail) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-14]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AV Engine Scanning Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe [2009912 2015-07-27] (Preventon Technologies Limited)
R2 AV Watch Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe [400528 2015-07-27] (Preventon Technologies Limited)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-24] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-06-24] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-06-24] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-23] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-08-14] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-23] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-24] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-19] (Microsoft Corporation)
S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" [X]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 AVFSFilter; C:\Windows\System32\DRIVERS\avfsfilter.sys [13720 2015-07-27] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-03-19] (Broadcom Corporation.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-06-24] (Dell Computer Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-05] (Intel Corporation)
S3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2012-12-12] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-29] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-04-08] (Synaptics Incorporated)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [87776 2013-04-11] (STMicroelectronics)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-08-08] ()
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-15 21:39 - 2015-08-15 21:39 - 00022245 _____ C:\Users\Ken-2020\Downloads\FRST.txt
2015-08-15 21:39 - 2015-08-15 21:39 - 00000000 ____D C:\FRST
2015-08-15 21:38 - 2015-08-15 21:38 - 02173952 _____ (Farbar) C:\Users\Ken-2020\Downloads\FRST64.exe
2015-08-15 20:08 - 2015-08-15 20:08 - 00001749 _____ C:\Users\Ken-2020\Desktop\AdwCleaner[C4].txt
2015-08-15 20:07 - 2015-08-15 20:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-08-15 20:07 - 2015-08-15 20:07 - 00000114 _____ C:\Windows\system32\bootdelete.lst
2015-08-15 20:05 - 2015-08-13 12:56 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.20150815-200556.backup
2015-08-15 19:47 - 2015-08-15 19:47 - 00001749 _____ C:\AdwCleaner[C4].txt
2015-08-15 19:39 - 2015-08-15 19:39 - 01563648 _____ C:\Users\Ken-2020\Downloads\AdwCleaner.exe
2015-08-15 19:39 - 2015-08-15 19:39 - 00001509 _____ C:\AdwCleaner[S7].txt
2015-08-15 14:42 - 2015-08-15 14:42 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 14:42 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-15 14:27 - 2015-08-15 20:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-15 14:27 - 2015-08-15 14:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-15 14:27 - 2015-08-15 14:27 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-15 14:27 - 2015-08-15 14:27 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-15 14:27 - 2015-08-15 14:27 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-15 14:27 - 2015-08-15 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-15 14:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-15 13:16 - 2015-08-15 13:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken-2020\Downloads\spybot-2.4.exe
2015-08-15 11:30 - 2015-08-15 21:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-14 23:39 - 2015-08-14 23:39 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-14 23:39 - 2015-08-14 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-14 23:38 - 2015-08-15 20:43 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-14 23:38 - 2015-08-15 19:48 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-14 23:38 - 2015-08-14 23:38 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-14 23:38 - 2015-08-14 23:38 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-14 22:02 - 2015-08-14 22:02 - 00000000 ____D C:\SUPERDelete
2015-08-14 21:53 - 2015-08-15 13:53 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7a8ba68b-08e6-4f0c-aee9-183304a34957.job
2015-08-14 21:53 - 2015-08-15 11:08 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6cc7b6e6-276c-4b7f-ba72-472faa7d4607.job
2015-08-14 21:53 - 2015-08-14 21:53 - 00003602 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 6cc7b6e6-276c-4b7f-ba72-472faa7d4607
2015-08-14 21:53 - 2015-08-14 21:53 - 00003528 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 7a8ba68b-08e6-4f0c-aee9-183304a34957
2015-08-14 21:53 - 2015-08-14 21:53 - 00001810 _____ C:\Users\Ken-2020\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\SUPERAntiSpyware.com
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-14 21:51 - 2015-08-14 21:51 - 22853880 _____ (SUPERAntiSpyware) C:\Users\Ken-2020\Downloads\SUPERAntiSpyware.exe
2015-08-14 18:08 - 2015-08-14 18:08 - 00001899 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-08-14 18:08 - 2015-08-14 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-08-14 18:08 - 2015-08-14 18:08 - 00000000 ____D C:\Program Files\HitmanPro
2015-08-14 18:03 - 2015-08-14 18:04 - 11032736 _____ (SurfRight B.V.) C:\Users\Ken-2020\Downloads\HitmanPro_x64.exe
2015-08-14 12:06 - 2015-08-14 12:06 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2015-08-14 12:06 - 2015-08-14 12:06 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2015-08-13 20:54 - 2015-08-15 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-13 20:54 - 2015-08-06 23:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-13 20:53 - 2015-08-07 06:06 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-13 20:53 - 2015-08-07 06:06 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-13 20:53 - 2015-08-06 23:34 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-13 20:53 - 2015-08-03 05:12 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-08-13 20:50 - 2015-08-07 06:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-13 20:50 - 2015-08-07 06:06 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-08-13 20:50 - 2015-08-07 06:06 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-13 12:58 - 2015-08-13 12:58 - 00037364 _____ C:\Users\Ken-2020\Desktop\combofix.txt
2015-08-13 12:57 - 2015-08-13 12:57 - 00037364 _____ C:\ComboFix.txt
2015-08-13 12:43 - 2015-08-13 12:57 - 00000000 ____D C:\Qoobox
2015-08-13 12:43 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-13 12:43 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-13 12:42 - 2015-08-13 12:56 - 00000000 ____D C:\Windows\erdnt
2015-08-13 12:41 - 2015-08-13 12:42 - 05634572 ____R (Swearware) C:\Users\Ken-2020\Downloads\ComboFix.exe
2015-08-13 12:34 - 2015-08-13 12:34 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-13 12:34 - 2015-08-13 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-13 12:34 - 2015-08-13 12:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-13 12:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-13 12:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-13 12:33 - 2015-08-13 12:33 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ken-2020\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-12 21:16 - 2015-08-12 21:16 - 00000039 ____H C:\Windows\SysWOW64\spfid.bin
2015-08-12 21:16 - 2015-08-12 21:16 - 00000039 ____H C:\Windows\spfid.bin
2015-08-12 21:11 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:11 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:40 - 2015-08-12 20:40 - 00000276 _____ C:\Users\Ken-2020\Downloads\debug.log
2015-08-12 18:45 - 2015-07-28 15:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 18:45 - 2015-07-28 15:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 18:45 - 2015-07-28 14:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 18:45 - 2015-07-20 19:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 18:45 - 2015-07-20 19:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 18:45 - 2015-07-16 15:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 18:45 - 2015-07-16 15:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 18:45 - 2015-07-16 15:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 18:45 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 18:45 - 2015-07-16 15:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 18:45 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 18:45 - 2015-07-16 15:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 18:45 - 2015-07-16 15:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 18:45 - 2015-07-16 15:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 18:45 - 2015-07-16 15:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 18:45 - 2015-07-16 15:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 18:45 - 2015-07-16 15:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 18:45 - 2015-07-16 15:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 18:45 - 2015-07-16 15:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 18:45 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 18:45 - 2015-07-16 14:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 18:45 - 2015-07-16 14:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 18:45 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 18:45 - 2015-07-16 14:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 18:45 - 2015-07-16 14:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 18:45 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 18:45 - 2015-07-16 14:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 18:45 - 2015-07-16 14:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 18:45 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 18:45 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 18:45 - 2015-07-16 14:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 18:45 - 2015-07-16 14:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 18:45 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 18:45 - 2015-07-16 14:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 18:45 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 18:45 - 2015-07-16 14:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 18:45 - 2015-07-16 14:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 18:45 - 2015-07-16 14:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 18:45 - 2015-07-16 14:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 18:45 - 2015-07-16 14:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 18:45 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 18:45 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 18:45 - 2015-07-16 14:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 18:45 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 18:45 - 2015-07-16 14:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 18:45 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 18:45 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 18:45 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 18:45 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 18:45 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 18:45 - 2015-07-15 13:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 18:45 - 2015-07-15 13:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 18:45 - 2015-07-15 13:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 18:45 - 2015-07-15 13:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 18:45 - 2015-07-15 13:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 18:45 - 2015-07-15 13:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 18:45 - 2015-07-15 13:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 18:45 - 2015-07-15 13:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 18:45 - 2015-07-15 13:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 18:45 - 2015-07-15 13:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 18:45 - 2015-07-15 13:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 18:45 - 2015-07-15 13:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 18:45 - 2015-07-15 12:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 18:45 - 2015-07-15 12:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 18:45 - 2015-07-15 12:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 18:45 - 2015-07-15 12:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 18:45 - 2015-07-15 12:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 18:45 - 2015-07-15 12:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 18:45 - 2015-07-15 11:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 18:45 - 2015-07-15 11:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 18:45 - 2015-07-15 11:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 18:45 - 2015-07-15 11:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 18:45 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 18:45 - 2015-07-10 12:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 18:45 - 2015-07-10 12:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 18:45 - 2015-07-10 12:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 18:45 - 2015-07-10 12:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 18:45 - 2015-07-10 12:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 18:45 - 2015-07-10 12:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 18:44 - 2015-07-30 12:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 18:44 - 2015-07-30 11:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 18:44 - 2015-07-30 11:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 18:44 - 2015-07-30 11:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 18:44 - 2015-07-16 16:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 18:44 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 18:44 - 2015-07-16 15:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 18:44 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 18:44 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 18:44 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 18:44 - 2015-07-16 15:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 18:44 - 2015-07-16 15:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 18:44 - 2015-07-16 14:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 18:44 - 2015-07-16 14:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 18:44 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 18:44 - 2015-07-16 14:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 18:44 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 18:44 - 2015-07-14 22:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 18:44 - 2015-07-14 22:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 18:44 - 2015-07-14 22:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 18:44 - 2015-07-14 22:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 18:44 - 2015-07-14 21:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 18:44 - 2015-07-14 21:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 18:44 - 2015-07-14 21:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 18:44 - 2015-07-14 21:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 18:44 - 2015-07-10 12:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 18:44 - 2015-07-10 12:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 18:44 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 18:44 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 18:44 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 18:44 - 2015-07-01 15:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 18:44 - 2015-07-01 15:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 18:44 - 2015-07-01 15:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 18:44 - 2015-07-01 15:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 18:41 - 2015-07-20 13:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 18:41 - 2015-05-09 13:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 18:00 - 2015-08-12 18:31 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-12 11:46 - 2015-08-15 19:48 - 00000456 _____ C:\Windows\Tasks\ChicaPC-Shield-Notification.job
2015-08-12 11:46 - 2015-08-12 11:46 - 00003532 _____ C:\Windows\System32\Tasks\ChicaPC-Shield-Notification
2015-08-12 11:39 - 2015-08-12 11:39 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\ChicaLogic
2015-08-12 11:39 - 2015-08-12 11:39 - 00000000 ____D C:\ProgramData\ChicaLogic
2015-08-12 11:38 - 2015-08-12 18:31 - 00000000 ____D C:\ProgramData\clp
2015-08-12 11:37 - 2015-08-12 11:37 - 00002006 _____ C:\Users\Public\Desktop\VIRUSfighter.lnk
2015-08-12 11:36 - 2015-08-12 11:36 - 00000000 ____D C:\ProgramData\Common Toolkit Suite
2015-08-12 11:35 - 2015-08-12 11:35 - 02457480 _____ (SPAMfighter ApS) C:\Users\Ken-2020\Downloads\VIRUSfighter.exe
2015-08-12 11:34 - 2015-08-12 11:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-12 11:31 - 2015-08-12 11:47 - 00000000 ____D C:\Users\Ken-2020\Desktop\mbar
2015-08-12 11:29 - 2015-08-12 11:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Ken-2020\Downloads\mbar-1.09.1.1004.exe
2015-08-12 10:25 - 2015-07-20 13:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 10:25 - 2015-07-20 13:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 10:25 - 2015-07-20 13:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:25 - 2015-07-20 13:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 10:25 - 2015-07-20 12:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:25 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 10:25 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 10:25 - 2015-07-15 11:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 12:12 - 2015-08-11 12:15 - 00000000 ____D C:\Users\Ken-2020\Documents\Leatrix
2015-08-11 12:10 - 2015-08-11 12:10 - 04957771 _____ C:\Users\Ken-2020\Downloads\Leatrix_Latency_Fix_3.03.zip
2015-08-09 22:44 - 2015-08-09 22:44 - 52402344 _____ C:\Users\Ken-2020\Downloads\IzoidSaki Collab Tape.zip
2015-08-09 17:58 - 2015-08-09 17:58 - 00861608 _____ C:\Windows\Minidump\080915-13369-01.dmp
2015-08-09 15:00 - 2015-08-09 15:00 - 00001824 _____ C:\Users\Ken-2020\Desktop\sg_backup_2015-08-09-1500.spg
2015-08-09 15:00 - 2015-08-09 15:00 - 00001824 _____ C:\Users\Ken-2020\Desktop\FirstBackup.spg
2015-08-08 11:32 - 2015-08-08 11:32 - 00001824 _____ C:\Users\Ken-2020\Documents\sg_backup_2015-08-08-1132.spg
2015-08-08 09:20 - 2015-08-08 09:28 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-08 09:20 - 2015-08-08 09:20 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-08 08:58 - 2015-08-08 08:58 - 00017978 _____ C:\Windows\system32\.crusader
2015-08-08 08:54 - 2015-08-08 08:58 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-08 08:45 - 2015-08-08 08:51 - 00002754 _____ C:\Users\Ken-2020\Desktop\Rkill.txt
2015-08-07 16:16 - 2015-08-07 16:16 - 00001837 _____ C:\Users\Ken-2020\Documents\sg_backup_2015-08-07-1616.spg
2015-08-07 16:16 - 2015-08-07 16:16 - 00001837 _____ C:\Users\Ken-2020\Documents\FirstBackup.spg
2015-08-07 16:08 - 2015-08-12 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-07 16:04 - 2015-08-07 16:04 - 00274838 _____ C:\Users\Ken-2020\Documents\TCPOptimizer.zip
2015-08-02 15:39 - 2015-08-02 15:39 - 00010725 _____ C:\Users\Ken-2020\Desktop\AdwCleaner[S0].txt
2015-08-02 15:32 - 2015-08-15 19:47 - 00000000 ____D C:\AdwCleaner
2015-08-02 11:02 - 2015-08-02 11:02 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\TempTaskUpdateDetection0BA5F920-7266-4EC1-B981-DEA8174769EB
2015-08-02 10:04 - 2015-08-02 10:04 - 00000000 _____ C:\autoexec.bat
2015-08-01 14:24 - 2015-08-01 14:24 - 00000000 ____D C:\Program Files (x86)\ST Microelectronics
2015-07-31 23:38 - 2015-08-09 17:58 - 1086239730 _____ C:\Windows\MEMORY.DMP
2015-07-31 23:38 - 2015-07-31 23:39 - 01114904 _____ C:\Windows\Minidump\073115-14430-01.dmp
2015-07-30 01:08 - 2015-07-30 01:19 - 00002936 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-07-30 01:08 - 2015-07-30 01:19 - 00002936 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-07-30 01:08 - 2015-07-30 01:08 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Lavasoft
2015-07-30 01:07 - 2015-08-02 08:42 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-07-30 01:07 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-07-30 01:07 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-07-30 01:06 - 2015-08-12 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-07-30 01:04 - 2015-07-30 01:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-07-29 22:58 - 2015-07-29 22:58 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 22:58 - 2015-07-29 22:58 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-29 11:45 - 2015-07-29 11:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-28 21:29 - 2015-07-28 21:29 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\Tera_Awesomium
2015-07-28 00:43 - 2015-07-28 00:43 - 00000000 ____D C:\Windows\pss
2015-07-27 23:52 - 2015-07-27 23:52 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\GWX
2015-07-27 23:26 - 2013-12-20 14:45 - 00000095 ____H C:\DBAR_Ver.txt
2015-07-27 14:56 - 2015-07-27 14:56 - 00000017 _____ C:\Users\Ken-2020\AppData\Local\resmon.resmoncfg
2015-07-27 13:03 - 2015-07-27 13:04 - 00000912 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-07-27 13:03 - 2015-07-27 13:03 - 00003648 _____ C:\Windows\System32\Tasks\Efkamei
2015-07-27 13:03 - 2015-07-27 13:03 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-07-27 12:48 - 2015-07-27 12:48 - 05318400 _____ C:\Windows\SysWOW64\ins_smk.exe
2015-07-27 12:48 - 2015-07-27 12:48 - 00519680 _____ C:\Windows\SysWOW64\ins_U501EXE.exe
2015-07-27 12:48 - 2009-06-10 16:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-27 07:40 - 2015-07-27 07:40 - 00013720 _____ C:\Windows\system32\Drivers\avfsfilter.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-15 21:39 - 2014-06-22 13:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-15 20:59 - 2014-12-15 20:14 - 00064501 _____ C:\Windows\setupact.log
2015-08-15 20:51 - 2014-03-19 03:20 - 01760620 _____ C:\Windows\WindowsUpdate.log
2015-08-15 20:49 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-15 20:49 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 20:25 - 2014-07-02 20:28 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\CrashDumps
2015-08-15 19:55 - 2014-03-19 03:47 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2015-08-15 19:48 - 2014-12-15 20:14 - 00073942 _____ C:\Windows\PFRO.log
2015-08-15 19:48 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-15 19:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-08-15 11:29 - 2014-05-31 03:16 - 00000698 _____ C:\Users\Ken-2020\Documents\aionmemo_8c13ccf6.dat
2015-08-14 23:39 - 2014-05-15 18:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Google
2015-08-14 23:39 - 2014-05-15 18:53 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-14 23:38 - 2014-05-15 18:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Deployment
2015-08-14 23:38 - 2014-05-15 18:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Apps\2.0
2015-08-14 22:14 - 2014-05-17 19:19 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\TeamSpeak 3 Client
2015-08-14 22:12 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win864
2015-08-14 22:12 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win832
2015-08-14 22:11 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Winblue64
2015-08-14 22:11 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win764
2015-08-14 22:11 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win732
2015-08-14 22:10 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Vista64
2015-08-14 22:09 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Vista32
2015-08-14 01:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 20:54 - 2014-05-15 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-13 20:54 - 2014-03-19 03:48 - 00000000 ____D C:\Temp
2015-08-13 20:54 - 2014-03-19 03:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 20:53 - 2014-03-19 03:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-13 20:53 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-08-13 12:57 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-13 12:57 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2015-08-13 12:56 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2015-08-13 12:45 - 2014-05-15 23:01 - 00000000 ____D C:\ProgramData\TEMP
2015-08-13 11:22 - 2009-07-13 23:45 - 00438112 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 21:13 - 2014-12-10 04:18 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 21:13 - 2014-05-16 07:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 21:08 - 2014-08-04 16:40 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:06 - 2014-08-04 16:40 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 18:31 - 2014-08-01 11:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-12 18:31 - 2014-06-12 04:17 - 00000000 ____D C:\Windows\Minidump
2015-08-12 18:31 - 2014-05-18 22:54 - 00000000 ____D C:\NVIDIA
2015-08-12 18:31 - 2014-05-15 18:47 - 00000000 ____D C:\Users\Ken-2020
2015-08-12 18:31 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-12 02:34 - 2015-03-23 14:03 - 00000000 ____D C:\Program Files (x86)\ManyCam
2015-08-11 22:39 - 2014-06-22 13:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 22:39 - 2014-03-19 03:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 22:39 - 2014-03-19 03:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-10 10:29 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\Setup
2015-08-09 17:04 - 2014-08-03 10:14 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\TERA
2015-08-07 16:06 - 2012-06-13 10:04 - 00659456 _____ (Speed Guide Inc.) C:\Users\Ken-2020\Desktop\TCPOptimizer.exe
2015-08-05 21:06 - 2009-07-14 00:13 - 00893352 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-03 02:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
2015-08-02 09:01 - 2009-07-14 00:08 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-02 08:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Web
2015-08-02 08:43 - 2014-08-01 11:19 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-02 08:43 - 2014-05-15 22:49 - 00002110 _____ C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-08-02 04:19 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-01 14:20 - 2015-06-18 09:51 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Unity
2015-08-01 01:47 - 2011-02-10 09:02 - 00000000 ____D C:\Windows\panther
2015-08-01 01:42 - 2015-07-10 08:39 - 00000000 ____D C:\$Windows.~BT
2015-07-30 04:33 - 2014-05-15 22:49 - 00000000 ____D C:\Program Files (x86)\MPlayerplus
2015-07-30 00:57 - 2014-12-20 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-07-30 00:56 - 2014-12-20 23:15 - 00000000 ____D C:\ProgramData\Comodo
2015-07-29 22:59 - 2014-05-18 22:48 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-29 22:58 - 2014-05-18 22:47 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-28 21:27 - 2014-11-26 04:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-28 20:31 - 2014-03-19 03:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-28 20:30 - 2015-05-16 11:15 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-28 17:39 - 2014-05-16 20:42 - 00000000 ____D C:\ProgramData\softthinks
2015-07-28 08:29 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-28 08:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-07-28 00:06 - 2011-02-10 11:10 - 00888634 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-27 13:35 - 2014-05-15 18:50 - 00001419 _____ C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-27 13:19 - 2014-08-01 11:19 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-27 13:04 - 2013-07-01 14:17 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-27 13:04 - 2013-07-01 14:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-27 13:03 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spp
2015-07-27 12:45 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 04:50 - 2014-11-07 15:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-23 23:21 - 2014-12-23 09:49 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-23 23:21 - 2014-12-23 09:49 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 23:21 - 2014-05-18 22:48 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-23 23:21 - 2014-05-18 22:48 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-16 03:00 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
 
==================== Files in the root of some directories =======
 
2014-05-19 00:38 - 2014-06-03 03:33 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-05-16 23:59 - 2014-05-16 23:59 - 0000045 _____ () C:\Users\Ken-2020\AppData\Roaming\WB.CFG
2015-07-27 14:56 - 2015-07-27 14:56 - 0000017 _____ () C:\Users\Ken-2020\AppData\Local\resmon.resmoncfg
2014-03-19 03:29 - 2014-03-19 03:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Ken-2020\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2013-07-01 14:17] - [2015-07-27 13:04] - 0357888 ____A (Microsoft Corporation) 3ABBFD64E4FFF6A0D99E93ECD288127F
 
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-14 01:03
 
==================== End of log ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Ken-2020 (2015-08-15 21:39:51)
Running from C:\Users\Ken-2020\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3002978473-1665064215-2408261189-500 - Administrator - Disabled)
Guest (S-1-5-21-3002978473-1665064215-2408261189-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3002978473-1665064215-2408261189-1003 - Limited - Enabled)
Ken-2020 (S-1-5-21-3002978473-1665064215-2408261189-1002 - Administrator - Enabled) => C:\Users\Ken-2020
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: VIRUSfighter (Enabled - Up to date) {AADE57C6-933C-B473-8165-DC3022370224}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{330B7AAD-B2FE-4989-B02A-DDA5A174FCDF}) (Version: 2.0.0 - Dell Inc.)
Ad-Aware Web Companion (x32 Version: 2.0.1025.2130 - Lavasoft) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}) (Version: 3.5.14.0 - Alienware Corp.)
Alienware Command Center (Version: 3.5.14.0 - Alienware Corp.) Hidden
Alienware Customer Surveys (HKLM-x32\...\{9AAA35D1-B21D-4610-BBAE-18FE2D00C3E0}) (Version: 1.11.4124 - Dell Inc.)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.10C - )
Alienware On-Screen Display (x32 Version: 0.33.0.10C - ) Hidden
Alienware Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Banctec Service Agreement (HKLM-x32\...\{BD4B02C1-0271-4D7D-A850-19DE2E5CDF83}) (Version: 2.0.0 - Dell Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CompleteCare Business Service Agreement (HKLM-x32\...\{83E499FA-E6AA-47F9-80F2-1E0109E49397}) (Version: 2.0.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell InHome Service Agreement (HKLM-x32\...\{41AA8F20-FD30-4878-9080-6D5BE575FD41}) (Version: 2.0.0 - Dell Inc.)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
DHS Service Agreement (HKLM-x32\...\{BE7FC743-CC74-4977-82DD-CD4FC7EF74B6}) (Version: 2.0.0 - Dell Inc.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
Fighters (x32 Version: 4.5.151 - SPAMFIGHTER ApS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LavasoftTcpService (x32 Version: 2.3.4.7 - Lavasoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Premium Service Agreement (HKLM-x32\...\{A74168E5-C3F7-4809-85D3-145C64A4CFCC}) (Version: 2.0.0 - Dell Inc.)
QualxServ Service Agreement (HKLM-x32\...\{18401E1E-1E44-461A-A4B2-E48B1A727818}) (Version: 2.0.0 - Dell Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12889.86 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6876 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0040 - ST Microelectronics)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIRUSfighter (HKLM-x32\...\VIRUSfighter) (Version: 7.5.151 - SPAMFIGHTER ApS)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4800 - Broadcom Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-08-15 20:05 - 00449968 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05325239-085C-4D27-B03E-DEE96EF4381C} - \Inst_Rep -> No File <==== ATTENTION
Task: {0F44F6B0-3F60-453C-BDAA-DDFDB280BD18} - System32\Tasks\SUPERAntiSpyware Scheduled Task 6cc7b6e6-276c-4b7f-ba72-472faa7d4607 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {18B83553-2E16-4979-8233-446F3675D9C3} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {22AE8506-D540-4E9D-88B6-55CBE4966E76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-24] (Microsoft Corporation)
Task: {2672FCB1-D809-41BA-BA17-B52C404D36BC} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7a8ba68b-08e6-4f0c-aee9-183304a34957 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {27AC886F-6AC5-470A-836B-DE645B87C8B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14] (Google Inc.)
Task: {6034BFE2-5EB2-4A46-B288-684DD04ECDF5} - \TunePro360 Updater -> No File <==== ATTENTION
Task: {750C44E6-046D-452C-AB8D-75410901CE0A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {75C1145A-6A4F-4753-8A9C-9D485A2FB6C6} - System32\Tasks\Dell\Alienware Survey (Ken-2020) => C:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe [2013-04-23] (Alienware, Inc.)
Task: {7BFD3E55-DCFE-49F9-8EB0-58BA04E76E50} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {7D10EE8E-84C7-40E5-92EA-30F78A936D05} - System32\Tasks\ChicaPC-Shield-Notification => C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\Toolkit\Sync.exe
Task: {8EE059D6-8CF6-4FC0-BB6B-B81BF3EA2BAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14] (Google Inc.)
Task: {97B3E996-96D7-4811-8302-D80A94142274} - System32\Tasks\{BF85B273-DE45-4A69-858F-3EBC1093D42D} => pcalua.exe -a "C:\Program Files (x86)\MPlayerplus\Uninstall.exe" -c /fcp=1
Task: {A321549E-32EE-45C3-B5F8-DD910D89B289} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {AD351DDA-B116-4898-B024-16E6A13731F4} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-24] (Dell Inc.)
Task: {ADAEE88F-F877-453F-82ED-02A5A22D8D13} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-28] (Adobe Systems Incorporated)
Task: {B14F4ADB-99EE-4181-9772-C68498FCFFE3} - \DAHCX1 -> No File <==== ATTENTION
Task: {B8691613-AE73-4880-AEDB-C3F8FBA99426} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-24] (Microsoft Corporation)
Task: {DEBF1C9F-B3CF-45D6-AFB6-C4B0792C2149} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
Task: {EF030B71-32FC-4194-9925-127675837650} - System32\Tasks\Efkamei => C:\Program Files\shopperz27072015\Hoilckug.bat <==== ATTENTION
Task: {F07A1DDE-4379-4E8E-B60D-D63AD376AFA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {F41C6004-FE68-4505-833D-AE88056D3A1C} - \BrowserSafeguard Update Task -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ChicaPC-Shield-Notification.job => C:\Program Files (x86)\ChicaLogic\ChicaPC-Shield\Toolkit\Sync.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6cc7b6e6-276c-4b7f-ba72-472faa7d4607.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7a8ba68b-08e6-4f0c-aee9-183304a34957.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-13 20:53 - 2015-08-06 23:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-07 15:46 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-17 03:07 - 2015-01-27 10:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-19 03:48 - 2013-08-19 09:21 - 00020256 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIcon.dll
2014-03-19 03:48 - 2013-08-19 09:21 - 00019232 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayNotBackuped.dll
2014-03-19 03:48 - 2013-08-19 09:21 - 00035104 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRShellExtension.dll
2013-08-20 17:02 - 2013-08-20 17:02 - 04434224 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2014-03-19 03:48 - 2013-11-21 17:22 - 00484880 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe
2014-01-21 16:54 - 2014-01-21 16:54 - 01301688 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-08-05 06:59 - 2015-08-05 06:59 - 02327032 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.251\deploy\LoLLauncher.exe
2015-08-05 06:59 - 2015-08-05 06:59 - 03816952 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.35\deploy\LoLPatcher.exe
2015-03-12 05:28 - 2015-03-12 05:28 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.155\deploy\LolClient.exe
2015-08-12 11:42 - 2015-08-12 11:42 - 03992360 _____ () C:\ProgramData\Common Toolkit Suite\AVEngine\Defs\vdb\SAVI.DLL
2015-08-12 11:43 - 2015-08-12 11:43 - 00227624 _____ () C:\ProgramData\Common Toolkit Suite\AVEngine\Defs\vdb\OSDP.DLL
2015-08-12 11:43 - 2015-08-12 11:43 - 04986152 _____ () C:\ProgramData\Common Toolkit Suite\AVEngine\Defs\vdb\VEEX.DLL
2015-08-15 14:27 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-15 14:27 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-15 14:27 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-15 14:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-15 14:27 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-05-10 20:43 - 2015-07-23 23:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2009-12-18 11:07 - 2009-12-18 11:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2014-03-19 03:48 - 2013-11-21 15:00 - 01904928 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\STRestoreAPI.dll
2014-03-19 03:48 - 2012-11-25 22:20 - 01153384 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\libxml2.dll
2014-03-19 03:48 - 2012-11-25 22:20 - 00117608 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\zlib1.dll
2015-08-14 23:39 - 2015-08-07 19:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-14 23:39 - 2015-08-07 19:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-14 23:39 - 2015-08-07 19:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2015-08-05 06:59 - 2015-08-05 06:59 - 01667576 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.35\deploy\RiotLauncher.dll
2015-03-12 05:24 - 2014-09-25 22:09 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.155\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-03-12 05:24 - 2014-09-25 22:09 - 16032616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.155\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\DDDriver64Dcsa.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\DellProf.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mcvidrv_x64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Ken-2020\Desktop\Aion Japanese Voice Pack.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ken-2020\Desktop\Aion Japanese Voice Pack.exe:$CmdZnID
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7868 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Ken-2020^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartWeb.lnk => C:\Windows\pss\SmartWeb.lnk.Startup
MSCONFIG\startupreg: DeskBar => C:\Users\Ken-2020\AppData\Local\DeskBar\dblaunch.exe
MSCONFIG\startupreg: gmsd_us_005010043 => "C:\Program Files (x86)\gmsd_us_005010043\gmsd_us_005010043.exe"
MSCONFIG\startupreg: shopperz27072015 => C:\Program Files\shopperz27072015\Wxnuan.exe
MSCONFIG\startupreg: shopperz2707201564 => C:\Program Files\shopperz27072015\Wxnuan64.exe
MSCONFIG\startupreg: SmartWeb => C:\Users\Ken-2020\AppData\Local\SmartWeb\SmartWebHelper.exe
MSCONFIG\startupreg: StormWarnings => "C:\Program Files (x86)\StormWarnings\StormWarningsApp.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{27972D5E-9BB4-4C31-A68D-A0355CDC3627}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E5C0AC33-2CE6-4D46-AD9F-423B780C2F17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0BDC1300-9F8C-4A4A-95CF-76C274FF1943}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{717B7B55-7362-47C5-AE7C-C07DE7D1E4FA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D361E794-2815-43E5-B9B3-4044934D3547}] => (Allow) C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{66912B45-FBBC-4BBD-97C7-163740B06C05}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{70354DF3-35D4-4843-A58E-5A187CB1DA91}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{30582577-81C9-4923-AAD1-E58FA9A39931}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C6FF20DF-F142-4BF5-A21C-CD3EC50B3BBB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{9F757CEB-C9ED-447A-A82E-2747B0CA6153}C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe
FirewallRules: [UDP Query User{90F32BBD-34B7-4739-B298-CF8A24FB5CDE}C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe
FirewallRules: [TCP Query User{70554036-3875-447A-A834-B2C4A21A3C52}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{7FADEE7C-977F-4BF5-9C4B-58C0B1834DFE}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{3B714C12-8BE6-4724-BE42-1FDE76627F3B}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{79848BE4-B16C-4488-9D3B-EE65FD78A26E}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [{1F9C8605-60AE-48FF-9E33-8F7C1BF52952}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{A886E75E-AFDD-44AE-9256-7AEA605BFC50}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{8242B6D5-C0D1-47A3-8491-E13FB010B6DF}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{BB8D59BE-25D3-4830-9DEA-84F2407AC057}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{4FE03604-389A-4A01-8E43-A8738D7E50D1}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{4877E11A-0C4A-4410-B7AC-357D5F6DC428}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{8500BC29-827E-44F2-8227-0F5531BDB0A3}] => (Allow) C:\Program Files (x86)\Aion RainMeter\AionRainMeter.exe
FirewallRules: [{38245C11-4C72-4968-888A-06BEACC016C2}] => (Allow) C:\Program Files (x86)\Aion RainMeter\AionRainMeter.exe
FirewallRules: [{B5738E63-F321-4E92-82F8-F08D6C6623A3}] => (Allow) C:\Program Files (x86)\Aion RainMeter\AionRainMeter.exe
FirewallRules: [{E59E96C5-574E-49B5-B5EF-FF4F0AA66870}] => (Allow) C:\Program Files (x86)\Aion RainMeter\AionRainMeter.exe
FirewallRules: [{ADD0A0CB-4FAC-4E21-BC8C-6CBEF7CBD9A1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3FF7BA22-F3E6-4C0F-BCB3-9712DE57C349}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{87D7B2C2-36D9-4647-B217-79E6B6AA269F}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [TCP Query User{42026DD7-9988-4A98-A3B4-0E57E9D87510}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{BD7B3E41-716F-42BF-852B-5BB3CD22F9E8}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{8DE5C6C2-6826-4D74-8880-323260E29C49}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{C5DB4567-53D6-41FF-9AEC-980F54CE7738}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{A655C4CC-D664-4A05-8B41-4A058115CA97}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{DA3515FE-605F-43F1-AF19-BF29B6C1EF79}] => (Allow) C:\Users\Ken-2020\AppData\Roaming\TWV\TWV.exe
FirewallRules: [{8599C907-8240-460C-B8B5-AECBB0C30C30}] => (Allow) C:\Users\Ken-2020\AppData\Roaming\TWV\upd.exe
FirewallRules: [{84278F8B-A6FE-4D67-953A-944FF2E7E9A4}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{FFF69958-7FC6-4E00-B4AE-C19C1E92F32C}] => (Allow) C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F94914F6-03F8-4B16-9C17-40E7411E76AE}] => (Allow) C:\Users\Ken-2020\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7EC2CE7F-D7CF-40C0-B2FA-E88C29CD865C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8D5CEB4A-ECF2-42B4-8D5F-6D0080ED7ACD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C3692325-41BE-49E8-B3D9-2D6DB798281D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EFFE4277-FEDB-4DE0-A7EA-0283853A98D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{956EE606-2968-4F2A-B95A-3268ABC80AF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45786CA1-AB33-44A1-A5C2-474AEFB7CFF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{096D5D78-1F09-4CDA-A9C2-FE3BA7F7A090}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3784BFAA-31B5-4C62-AE1F-226C99AAEC58}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E5B5C50-E4CF-4467-818D-41015A30E8E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{057E667C-AF58-4849-93A7-9A97E90A1416}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0C4388D0-8725-4378-8028-4FDFD3E6A069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{37CCF396-3614-4074-9BDC-0FAD8B37867E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{12318960-0525-4431-93BA-A69DDE7020E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D1552AC1-ABBF-4B8F-AEC1-6036D4345387}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth Hands-free Audio
Description: Bluetooth Hands-free Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: btwaudio
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Killer
Service: Ke2200
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Bluetooth L2CAP Interface
Description: Bluetooth L2CAP Interface
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Broadcom Corp.
Service: btwl2cap
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: Bluetooth Remote Control
Description: Bluetooth Remote Control
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Broadcom
Service: btwrchid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/15/2015 09:38:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1344
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:33:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0xa04
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:28:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x197c
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x708
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1908
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0xf08
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:08:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1d70
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 09:03:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1bc0
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 08:58:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a69ec4
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1f58
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
 
Error: (08/15/2015 08:54:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program aion.bin version 4815.107.707.9356 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1f98
 
Start Time: 01d0d7c6521f56d8
 
Termination Time: 12
 
Application Path: C:\Program Files (x86)\NCSOFT\Aion\bin64\aion.bin
 
Report Id: bc77fdaa-43b9-11e5-92d2-e7c69cbef875
 
 
System errors:
=============
Error: (08/15/2015 09:16:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
%%5
 
Error: (08/15/2015 07:48:20 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor ID: 0
 
The details view of this entry contains further information.
 
Error: (08/15/2015 07:48:20 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor ID: 0
 
The details view of this entry contains further information.
 
Error: (08/15/2015 07:48:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Suite Service service failed to start due to the following error: 
%%2
 
Error: (08/15/2015 07:48:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LavasoftTcpService service failed to start due to the following error: 
%%2
 
Error: (08/15/2015 07:47:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (08/15/2015 07:47:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (08/15/2015 07:47:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (08/15/2015 07:47:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Scanner Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (08/15/2015 07:47:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
 
Microsoft Office:
=========================
Error: (08/15/2015 09:38:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d134401d0d7cca008392aC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dlldee36cfb-43bf-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:33:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42da0401d0d7cbed376743C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dll2c15a806-43bf-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:28:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d197c01d0d7cb3a671802C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dll7947ca0c-43be-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d70801d0d7ca87966c35C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dllc6723c5e-43bd-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d190801d0d7c9d4c51bf1C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dll139eebed-43bd-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42df0801d0d7c921f4fab0C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dll60cad3d1-43bc-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:08:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d1d7001d0d7c86f23b008C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dlladfb1351-43bb-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 09:03:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d1bc001d0d7c7bc5324e2C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dllfb2afd5d-43ba-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 08:58:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeeKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d1f5801d0d7c7098299b2C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeC:\Windows\syswow64\KERNELBASE.dll485a722d-43ba-11e5-92d2-e7c69cbef875
 
Error: (08/15/2015 08:54:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: aion.bin4815.107.707.93561f9801d0d7c6521f56d812C:\Program Files (x86)\NCSOFT\Aion\bin64\aion.binbc77fdaa-43b9-11e5-92d2-e7c69cbef875
 
 
CodeIntegrity:
===================================
  Date: 2015-08-13 12:47:06.092
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-13 12:47:06.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-12 11:49:16.928
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:16.924
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:16.921
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:16.839
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:16.835
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:16.832
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:15.616
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-12 11:49:15.611
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 30%
Total physical RAM: 16311.06 MB
Available physical RAM: 11262.56 MB
Total Virtual: 32620.33 MB
Available Virtual: 26987.64 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.78 GB) (Free:758.36 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:10.53 GB) (Free:10.41 GB) NTFS
Drive f: (UDISK) (Removable) (Total:3.79 GB) (Free:2.82 GB) FAT32
Drive y: (RECOVERY) (Fixed) (Total:10.69 GB) (Free:2.85 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: AEA8D35A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=920.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 10.5 GB) (Disk ID: AEA8D628)
Partition 1: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0C)
 
==================== End of log ============================
 
 

  • 0

Advertisements

#2
alamosis
Posted 16 August 2015 - 07:02 AM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

I'm ready for a reply! I was waiting all night! :laughing:


  • 0

#3
pystryker
Posted 16 August 2015 - 12:36 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexpected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:

 

I'm ready for a reply! I was waiting all night! :laughing:


Hello :)

We try and get to topics as soon as possible, however, there are some topics that are waiting and have been waiting for days for a reply. Please, be patient, as we are backed up. :thumbsup: I also highly recommend you not run anti-malware tools unless instructed to by a trained anti-malware helper. Especially ComboFix, as that one can render a machine unbootable if used improperly.

Let's get started showing your unwelcome guests the door. :)


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Disable SpyBot's Tea Timer


There are two ways to disable TeaTimer

1)
  • Launch Spybot Search & Destroy icon_Spybot_-_Search_and_Destroy.png
  • In the Menu, Select Mode and choose Advanced Mode
  • Click Yes in the confirmation dialogue box
  • click on Tools to expand the menu. Make sure that Resident is checked and then click Resident in the left pane.
  • In the right pane uncheck Resident "Tea timer" (Protection of over-all system settings) to disable it.
  • Uncheck the TeaTimer box and OK any prompts.
  • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
  • Exit Spybot S&D when done.
  • (Once you are clean, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.]
2)
  • Right click the TeaTimer icon in the system Tray MHoTT005.gif
  • Then click Exit Spybot-S&D Resident
  • (One you are clean you can restart TeaTimer by going to C:\Program Files\Spybot - Search & Destroy, and double clicking on TeaTimer.exe
Step 2: Uninstall Hitman Pro

Please uninstall Hitman Pro from your machine. This program has been known to make machines unbootable, and often interferes with the tools we need to use to clean your machine.


Step 3: File Search
  • Double-click on FRST.exe/FRST64.exe to open it, in the search box, type the following: dnsapi.dll
  • Press the Search Files button, allow FRST to run
  • A log file Search.txt will appear when complete, please post this in your next reply
Step 4: Scan with TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:
  • Search.txt Log
  • TDSSKiller Log

  • 0

#4
alamosis
Posted 16 August 2015 - 01:42 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Farbar Recovery Scan Tool (x64) Version:16-08-2015
Ran by Ken-2020 (2015-08-16 14:25:01)
Running from C:\Users\Ken-2020\Desktop
Boot Mode: Normal
 
================== Search Files: "dnsapi.dll" =============
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2013-07-01 14:17][2015-07-27 13:05] 0270336 ____A (Microsoft Corporation) FD038C501AF5106F94AF0FE05CE11942
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2013-07-01 14:17][2015-07-27 13:05] 0270336 ____A (Microsoft Corporation) F0E7F233ABC7CBB6ACFB6210ECE3D5B1
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2010-11-20 22:24][2015-07-27 13:05] 0270336 ____A (Microsoft Corporation) 657C1AD40415D0ABE06C54311F688809
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2013-07-01 14:17][2015-07-27 13:04] 0357888 ____A (Microsoft Corporation) 4E5DA2252F79BEFDA9F755E07C4B9EF5
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2013-07-01 14:17][2015-07-27 13:04] 0357888 ____A (Microsoft Corporation) 3ABBFD64E4FFF6A0D99E93ECD288127F
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2010-11-20 22:24][2015-07-27 13:04] 0357888 ____A (Microsoft Corporation) 067F985C846D205BB3A680034056B4C9
 
C:\Windows\SysWOW64\dnsapi.dll
[2013-07-01 14:17][2015-07-27 13:04] 0270336 ____A (Microsoft Corporation) F0E7F233ABC7CBB6ACFB6210ECE3D5B1
 
C:\Windows\System32\dnsapi.dll
[2013-07-01 14:17][2015-07-27 13:04] 0357888 ____A (Microsoft Corporation) 3ABBFD64E4FFF6A0D99E93ECD288127F
 
C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10240.16384_none_9d8c256ebdd2e48a\dnsapi.dll
[2015-07-10 05:30][2015-07-10 05:30] 0680256 ___AL () D41D8CD98F00B204E9800998ECF8427E
 
C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll
[2015-07-10 05:30][2015-07-10 05:30] 0680256 ___AL () D41D8CD98F00B204E9800998ECF8427E
 
====== End of Search ======
 
 
 
 
TDSS ---
14:37:18.0886 0x1e38  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:37:21.0255 0x1e38  ============================================================
14:37:21.0255 0x1e38  Current date / time: 2015/08/16 14:37:21.0255
14:37:21.0255 0x1e38  SystemInfo:
14:37:21.0255 0x1e38  
14:37:21.0255 0x1e38  OS Version: 6.1.7601 ServicePack: 1.0
14:37:21.0255 0x1e38  Product type: Workstation
14:37:21.0255 0x1e38  ComputerName: KEN-2020-PC
14:37:21.0255 0x1e38  UserName: Ken-2020
14:37:21.0255 0x1e38  Windows directory: C:\Windows
14:37:21.0255 0x1e38  System windows directory: C:\Windows
14:37:21.0255 0x1e38  Running under WOW64
14:37:21.0255 0x1e38  Processor architecture: Intel x64
14:37:21.0255 0x1e38  Number of processors: 8
14:37:21.0255 0x1e38  Page size: 0x1000
14:37:21.0255 0x1e38  Boot type: Normal boot
14:37:21.0255 0x1e38  ============================================================
14:37:23.0130 0x1e38  KLMD registered as C:\Windows\system32\drivers\49238638.sys
14:37:32.0386 0x1e38  System UUID: {476B46BE-6AB5-3AC6-D6DB-FA781DB3C16E}
14:37:32.0586 0x1e38  !crdlk
14:37:32.0586 0x1e38  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0960E00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:37:32.0586 0x1e38  Drive \Device\Harddisk1\DR1 - Size: 0x2A1F00000 ( 10.53 Gb ), SectorSize: 0x200, Cylinders: 0x55E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:37:32.0596 0x1e38  Drive \Device\Harddisk2\DR2 - Size: 0xF3000000 ( 3.80 Gb ), SectorSize: 0x200, Cylinders: 0x1EF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:37:32.0596 0x1e38  ============================================================
14:37:32.0596 0x1e38  \Device\Harddisk0\DR0:
14:37:32.0596 0x1e38  MBR partitions:
14:37:32.0596 0x1e38  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x155F000
14:37:32.0596 0x1e38  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1573000, BlocksNum 0x73191000
14:37:32.0596 0x1e38  \Device\Harddisk1\DR1:
14:37:32.0596 0x1e38  MBR partitions:
14:37:32.0596 0x1e38  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x150E800
14:37:32.0596 0x1e38  \Device\Harddisk2\DR2:
14:37:32.0596 0x1e38  MBR partitions:
14:37:32.0596 0x1e38  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x30, BlocksNum 0x797FD0
14:37:32.0596 0x1e38  ============================================================
14:37:32.0596 0x1e38  C: <-> \Device\Harddisk0\DR0\Partition2
14:37:32.0596 0x1e38  D: <-> \Device\Harddisk1\DR1\Partition1
14:37:32.0596 0x1e38  ============================================================
14:37:32.0596 0x1e38  Initialize success
14:37:32.0596 0x1e38  ============================================================
14:37:53.0384 0x1eec  ============================================================
14:37:53.0384 0x1eec  Scan started
14:37:53.0384 0x1eec  Mode: Manual; SigCheck; TDLFS; 
14:37:53.0384 0x1eec  ============================================================
14:37:53.0384 0x1eec  KSN ping started
14:37:56.0278 0x1eec  KSN ping finished: true
14:37:58.0041 0x1eec  ================ Scan system memory ========================
14:37:58.0041 0x1eec  System memory - ok
14:37:58.0042 0x1eec  ================ Scan services =============================
14:37:58.0061 0x1eec  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:37:58.0749 0x1eec  !SASCORE - ok
14:37:58.0818 0x1eec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:37:58.0852 0x1eec  1394ohci - ok
14:37:58.0865 0x1eec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:37:58.0883 0x1eec  ACPI - ok
14:37:58.0890 0x1eec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:37:58.0903 0x1eec  AcpiPmi - ok
14:37:58.0912 0x1eec  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:37:58.0923 0x1eec  AdobeARMservice - ok
14:37:58.0957 0x1eec  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:37:58.0969 0x1eec  AdobeFlashPlayerUpdateSvc - ok
14:37:58.0983 0x1eec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:37:58.0998 0x1eec  adp94xx - ok
14:37:59.0010 0x1eec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:37:59.0021 0x1eec  adpahci - ok
14:37:59.0030 0x1eec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:37:59.0040 0x1eec  adpu320 - ok
14:37:59.0052 0x1eec  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:37:59.0063 0x1eec  AeLookupSvc - ok
14:37:59.0070 0x1eec  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:37:59.0079 0x1eec  AERTFilters - ok
14:37:59.0095 0x1eec  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:37:59.0114 0x1eec  AFD - ok
14:37:59.0122 0x1eec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:37:59.0130 0x1eec  agp440 - ok
14:37:59.0138 0x1eec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:37:59.0149 0x1eec  ALG - ok
14:37:59.0158 0x1eec  [ 5A62478C1E22C3EB6533C1BFEDAA8D63, 8B0F15A9D3BC2CE77CD3445183C80839912DA90D0092943B76E0D0EC47F41C66 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
14:37:59.0167 0x1eec  AlienFusionService - ok
14:37:59.0174 0x1eec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:37:59.0181 0x1eec  aliide - ok
14:37:59.0187 0x1eec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:37:59.0194 0x1eec  amdide - ok
14:37:59.0201 0x1eec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:37:59.0209 0x1eec  AmdK8 - ok
14:37:59.0216 0x1eec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:37:59.0225 0x1eec  AmdPPM - ok
14:37:59.0233 0x1eec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:37:59.0243 0x1eec  amdsata - ok
14:37:59.0252 0x1eec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:37:59.0262 0x1eec  amdsbs - ok
14:37:59.0269 0x1eec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:37:59.0275 0x1eec  amdxata - ok
14:37:59.0283 0x1eec  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
14:37:59.0293 0x1eec  AppID - ok
14:37:59.0302 0x1eec  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:37:59.0310 0x1eec  AppIDSvc - ok
14:37:59.0320 0x1eec  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
14:37:59.0330 0x1eec  Appinfo - ok
14:37:59.0343 0x1eec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:37:59.0351 0x1eec  arc - ok
14:37:59.0359 0x1eec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:37:59.0367 0x1eec  arcsas - ok
14:37:59.0385 0x1eec  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:37:59.0395 0x1eec  aspnet_state - ok
14:37:59.0402 0x1eec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:37:59.0423 0x1eec  AsyncMac - ok
14:37:59.0430 0x1eec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:37:59.0437 0x1eec  atapi - ok
14:37:59.0455 0x1eec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:37:59.0473 0x1eec  AudioEndpointBuilder - ok
14:37:59.0491 0x1eec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:37:59.0510 0x1eec  AudioSrv - ok
14:37:59.0547 0x1eec  [ 5EDDDDC18FC6CDECC98FF1889DABD17A, DD6CB8CD7A31136E56FA0289F2D5C39DAA1B9F797AE168E4ECC7335A10B57867 ] AV Engine Scanning Service C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe
14:37:59.0589 0x1eec  AV Engine Scanning Service - ok
14:37:59.0602 0x1eec  [ AB4277F8872FC35FCBFA5883D4DCEFCD, 02C3F044703AEB9B8732EBFCC4A2C8C12924E0F5EBA6E3AA943AB7A50868EA73 ] AV Watch Service C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe
14:37:59.0615 0x1eec  AV Watch Service - ok
14:37:59.0620 0x1eec  avchv - ok
14:37:59.0627 0x1eec  [ 7C9EB330A6EB7B6ABFA7B0593899E2DE, 70FBEEEB71EDA2A950A26905C733A82ED425678C100FE7614658DF8DA900F847 ] AVFSFilter      C:\Windows\system32\DRIVERS\avfsfilter.sys
14:37:59.0632 0x1eec  AVFSFilter - ok
14:37:59.0642 0x1eec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:37:59.0653 0x1eec  AxInstSV - ok
14:37:59.0666 0x1eec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:37:59.0680 0x1eec  b06bdrv - ok
14:37:59.0691 0x1eec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:37:59.0702 0x1eec  b57nd60a - ok
14:37:59.0714 0x1eec  [ 8F3AB137A758D19B7BF393EB36E0E55C, 241C3915F16AD18365BFE22EF6B12FBF0ACD3B7746A1A452CB8B1B38D89E9761 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
14:37:59.0724 0x1eec  bcbtums - ok
14:37:59.0858 0x1eec  [ D1ADE2E072B022E9353367407413DAEA, 1A00A6A610DF4F67AF30FDBC52E84077FD48FB56EA3A8123C0C0DE823C9E322E ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
14:37:59.0987 0x1eec  BCM43XX - ok
14:38:00.0006 0x1eec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:38:00.0015 0x1eec  BDESVC - ok
14:38:00.0022 0x1eec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:38:00.0044 0x1eec  Beep - ok
14:38:00.0063 0x1eec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:38:00.0085 0x1eec  BFE - ok
14:38:00.0108 0x1eec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:38:00.0144 0x1eec  BITS - ok
14:38:00.0152 0x1eec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:38:00.0160 0x1eec  blbdrive - ok
14:38:00.0169 0x1eec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:38:00.0177 0x1eec  bowser - ok
14:38:00.0184 0x1eec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:38:00.0194 0x1eec  BrFiltLo - ok
14:38:00.0200 0x1eec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:38:00.0209 0x1eec  BrFiltUp - ok
14:38:00.0216 0x1eec  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:38:00.0239 0x1eec  BridgeMP - ok
14:38:00.0250 0x1eec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:38:00.0262 0x1eec  Browser - ok
14:38:00.0272 0x1eec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:38:00.0284 0x1eec  Brserid - ok
14:38:00.0291 0x1eec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:38:00.0301 0x1eec  BrSerWdm - ok
14:38:00.0307 0x1eec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:38:00.0316 0x1eec  BrUsbMdm - ok
14:38:00.0322 0x1eec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:38:00.0330 0x1eec  BrUsbSer - ok
14:38:00.0337 0x1eec  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
14:38:00.0345 0x1eec  BthEnum - ok
14:38:00.0455 0x1eec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:38:00.0481 0x1eec  BTHMODEM - ok
14:38:00.0494 0x1eec  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:38:00.0509 0x1eec  BthPan - ok
14:38:00.0526 0x1eec  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
14:38:00.0547 0x1eec  BTHPORT - ok
14:38:00.0559 0x1eec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:38:00.0582 0x1eec  bthserv - ok
14:38:00.0591 0x1eec  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
14:38:00.0600 0x1eec  BTHUSB - ok
14:38:00.0616 0x1eec  [ 96E22173FD0E2670A2A20C1EEECA162A, 2CC26317DBA063058178EA9B775C2A0FA2CF94FEDC6DF89F3D8314207D56DA24 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
14:38:00.0636 0x1eec  btwampfl - ok
14:38:00.0647 0x1eec  [ A771078558477068DFD8037B82EB00F8, 58E1686B12B747639FE3BF4CCA58D48B8BBB349C9D316315AD7237F44EF760A4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
14:38:00.0654 0x1eec  btwaudio - ok
14:38:00.0660 0x1eec  btwavdt - ok
14:38:00.0683 0x1eec  [ C75931329E463E2E743BD1DA785802C5, D6DFFFFC2E97E9685803BD01D7E222A1A166595C80336BC331B9579A70EAF9A5 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:38:00.0712 0x1eec  btwdins - ok
14:38:00.0719 0x1eec  btwl2cap - ok
14:38:00.0725 0x1eec  btwrchid - ok
14:38:00.0730 0x1eec  catchme - ok
14:38:00.0740 0x1eec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:38:00.0763 0x1eec  cdfs - ok
14:38:00.0772 0x1eec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:38:00.0783 0x1eec  cdrom - ok
14:38:00.0793 0x1eec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:38:00.0815 0x1eec  CertPropSvc - ok
14:38:00.0822 0x1eec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:38:00.0832 0x1eec  circlass - ok
14:38:00.0846 0x1eec  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:38:00.0859 0x1eec  CLFS - ok
14:38:00.0909 0x1eec  [ 39AD82B006786799438123A983AC795C, 7D63F9BBB9F925F042CF7CC6592940B82CF8204A68101D34DAA621C7E24344F2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:38:00.0959 0x1eec  ClickToRunSvc - ok
14:38:00.0974 0x1eec  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:00.0982 0x1eec  clr_optimization_v2.0.50727_32 - ok
14:38:00.0995 0x1eec  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:01.0003 0x1eec  clr_optimization_v2.0.50727_64 - ok
14:38:01.0019 0x1eec  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:01.0028 0x1eec  clr_optimization_v4.0.30319_32 - ok
14:38:01.0038 0x1eec  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:01.0048 0x1eec  clr_optimization_v4.0.30319_64 - ok
14:38:01.0056 0x1eec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:38:01.0064 0x1eec  CmBatt - ok
14:38:01.0070 0x1eec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:38:01.0077 0x1eec  cmdide - ok
14:38:01.0092 0x1eec  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
14:38:01.0111 0x1eec  CNG - ok
14:38:01.0119 0x1eec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:38:01.0126 0x1eec  Compbatt - ok
14:38:01.0134 0x1eec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:38:01.0143 0x1eec  CompositeBus - ok
14:38:01.0151 0x1eec  COMSysApp - ok
14:38:01.0160 0x1eec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:38:01.0167 0x1eec  crcdisk - ok
14:38:01.0180 0x1eec  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:38:01.0194 0x1eec  CryptSvc - ok
14:38:01.0214 0x1eec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:38:01.0244 0x1eec  DcomLaunch - ok
14:38:01.0252 0x1eec  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
14:38:01.0259 0x1eec  DDDriver - ok
14:38:01.0272 0x1eec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:38:01.0299 0x1eec  defragsvc - ok
14:38:01.0347 0x1eec  [ FD2B661335F35AC52B23488CCF2162B7, 2A7878E36F0D73F174ACE7CF7191DFA20AB326A5113F961D987CA4F54B4B2C4D ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
14:38:01.0394 0x1eec  DellDataVault - ok
14:38:01.0406 0x1eec  [ 6B572F7A4BF21250BBCF7071F565C4AF, E55244C9A4B4D7AFF0732BD66EE15A4CDDB0B3A1A8D9750E595A1966A9599B6F ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
14:38:01.0416 0x1eec  DellDataVaultWiz - ok
14:38:01.0423 0x1eec  [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
14:38:01.0430 0x1eec  DellProf - ok
14:38:01.0439 0x1eec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:38:01.0461 0x1eec  DfsC - ok
14:38:01.0477 0x1eec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:38:01.0489 0x1eec  Dhcp - ok
14:38:01.0518 0x1eec  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:38:01.0544 0x1eec  DiagTrack - ok
14:38:01.0554 0x1eec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:38:01.0575 0x1eec  discache - ok
14:38:01.0583 0x1eec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:38:01.0590 0x1eec  Disk - ok
14:38:01.0603 0x1eec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:38:01.0613 0x1eec  Dnscache - ok
14:38:01.0627 0x1eec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:38:01.0653 0x1eec  dot3svc - ok
14:38:01.0665 0x1eec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:38:01.0688 0x1eec  DPS - ok
14:38:01.0696 0x1eec  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:38:01.0704 0x1eec  drmkaud - ok
14:38:01.0727 0x1eec  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:38:01.0751 0x1eec  DXGKrnl - ok
14:38:01.0759 0x1eec  EagleX64 - ok
14:38:01.0770 0x1eec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:38:01.0793 0x1eec  EapHost - ok
14:38:01.0903 0x1eec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:38:01.0962 0x1eec  ebdrv - ok
14:38:01.0972 0x1eec  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
14:38:01.0981 0x1eec  EFS - ok
14:38:02.0001 0x1eec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:38:02.0020 0x1eec  ehRecvr - ok
14:38:02.0030 0x1eec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:38:02.0040 0x1eec  ehSched - ok
14:38:02.0055 0x1eec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:38:02.0069 0x1eec  elxstor - ok
14:38:02.0076 0x1eec  [ E47D9D7E6E53892FC97282482F4AE307, F5CA333174D780E89F33836931F086D0113C1B2D2A0D178B56A18B52D611EB27 ] EMSC            C:\Windows\system32\DRIVERS\EMSC.SYS
14:38:02.0082 0x1eec  EMSC - ok
14:38:02.0088 0x1eec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:38:02.0095 0x1eec  ErrDev - ok
14:38:02.0122 0x1eec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:38:02.0150 0x1eec  EventSystem - ok
14:38:02.0161 0x1eec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:38:02.0187 0x1eec  exfat - ok
14:38:02.0199 0x1eec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:38:02.0225 0x1eec  fastfat - ok
14:38:02.0244 0x1eec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:38:02.0263 0x1eec  Fax - ok
14:38:02.0271 0x1eec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:38:02.0279 0x1eec  fdc - ok
14:38:02.0287 0x1eec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:38:02.0310 0x1eec  fdPHost - ok
14:38:02.0319 0x1eec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:38:02.0342 0x1eec  FDResPub - ok
14:38:02.0351 0x1eec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:38:02.0358 0x1eec  FileInfo - ok
14:38:02.0367 0x1eec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:38:02.0389 0x1eec  Filetrace - ok
14:38:02.0395 0x1eec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:38:02.0403 0x1eec  flpydisk - ok
14:38:02.0415 0x1eec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:38:02.0426 0x1eec  FltMgr - ok
14:38:02.0452 0x1eec  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
14:38:02.0479 0x1eec  FontCache - ok
14:38:02.0488 0x1eec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:02.0496 0x1eec  FontCache3.0.0.0 - ok
14:38:02.0506 0x1eec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:38:02.0513 0x1eec  FsDepends - ok
14:38:02.0521 0x1eec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:38:02.0528 0x1eec  Fs_Rec - ok
14:38:02.0539 0x1eec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:38:02.0552 0x1eec  fvevol - ok
14:38:02.0560 0x1eec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:38:02.0567 0x1eec  gagp30kx - ok
14:38:02.0593 0x1eec  [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:38:02.0617 0x1eec  GfExperienceService - ok
14:38:02.0640 0x1eec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:38:02.0675 0x1eec  gpsvc - ok
14:38:02.0684 0x1eec  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:02.0692 0x1eec  gupdate - ok
14:38:02.0700 0x1eec  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:02.0708 0x1eec  gupdatem - ok
14:38:02.0715 0x1eec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:38:02.0723 0x1eec  hcw85cir - ok
14:38:02.0735 0x1eec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:38:02.0752 0x1eec  HdAudAddService - ok
14:38:02.0761 0x1eec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:38:02.0774 0x1eec  HDAudBus - ok
14:38:02.0780 0x1eec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:38:02.0789 0x1eec  HidBatt - ok
14:38:02.0796 0x1eec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:38:02.0809 0x1eec  HidBth - ok
14:38:02.0816 0x1eec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:38:02.0827 0x1eec  HidIr - ok
14:38:02.0837 0x1eec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:38:02.0861 0x1eec  hidserv - ok
14:38:02.0868 0x1eec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:38:02.0875 0x1eec  HidUsb - ok
14:38:02.0881 0x1eec  hitmanpro37 - ok
14:38:02.0891 0x1eec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:38:02.0915 0x1eec  hkmsvc - ok
14:38:02.0927 0x1eec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:38:02.0940 0x1eec  HomeGroupListener - ok
14:38:02.0952 0x1eec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:38:02.0964 0x1eec  HomeGroupProvider - ok
14:38:02.0971 0x1eec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:38:02.0979 0x1eec  HpSAMD - ok
14:38:02.0998 0x1eec  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:38:03.0019 0x1eec  HTTP - ok
14:38:03.0028 0x1eec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:38:03.0035 0x1eec  hwpolicy - ok
14:38:03.0043 0x1eec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:38:03.0052 0x1eec  i8042prt - ok
14:38:03.0069 0x1eec  [ 118CBC8D092787B604115F5267F77AE8, 6617C5C0659523351F232DFF1C56B29E3DD8A7D56ED4CBDB3E9F374CE0E205C7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
14:38:03.0089 0x1eec  iaStorA - ok
14:38:03.0098 0x1eec  [ 8B262229FF72E822E51080AD9B22D4CB, 34DAC09BC693A7A38BA88306A02157C74BFADF96CAC2BE16112DC2C22CDF78D8 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:38:03.0106 0x1eec  IAStorDataMgrSvc - ok
14:38:03.0112 0x1eec  [ 3372DDF2F7FD01B2E061D13E7C3D69BF, B5E79D71C39093A078B4F0165E3C9001EE9158D6A2120B0B0EBC25757BBEA2B4 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
14:38:03.0121 0x1eec  iaStorF - ok
14:38:03.0134 0x1eec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:38:03.0147 0x1eec  iaStorV - ok
14:38:03.0154 0x1eec  IDriverT - ok
14:38:03.0175 0x1eec  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:03.0196 0x1eec  idsvc - ok
14:38:03.0205 0x1eec  IEEtwCollectorService - ok
14:38:03.0211 0x1eec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:38:03.0219 0x1eec  iirsp - ok
14:38:03.0241 0x1eec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:38:03.0264 0x1eec  IKEEXT - ok
14:38:03.0324 0x1eec  [ 0141272C088995D9EFCCB6A7A7CC64B6, 2F2EF677331457EE54E314E5D820D41C9FE4D4316D79086D666AADB2ABC943E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:38:03.0383 0x1eec  IntcAzAudAddService - ok
14:38:03.0406 0x1eec  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
14:38:03.0420 0x1eec  Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:38:06.0312 0x1eec  Detect skipped due to KSN trusted
14:38:06.0312 0x1eec  Intel® Capability Licensing Service Interface - ok
14:38:06.0351 0x1eec  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:38:06.0378 0x1eec  Intel® Capability Licensing Service TCP IP Interface - ok
14:38:06.0386 0x1eec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:38:06.0393 0x1eec  intelide - ok
14:38:06.0400 0x1eec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:38:06.0409 0x1eec  intelppm - ok
14:38:06.0602 0x1eec  [ B4EF8C5440EE956A653CF71DF9D5D409, 8794806304331868E20DE2699A76F903C68B874514F3C6870E921A3086171D34 ] ioloEnergyBooster C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe
14:38:06.0704 0x1eec  ioloEnergyBooster - ok
14:38:06.0723 0x1eec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:38:06.0747 0x1eec  IPBusEnum - ok
14:38:06.0757 0x1eec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:06.0779 0x1eec  IpFilterDriver - ok
14:38:06.0796 0x1eec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:38:06.0813 0x1eec  iphlpsvc - ok
14:38:06.0820 0x1eec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:38:06.0829 0x1eec  IPMIDRV - ok
14:38:06.0838 0x1eec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:38:06.0861 0x1eec  IPNAT - ok
14:38:06.0868 0x1eec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:38:06.0879 0x1eec  IRENUM - ok
14:38:06.0885 0x1eec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:38:06.0892 0x1eec  isapnp - ok
14:38:06.0902 0x1eec  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:38:06.0913 0x1eec  iScsiPrt - ok
14:38:06.0919 0x1eec  [ A26955DC2350415849C05496D5563E5A, A9204F86EFDC9283252154229ECD7025FACA954980346C2205D4821EB7F3786D ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:38:06.0928 0x1eec  iusb3hcs - ok
14:38:06.0941 0x1eec  [ 67DE0E5CA733D0086326D242F74C72C0, 0356788C8F0AAE6E573419BF3906B003F8744E740E2D16DC587440B9F672D6EA ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
14:38:06.0954 0x1eec  iusb3hub - ok
14:38:06.0975 0x1eec  [ 91B6B48710A35E9F308BC97F29716427, C662FD78B02A8B5A312A95E25123CEA6BC7295E1A756ED828566A02BC7E80588 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:38:06.0995 0x1eec  iusb3xhc - ok
14:38:07.0006 0x1eec  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
14:38:07.0018 0x1eec  jhi_service - ok
14:38:07.0025 0x1eec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:07.0033 0x1eec  kbdclass - ok
14:38:07.0041 0x1eec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:07.0050 0x1eec  kbdhid - ok
14:38:07.0060 0x1eec  [ 8388468214713C94154C547DDB4F96CC, 661365BAB7F20E1EF1B7B97146C3F49744EF7AAC342E0FB64481CF116135C7C1 ] Ke2200          C:\Windows\system32\DRIVERS\e22w7x64.sys
14:38:07.0071 0x1eec  Ke2200 - ok
14:38:07.0079 0x1eec  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
14:38:07.0087 0x1eec  KeyIso - ok
14:38:07.0095 0x1eec  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:38:07.0104 0x1eec  KSecDD - ok
14:38:07.0114 0x1eec  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:38:07.0123 0x1eec  KSecPkg - ok
14:38:07.0130 0x1eec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:38:07.0153 0x1eec  ksthunk - ok
14:38:07.0169 0x1eec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:38:07.0197 0x1eec  KtmRm - ok
14:38:07.0211 0x1eec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:38:07.0237 0x1eec  LanmanServer - ok
14:38:07.0249 0x1eec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:07.0272 0x1eec  LanmanWorkstation - ok
14:38:07.0279 0x1eec  LavasoftTcpService - ok
14:38:07.0290 0x1eec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:38:07.0313 0x1eec  lltdio - ok
14:38:07.0327 0x1eec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:38:07.0354 0x1eec  lltdsvc - ok
14:38:07.0364 0x1eec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:38:07.0386 0x1eec  lmhosts - ok
14:38:07.0400 0x1eec  [ 3EA307C51069BC72DD74A4964F2A30A9, EB8F9C936AE43B7E31CB6C46F76FB918509D529E897C0E82B865A2854458996A ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:38:07.0414 0x1eec  LMS - ok
14:38:07.0425 0x1eec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:38:07.0434 0x1eec  LSI_FC - ok
14:38:07.0442 0x1eec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:38:07.0450 0x1eec  LSI_SAS - ok
14:38:07.0458 0x1eec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:38:07.0465 0x1eec  LSI_SAS2 - ok
14:38:07.0473 0x1eec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:38:07.0481 0x1eec  LSI_SCSI - ok
14:38:07.0491 0x1eec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:38:07.0515 0x1eec  luafv - ok
14:38:07.0525 0x1eec  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:38:07.0533 0x1eec  MBAMProtector - ok
14:38:07.0556 0x1eec  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
14:38:07.0578 0x1eec  MBAMService - ok
14:38:07.0587 0x1eec  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:38:07.0594 0x1eec  MBAMWebAccessControl - ok
14:38:07.0607 0x1eec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:38:07.0617 0x1eec  Mcx2Svc - ok
14:38:07.0624 0x1eec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:38:07.0631 0x1eec  megasas - ok
14:38:07.0642 0x1eec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:38:07.0653 0x1eec  MegaSR - ok
14:38:07.0661 0x1eec  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:38:07.0670 0x1eec  MEIx64 - ok
14:38:07.0679 0x1eec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:38:07.0703 0x1eec  MMCSS - ok
14:38:07.0710 0x1eec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:38:07.0732 0x1eec  Modem - ok
14:38:07.0738 0x1eec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:38:07.0747 0x1eec  monitor - ok
14:38:07.0755 0x1eec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:38:07.0763 0x1eec  mouclass - ok
14:38:07.0769 0x1eec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:38:07.0777 0x1eec  mouhid - ok
14:38:07.0786 0x1eec  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:38:07.0794 0x1eec  mountmgr - ok
14:38:07.0803 0x1eec  [ 31A94358EF55B871B1B81ADE3ACEBFF9, 611E9502DC15733F37EEF8EA3D6DCD51434EACE3EBC204197E05A7B299FFC0D4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:07.0813 0x1eec  MozillaMaintenance - ok
14:38:07.0822 0x1eec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:38:07.0831 0x1eec  mpio - ok
14:38:07.0842 0x1eec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:38:07.0865 0x1eec  mpsdrv - ok
14:38:07.0888 0x1eec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:38:07.0923 0x1eec  MpsSvc - ok
14:38:07.0933 0x1eec  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:38:07.0943 0x1eec  MRxDAV - ok
14:38:07.0955 0x1eec  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:07.0966 0x1eec  mrxsmb - ok
14:38:07.0978 0x1eec  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:07.0992 0x1eec  mrxsmb10 - ok
14:38:08.0002 0x1eec  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:08.0014 0x1eec  mrxsmb20 - ok
14:38:08.0021 0x1eec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:38:08.0027 0x1eec  msahci - ok
14:38:08.0036 0x1eec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:38:08.0046 0x1eec  msdsm - ok
14:38:08.0056 0x1eec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:38:08.0069 0x1eec  MSDTC - ok
14:38:08.0080 0x1eec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:38:08.0103 0x1eec  Msfs - ok
14:38:08.0111 0x1eec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:38:08.0133 0x1eec  mshidkmdf - ok
14:38:08.0139 0x1eec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:38:08.0146 0x1eec  msisadrv - ok
14:38:08.0159 0x1eec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:38:08.0183 0x1eec  MSiSCSI - ok
14:38:08.0191 0x1eec  msiserver - ok
14:38:08.0197 0x1eec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:38:08.0218 0x1eec  MSKSSRV - ok
14:38:08.0225 0x1eec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:08.0246 0x1eec  MSPCLOCK - ok
14:38:08.0253 0x1eec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:38:08.0274 0x1eec  MSPQM - ok
14:38:08.0285 0x1eec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:38:08.0297 0x1eec  MsRPC - ok
14:38:08.0306 0x1eec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:38:08.0313 0x1eec  mssmbios - ok
14:38:08.0320 0x1eec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:38:08.0341 0x1eec  MSTEE - ok
14:38:08.0347 0x1eec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:38:08.0356 0x1eec  MTConfig - ok
14:38:08.0365 0x1eec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:38:08.0372 0x1eec  Mup - ok
14:38:08.0388 0x1eec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:38:08.0416 0x1eec  napagent - ok
14:38:08.0429 0x1eec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:38:08.0444 0x1eec  NativeWifiP - ok
14:38:08.0466 0x1eec  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:38:08.0487 0x1eec  NDIS - ok
14:38:08.0494 0x1eec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:38:08.0516 0x1eec  NdisCap - ok
14:38:08.0523 0x1eec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:08.0545 0x1eec  NdisTapi - ok
14:38:08.0552 0x1eec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:08.0573 0x1eec  Ndisuio - ok
14:38:08.0582 0x1eec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:08.0606 0x1eec  NdisWan - ok
14:38:08.0615 0x1eec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:38:08.0637 0x1eec  NDProxy - ok
14:38:08.0644 0x1eec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:38:08.0667 0x1eec  NetBIOS - ok
14:38:08.0679 0x1eec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:38:08.0705 0x1eec  NetBT - ok
14:38:08.0713 0x1eec  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
14:38:08.0722 0x1eec  Netlogon - ok
14:38:08.0736 0x1eec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:38:08.0764 0x1eec  Netman - ok
14:38:08.0773 0x1eec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0782 0x1eec  NetMsmqActivator - ok
14:38:08.0790 0x1eec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0800 0x1eec  NetPipeActivator - ok
14:38:08.0815 0x1eec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:38:08.0845 0x1eec  netprofm - ok
14:38:08.0854 0x1eec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0863 0x1eec  NetTcpActivator - ok
14:38:08.0871 0x1eec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0881 0x1eec  NetTcpPortSharing - ok
14:38:08.0888 0x1eec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:38:08.0894 0x1eec  nfrd960 - ok
14:38:08.0909 0x1eec  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:38:08.0922 0x1eec  NlaSvc - ok
14:38:08.0929 0x1eec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:38:08.0951 0x1eec  Npfs - ok
14:38:08.0960 0x1eec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:38:08.0981 0x1eec  nsi - ok
14:38:08.0989 0x1eec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:38:09.0010 0x1eec  nsiproxy - ok
14:38:09.0045 0x1eec  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:38:09.0076 0x1eec  Ntfs - ok
14:38:09.0085 0x1eec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:38:09.0106 0x1eec  Null - ok
14:38:09.0116 0x1eec  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:38:09.0127 0x1eec  NVHDA - ok
14:38:09.0294 0x1eec  [ 23860E0BE05DF15970B9C0A141076080, 79DFB92E872AE108FFD47C577F96099C8FB03BA61A491B0CF3A5C8A2F3CAD17F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:38:09.0471 0x1eec  nvlddmkm - ok
14:38:09.0518 0x1eec  [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:38:09.0554 0x1eec  NvNetworkService - ok
14:38:09.0565 0x1eec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:38:09.0573 0x1eec  nvraid - ok
14:38:09.0581 0x1eec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:38:09.0590 0x1eec  nvstor - ok
14:38:09.0597 0x1eec  [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:38:09.0603 0x1eec  NvStreamKms - ok
14:38:09.0690 0x1eec  [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:38:09.0782 0x1eec  NvStreamSvc - ok
14:38:09.0807 0x1eec  [ F4D36838C25AB847D1A759150B5E992F, AB7BB99A90112F559AD4B4D33F53FFC2DBC7B1E85FCED90A9FCCA694A0BD9934 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:38:09.0829 0x1eec  nvsvc - ok
14:38:09.0839 0x1eec  [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:38:09.0847 0x1eec  nvvad_WaveExtensible - ok
14:38:09.0855 0x1eec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:38:09.0864 0x1eec  nv_agp - ok
14:38:09.0872 0x1eec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:38:09.0881 0x1eec  ohci1394 - ok
14:38:09.0890 0x1eec  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:09.0900 0x1eec  ose - ok
14:38:09.0983 0x1eec  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:38:10.0069 0x1eec  osppsvc - ok
14:38:10.0087 0x1eec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:38:10.0100 0x1eec  p2pimsvc - ok
14:38:10.0116 0x1eec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:38:10.0133 0x1eec  p2psvc - ok
14:38:10.0141 0x1eec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:38:10.0152 0x1eec  Parport - ok
14:38:10.0160 0x1eec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:38:10.0168 0x1eec  partmgr - ok
14:38:10.0179 0x1eec  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:38:10.0192 0x1eec  PcaSvc - ok
14:38:10.0202 0x1eec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:38:10.0211 0x1eec  pci - ok
14:38:10.0218 0x1eec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:38:10.0225 0x1eec  pciide - ok
14:38:10.0235 0x1eec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:38:10.0245 0x1eec  pcmcia - ok
14:38:10.0254 0x1eec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:38:10.0261 0x1eec  pcw - ok
14:38:10.0279 0x1eec  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:38:10.0299 0x1eec  PEAUTH - ok
14:38:10.0330 0x1eec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:38:10.0339 0x1eec  PerfHost - ok
14:38:10.0377 0x1eec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:38:10.0422 0x1eec  pla - ok
14:38:10.0440 0x1eec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:38:10.0454 0x1eec  PlugPlay - ok
14:38:10.0463 0x1eec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:38:10.0471 0x1eec  PNRPAutoReg - ok
14:38:10.0485 0x1eec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:38:10.0498 0x1eec  PNRPsvc - ok
14:38:10.0514 0x1eec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:38:10.0543 0x1eec  PolicyAgent - ok
14:38:10.0558 0x1eec  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
14:38:10.0569 0x1eec  Power - ok
14:38:10.0577 0x1eec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:38:10.0600 0x1eec  PptpMiniport - ok
14:38:10.0607 0x1eec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:38:10.0616 0x1eec  Processor - ok
14:38:10.0628 0x1eec  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:38:10.0641 0x1eec  ProfSvc - ok
14:38:10.0649 0x1eec  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:38:10.0658 0x1eec  ProtectedStorage - ok
14:38:10.0666 0x1eec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:38:10.0691 0x1eec  Psched - ok
14:38:10.0758 0x1eec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:38:10.0788 0x1eec  ql2300 - ok
14:38:10.0798 0x1eec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:38:10.0806 0x1eec  ql40xx - ok
14:38:10.0819 0x1eec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:38:10.0834 0x1eec  QWAVE - ok
14:38:10.0841 0x1eec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:38:10.0852 0x1eec  QWAVEdrv - ok
14:38:10.0858 0x1eec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:38:10.0880 0x1eec  RasAcd - ok
14:38:10.0887 0x1eec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:38:10.0910 0x1eec  RasAgileVpn - ok
14:38:10.0921 0x1eec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:38:10.0944 0x1eec  RasAuto - ok
14:38:10.0952 0x1eec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:38:10.0975 0x1eec  Rasl2tp - ok
14:38:10.0988 0x1eec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:38:11.0016 0x1eec  RasMan - ok
14:38:11.0024 0x1eec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:38:11.0047 0x1eec  RasPppoe - ok
14:38:11.0055 0x1eec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:38:11.0078 0x1eec  RasSstp - ok
14:38:11.0091 0x1eec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:38:11.0117 0x1eec  rdbss - ok
14:38:11.0125 0x1eec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:38:11.0135 0x1eec  rdpbus - ok
14:38:11.0142 0x1eec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:38:11.0164 0x1eec  RDPCDD - ok
14:38:11.0174 0x1eec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:38:11.0195 0x1eec  RDPENCDD - ok
14:38:11.0207 0x1eec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:38:11.0230 0x1eec  RDPREFMP - ok
14:38:11.0240 0x1eec  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:38:11.0253 0x1eec  RDPWD - ok
14:38:11.0264 0x1eec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:38:11.0274 0x1eec  rdyboost - ok
14:38:11.0285 0x1eec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:38:11.0309 0x1eec  RemoteAccess - ok
14:38:11.0322 0x1eec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:38:11.0345 0x1eec  RemoteRegistry - ok
14:38:11.0355 0x1eec  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:38:11.0367 0x1eec  RFCOMM - ok
14:38:11.0377 0x1eec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:38:11.0400 0x1eec  RpcEptMapper - ok
14:38:11.0407 0x1eec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:38:11.0417 0x1eec  RpcLocator - ok
14:38:11.0435 0x1eec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:38:11.0464 0x1eec  RpcSs - ok
14:38:11.0477 0x1eec  [ 73993E0AE5908C4AFE33D3E355E600BC, 304CB5D4054DD1C123B20973767D12E78C04EFDA4210AD583EF1FAC207B817C7 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
14:38:11.0489 0x1eec  RSPCIESTOR - ok
14:38:11.0497 0x1eec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:38:11.0519 0x1eec  rspndr - ok
14:38:11.0529 0x1eec  [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
14:38:11.0539 0x1eec  RtkAudioService - ok
14:38:11.0547 0x1eec  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
14:38:11.0555 0x1eec  SamSs - ok
14:38:11.0562 0x1eec  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:38:11.0569 0x1eec  SASDIFSV - ok
14:38:11.0575 0x1eec  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:38:11.0582 0x1eec  SASKUTIL - ok
14:38:11.0590 0x1eec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:38:11.0598 0x1eec  sbp2port - ok
14:38:11.0610 0x1eec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:38:11.0638 0x1eec  SCardSvr - ok
14:38:11.0647 0x1eec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:38:11.0668 0x1eec  scfilter - ok
14:38:11.0695 0x1eec  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:38:11.0737 0x1eec  Schedule - ok
14:38:11.0749 0x1eec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:38:11.0771 0x1eec  SCPolicySvc - ok
14:38:11.0779 0x1eec  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:38:11.0790 0x1eec  sdbus - ok
14:38:11.0800 0x1eec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:38:11.0811 0x1eec  SDRSVC - ok
14:38:11.0843 0x1eec  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:38:11.0875 0x1eec  SDScannerService - ok
14:38:11.0915 0x1eec  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:38:11.0953 0x1eec  SDUpdateService - ok
14:38:11.0964 0x1eec  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:38:11.0974 0x1eec  SDWSCService - ok
14:38:11.0981 0x1eec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:38:12.0003 0x1eec  secdrv - ok
14:38:12.0012 0x1eec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:38:12.0034 0x1eec  seclogon - ok
14:38:12.0044 0x1eec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:38:12.0068 0x1eec  SENS - ok
14:38:12.0077 0x1eec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:38:12.0086 0x1eec  SensrSvc - ok
14:38:12.0092 0x1eec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:38:12.0101 0x1eec  Serenum - ok
14:38:12.0110 0x1eec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:38:12.0120 0x1eec  Serial - ok
14:38:12.0127 0x1eec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:38:12.0135 0x1eec  sermouse - ok
14:38:12.0153 0x1eec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:38:12.0178 0x1eec  SessionEnv - ok
14:38:12.0186 0x1eec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:38:12.0196 0x1eec  sffdisk - ok
14:38:12.0203 0x1eec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:38:12.0213 0x1eec  sffp_mmc - ok
14:38:12.0220 0x1eec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:38:12.0231 0x1eec  sffp_sd - ok
14:38:12.0238 0x1eec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:38:12.0246 0x1eec  sfloppy - ok
14:38:12.0285 0x1eec  [ B2B36D1B62BA24ACA1C114B3936F308D, 251C87C6EFCA5D18EFB0008B827D22E32B45A1D5C2E125B381EF5444775B798E ] SftService      C:\Program Files (x86)\AlienRespawn\sftservice.exe
14:38:12.0320 0x1eec  SftService - ok
14:38:12.0337 0x1eec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:38:12.0364 0x1eec  SharedAccess - ok
14:38:12.0379 0x1eec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:38:12.0407 0x1eec  ShellHWDetection - ok
14:38:12.0415 0x1eec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:38:12.0421 0x1eec  SiSRaid2 - ok
14:38:12.0430 0x1eec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:38:12.0438 0x1eec  SiSRaid4 - ok
14:38:12.0446 0x1eec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:38:12.0470 0x1eec  Smb - ok
14:38:12.0478 0x1eec  [ 5476D773EE180AEB9CADA786EA131777, BEBC1788A63FFC54047BE6633F8C3AF10F5E26C1F5B8255DAD88CEF81544B07C ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:38:12.0486 0x1eec  SmbDrvI - ok
14:38:12.0498 0x1eec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:38:12.0507 0x1eec  SNMPTRAP - ok
14:38:12.0514 0x1eec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:38:12.0521 0x1eec  spldr - ok
14:38:12.0538 0x1eec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:38:12.0556 0x1eec  Spooler - ok
14:38:12.0625 0x1eec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:38:12.0701 0x1eec  sppsvc - ok
14:38:12.0713 0x1eec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:38:12.0736 0x1eec  sppuinotify - ok
14:38:12.0752 0x1eec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:38:12.0767 0x1eec  srv - ok
14:38:12.0782 0x1eec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:38:12.0796 0x1eec  srv2 - ok
14:38:12.0806 0x1eec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:38:12.0816 0x1eec  srvnet - ok
14:38:12.0828 0x1eec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:38:12.0853 0x1eec  SSDPSRV - ok
14:38:12.0864 0x1eec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:38:12.0888 0x1eec  SstpSvc - ok
14:38:12.0895 0x1eec  [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
14:38:12.0902 0x1eec  stdcfltn - ok
14:38:12.0915 0x1eec  [ F6D78F5436918952F1CB24BC48DB5B72, DFD6DA8A72D5719A063BAB921B6870B4BDA75DA4D280492F110DF3F99627BDF7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:38:12.0927 0x1eec  Stereo Service - ok
14:38:12.0934 0x1eec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:38:12.0941 0x1eec  stexstor - ok
14:38:12.0958 0x1eec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:38:12.0977 0x1eec  stisvc - ok
14:38:12.0987 0x1eec  [ 5515D39205E0B59045DED8573A9E2179, 192A12994E44948D970CAA189F45182132C930506C0D40CE98F566BD5CA9B572 ] ST_ACCEL        C:\Windows\system32\DRIVERS\ST_Accel.sys
14:38:12.0995 0x1eec  ST_ACCEL - ok
14:38:13.0001 0x1eec  Suite Service - ok
14:38:13.0009 0x1eec  [ 8FA3C188F04B9288B35DC7DBA9E3956D, 3E74C795393BE67CEE4E3D08889A0EDD90452766645A4F6E47AD153CD6A3EB72 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
14:38:13.0016 0x1eec  SupportAssistAgent - ok
14:38:13.0023 0x1eec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:38:13.0029 0x1eec  swenum - ok
14:38:13.0046 0x1eec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:38:13.0077 0x1eec  swprv - ok
14:38:13.0092 0x1eec  [ 75B2DF282F2D40C7DC721EC4CADC7DB5, 0E92F61CC2241DFBBACFEB048BC3702494A52BF1BDB2000408A64EA748A6A727 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:38:13.0106 0x1eec  SynTP - ok
14:38:13.0228 0x1eec  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
14:38:13.0269 0x1eec  SysMain - ok
14:38:13.0281 0x1eec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:38:13.0294 0x1eec  TabletInputService - ok
14:38:13.0307 0x1eec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:38:13.0333 0x1eec  TapiSrv - ok
14:38:13.0344 0x1eec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:38:13.0367 0x1eec  TBS - ok
14:38:13.0403 0x1eec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:38:13.0439 0x1eec  Tcpip - ok
14:38:13.0476 0x1eec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:38:13.0511 0x1eec  TCPIP6 - ok
14:38:13.0525 0x1eec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:38:13.0533 0x1eec  tcpipreg - ok
14:38:13.0544 0x1eec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:38:13.0553 0x1eec  TDPIPE - ok
14:38:13.0560 0x1eec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:38:13.0568 0x1eec  TDTCP - ok
14:38:13.0577 0x1eec  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:38:13.0588 0x1eec  tdx - ok
14:38:13.0596 0x1eec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:38:13.0603 0x1eec  TermDD - ok
14:38:13.0623 0x1eec  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:38:13.0644 0x1eec  TermService - ok
14:38:13.0655 0x1eec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:38:13.0668 0x1eec  Themes - ok
14:38:13.0678 0x1eec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:38:13.0702 0x1eec  THREADORDER - ok
14:38:13.0714 0x1eec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:38:13.0738 0x1eec  TrkWks - ok
14:38:13.0746 0x1eec  [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
14:38:13.0756 0x1eec  TrueSight - ok
14:38:13.0768 0x1eec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:38:13.0792 0x1eec  TrustedInstaller - ok
14:38:13.0804 0x1eec  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:38:13.0812 0x1eec  tssecsrv - ok
14:38:13.0821 0x1eec  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:38:13.0830 0x1eec  TsUsbFlt - ok
14:38:13.0837 0x1eec  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:38:13.0845 0x1eec  TsUsbGD - ok
14:38:13.0854 0x1eec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:38:13.0876 0x1eec  tunnel - ok
14:38:13.0882 0x1eec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:38:13.0889 0x1eec  uagp35 - ok
14:38:13.0901 0x1eec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:38:13.0928 0x1eec  udfs - ok
14:38:13.0942 0x1eec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:38:13.0951 0x1eec  UI0Detect - ok
14:38:13.0959 0x1eec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:38:13.0966 0x1eec  uliagpkx - ok
14:38:13.0974 0x1eec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:38:13.0982 0x1eec  umbus - ok
14:38:13.0989 0x1eec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:38:13.0997 0x1eec  UmPass - ok
14:38:14.0011 0x1eec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:38:14.0039 0x1eec  upnphost - ok
14:38:14.0048 0x1eec  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:38:14.0057 0x1eec  usbccgp - ok
14:38:14.0065 0x1eec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:38:14.0073 0x1eec  usbcir - ok
14:38:14.0081 0x1eec  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:38:14.0090 0x1eec  usbehci - ok
14:38:14.0102 0x1eec  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:38:14.0115 0x1eec  usbhub - ok
14:38:14.0122 0x1eec  [ F4A4255E930B6D007A3501C35A3DACC4, E0D0EF801100BE57A199A483330A80FB6C6FF29AEBF3380BEE16BB364A8D7FC7 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:38:14.0130 0x1eec  usbohci - ok
14:38:14.0136 0x1eec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:38:14.0146 0x1eec  usbprint - ok
14:38:14.0154 0x1eec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:38:14.0163 0x1eec  USBSTOR - ok
14:38:14.0170 0x1eec  [ 9462E6B70615C1703D4A95FA61FC54A1, A66E75A42E58E126F575F1AFC3BE47E119CF53431CED511776D878A78F597015 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:38:14.0178 0x1eec  usbuhci - ok
14:38:14.0187 0x1eec  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:38:14.0198 0x1eec  usbvideo - ok
14:38:14.0208 0x1eec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:38:14.0231 0x1eec  UxSms - ok
14:38:14.0239 0x1eec  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
14:38:14.0248 0x1eec  VaultSvc - ok
14:38:14.0255 0x1eec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:38:14.0262 0x1eec  vdrvroot - ok
14:38:14.0278 0x1eec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:38:14.0308 0x1eec  vds - ok
14:38:14.0316 0x1eec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:38:14.0326 0x1eec  vga - ok
14:38:14.0333 0x1eec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:38:14.0357 0x1eec  VgaSave - ok
14:38:14.0368 0x1eec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:38:14.0378 0x1eec  vhdmp - ok
14:38:14.0386 0x1eec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:38:14.0392 0x1eec  viaide - ok
14:38:14.0400 0x1eec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:38:14.0408 0x1eec  volmgr - ok
14:38:14.0421 0x1eec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:38:14.0434 0x1eec  volmgrx - ok
14:38:14.0446 0x1eec  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:38:14.0457 0x1eec  volsnap - ok
14:38:14.0466 0x1eec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:38:14.0476 0x1eec  vsmraid - ok
14:38:14.0509 0x1eec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:38:14.0555 0x1eec  VSS - ok
14:38:14.0565 0x1eec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:38:14.0575 0x1eec  vwifibus - ok
14:38:14.0582 0x1eec  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:38:14.0593 0x1eec  vwififlt - ok
14:38:14.0608 0x1eec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:38:14.0638 0x1eec  W32Time - ok
14:38:14.0648 0x1eec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:38:14.0657 0x1eec  WacomPen - ok
14:38:14.0666 0x1eec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:38:14.0689 0x1eec  WANARP - ok
14:38:14.0697 0x1eec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:38:14.0720 0x1eec  Wanarpv6 - ok
14:38:14.0747 0x1eec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:38:14.0773 0x1eec  WatAdminSvc - ok
14:38:14.0805 0x1eec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:38:14.0837 0x1eec  wbengine - ok
14:38:14.0850 0x1eec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:38:14.0864 0x1eec  WbioSrvc - ok
14:38:14.0879 0x1eec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:38:14.0897 0x1eec  wcncsvc - ok
14:38:14.0906 0x1eec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:38:14.0915 0x1eec  WcsPlugInService - ok
14:38:14.0922 0x1eec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:38:14.0928 0x1eec  Wd - ok
14:38:14.0948 0x1eec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:38:14.0968 0x1eec  Wdf01000 - ok
14:38:14.0979 0x1eec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:38:14.0989 0x1eec  WdiServiceHost - ok
14:38:14.0998 0x1eec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:38:15.0006 0x1eec  WdiSystemHost - ok
14:38:15.0020 0x1eec  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
14:38:15.0033 0x1eec  WebClient - ok
14:38:15.0045 0x1eec  [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:38:15.0059 0x1eec  Wecsvc - ok
14:38:15.0069 0x1eec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:38:15.0093 0x1eec  wercplsupport - ok
14:38:15.0105 0x1eec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:38:15.0129 0x1eec  WerSvc - ok
14:38:15.0137 0x1eec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:38:15.0159 0x1eec  WfpLwf - ok
14:38:15.0168 0x1eec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:38:15.0175 0x1eec  WIMMount - ok
14:38:15.0183 0x1eec  WinDefend - ok
14:38:15.0195 0x1eec  WinHttpAutoProxySvc - ok
14:38:15.0211 0x1eec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:38:15.0238 0x1eec  Winmgmt - ok
14:38:15.0277 0x1eec  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
14:38:15.0317 0x1eec  WinRM - ok
14:38:15.0334 0x1eec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
14:38:15.0344 0x1eec  WinUsb - ok
14:38:15.0368 0x1eec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:38:15.0392 0x1eec  Wlansvc - ok
14:38:15.0400 0x1eec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:38:15.0408 0x1eec  WmiAcpi - ok
14:38:15.0420 0x1eec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:38:15.0431 0x1eec  wmiApSrv - ok
14:38:15.0438 0x1eec  WMPNetworkSvc - ok
14:38:15.0447 0x1eec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:38:15.0456 0x1eec  WPCSvc - ok
14:38:15.0466 0x1eec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:38:15.0477 0x1eec  WPDBusEnum - ok
14:38:15.0485 0x1eec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:38:15.0507 0x1eec  ws2ifsl - ok
14:38:15.0517 0x1eec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:38:15.0531 0x1eec  wscsvc - ok
14:38:15.0538 0x1eec  WSearch - ok
14:38:15.0588 0x1eec  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:38:15.0637 0x1eec  wuauserv - ok
14:38:15.0649 0x1eec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:38:15.0658 0x1eec  WudfPf - ok
14:38:15.0668 0x1eec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
14:38:15.0679 0x1eec  WUDFRd - ok
14:38:15.0690 0x1eec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:38:15.0700 0x1eec  wudfsvc - ok
14:38:15.0712 0x1eec  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:38:15.0724 0x1eec  WwanSvc - ok
14:38:15.0964 0x1eec  ================ Scan global ===============================
14:38:15.0972 0x1eec  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:38:15.0978 0x1eec  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
14:38:15.0986 0x1eec  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
14:38:15.0992 0x1eec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:38:15.0999 0x1eec  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:38:16.0004 0x1eec  [ Global ] - ok
14:38:16.0004 0x1eec  ================ Scan MBR ==================================
14:38:16.0006 0x1eec  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:38:16.0110 0x1eec  \Device\Harddisk0\DR0 - ok
14:38:16.0112 0x1eec  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:38:16.0128 0x1eec  \Device\Harddisk1\DR1 - ok
14:38:16.0131 0x1eec  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
14:38:16.0183 0x1eec  \Device\Harddisk2\DR2 - ok
14:38:16.0184 0x1eec  ================ Scan VBR ==================================
14:38:16.0188 0x1eec  [ BE62043B3E2C84B056DC6EF9F199C9D6 ] \Device\Harddisk0\DR0\Partition1
14:38:16.0192 0x1eec  \Device\Harddisk0\DR0\Partition1 - ok
14:38:16.0196 0x1eec  [ 36AC257CD0E4C3BDD9D8BB75EE3B8BA8 ] \Device\Harddisk0\DR0\Partition2
14:38:16.0200 0x1eec  \Device\Harddisk0\DR0\Partition2 - ok
14:38:16.0204 0x1eec  [ C53FF2BD10B0AA1EE7AA3EBCAC589EB4 ] \Device\Harddisk1\DR1\Partition1
14:38:16.0207 0x1eec  \Device\Harddisk1\DR1\Partition1 - ok
14:38:16.0211 0x1eec  [ 8EB93DA79154B38E616CD0106FF2B92B ] \Device\Harddisk2\DR2\Partition1
14:38:16.0212 0x1eec  \Device\Harddisk2\DR2\Partition1 - ok
14:38:16.0212 0x1eec  ================ Scan generic autorun ======================
14:38:16.0338 0x1eec  [ 76FC26D2DF6A1970AF70ACEC854450C0, 79973A2343739BFB8FA1BABC4DEBAD9C779B459227C3885F88853BF1A0E330C0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:38:16.0453 0x1eec  RTHDVCPL - ok
14:38:16.0479 0x1eec  [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:38:16.0507 0x1eec  RtHDVBg_Dolby - ok
14:38:16.0529 0x1eec  [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:38:16.0555 0x1eec  RtHDVBg_PushButton - ok
14:38:16.0556 0x1eec  SynTPEnh - ok
14:38:16.0562 0x1eec  [ B213A62CF9C2A36E0FEE5B3BAA4AE662, C27DF6F76756446B415B9829F8386395230CC9ED6AD0D9B00491DC1620F233CA ] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe
14:38:16.0569 0x1eec  Command Center Controllers - ok
14:38:16.0610 0x1eec  [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:38:16.0657 0x1eec  NvBackend - ok
14:38:16.0662 0x1eec  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:38:16.0671 0x1eec  ShadowPlay - ok
14:38:16.0781 0x1eec  [ A0BCB09EDAA448CC02116FC759C11A24, 1F00656FA2889F0162F663E1D09B8472A4583274EE370F136E749F2C4BBC85A3 ] c:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe
14:38:16.0898 0x1eec  Alienware Survey - ok
14:38:16.0917 0x1eec  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
14:38:16.0931 0x1eec  Dolby Home Theater v4 - ok
14:38:16.0999 0x1eec  [ E000F49D395466B3D93D6364B910587C, C3A80C1E097387E18871CB60314C6205DEF5B1B5B486351458C7B10A23C74558 ] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
14:38:17.0073 0x1eec  AlienwareOn-ScreenDisplay - ok
14:38:17.0142 0x1eec  [ AD7E2FADD8BABEFC7D799F92C6CFB9BB, BB82D3427C10678FEE6FF149995B38E4341949E90BEC53A5663D2FA058347F33 ] C:\Program Files (x86)\System Registration\prodreg.exe
14:38:17.0210 0x1eec  Dell Registration - ok
14:38:17.0223 0x1eec  [ C929AD87624F0D20ACFED6BAC8733BDA, 36235FB714FF34988068933A0EFD4D009E8E90DD551A6BEFBEE44C4A1198FB11 ] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
14:38:17.0238 0x1eec  NCUpdateHelper - ok
14:38:17.0238 0x1eec  VFPROguard - ok
14:38:17.0359 0x1eec  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
14:38:17.0425 0x1eec  SDTray - ok
14:38:17.0456 0x1eec  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
14:38:17.0487 0x1eec  Sidebar - ok
14:38:17.0610 0x1eec  [ 52BB1038DE18319F9AAC7B3603522AE4, 33F9054C58F6768327740EDCEBDAA05E6DD0692CCCA6284E89E715C2459B666E ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
14:38:17.0736 0x1eec  SUPERAntiSpyware - ok
14:38:17.0762 0x1eec  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
14:38:17.0781 0x1eec  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
14:38:20.0566 0x1eec  Detect skipped due to KSN trusted
14:38:20.0566 0x1eec  SpybotPostWindows10UpgradeReInstall - ok
14:38:20.0567 0x1eec  Waiting for KSN requests completion. In queue: 33
14:38:21.0567 0x1eec  Waiting for KSN requests completion. In queue: 33
14:38:22.0567 0x1eec  Waiting for KSN requests completion. In queue: 33
14:38:23.0567 0x1eec  Waiting for KSN requests completion. In queue: 33
14:38:24.0597 0x1eec  AV detected via SS2: VIRUSfighter, C:\Program Files (x86)\Fighters\FighterLauncher.exe VFPRO (  ), 0x41000 ( enabled : updated )
14:38:24.0607 0x1eec  Win FW state via NFP2: enabled ( trusted )
14:38:27.0505 0x1eec  ============================================================
14:38:27.0505 0x1eec  Scan finished
14:38:27.0505 0x1eec  ============================================================
14:38:27.0518 0x1040  Detected object count: 0
14:38:27.0518 0x1040  Actual detected object count: 0
 

  • 0

#5
alamosis
Posted 16 August 2015 - 01:45 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

Well i have  malwarebytes and SUPERantispyware installed on my computer and i was wondering if i should delete that. Should I?


  • 0

#6
pystryker
Posted 16 August 2015 - 01:54 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Well i have malwarebytes and SUPERantispyware installed on my computer and i was wondering if i should delete that. Should I?


Hello :)

No, as we'll be using Malwarebytes later on in the cleaning process.

Excellent, no rootkits detected by TDSSKiller. Ok, let's check a couple of files and see if they're clean, then we can proceed. :thumbsup:

Step 1: Scan files at VirusTotal
  • Please go to Virustotal
  • Select Choose File
  • Navigate to the following file (if multiple files then one at a time), double click on it so the file name is populated, then click Scan it!
  • IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.
C:\Windows\System32\dnsapi.dll

C:\Windows\SysWOW64\dnsapi.dll

Once completed, highlight the information in the address bar and copy then paste the link in your reply.

Things I need to see in your next post:

VirusTotal Link for each file
  • 0

#7
alamosis
Posted 16 August 2015 - 03:17 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

SYSTEM32

https://www.virustot...sis/1439759519/

 

SYSWOW64

https://www.virustot...sis/1439759519/


  • 0

#8
pystryker
Posted 16 August 2015 - 04:26 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello :)

Good, both files are clean, therefore no reason to replace them. Let's continue the cleaning. :thumbsup:

Please disable your antivirus for the duration of my instructions, including Spybot's Tea Timer. Don't forget to re-enable them after you have completed the steps.


Step 1: Fix with FRST

Note: Before performing this step, please move FRST64.exe from C:\Users\Ken-2020\Downloads to your Desktop or the fix will not work.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
SearchScopes: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002 -> {6E1882B2-87B0-486F-AE48-2B71E4B0B0E8} URL =
S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" [X]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [X]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
Task: {6034BFE2-5EB2-4A46-B288-684DD04ECDF5} - \TunePro360 Updater -> No File <==== ATTENTION
Task: {05325239-085C-4D27-B03E-DEE96EF4381C} - \Inst_Rep -> No File <==== ATTENTION
Task: {B14F4ADB-99EE-4181-9772-C68498FCFFE3} - \DAHCX1 -> No File <==== ATTENTION
Task: {F41C6004-FE68-4505-833D-AE88056D3A1C} - \BrowserSafeguard Update Task -> No File <==== ATTENTION
Task: {EF030B71-32FC-4194-9925-127675837650} - System32\Tasks\Efkamei => C:\Program Files\shopperz27072015\Hoilckug.bat <==== ATTENTION
C:\Program Files\shopperz27072015
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleanerscreen_zpsm6wq1ei9.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Once AdwCleaner's control panel is open and it says "Waiting for Action", click on Options at the top of the control panel.
  • Please Uncheck the following options:
    • Reset Proxy Settings
    • Reset Winsock Settings
  • Please Check the following options:
    • Reset IPSec Settings
    • Reset Internet Explorer Policies
    • Reset Chrome Policies
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\
Step 4: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

Fresh FRST Log
  • 0

#9
alamosis
Posted 16 August 2015 - 05:25 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

For the jrt log file, it still created an additional log file, but on the additional log, it also deleted my antivirus even though i disabled it, but i guess that my fault since i didn't ask you exactly on how to disable it.


  • 0

#10
alamosis
Posted 16 August 2015 - 05:26 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Ken-2020 on Sun 08/16/2015 at 18:04:21.05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Failed to delete: [File] C:\Windows\SysWOW64\number of results
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Ken-2020\AppData\Roaming\mozilla\firefox\profiles\9wb79m8e.default-1438530300307\minidumps [1 files]
 
 
 
~~~ Chrome
 
 
[C:\Users\Ken-2020\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Ken-2020\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Ken-2020\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Ken-2020\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/16/2015 at 18:06:26.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

Advertisements

#11
alamosis
Posted 16 August 2015 - 05:27 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:16-08-2015
Ran by Ken-2020 (2015-08-16 17:57:30) Run:1
Running from C:\Users\Ken-2020\Desktop
Loaded Profiles: Ken-2020 (Available Profiles: Ken-2020)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
SearchScopes: HKU\S-1-5-21-3002978473-1665064215-2408261189-1002 -> {6E1882B2-87B0-486F-AE48-2B71E4B0B0E8} URL =
S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" [X]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [X]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
Task: {6034BFE2-5EB2-4A46-B288-684DD04ECDF5} - \TunePro360 Updater -> No File <==== ATTENTION
Task: {05325239-085C-4D27-B03E-DEE96EF4381C} - \Inst_Rep -> No File <==== ATTENTION
Task: {B14F4ADB-99EE-4181-9772-C68498FCFFE3} - \DAHCX1 -> No File <==== ATTENTION
Task: {F41C6004-FE68-4505-833D-AE88056D3A1C} - \BrowserSafeguard Update Task -> No File <==== ATTENTION
Task: {EF030B71-32FC-4194-9925-127675837650} - System32\Tasks\Efkamei => C:\Program Files\shopperz27072015\Hoilckug.bat <==== ATTENTION
C:\Program Files\shopperz27072015
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End
*****************
 
Error: (0) Failed to create a restore point.
Processes closed successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
"HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6E1882B2-87B0-486F-AE48-2B71E4B0B0E8}" => key removed successfully
HKCR\CLSID\{6E1882B2-87B0-486F-AE48-2B71E4B0B0E8} => key not found. 
IDriverT => service removed successfully
LavasoftTcpService => service removed successfully
Suite Service => service removed successfully
avchv => service removed successfully
btwavdt => service removed successfully
btwl2cap => service removed successfully
btwrchid => service removed successfully
catchme => service removed successfully
EagleX64 => service removed successfully
hitmanpro37 => Unable to stop service.
hitmanpro37 => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6034BFE2-5EB2-4A46-B288-684DD04ECDF5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6034BFE2-5EB2-4A46-B288-684DD04ECDF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TunePro360 Updater => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05325239-085C-4D27-B03E-DEE96EF4381C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05325239-085C-4D27-B03E-DEE96EF4381C}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Inst_Rep => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B14F4ADB-99EE-4181-9772-C68498FCFFE3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B14F4ADB-99EE-4181-9772-C68498FCFFE3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DAHCX1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F41C6004-FE68-4505-833D-AE88056D3A1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F41C6004-FE68-4505-833D-AE88056D3A1C}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF030B71-32FC-4194-9925-127675837650}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF030B71-32FC-4194-9925-127675837650}" => key removed successfully
C:\Windows\System32\Tasks\Efkamei => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Efkamei" => key removed successfully
"C:\Program Files\shopperz27072015" => File/Folder not found.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Access is denied.
 
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Access is denied.
 
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 502.5 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 17:57:39 ====

  • 0

#12
alamosis
Posted 16 August 2015 - 05:28 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
# AdwCleaner v5.000 - Logfile created 16/08/2015 at 18:13:23
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ken-2020 - KEN-2020-PC
# Running from : C:\Users\Ken-2020\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}","usage_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084087157272109","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://chrome.google.com/webstore"},"urls":["hxxps://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","permissions":["webstorePrivate","management","system.cpu","system.display","system.memory","system.network","system.storage"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\44.0.2403.155\\resources\\web_store","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084087163662314","lastpingday":"13084182002396383","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"en_US","default_locale":"en_US","description":"Google Drive: create, share and keep all your stuff in one place.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"14.0"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\14.0_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084087162954270","lastpingday":"13084182002396383","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"en_US","default_locale":"en","description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"cfhdojbkjhnklbpkdaibdccddilifddb":{"active_permissions":{"api":["contextMenus","notifications","storage","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["contextMenus","notifications","storage","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"incognito":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13084087268085922","lastpingday":"13084182002396383","location":1,"manifest":{"background":{"scripts":["ext/common.js","ext/background.js","lib/compat.js","lib/info.js","lib/adblockplus.js","lib/punycode.js","lib/publicSuffixList.js","lib/sha1.js","lib/jsbn.js","lib/rsa.js","webrequest.js","messageResponder.js","popupBlocker.js","background.js"]},"browser_action":{"default_icon":{"19":"icons/abp-19.png","38":"icons/abp-38.png"},"default_popup":"popup.html","default_title":"Adblock Plus"},"content_scripts":[{"all_frames":true,"js":["ext/common.js","ext/content.js","include.preload.js"],"match_about_blank":true,"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"},{"all_frames":true,"js":["include.postload.js"],"match_about_blank":true,"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"}],"current_locale":"en_US","default_locale":"en_US","description":"Used by over 50 million people, a free ad blocker for Chrome that blocks ALL annoying ads, malware and tracking.","icons":{"128":"icons/detailed/abp-128.png","16":"icons/abp-16.png","32":"icons/abp-32.png","48":"icons/detailed/abp-48.png","64":"icons/detailed/abp-64.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxGWIIBRUVzQIXITqE6+js1FA24fsZC58G0fxcO1Duwfps+9gip5tedTziErKEpeAQVkgasdT4kk+b6Lw27yp3oysAj6zD9j+j4W+EMArTXqMIc6SMYD7Z8bPcwPb3tC1MUxMSpO6oOVpFE23UhKe91SYnrK92nHI2cmsor5elXQIDAQAB","manifest_version":2,"minimum_chrome_version":"28.0","name":"Adblock Plus","options_page":"options.html","permissions":["tabs","hxxp://*/*","hxxps://*/*","contextMenus","webRequest","webRequestBlocking","webNavigation","storage","unlimitedStorage","notifications"],"short_name":"Adblock Plus","storage":{"managed_schema":"managed-storage-schema.json"},"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"1.9.1","web_accessible_resources":["block.html"]},"path":"cfhdojbkjhnklbpkdaibdccddilifddb\\1.9.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084087165249916","lastpingday":"13084182002396383","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"en_US","default_locale":"en","description":"The fastest way to search the web.
 
*************************
 
C:\AdwCleaner[C4].txt - [1749 octets] - [15/08/2015 19:47:29]
C:\AdwCleaner[S7].txt - [1509 octets] - [15/08/2015 19:39:34]
C:\AdwCleaner[S8].txt - [9474 octets] - [16/08/2015 18:13:23]
 
########## EOF - C:\AdwCleaner[S8].txt - [9537 octets] ##########

  • 0

#13
alamosis
Posted 16 August 2015 - 05:29 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-08-2015
Ran by Ken-2020 (administrator) on KEN-2020-PC (16-08-2015 18:18:57)
Running from C:\Users\Ken-2020\Desktop
Loaded Profiles: Ken-2020 (Available Profiles: Ken-2020)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Preventon Technologies Limited) C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011312 2013-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Alienware Survey] => c:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe [7396920 2013-04-23] (Alienware, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4434224 2013-08-20] ()
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2014-05-21] (NCSOFT Corporation)
HKLM-x32\...\Run: [VFPROguard] => C:\Program Files (x86)\Fighters\VIRUSfighter\vfprotray.exe
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-07-30] (SUPERAntiSpyware)
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3002978473-1665064215-2408261189-1002\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-09] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{115CBB2A-19CD-45F7-A4F9-AD13A6B88B46}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{115CBB2A-19CD-45F7-A4F9-AD13A6B88B46}: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Ken-2020\AppData\Roaming\Mozilla\Firefox\Profiles\9wb79m8e.default-1438530300307
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Ken-2020\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-14]
CHR Extension: (YouTube) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-14]
CHR Extension: (Adblock Plus) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-14]
CHR Extension: (Google Search) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-14]
CHR Extension: (Gmail) - C:\Users\Ken-2020\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-14]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AV Engine Scanning Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe [2009912 2015-07-27] (Preventon Technologies Limited)
R2 AV Watch Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe [400528 2015-07-27] (Preventon Technologies Limited)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-24] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-06-24] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-06-24] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-23] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-23] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-24] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-19] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 AVFSFilter; C:\Windows\System32\DRIVERS\avfsfilter.sys [13720 2015-07-27] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-03-19] (Broadcom Corporation.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-06-24] (Dell Computer Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-05] (Intel Corporation)
S3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2012-12-12] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-29] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-04-08] (Synaptics Incorporated)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [87776 2013-04-11] (STMicroelectronics)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-08-08] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-16 18:18 - 2015-08-16 18:19 - 00019431 _____ C:\Users\Ken-2020\Desktop\FRST.txt
2015-08-16 18:15 - 2015-08-16 18:15 - 00001390 _____ C:\AdwCleaner[C5].txt
2015-08-16 18:15 - 2015-08-16 18:15 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-08-16 18:14 - 2015-08-16 18:14 - 00001078 _____ C:\Users\Ken-2020\Desktop\need to do.txt
2015-08-16 18:13 - 2015-08-16 18:13 - 00009606 _____ C:\AdwCleaner[S8].txt
2015-08-16 18:10 - 2015-08-16 18:11 - 00000000 ____D C:\Users\Ken-2020\Desktop\notes and stuff
2015-08-16 18:06 - 2015-08-16 18:06 - 00001422 _____ C:\Users\Ken-2020\Desktop\JRT.txt
2015-08-16 18:02 - 2015-08-16 18:02 - 01798040 _____ (Malwarebytes Corporation) C:\Users\Ken-2020\Desktop\JRT.exe
2015-08-16 18:01 - 2015-08-16 18:01 - 00002217 _____ C:\Users\Ken-2020\Desktop\fixlist.txt
2015-08-16 17:55 - 2015-08-16 17:55 - 02173440 _____ (Farbar) C:\Users\Ken-2020\Desktop\FRST64.exe
2015-08-16 14:25 - 2015-08-16 14:25 - 00002333 _____ C:\Users\Ken-2020\Desktop\Search.txt
2015-08-16 14:24 - 2015-08-16 14:24 - 00000000 ____D C:\Users\Ken-2020\Desktop\FRST-OlderVersion
2015-08-15 21:39 - 2015-08-16 18:18 - 00000000 ____D C:\FRST
2015-08-15 21:39 - 2015-08-15 21:40 - 00078275 _____ C:\Users\Ken-2020\Downloads\FRST.txt
2015-08-15 21:39 - 2015-08-15 21:40 - 00076222 _____ C:\Users\Ken-2020\Downloads\Addition.txt
2015-08-15 20:07 - 2015-08-15 20:07 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-08-15 20:05 - 2015-08-13 12:56 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.20150815-200556.backup
2015-08-15 19:47 - 2015-08-15 19:47 - 00001749 _____ C:\AdwCleaner[C4].txt
2015-08-15 19:39 - 2015-08-15 19:39 - 01563648 _____ C:\Users\Ken-2020\Desktop\AdwCleaner.exe
2015-08-15 19:39 - 2015-08-15 19:39 - 00001509 _____ C:\AdwCleaner[S7].txt
2015-08-15 14:42 - 2015-08-15 14:42 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 14:42 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-15 14:27 - 2015-08-15 20:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-15 14:27 - 2015-08-15 14:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-15 14:27 - 2015-08-15 14:27 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-15 14:27 - 2015-08-15 14:27 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-15 14:27 - 2015-08-15 14:27 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-15 14:27 - 2015-08-15 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-15 14:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-15 13:16 - 2015-08-15 13:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ken-2020\Downloads\spybot-2.4.exe
2015-08-15 11:30 - 2015-08-15 21:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-14 23:39 - 2015-08-14 23:39 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-14 23:39 - 2015-08-14 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-14 23:38 - 2015-08-16 18:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-14 23:38 - 2015-08-16 17:43 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-14 23:38 - 2015-08-14 23:38 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-14 23:38 - 2015-08-14 23:38 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-14 22:02 - 2015-08-14 22:02 - 00000000 ____D C:\SUPERDelete
2015-08-14 21:53 - 2015-08-16 13:53 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7a8ba68b-08e6-4f0c-aee9-183304a34957.job
2015-08-14 21:53 - 2015-08-16 02:00 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6cc7b6e6-276c-4b7f-ba72-472faa7d4607.job
2015-08-14 21:53 - 2015-08-14 21:53 - 00003602 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 6cc7b6e6-276c-4b7f-ba72-472faa7d4607
2015-08-14 21:53 - 2015-08-14 21:53 - 00003528 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 7a8ba68b-08e6-4f0c-aee9-183304a34957
2015-08-14 21:53 - 2015-08-14 21:53 - 00001810 _____ C:\Users\Ken-2020\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\SUPERAntiSpyware.com
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-14 21:53 - 2015-08-14 21:53 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-14 21:51 - 2015-08-14 21:51 - 22853880 _____ (SUPERAntiSpyware) C:\Users\Ken-2020\Downloads\SUPERAntiSpyware.exe
2015-08-14 18:03 - 2015-08-14 18:04 - 11032736 _____ (SurfRight B.V.) C:\Users\Ken-2020\Downloads\HitmanPro_x64.exe
2015-08-14 12:06 - 2015-08-14 12:06 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2015-08-14 12:06 - 2015-08-14 12:06 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2015-08-13 20:54 - 2015-08-16 18:15 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-13 20:54 - 2015-08-06 23:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-13 20:53 - 2015-08-07 06:06 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-13 20:53 - 2015-08-07 06:06 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-13 20:53 - 2015-08-06 23:34 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-13 20:53 - 2015-08-06 23:34 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-13 20:53 - 2015-08-03 05:12 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-08-13 20:50 - 2015-08-07 06:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-13 20:50 - 2015-08-07 06:06 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-08-13 20:50 - 2015-08-07 06:06 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-08-13 20:50 - 2015-08-07 06:06 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-13 12:57 - 2015-08-13 12:57 - 00037364 _____ C:\ComboFix.txt
2015-08-13 12:43 - 2015-08-13 12:57 - 00000000 ____D C:\Qoobox
2015-08-13 12:43 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-13 12:43 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-13 12:43 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-13 12:42 - 2015-08-13 12:56 - 00000000 ____D C:\Windows\erdnt
2015-08-13 12:41 - 2015-08-13 12:42 - 05634572 ____R (Swearware) C:\Users\Ken-2020\Downloads\ComboFix.exe
2015-08-13 12:34 - 2015-08-13 12:34 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-13 12:34 - 2015-08-13 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-13 12:34 - 2015-08-13 12:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-13 12:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-13 12:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-13 12:33 - 2015-08-13 12:33 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ken-2020\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-12 21:16 - 2015-08-12 21:16 - 00000039 ____H C:\Windows\SysWOW64\spfid.bin
2015-08-12 21:16 - 2015-08-12 21:16 - 00000039 ____H C:\Windows\spfid.bin
2015-08-12 21:11 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:11 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:40 - 2015-08-12 20:40 - 00000276 _____ C:\Users\Ken-2020\Downloads\debug.log
2015-08-12 18:45 - 2015-07-28 15:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 18:45 - 2015-07-28 15:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 18:45 - 2015-07-28 15:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 18:45 - 2015-07-28 14:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 18:45 - 2015-07-20 19:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 18:45 - 2015-07-20 19:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 18:45 - 2015-07-16 15:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 18:45 - 2015-07-16 15:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 18:45 - 2015-07-16 15:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 18:45 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 18:45 - 2015-07-16 15:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 18:45 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 18:45 - 2015-07-16 15:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 18:45 - 2015-07-16 15:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 18:45 - 2015-07-16 15:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 18:45 - 2015-07-16 15:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 18:45 - 2015-07-16 15:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 18:45 - 2015-07-16 15:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 18:45 - 2015-07-16 15:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 18:45 - 2015-07-16 15:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 18:45 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 18:45 - 2015-07-16 14:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 18:45 - 2015-07-16 14:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 18:45 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 18:45 - 2015-07-16 14:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 18:45 - 2015-07-16 14:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 18:45 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 18:45 - 2015-07-16 14:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 18:45 - 2015-07-16 14:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 18:45 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 18:45 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 18:45 - 2015-07-16 14:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 18:45 - 2015-07-16 14:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 18:45 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 18:45 - 2015-07-16 14:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 18:45 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 18:45 - 2015-07-16 14:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 18:45 - 2015-07-16 14:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 18:45 - 2015-07-16 14:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 18:45 - 2015-07-16 14:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 18:45 - 2015-07-16 14:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 18:45 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 18:45 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 18:45 - 2015-07-16 14:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 18:45 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 18:45 - 2015-07-16 14:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 18:45 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 18:45 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 18:45 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 18:45 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 18:45 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 18:45 - 2015-07-15 13:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 18:45 - 2015-07-15 13:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 18:45 - 2015-07-15 13:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 18:45 - 2015-07-15 13:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 18:45 - 2015-07-15 13:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 18:45 - 2015-07-15 13:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 18:45 - 2015-07-15 13:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 18:45 - 2015-07-15 13:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 18:45 - 2015-07-15 13:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 18:45 - 2015-07-15 13:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 18:45 - 2015-07-15 13:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 18:45 - 2015-07-15 13:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 18:45 - 2015-07-15 13:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 18:45 - 2015-07-15 13:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 18:45 - 2015-07-15 12:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 18:45 - 2015-07-15 12:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 18:45 - 2015-07-15 12:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 18:45 - 2015-07-15 12:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 18:45 - 2015-07-15 12:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 18:45 - 2015-07-15 12:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 18:45 - 2015-07-15 12:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 18:45 - 2015-07-15 12:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 18:45 - 2015-07-15 12:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 18:45 - 2015-07-15 11:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 18:45 - 2015-07-15 11:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 18:45 - 2015-07-15 11:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 18:45 - 2015-07-15 11:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 18:45 - 2015-07-15 11:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 18:45 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 18:45 - 2015-07-10 12:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 18:45 - 2015-07-10 12:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 18:45 - 2015-07-10 12:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 18:45 - 2015-07-10 12:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 18:45 - 2015-07-10 12:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 18:45 - 2015-07-10 12:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 18:44 - 2015-07-30 13:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 18:44 - 2015-07-30 12:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 18:44 - 2015-07-30 12:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 18:44 - 2015-07-30 11:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 18:44 - 2015-07-30 11:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 18:44 - 2015-07-30 11:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 18:44 - 2015-07-16 16:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 18:44 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 18:44 - 2015-07-16 15:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 18:44 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 18:44 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 18:44 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 18:44 - 2015-07-16 15:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 18:44 - 2015-07-16 15:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 18:44 - 2015-07-16 14:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 18:44 - 2015-07-16 14:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 18:44 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 18:44 - 2015-07-16 14:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 18:44 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 18:44 - 2015-07-14 22:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 18:44 - 2015-07-14 22:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 18:44 - 2015-07-14 22:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 18:44 - 2015-07-14 22:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 18:44 - 2015-07-14 21:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 18:44 - 2015-07-14 21:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 18:44 - 2015-07-14 21:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 18:44 - 2015-07-14 21:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 18:44 - 2015-07-10 12:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 18:44 - 2015-07-10 12:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 18:44 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 18:44 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 18:44 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 18:44 - 2015-07-01 15:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 18:44 - 2015-07-01 15:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 18:44 - 2015-07-01 15:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 18:44 - 2015-07-01 15:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 18:41 - 2015-07-20 13:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 18:41 - 2015-07-20 13:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 18:41 - 2015-07-20 12:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 18:41 - 2015-05-09 13:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 18:00 - 2015-08-12 18:31 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-12 11:46 - 2015-08-16 18:16 - 00000456 _____ C:\Windows\Tasks\ChicaPC-Shield-Notification.job
2015-08-12 11:46 - 2015-08-12 11:46 - 00003532 _____ C:\Windows\System32\Tasks\ChicaPC-Shield-Notification
2015-08-12 11:39 - 2015-08-12 11:39 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\ChicaLogic
2015-08-12 11:39 - 2015-08-12 11:39 - 00000000 ____D C:\ProgramData\ChicaLogic
2015-08-12 11:38 - 2015-08-12 18:31 - 00000000 ____D C:\ProgramData\clp
2015-08-12 11:36 - 2015-08-12 11:36 - 00000000 ____D C:\ProgramData\Common Toolkit Suite
2015-08-12 11:35 - 2015-08-12 11:35 - 02457480 _____ (SPAMfighter ApS) C:\Users\Ken-2020\Downloads\VIRUSfighter.exe
2015-08-12 11:34 - 2015-08-12 11:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-12 11:29 - 2015-08-12 11:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Ken-2020\Downloads\mbar-1.09.1.1004.exe
2015-08-12 10:25 - 2015-07-20 13:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 10:25 - 2015-07-20 13:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 10:25 - 2015-07-20 13:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:25 - 2015-07-20 13:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 10:25 - 2015-07-20 12:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:25 - 2015-07-15 13:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 10:25 - 2015-07-15 12:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 10:25 - 2015-07-15 11:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 12:12 - 2015-08-11 12:15 - 00000000 ____D C:\Users\Ken-2020\Documents\Leatrix
2015-08-11 12:10 - 2015-08-11 12:10 - 04957771 _____ C:\Users\Ken-2020\Downloads\Leatrix_Latency_Fix_3.03.zip
2015-08-09 22:44 - 2015-08-09 22:44 - 52402344 _____ C:\Users\Ken-2020\Downloads\IzoidSaki Collab Tape.zip
2015-08-09 17:58 - 2015-08-09 17:58 - 00861608 _____ C:\Windows\Minidump\080915-13369-01.dmp
2015-08-08 11:32 - 2015-08-08 11:32 - 00001824 _____ C:\Users\Ken-2020\Documents\sg_backup_2015-08-08-1132.spg
2015-08-08 09:20 - 2015-08-08 09:28 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-08 09:20 - 2015-08-08 09:20 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-08 08:58 - 2015-08-08 08:58 - 00017978 _____ C:\Windows\system32\.crusader
2015-08-08 08:54 - 2015-08-08 08:58 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-07 16:16 - 2015-08-07 16:16 - 00001837 _____ C:\Users\Ken-2020\Documents\sg_backup_2015-08-07-1616.spg
2015-08-07 16:16 - 2015-08-07 16:16 - 00001837 _____ C:\Users\Ken-2020\Documents\FirstBackup.spg
2015-08-07 16:08 - 2015-08-12 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-07 16:04 - 2015-08-07 16:04 - 00274838 _____ C:\Users\Ken-2020\Documents\TCPOptimizer.zip
2015-08-02 15:32 - 2015-08-15 19:47 - 00000000 ____D C:\AdwCleaner
2015-08-02 11:02 - 2015-08-02 11:02 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\TempTaskUpdateDetection0BA5F920-7266-4EC1-B981-DEA8174769EB
2015-08-02 10:04 - 2015-08-02 10:04 - 00000000 _____ C:\autoexec.bat
2015-08-01 14:24 - 2015-08-01 14:24 - 00000000 ____D C:\Program Files (x86)\ST Microelectronics
2015-07-31 23:38 - 2015-08-09 17:58 - 1086239730 _____ C:\Windows\MEMORY.DMP
2015-07-31 23:38 - 2015-07-31 23:39 - 01114904 _____ C:\Windows\Minidump\073115-14430-01.dmp
2015-07-30 01:08 - 2015-07-30 01:19 - 00002936 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-07-30 01:08 - 2015-07-30 01:19 - 00002936 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-07-30 01:08 - 2015-07-30 01:08 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Lavasoft
2015-07-30 01:07 - 2015-08-02 08:42 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-07-30 01:07 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-07-30 01:07 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-07-30 01:06 - 2015-08-12 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-07-30 01:04 - 2015-07-30 01:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-07-29 22:58 - 2015-07-29 22:58 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 22:58 - 2015-07-29 22:58 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-29 11:45 - 2015-07-29 11:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-28 21:29 - 2015-07-28 21:29 - 00000000 ____D C:\Users\Ken-2020\AppData\Roaming\Tera_Awesomium
2015-07-28 00:43 - 2015-07-28 00:43 - 00000000 ____D C:\Windows\pss
2015-07-27 23:52 - 2015-07-27 23:52 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\GWX
2015-07-27 23:26 - 2013-12-20 14:45 - 00000095 ____H C:\DBAR_Ver.txt
2015-07-27 14:56 - 2015-07-27 14:56 - 00000017 _____ C:\Users\Ken-2020\AppData\Local\resmon.resmoncfg
2015-07-27 13:03 - 2015-07-27 13:04 - 00000912 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-07-27 13:03 - 2015-07-27 13:03 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-07-27 12:48 - 2015-07-27 12:48 - 05318400 _____ C:\Windows\SysWOW64\ins_smk.exe
2015-07-27 12:48 - 2015-07-27 12:48 - 00519680 _____ C:\Windows\SysWOW64\ins_U501EXE.exe
2015-07-27 12:48 - 2009-06-10 16:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-27 07:40 - 2015-07-27 07:40 - 00013720 _____ C:\Windows\system32\Drivers\avfsfilter.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-16 18:18 - 2014-03-19 03:47 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2015-08-16 18:18 - 2014-03-19 03:20 - 01858152 _____ C:\Windows\WindowsUpdate.log
2015-08-16 18:15 - 2014-12-15 20:14 - 00074754 _____ C:\Windows\PFRO.log
2015-08-16 18:15 - 2014-12-15 20:14 - 00065117 _____ C:\Windows\setupact.log
2015-08-16 18:15 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-16 17:57 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-16 17:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-08-16 17:39 - 2014-06-22 13:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 17:13 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-16 17:13 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-16 14:16 - 2014-07-02 20:28 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\CrashDumps
2015-08-15 19:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-08-15 11:29 - 2014-05-31 03:16 - 00000698 _____ C:\Users\Ken-2020\Documents\aionmemo_8c13ccf6.dat
2015-08-14 23:39 - 2014-05-15 18:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Google
2015-08-14 23:39 - 2014-05-15 18:53 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-14 23:38 - 2014-05-15 18:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Deployment
2015-08-14 23:38 - 2014-05-15 18:53 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Apps\2.0
2015-08-14 22:14 - 2014-05-17 19:19 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\TeamSpeak 3 Client
2015-08-14 22:12 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win864
2015-08-14 22:12 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win832
2015-08-14 22:11 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Winblue64
2015-08-14 22:11 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win764
2015-08-14 22:11 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Win732
2015-08-14 22:10 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Vista64
2015-08-14 22:09 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Vista32
2015-08-14 01:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 20:54 - 2014-05-15 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-13 20:54 - 2014-03-19 03:48 - 00000000 ____D C:\Temp
2015-08-13 20:54 - 2014-03-19 03:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 20:53 - 2014-03-19 03:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-13 20:53 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-08-13 12:57 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-13 12:57 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2015-08-13 12:56 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2015-08-13 12:45 - 2014-05-15 23:01 - 00000000 ____D C:\ProgramData\TEMP
2015-08-13 11:22 - 2009-07-13 23:45 - 00438112 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 21:13 - 2014-12-10 04:18 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 21:13 - 2014-05-16 07:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 21:08 - 2014-08-04 16:40 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:06 - 2014-08-04 16:40 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 18:31 - 2014-08-01 11:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-12 18:31 - 2014-06-12 04:17 - 00000000 ____D C:\Windows\Minidump
2015-08-12 18:31 - 2014-05-18 22:54 - 00000000 ____D C:\NVIDIA
2015-08-12 18:31 - 2014-05-15 18:47 - 00000000 ____D C:\Users\Ken-2020
2015-08-12 18:31 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-12 02:34 - 2015-03-23 14:03 - 00000000 ____D C:\Program Files (x86)\ManyCam
2015-08-11 22:39 - 2014-06-22 13:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 22:39 - 2014-03-19 03:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 22:39 - 2014-03-19 03:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 16:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-10 10:29 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\Setup
2015-08-09 17:04 - 2014-08-03 10:14 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\TERA
2015-08-07 16:06 - 2012-06-13 10:04 - 00659456 _____ (Speed Guide Inc.) C:\Users\Ken-2020\Desktop\TCPOptimizer.exe
2015-08-05 21:06 - 2009-07-14 00:13 - 00893352 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-03 02:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
2015-08-02 09:01 - 2009-07-14 00:08 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-02 08:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Web
2015-08-02 08:43 - 2014-08-01 11:19 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-02 08:43 - 2014-05-15 22:49 - 00002110 _____ C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-08-02 04:19 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-01 14:20 - 2015-06-18 09:51 - 00000000 ____D C:\Users\Ken-2020\AppData\Local\Unity
2015-08-01 01:47 - 2011-02-10 09:02 - 00000000 ____D C:\Windows\panther
2015-08-01 01:42 - 2015-07-10 08:39 - 00000000 ____D C:\$Windows.~BT
2015-07-30 04:33 - 2014-05-15 22:49 - 00000000 ____D C:\Program Files (x86)\MPlayerplus
2015-07-30 00:57 - 2014-12-20 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-07-30 00:56 - 2014-12-20 23:15 - 00000000 ____D C:\ProgramData\Comodo
2015-07-29 22:59 - 2014-05-18 22:48 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-29 22:58 - 2014-05-18 22:47 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-28 21:27 - 2014-11-26 04:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-28 20:31 - 2014-03-19 03:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-28 20:30 - 2015-05-16 11:15 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-28 17:39 - 2014-05-16 20:42 - 00000000 ____D C:\ProgramData\softthinks
2015-07-28 08:29 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-28 08:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-07-28 00:06 - 2011-02-10 11:10 - 00888634 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-27 13:35 - 2014-05-15 18:50 - 00001419 _____ C:\Users\Ken-2020\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-27 13:19 - 2014-08-01 11:19 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-27 13:04 - 2013-07-01 14:17 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-27 13:04 - 2013-07-01 14:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-27 13:03 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spp
2015-07-27 12:45 - 2014-03-19 03:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 04:50 - 2014-11-07 15:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-23 23:21 - 2014-12-23 09:49 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-23 23:21 - 2014-12-23 09:49 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 23:21 - 2014-05-18 22:48 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-23 23:21 - 2014-05-18 22:48 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
 
==================== Files in the root of some directories =======
 
2014-05-19 00:38 - 2014-06-03 03:33 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-05-16 23:59 - 2014-05-16 23:59 - 0000045 _____ () C:\Users\Ken-2020\AppData\Roaming\WB.CFG
2015-07-27 14:56 - 2015-07-27 14:56 - 0000017 _____ () C:\Users\Ken-2020\AppData\Local\resmon.resmoncfg
2014-03-19 03:29 - 2014-03-19 03:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2013-07-01 14:17] - [2015-07-27 13:04] - 0357888 ____A (Microsoft Corporation) 3ABBFD64E4FFF6A0D99E93ECD288127F
 
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-14 01:03
 
==================== End of log ============================

  • 0

#14
alamosis
Posted 16 August 2015 - 05:34 PM

alamosis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

Also, Chrome is not working for some reason now.


  • 0

#15
pystryker
Posted 16 August 2015 - 05:50 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

For the jrt log file, it still created an additional log file, but on the additional log, it also deleted my antivirus even though i disabled it, but i guess that my fault since i didn't ask you exactly on how to disable it.


Hello :)

Junkware Removal Tool created 2 log files, and deleted your VIRUSFighter Anti-virus program? Could you please post the other log file JRT created for my review?
 

Also, Chrome is not working for some reason now.


Ok, we'll do a reinstall of Chrome, to eliminate that issue.


Also, the AdwCleaner log shows you ran the scan, but didn't clean the items it found. Let's run the scan again, reinstall Chrome, and take a look at that other JRT log. :thumbsup:


Please disable SpyBot's Tea Timer, and re-enable it upon completion of these steps.


Step 1: AdwCleaner

adwcleanerscreen_zpsm6wq1ei9.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Once AdwCleaner's control panel is open and it says "Waiting for Action", click on Options at the top of the control panel.
  • Please Uncheck the following options:
    • Reset Proxy Settings
    • Reset Winsock Settings
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\
Step 2: Reinstall Chrome

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chromevia the Control Panel.
Note: When asked about user data or settings you must remove this also, so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome.
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

Things I need to see in your next post:

2nd JRT Log

AdwCleaner Log after cleaning

Is Chrome working properly now?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP