Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iexplorer cloning and playing adds in the background


  • Please log in to reply
11 replies to this topic

#1 Mieshaxo

Mieshaxo

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Boston MA
  • Local time:09:03 AM

Posted 02 January 2015 - 01:55 PM

I can usually fix most problems on computers by using msconfig and services, however, I finally found one that I can't fix. =(

At random times, iexplorer will open and start cloning itself while playing random audio adds in the background (while internet exlorer is not open). When I go to task manager: it shows that multiple internet explorers are open and running (when they are not) and I can't end the app, but am able to end it from ending the IEXPLORER process. When this happens, it causes my CPU to shoot up to 100%.

I run  windows 7 and use AVAST for anti virus and have malewarebytes for malware scans. I also use C Cleaner to clean out my registry.

 

Unfortunately I downloaded and ran combo fix already (because I searched youtube for a fix before I found this site) =(

I searched the forums for others with my problem before posting this, but I didn't want to follow the fixes because it seems to be different (like in a case by case basis).

Thanks in advance if anyone can help with my problems. <333



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:03 AM

Posted 02 January 2015 - 03:53 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Mieshaxo

Mieshaxo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Boston MA
  • Local time:09:03 AM

Posted 02 January 2015 - 05:49 PM

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 25  
 Java version 32-bit out of Date!
 Adobe Flash Player 16.0.0.235  
 Adobe Reader 10.1.6 Adobe Reader out of Date!  
 Mozilla Firefox (34.0.5)
 Google Chrome (39.0.2171.71)
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````
 

 

Farbar Service Scanner Version: 21-07-2014
Ran by Sick Mosh (administrator) on 02-01-2015 at 16:42:10
Running from "C:\Users\Sick Mosh\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Sick Mosh (administrator) on 02-01-2015 at 16:44:29
Running from "C:\Users\Sick Mosh\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : RoninExcalibur
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-1E-90-24-FB-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6086:1caf:7b71:4474%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, January 02, 2015 2:31:16 PM
   Lease Expires . . . . . . . . . . : Saturday, January 03, 2015 2:31:16 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234888121
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-DC-27-0C-00-1E-90-24-FB-60
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:109e:1e1b:3f57:fef6(Preferred)
   Link-local IPv6 Address . . . . . : fe80::109e:1e1b:3f57:fef6%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{DC72D3DF-8A74-491E-8841-EA3ACF2329FF}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4007:802::1002
      74.125.224.40
      74.125.224.37
      74.125.224.41
      74.125.224.36
      74.125.224.32
      74.125.224.34
      74.125.224.33
      74.125.224.38
      74.125.224.46
      74.125.224.39
      74.125.224.35


Pinging google.com [74.125.224.40] with 32 bytes of data:
Reply from 74.125.224.40: bytes=32 time=91ms TTL=51
Reply from 74.125.224.40: bytes=32 time=93ms TTL=51

Ping statistics for 74.125.224.40:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 91ms, Maximum = 93ms, Average = 92ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=51ms TTL=51
Reply from 98.138.253.109: bytes=32 time=52ms TTL=51

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 51ms, Maximum = 52ms, Average = 51ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 1e 90 24 fb 60 ......NVIDIA nForce Networking Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.9     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.9    276
      192.168.1.9  255.255.255.255         On-link       192.168.1.9    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.9    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.9    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.9    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:90d7:109e:1e1b:3f57:fef6/128
                                    On-link
 10    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::109e:1e1b:3f57:fef6/128
                                    On-link
 10    276 fe80::6086:1caf:7b71:4474/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/02/2015 04:18:59 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/02/2015 03:19:02 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/02/2015 02:34:37 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/02/2015 01:45:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/02/2015 01:45:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/02/2015 01:44:46 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/02/2015 01:41:10 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Excel 2010 - Update 'Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/02/2015 00:59:25 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/02/2015 00:17:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4
Faulting module name: QuickTime.qts_unloaded, version: 0.0.0.0, time stamp: 0x542dbdf4
Exception code: 0xc0000005
Fault offset: 0x5398ccf9
Faulting process id: 0x154c
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3

Error: (01/02/2015 00:16:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4
Faulting module name: QuickTime.qts_unloaded, version: 0.0.0.0, time stamp: 0x5180f322
Exception code: 0xc0000005
Fault offset: 0x532dcc49
Faulting process id: 0x14a0
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3


System errors:
=============
Error: (01/02/2015 03:19:01 PM) (Source: DCOM) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (01/02/2015 02:32:30 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058

Error: (01/02/2015 02:31:41 PM) (Source: Service Control Manager) (User: )
Description: The atksgt service failed to start due to the following error:
%%1275

Error: (01/02/2015 02:31:41 PM) (Source: Application Popup) (User: )
Description: Driver atksgt.sys has been blocked from loading.

Error: (01/02/2015 02:28:38 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (01/02/2015 02:26:58 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Error: (01/02/2015 01:41:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition.

Error: (01/02/2015 00:59:24 PM) (Source: DCOM) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (01/02/2015 00:09:45 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058

Error: (01/02/2015 00:09:10 PM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (01/02/2015 04:18:59 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80070005

Error: (01/02/2015 03:19:02 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80070005

Error: (01/02/2015 02:34:37 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (01/02/2015 01:45:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/02/2015 01:45:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/02/2015 01:44:46 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80070005

Error: (01/02/2015 01:41:10 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Excel 2010Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition1603(NULL)(NULL)(NULL)

Error: (01/02/2015 00:59:25 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x80070005

Error: (01/02/2015 00:17:59 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4QuickTime.qts_unloaded0.0.0.0542dbdf4c00000055398ccf9154c01d026b00ce15d20C:\Windows\syswow64\MsiExec.exeQuickTime.qts4c7afa90-92a3-11e4-b064-001e9024fb60

Error: (01/02/2015 00:16:38 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4QuickTime.qts_unloaded0.0.0.05180f322c0000005532dcc4914a001d026afdc924490C:\Windows\syswow64\MsiExec.exeQuickTime.qts1be00bf0-92a3-11e4-b064-001e9024fb60


CodeIntegrity Errors:
===================================
  Date: 2015-01-01 14:05:16.580
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-01 14:05:16.335
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast License by ZeNiX [2014-03-14] (HKLM-x32\...\Avast_2050_ZeNiX [2014-03-14]_is1) (Version:  - )
Avast Premier (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.)
Browser Manager (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - Bit89 Inc)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Comic Sound Pack (HKLM-x32\...\{91C78DA1-800F-4ACE-B6F6-206F7617D69E}) (Version: 2.1.1 - Screaming Bee)
Corsair K70 Firmware Update Application (HKLM-x32\...\{8C9DA353-2101-4658-BAA7-53F88EA0D3AB}_is1) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Definition Update for Microsoft Office 2010 (KB2910899) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{4A25440C-70D7-45A3-881E-92DD0D6C0BDB}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB2910899) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{4A25440C-70D7-45A3-881E-92DD0D6C0BDB}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.4.11327 - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee)
Farm Animal Sounds (HKLM-x32\...\{F290F841-044D-44EF-9E51-FFFEA7FEE2D7}) (Version: 1.1.1 - Screaming Bee)
Female Voice Pack (HKLM-x32\...\{D947A225-8C23-4E52-866E-CF3967476BFC}) (Version: 3.3.2 - Screaming Bee)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Free Easy Burner V 5.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
Free M4a to MP3 Converter 7.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
FreeRIP 3.91 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.91 - GreenTree Applications SRL)
Furry Voices for Second Life (HKLM-x32\...\{2032DA39-C844-43AE-B638-6A4F7496686E}) (Version: 1.3.1 - Screaming Bee)
Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee)
Game of Thrones A Telltale Games Series (HKLM-x32\...\Game of Thrones A Telltale Games Series_is1) (Version:  - )
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
Logitech MouseWare 9.80  (HKLM-x32\...\{5809E7CF-4DCF-11D4-9875-00105ACE7734}) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Excel 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.57 (HKLM-x32\...\Mp3tag) (Version: v2.57 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Personality Voices (HKLM-x32\...\{4B886E97-AF5B-46F0-9F48-6BE03149D972}) (Version: 1.0.1 - Screaming Bee)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.3.1 - PowerUp Software)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Sci-Fi 2 Sound Pack (HKLM-x32\...\{62DC2D57-7AB8-4181-994B-C62D55FCE6F4}) (Version: 1.3.1 - Screaming Bee)
Sci-Fi Sound Pack (HKLM-x32\...\{D16C611D-CA6F-402B-9EDA-9862CF4A701B}) (Version: 1.1.1 - Screaming Bee)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 2 (HKLM-x32\...\Smart Defrag 2_is1) (Version: 2.2 - IObit)
Solstice Arena (HKLM-x32\...\Steam App 240380) (Version:  - Zynga)
Spooky Sounds (HKLM-x32\...\{F71EBF86-9A73-44C0-A674-55FA3E4A8428}) (Version: 2.1.1 - Screaming Bee)
Spotify (HKCU\...\Spotify) (Version: 0.6.5 - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-0016-0409-1000-0000000FF1CE}_Office14.EXCEL_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-001B-0409-1000-0000000FF1CE}_Office14.WORD_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.EXCEL_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.WORD_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{B340E9EB-DDA6-40E7-8501-5B7BAEC6D25F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.EXCEL_{2CE7AC23-5E40-43BD-8DA3-8D17677D8199}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.WORD_{2CE7AC23-5E40-43BD-8DA3-8D17677D8199}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{9505441B-65A1-4AD5-B727-0CE42D24D2B7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{9505441B-65A1-4AD5-B727-0CE42D24D2B7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.EXCEL_{0BD1F50F-19CE-40F8-B409-18CA5BD6E52D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.WORD_{0BD1F50F-19CE-40F8-B409-18CA5BD6E52D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.EXCEL_{569742BC-C32F-4C9C-9B21-18409AFF9599}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.WORD_{569742BC-C32F-4C9C-9B21-18409AFF9599}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.EXCEL_{512A0E32-6C63-4C73-9C82-FC1B10668ED8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.WORD_{512A0E32-6C63-4C73-9C82-FC1B10668ED8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{B28BBA96-A9B0-4946-839D-36771176F8FD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{B28BBA96-A9B0-4946-839D-36771176F8FD}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.EXCEL_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Velvet Sundown (HKLM-x32\...\Steam App 307290) (Version:  - Tribe Studios)
Visual C++ 2008 Runtime (x64) (x32 Version: 1.0.1 - Highresolution Enterprises) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Walking Dead (HKLM-x32\...\Walking Dead_is1) (Version:  - Audioslave)
Walking Dead 2 (HKLM-x32\...\Walking Dead 2_is1) (Version:  - Audioslave)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

========================= Devices: ================================

Name: A1XBSCNB IDE Controller
Description: A1XBSCNB IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a9323yai
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 4094.48 MB
Available physical RAM: 1096.46 MB
Total Pagefile: 8187.13 MB
Available Pagefile: 4348.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.54 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:456.97 GB) (Free:57.51 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:8.79 GB) (Free:8.7 GB) NTFS

========================= Users: ========================================

User accounts for \\RONINEXCALIBUR

8F6AE1B541864E27ACDA     Administrator            BC85C93DFA4F4B7E84E2     
Guest                    Mcx1-RONINEXCALIBUR      Mcx2-RONINEXCALIBUR      
Sick Mosh                

========================= Restore Points ==================================

01-01-2015 18:44:40 ComboFix created restore point
01-01-2015 19:52:40 avast! antivirus system restore point
01-01-2015 19:57:09 Device Driver Package Install: Avast Network Service
02-01-2015 17:17:55 Windows Update
02-01-2015 18:05:41 Windows Update

**** End of log ****
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/2/2015
Scan Time: 4:48:15 PM
Logfile: mb.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.02.09
Rootkit Database: v2014.12.30.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sick Mosh

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 509257
Time Elapsed: 25 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.02.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Sick Mosh :: RONINEXCALIBUR [administrator]

1/2/2015 5:21:20 PM
mbar-log-2015-01-02 (17-21-20).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 507894
Time elapsed: 19 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17501

Java version: 1.6.0_29

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.812000 GHz
Memory total: 4293369856, free: 1295364096

Downloaded database version: v2015.01.02.09
Downloaded database version: v2014.12.30.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.
=======================================
Initializing...
------------ Kernel report ------------
     01/02/2015 17:20:57
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\sptd.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\SmartDefragDriver.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdk8.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\VSTBS26.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\VSTDPV6.SYS
\SystemRoot\system32\DRIVERS\VSTCNXT6.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvm62x64.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\Drivers\abuzt1dw.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\ScreamingBAudio64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\rzudd.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\drivers\CORK70.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\diginet.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\System32\drivers\rdpdr.sys
\SystemRoot\system32\drivers\tdtcp.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\DRIVERS\tssecsrv.sys
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8005969060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000086\
Lower Device Object: 0xfffffa8005964060
Lower Device Driver Name: \Driver\USBSTOR\
IRP handler 0 of \Driver\USBSTOR points to an unknown module
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8005969060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000086\
Lower Device Object: 0xfffffa8005964060
Lower Device Driver Name: \Driver\USBSTOR\
Device already Exists: 0xfffffa8004c5ae40
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8005967550
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000085\
Lower Device Object: 0xfffffa800595ab60
Lower Device Driver Name: \Driver\USBSTOR\
Device already Exists: 0xfffffa8005e83980
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8005968060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000084\
Lower Device Object: 0xfffffa8005961b60
Lower Device Driver Name: \Driver\USBSTOR\
Device already Exists: 0xfffffa8003e06d40
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8005965060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000083\
Lower Device Object: 0xfffffa800595c550
Lower Device Driver Name: \Driver\USBSTOR\
Device already Exists: 0xfffffa80060811e0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004228320
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006a\
Lower Device Object: 0xfffffa80036f29c0
Lower Device Driver Name: \Driver\nvstor\
Device already Exists: 0xfffffa8007022430
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004228320, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004229040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004228320, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80040d2c90, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80036f29c0, DeviceName: \Device\0000006a\, DriverName: \Driver\nvstor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a014a81170, 0xfffffa8004228320, 0xfffffa80075b93b0
Lower DeviceData: 0xfffff8a016c73200, 0xfffffa80036f29c0, 0xfffffa8007022430
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 958341447
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 958341510  Numsec = 18426555

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8005965060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005960040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005965060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800595c550, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8005968060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005965b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005968060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005961b60, DeviceName: \Device\00000084\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8005967550, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800596a040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005967550, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800595ab60, DeviceName: \Device\00000085\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa8005969060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005969960, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005969060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005964060, DeviceName: \Device\00000086\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/02/2015 05:43:42 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * C:\Windows\System32\user32.dll : 1,008,640 : 03/21/2012 08:22 PM : 2c353b6ce0c8d03225caa2af33b68d79 [NoSig]
 +-> C:\Windows\SysWOW64\user32.dll : 833,024 : 03/21/2012 08:22 PM : 861c4346f9281dc0380de72c8d55d6be [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll : 1,008,640 : 07/13/2009 08:41 PM : 72d7b3ea16946e8f0cf7458150031cc6 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/20/2010 08:27 AM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll : 833,024 : 07/13/2009 08:11 PM : e8b0ffc209e504cb7e79fc24e6c085f0 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/20/2010 07:08 AM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 01/02/2015 05:49:13 PM
Execution time: 0 hours(s), 5 minute(s), and 31 seconds(s)
 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:03 AM

Posted 02 January 2015 - 05:52 PM

Download TDSSKiller and save it to your desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Mieshaxo

Mieshaxo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Boston MA
  • Local time:09:03 AM

Posted 02 January 2015 - 06:29 PM

18:27:09.0826 0x0b74  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
18:27:13.0874 0x0b74  ============================================================
18:27:13.0875 0x0b74  Current date / time: 2015/01/02 18:27:13.0874
18:27:13.0875 0x0b74  SystemInfo:
18:27:13.0875 0x0b74  
18:27:13.0875 0x0b74  OS Version: 6.1.7601 ServicePack: 1.0
18:27:13.0875 0x0b74  Product type: Workstation
18:27:13.0875 0x0b74  ComputerName: RONINEXCALIBUR
18:27:13.0875 0x0b74  UserName: Sick Mosh
18:27:13.0875 0x0b74  Windows directory: C:\Windows
18:27:13.0875 0x0b74  System windows directory: C:\Windows
18:27:13.0875 0x0b74  Running under WOW64
18:27:13.0875 0x0b74  Processor architecture: Intel x64
18:27:13.0875 0x0b74  Number of processors: 2
18:27:13.0875 0x0b74  Page size: 0x1000
18:27:13.0875 0x0b74  Boot type: Normal boot
18:27:13.0875 0x0b74  ============================================================
18:27:16.0820 0x0b74  KLMD registered as C:\Windows\system32\drivers\29232903.sys
18:27:17.0716 0x0b74  System UUID: {5C16FEDA-28E5-1E33-EDEF-9EEAD6E419A8}
18:27:19.0085 0x0b74  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:27:19.0117 0x0b74  ============================================================
18:27:19.0117 0x0b74  \Device\Harddisk0\DR0:
18:27:19.0118 0x0b74  MBR partitions:
18:27:19.0118 0x0b74  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x391F2147
18:27:19.0118 0x0b74  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x391F2186, BlocksNum 0x1192ABB
18:27:19.0118 0x0b74  ============================================================
18:27:19.0312 0x0b74  C: <-> \Device\Harddisk0\DR0\Partition1
18:27:19.0444 0x0b74  D: <-> \Device\Harddisk0\DR0\Partition2
18:27:19.0444 0x0b74  ============================================================
18:27:19.0444 0x0b74  Initialize success
18:27:19.0444 0x0b74  ============================================================
18:27:23.0543 0x1f20  ============================================================
18:27:23.0543 0x1f20  Scan started
18:27:23.0543 0x1f20  Mode: Manual;
18:27:23.0543 0x1f20  ============================================================
18:27:23.0543 0x1f20  KSN ping started
18:27:26.0643 0x1f20  KSN ping finished: true
18:27:34.0128 0x1f20  ================ Scan system memory ========================
18:27:34.0128 0x1f20  System memory - ok
18:27:34.0130 0x1f20  ================ Scan services =============================
18:27:34.0434 0x1f20  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:27:34.0443 0x1f20  1394ohci - ok
18:27:34.0558 0x1f20  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:27:34.0567 0x1f20  ACPI - ok
18:27:34.0598 0x1f20  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:27:34.0599 0x1f20  AcpiPmi - ok
18:27:34.0766 0x1f20  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:27:34.0771 0x1f20  AdobeARMservice - ok
18:27:34.0987 0x1f20  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:27:35.0018 0x1f20  AdobeFlashPlayerUpdateSvc - ok
18:27:35.0106 0x1f20  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:27:35.0137 0x1f20  adp94xx - ok
18:27:35.0193 0x1f20  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:27:35.0206 0x1f20  adpahci - ok
18:27:35.0227 0x1f20  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:27:35.0234 0x1f20  adpu320 - ok
18:27:35.0303 0x1f20  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:27:35.0307 0x1f20  AeLookupSvc - ok
18:27:35.0397 0x1f20  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:27:35.0415 0x1f20  AFD - ok
18:27:35.0469 0x1f20  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:27:35.0472 0x1f20  agp440 - ok
18:27:35.0508 0x1f20  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:27:35.0513 0x1f20  ALG - ok
18:27:35.0567 0x1f20  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:27:35.0569 0x1f20  aliide - ok
18:27:35.0581 0x1f20  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:27:35.0583 0x1f20  amdide - ok
18:27:35.0611 0x1f20  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:27:35.0615 0x1f20  AmdK8 - ok
18:27:35.0641 0x1f20  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:27:35.0644 0x1f20  AmdPPM - ok
18:27:35.0727 0x1f20  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:27:35.0749 0x1f20  amdsata - ok
18:27:35.0813 0x1f20  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:27:35.0819 0x1f20  amdsbs - ok
18:27:35.0851 0x1f20  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:27:35.0853 0x1f20  amdxata - ok
18:27:35.0932 0x1f20  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:27:35.0935 0x1f20  AppID - ok
18:27:35.0997 0x1f20  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:27:36.0002 0x1f20  AppIDSvc - ok
18:27:36.0084 0x1f20  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:27:36.0088 0x1f20  Appinfo - ok
18:27:36.0166 0x1f20  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:27:36.0172 0x1f20  AppMgmt - ok
18:27:36.0204 0x1f20  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:27:36.0208 0x1f20  arc - ok
18:27:36.0243 0x1f20  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:27:36.0247 0x1f20  arcsas - ok
18:27:36.0607 0x1f20  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:27:36.0610 0x1f20  aspnet_state - ok
18:27:36.0724 0x1f20  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:27:36.0727 0x1f20  aswHwid - ok
18:27:36.0924 0x1f20  [ EAFC6970073525E98D4D0E2B56741227, 361A4FEE9DAA30780C9C144A7285ACC23DDB6FD2DF80DBC19CFA138E6C5BEAE5 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
18:27:36.0927 0x1f20  aswKbd - ok
18:27:37.0060 0x1f20  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:27:37.0107 0x1f20  aswMonFlt - ok
18:27:37.0201 0x1f20  [ 8025E7521EB601207627E8B4722ACE19, E4DB4CD0BAF7F1CDF71F5C01CF44654C415AEE7FB24235D9396EDC2B4D81AD5E ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
18:27:37.0219 0x1f20  aswNdisFlt - ok
18:27:37.0254 0x1f20  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:27:37.0258 0x1f20  aswRdr - ok
18:27:37.0337 0x1f20  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:27:37.0340 0x1f20  aswRvrt - ok
18:27:37.0483 0x1f20  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:27:37.0522 0x1f20  aswSnx - ok
18:27:37.0610 0x1f20  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:27:37.0637 0x1f20  aswSP - ok
18:27:37.0683 0x1f20  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:27:37.0702 0x1f20  aswStm - ok
18:27:37.0795 0x1f20  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:27:37.0805 0x1f20  aswVmm - ok
18:27:37.0833 0x1f20  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:27:37.0834 0x1f20  AsyncMac - ok
18:27:37.0902 0x1f20  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:27:37.0903 0x1f20  atapi - ok
18:27:37.0977 0x1f20  [ 54494B93BB5AD74C807100144EC30D64, 34332E0DDCA5229DA8A0661F74D7FD2F6757CDD37081FE13B3358A7AB59F0AE0 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
18:27:37.0997 0x1f20  atksgt - ok
18:27:38.0066 0x1f20  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:27:38.0087 0x1f20  AudioEndpointBuilder - ok
18:27:38.0138 0x1f20  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:27:38.0155 0x1f20  AudioSrv - ok
18:27:38.0300 0x1f20  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:27:38.0303 0x1f20  avast! Antivirus - ok
18:27:38.0371 0x1f20  [ D25195B0A2075862E988B85161DF07FD, 4CF120D958EBD5F9F1785B5576F5E37A7F508E5694C43E8336310F2B7A278A77 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
18:27:38.0375 0x1f20  avast! Firewall - ok
18:27:38.0432 0x1f20  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:27:38.0437 0x1f20  AxInstSV - ok
18:27:38.0501 0x1f20  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:27:38.0517 0x1f20  b06bdrv - ok
18:27:38.0661 0x1f20  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:27:38.0682 0x1f20  b57nd60a - ok
18:27:38.0711 0x1f20  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:27:38.0716 0x1f20  BDESVC - ok
18:27:38.0763 0x1f20  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:27:38.0765 0x1f20  Beep - ok
18:27:38.0833 0x1f20  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:27:38.0886 0x1f20  BFE - ok
18:27:38.0995 0x1f20  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
18:27:39.0038 0x1f20  BITS - ok
18:27:39.0073 0x1f20  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:27:39.0075 0x1f20  blbdrive - ok
18:27:39.0107 0x1f20  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:27:39.0111 0x1f20  bowser - ok
18:27:39.0129 0x1f20  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:27:39.0131 0x1f20  BrFiltLo - ok
18:27:39.0146 0x1f20  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:27:39.0148 0x1f20  BrFiltUp - ok
18:27:39.0201 0x1f20  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:27:39.0204 0x1f20  BridgeMP - ok
18:27:39.0260 0x1f20  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:27:39.0264 0x1f20  Browser - ok
18:27:39.0399 0x1f20  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:27:39.0424 0x1f20  Brserid - ok
18:27:39.0457 0x1f20  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:27:39.0462 0x1f20  BrSerWdm - ok
18:27:39.0496 0x1f20  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:27:39.0499 0x1f20  BrUsbMdm - ok
18:27:39.0535 0x1f20  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:27:39.0536 0x1f20  BrUsbSer - ok
18:27:39.0572 0x1f20  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:27:39.0575 0x1f20  BTHMODEM - ok
18:27:39.0652 0x1f20  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:27:39.0656 0x1f20  bthserv - ok
18:27:39.0661 0x1f20  catchme - ok
18:27:39.0684 0x1f20  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:27:39.0686 0x1f20  cdfs - ok
18:27:39.0737 0x1f20  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:27:39.0741 0x1f20  cdrom - ok
18:27:39.0804 0x1f20  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:27:39.0807 0x1f20  CertPropSvc - ok
18:27:39.0842 0x1f20  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:27:39.0846 0x1f20  circlass - ok
18:27:39.0898 0x1f20  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:27:39.0909 0x1f20  CLFS - ok
18:27:40.0002 0x1f20  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:27:40.0005 0x1f20  clr_optimization_v2.0.50727_32 - ok
18:27:40.0091 0x1f20  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:27:40.0096 0x1f20  clr_optimization_v2.0.50727_64 - ok
18:27:40.0210 0x1f20  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:27:40.0215 0x1f20  clr_optimization_v4.0.30319_32 - ok
18:27:40.0269 0x1f20  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:27:40.0275 0x1f20  clr_optimization_v4.0.30319_64 - ok
18:27:40.0317 0x1f20  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:27:40.0318 0x1f20  CmBatt - ok
18:27:40.0357 0x1f20  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:27:40.0359 0x1f20  cmdide - ok
18:27:40.0427 0x1f20  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:27:40.0442 0x1f20  CNG - ok
18:27:40.0505 0x1f20  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:27:40.0507 0x1f20  Compbatt - ok
18:27:40.0572 0x1f20  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:27:40.0574 0x1f20  CompositeBus - ok
18:27:40.0624 0x1f20  COMSysApp - ok
18:27:40.0678 0x1f20  [ 4C51835FCD734DA98262B3800A41BE7C, 48F2921DA0D6382D4AD57D7D5377DEB4FAC960AD9A08C2CF5619D7C3707D1A49 ] CORK70          C:\Windows\system32\drivers\CORK70.sys
18:27:40.0680 0x1f20  CORK70 - ok
18:27:40.0702 0x1f20  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:27:40.0705 0x1f20  crcdisk - ok
18:27:40.0753 0x1f20  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:27:40.0758 0x1f20  CryptSvc - ok
18:27:40.0836 0x1f20  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:27:40.0853 0x1f20  CSC - ok
18:27:40.0943 0x1f20  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:27:40.0970 0x1f20  CscService - ok
18:27:41.0036 0x1f20  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:27:41.0057 0x1f20  DcomLaunch - ok
18:27:41.0122 0x1f20  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:27:41.0133 0x1f20  defragsvc - ok
18:27:41.0181 0x1f20  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:27:41.0185 0x1f20  DfsC - ok
18:27:41.0243 0x1f20  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:27:41.0256 0x1f20  Dhcp - ok
18:27:41.0326 0x1f20  [ D7DC3CFDF7FC45E27F28D4C00AC7EFC9, D280E6705CC4FF07626AF85E28FAACBCAB5F9714428857A8471D8CB21BA66F9F ] DigiNet         C:\Windows\system32\DRIVERS\diginet.sys
18:27:41.0328 0x1f20  DigiNet - ok
18:27:41.0365 0x1f20  digiSPTIService64 - ok
18:27:41.0416 0x1f20  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:27:41.0437 0x1f20  discache - ok
18:27:41.0493 0x1f20  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:27:41.0496 0x1f20  Disk - ok
18:27:41.0558 0x1f20  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:27:41.0565 0x1f20  Dnscache - ok
18:27:41.0650 0x1f20  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:27:41.0659 0x1f20  dot3svc - ok
18:27:41.0704 0x1f20  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:27:41.0711 0x1f20  DPS - ok
18:27:41.0790 0x1f20  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:27:41.0791 0x1f20  drmkaud - ok
18:27:41.0934 0x1f20  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:27:41.0966 0x1f20  DXGKrnl - ok
18:27:42.0031 0x1f20  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:27:42.0037 0x1f20  EapHost - ok
18:27:42.0348 0x1f20  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:27:42.0643 0x1f20  ebdrv - ok
18:27:42.0715 0x1f20  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
18:27:42.0722 0x1f20  EFS - ok
18:27:42.0799 0x1f20  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:27:42.0818 0x1f20  ehRecvr - ok
18:27:42.0872 0x1f20  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:27:42.0876 0x1f20  ehSched - ok
18:27:42.0927 0x1f20  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:27:42.0942 0x1f20  elxstor - ok
18:27:42.0967 0x1f20  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:27:42.0969 0x1f20  ErrDev - ok
18:27:43.0057 0x1f20  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\Windows\system32\DRIVERS\EsgScanner.sys
18:27:43.0060 0x1f20  EsgScanner - ok
18:27:43.0111 0x1f20  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:27:43.0126 0x1f20  EventSystem - ok
18:27:43.0150 0x1f20  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:27:43.0157 0x1f20  exfat - ok
18:27:43.0180 0x1f20  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:27:43.0186 0x1f20  fastfat - ok
18:27:43.0287 0x1f20  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:27:43.0307 0x1f20  Fax - ok
18:27:43.0339 0x1f20  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:27:43.0341 0x1f20  fdc - ok
18:27:43.0362 0x1f20  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:27:43.0365 0x1f20  fdPHost - ok
18:27:43.0401 0x1f20  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:27:43.0404 0x1f20  FDResPub - ok
18:27:43.0467 0x1f20  [ 2E1FBB0769DF4C56B527A4000820A8D0, 6FA0541A9A1BD5586E1E99F4BA4C4442C9407891675F756BCB75EEE5C67FDE15 ] ffusb2audio     C:\Windows\system32\DRIVERS\ffusb2audio.sys
18:27:43.0474 0x1f20  ffusb2audio - ok
18:27:43.0507 0x1f20  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:27:43.0511 0x1f20  FileInfo - ok
18:27:43.0547 0x1f20  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:27:43.0549 0x1f20  Filetrace - ok
18:27:43.0585 0x1f20  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:27:43.0587 0x1f20  flpydisk - ok
18:27:43.0643 0x1f20  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:27:43.0649 0x1f20  FltMgr - ok
18:27:43.0761 0x1f20  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:27:43.0797 0x1f20  FontCache - ok
18:27:43.0883 0x1f20  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:27:43.0886 0x1f20  FontCache3.0.0.0 - ok
18:27:43.0920 0x1f20  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:27:43.0923 0x1f20  FsDepends - ok
18:27:43.0966 0x1f20  [ B9D4827FBAB99CEE4AF2BC2628C585BC, F759D1609E2438FD2F108CAD0689BCEEE1A4F797AC72E057E61DE3ED818CD082 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:27:43.0969 0x1f20  fssfltr - ok
18:27:44.0265 0x1f20  [ 719FD319E03892FF22A33C18C513B9B0, F9CE212F1DDE9CE6E6394A48B6C5ED333D1243667B6796CC1F7A61AA2E4820D8 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:27:44.0316 0x1f20  fsssvc - ok
18:27:44.0365 0x1f20  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:27:44.0387 0x1f20  Fs_Rec - ok
18:27:44.0513 0x1f20  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:27:44.0534 0x1f20  fvevol - ok
18:27:44.0563 0x1f20  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:27:44.0566 0x1f20  gagp30kx - ok
18:27:44.0722 0x1f20  [ 50FFA2F6A5BEC5BB7C39AAB76EEA3C58, E7B0934FF69994F61D9186BF28EE8EAADEB4F64BC6FAE895B2602DAC3B311235 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
18:27:44.0735 0x1f20  Garmin Core Update Service - ok
18:27:44.0805 0x1f20  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:27:44.0826 0x1f20  gpsvc - ok
18:27:44.0891 0x1f20  [ EEE3CE595373BA78E19A3039E5346CE4, 9DA1293A6B72ADE53DB71826421BDC99A26879B783F1551EC57E7AD3B12B9261 ] hcw18bda        C:\Windows\system32\drivers\hcw18bda.sys
18:27:44.0905 0x1f20  hcw18bda - ok
18:27:44.0935 0x1f20  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:27:44.0937 0x1f20  hcw85cir - ok
18:27:44.0989 0x1f20  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:27:44.0999 0x1f20  HdAudAddService - ok
18:27:45.0055 0x1f20  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:27:45.0060 0x1f20  HDAudBus - ok
18:27:45.0080 0x1f20  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:27:45.0082 0x1f20  HidBatt - ok
18:27:45.0102 0x1f20  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:27:45.0106 0x1f20  HidBth - ok
18:27:45.0132 0x1f20  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:27:45.0135 0x1f20  HidIr - ok
18:27:45.0171 0x1f20  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:27:45.0174 0x1f20  hidserv - ok
18:27:45.0251 0x1f20  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:27:45.0253 0x1f20  HidUsb - ok
18:27:45.0304 0x1f20  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:27:45.0309 0x1f20  hkmsvc - ok
18:27:45.0385 0x1f20  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:27:45.0407 0x1f20  HomeGroupListener - ok
18:27:45.0447 0x1f20  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:27:45.0456 0x1f20  HomeGroupProvider - ok
18:27:45.0527 0x1f20  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:27:45.0551 0x1f20  HpSAMD - ok
18:27:45.0888 0x1f20  HPSLPSVC - ok
18:27:45.0955 0x1f20  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:27:45.0971 0x1f20  HTTP - ok
18:27:46.0037 0x1f20  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:27:46.0054 0x1f20  hwpolicy - ok
18:27:46.0114 0x1f20  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:27:46.0117 0x1f20  i8042prt - ok
18:27:46.0249 0x1f20  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:27:46.0273 0x1f20  iaStorV - ok
18:27:46.0365 0x1f20  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:27:46.0387 0x1f20  idsvc - ok
18:27:46.0446 0x1f20  IEEtwCollectorService - ok
18:27:46.0487 0x1f20  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:27:46.0489 0x1f20  iirsp - ok
18:27:46.0569 0x1f20  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:27:46.0593 0x1f20  IKEEXT - ok
18:27:46.0813 0x1f20  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:27:46.0915 0x1f20  IntcAzAudAddService - ok
18:27:46.0968 0x1f20  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:27:46.0969 0x1f20  intelide - ok
18:27:47.0013 0x1f20  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:27:47.0015 0x1f20  intelppm - ok
18:27:47.0059 0x1f20  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:27:47.0077 0x1f20  IPBusEnum - ok
18:27:47.0129 0x1f20  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:27:47.0131 0x1f20  IpFilterDriver - ok
18:27:47.0192 0x1f20  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:27:47.0212 0x1f20  iphlpsvc - ok
18:27:47.0258 0x1f20  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:27:47.0269 0x1f20  IPMIDRV - ok
18:27:47.0297 0x1f20  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:27:47.0302 0x1f20  IPNAT - ok
18:27:47.0354 0x1f20  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:27:47.0355 0x1f20  IRENUM - ok
18:27:47.0392 0x1f20  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:27:47.0393 0x1f20  isapnp - ok
18:27:47.0495 0x1f20  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:27:47.0505 0x1f20  iScsiPrt - ok
18:27:47.0535 0x1f20  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:27:47.0537 0x1f20  kbdclass - ok
18:27:47.0577 0x1f20  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:27:47.0579 0x1f20  kbdhid - ok
18:27:47.0608 0x1f20  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
18:27:47.0612 0x1f20  KeyIso - ok
18:27:47.0657 0x1f20  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:27:47.0659 0x1f20  KSecDD - ok
18:27:47.0704 0x1f20  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:27:47.0710 0x1f20  KSecPkg - ok
18:27:47.0743 0x1f20  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:27:47.0745 0x1f20  ksthunk - ok
18:27:47.0788 0x1f20  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:27:47.0802 0x1f20  KtmRm - ok
18:27:47.0842 0x1f20  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:27:47.0855 0x1f20  LanmanServer - ok
18:27:47.0905 0x1f20  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:27:47.0914 0x1f20  LanmanWorkstation - ok
18:27:47.0998 0x1f20  [ 5EA407821BB3104C31A705175AB4F309, 32A350065990047E80B452FD2B82BC9B8E68AF3F8EA8CCD60E59FFD6D24CDF7C ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
18:27:48.0002 0x1f20  lirsgt - ok
18:27:48.0042 0x1f20  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:27:48.0045 0x1f20  lltdio - ok
18:27:48.0102 0x1f20  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:27:48.0115 0x1f20  lltdsvc - ok
18:27:48.0169 0x1f20  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:27:48.0173 0x1f20  lmhosts - ok
18:27:48.0269 0x1f20  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:27:48.0285 0x1f20  LSI_FC - ok
18:27:48.0313 0x1f20  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:27:48.0322 0x1f20  LSI_SAS - ok
18:27:48.0357 0x1f20  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:27:48.0360 0x1f20  LSI_SAS2 - ok
18:27:48.0402 0x1f20  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:27:48.0407 0x1f20  LSI_SCSI - ok
18:27:48.0429 0x1f20  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:27:48.0433 0x1f20  luafv - ok
18:27:48.0491 0x1f20  [ F2643036B225BA4621A965434478F35E, DA8BB23528E745855652D4FC3CDFCC0B912C6E4A81697618DA1783E4CCC9EC55 ] MAUSBFASTTRACK  C:\Windows\system32\DRIVERS\MAudioFastTrack.sys
18:27:48.0497 0x1f20  MAUSBFASTTRACK - ok
18:27:48.0583 0x1f20  [ 478CC94C937D235CB0A96AB8F2359D81, 1877AF93FD777F0D5BC02C0CD6E806A165991B6C77D424B13D2D77F8F9D1EFCC ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
18:27:48.0604 0x1f20  mbamchameleon - ok
18:27:48.0729 0x1f20  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:27:48.0736 0x1f20  MBAMProtector - ok
18:27:48.0964 0x1f20  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
18:27:49.0012 0x1f20  MBAMScheduler - ok
18:27:49.0164 0x1f20  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:27:49.0188 0x1f20  MBAMService - ok
18:27:49.0223 0x1f20  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:27:49.0226 0x1f20  MBAMWebAccessControl - ok
18:27:49.0268 0x1f20  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:27:49.0275 0x1f20  Mcx2Svc - ok
18:27:49.0352 0x1f20  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:27:49.0355 0x1f20  megasas - ok
18:27:49.0389 0x1f20  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:27:49.0398 0x1f20  MegaSR - ok
18:27:49.0446 0x1f20  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:27:49.0451 0x1f20  MMCSS - ok
18:27:49.0475 0x1f20  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:27:49.0477 0x1f20  Modem - ok
18:27:49.0513 0x1f20  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:27:49.0515 0x1f20  monitor - ok
18:27:49.0555 0x1f20  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:27:49.0556 0x1f20  mouclass - ok
18:27:49.0584 0x1f20  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:27:49.0586 0x1f20  mouhid - ok
18:27:49.0758 0x1f20  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:27:49.0771 0x1f20  mountmgr - ok
18:27:49.0931 0x1f20  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:27:49.0984 0x1f20  MozillaMaintenance - ok
18:27:50.0058 0x1f20  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:27:50.0073 0x1f20  mpio - ok
18:27:50.0139 0x1f20  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:27:50.0143 0x1f20  mpsdrv - ok
18:27:50.0342 0x1f20  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:27:50.0384 0x1f20  MpsSvc - ok
18:27:50.0418 0x1f20  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:27:50.0423 0x1f20  MRxDAV - ok
18:27:50.0465 0x1f20  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:27:50.0469 0x1f20  mrxsmb - ok
18:27:50.0534 0x1f20  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:27:50.0546 0x1f20  mrxsmb10 - ok
18:27:50.0568 0x1f20  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:27:50.0573 0x1f20  mrxsmb20 - ok
18:27:50.0614 0x1f20  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:27:50.0616 0x1f20  msahci - ok
18:27:50.0658 0x1f20  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:27:50.0665 0x1f20  msdsm - ok
18:27:50.0716 0x1f20  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:27:50.0723 0x1f20  MSDTC - ok
18:27:50.0755 0x1f20  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:27:50.0758 0x1f20  Msfs - ok
18:27:50.0786 0x1f20  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:27:50.0787 0x1f20  mshidkmdf - ok
18:27:50.0819 0x1f20  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:27:50.0833 0x1f20  msisadrv - ok
18:27:50.0901 0x1f20  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:27:50.0913 0x1f20  MSiSCSI - ok
18:27:50.0918 0x1f20  msiserver - ok
18:27:50.0945 0x1f20  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:27:50.0946 0x1f20  MSKSSRV - ok
18:27:50.0978 0x1f20  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:27:50.0979 0x1f20  MSPCLOCK - ok
18:27:51.0001 0x1f20  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:27:51.0003 0x1f20  MSPQM - ok
18:27:51.0069 0x1f20  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:27:51.0087 0x1f20  MsRPC - ok
18:27:51.0119 0x1f20  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:27:51.0121 0x1f20  mssmbios - ok
18:27:51.0157 0x1f20  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:27:51.0159 0x1f20  MSTEE - ok
18:27:51.0176 0x1f20  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:27:51.0177 0x1f20  MTConfig - ok
18:27:51.0204 0x1f20  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:27:51.0206 0x1f20  Mup - ok
18:27:51.0273 0x1f20  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:27:51.0299 0x1f20  napagent - ok
18:27:51.0340 0x1f20  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:27:51.0353 0x1f20  NativeWifiP - ok
18:27:51.0456 0x1f20  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:27:51.0496 0x1f20  NDIS - ok
18:27:51.0531 0x1f20  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:27:51.0534 0x1f20  NdisCap - ok
18:27:51.0564 0x1f20  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:27:51.0566 0x1f20  NdisTapi - ok
18:27:51.0599 0x1f20  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:27:51.0602 0x1f20  Ndisuio - ok
18:27:51.0636 0x1f20  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:27:51.0641 0x1f20  NdisWan - ok
18:27:51.0685 0x1f20  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:27:51.0688 0x1f20  NDProxy - ok
18:27:51.0725 0x1f20  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:27:51.0727 0x1f20  NetBIOS - ok
18:27:51.0764 0x1f20  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:27:51.0771 0x1f20  NetBT - ok
18:27:51.0797 0x1f20  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
18:27:51.0800 0x1f20  Netlogon - ok
18:27:51.0845 0x1f20  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:27:51.0859 0x1f20  Netman - ok
18:27:51.0945 0x1f20  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:27:51.0956 0x1f20  NetMsmqActivator - ok
18:27:51.0977 0x1f20  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:27:51.0982 0x1f20  NetPipeActivator - ok
18:27:52.0061 0x1f20  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:27:52.0097 0x1f20  netprofm - ok
18:27:52.0125 0x1f20  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:27:52.0129 0x1f20  NetTcpActivator - ok
18:27:52.0144 0x1f20  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:27:52.0148 0x1f20  NetTcpPortSharing - ok
18:27:52.0171 0x1f20  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:27:52.0175 0x1f20  nfrd960 - ok
18:27:52.0211 0x1f20  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:27:52.0223 0x1f20  NlaSvc - ok
18:27:52.0283 0x1f20  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:27:52.0298 0x1f20  Npfs - ok
18:27:52.0341 0x1f20  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:27:52.0346 0x1f20  nsi - ok
18:27:52.0394 0x1f20  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:27:52.0407 0x1f20  nsiproxy - ok
18:27:52.0539 0x1f20  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:27:52.0606 0x1f20  Ntfs - ok
18:27:52.0637 0x1f20  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:27:52.0638 0x1f20  Null - ok
18:27:52.0708 0x1f20  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
18:27:52.0719 0x1f20  NVENETFD - ok
18:27:53.0606 0x1f20  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:27:54.0074 0x1f20  nvlddmkm - ok
18:27:54.0401 0x1f20  [ D6310F79E51D1F997E964E81DD368AEA, 27D0159F45C712C6165FDB9F40823438225555E71BB01E3B55F5B5D7BE15D389 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:27:54.0490 0x1f20  NvNetworkService - ok
18:27:54.0566 0x1f20  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:27:54.0584 0x1f20  nvraid - ok
18:27:54.0619 0x1f20  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:27:54.0624 0x1f20  nvstor - ok
18:27:54.0746 0x1f20  [ 0FB368E71D9F178BCFC7F0BBA317FECA, 97FA87219E95ED53B5E0B0D3305326DD950EE5CEECDC051E7DC7E9BA05CEB214 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:27:54.0748 0x1f20  NvStreamKms - ok
18:27:56.0094 0x1f20  [ AEC2796DF28AB7494A0C688E40D7B38C, B5B495259489B7A49EA4243EEF13BF598EC5791E0FD59FAB4227C906D635D09E ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:27:56.0927 0x1f20  NvStreamSvc - ok
18:27:57.0142 0x1f20  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] NVSvc           C:\Windows\system32\nvvsvc.exe
18:27:57.0167 0x1f20  NVSvc - ok
18:27:57.0276 0x1f20  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:27:57.0332 0x1f20  nvvad_WaveExtensible - ok
18:27:57.0374 0x1f20  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:27:57.0386 0x1f20  nv_agp - ok
18:27:57.0485 0x1f20  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:27:57.0510 0x1f20  ohci1394 - ok
18:27:57.0728 0x1f20  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:27:57.0738 0x1f20  ose64 - ok
18:27:58.0471 0x1f20  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:27:58.0622 0x1f20  osppsvc - ok
18:27:58.0705 0x1f20  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:27:58.0719 0x1f20  p2pimsvc - ok
18:27:58.0797 0x1f20  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:27:58.0846 0x1f20  p2psvc - ok
18:27:58.0901 0x1f20  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:27:58.0905 0x1f20  Parport - ok
18:27:58.0963 0x1f20  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:27:58.0965 0x1f20  partmgr - ok
18:27:59.0022 0x1f20  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:27:59.0045 0x1f20  PcaSvc - ok
18:27:59.0089 0x1f20  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:27:59.0094 0x1f20  pci - ok
18:27:59.0151 0x1f20  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:27:59.0153 0x1f20  pciide - ok
18:27:59.0194 0x1f20  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:27:59.0200 0x1f20  pcmcia - ok
18:27:59.0233 0x1f20  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:27:59.0236 0x1f20  pcw - ok
18:27:59.0302 0x1f20  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:27:59.0319 0x1f20  PEAUTH - ok
18:27:59.0396 0x1f20  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:27:59.0435 0x1f20  PeerDistSvc - ok
18:27:59.0584 0x1f20  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:27:59.0588 0x1f20  PerfHost - ok
18:27:59.0707 0x1f20  [ 0015113A604B94769AB5159E8DCFC6E6, 2449C9F27F366C9886572319EC67AC997F9646D156329AA61686D38CC19B6911 ] PinnacleUpdateSvc C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
18:27:59.0720 0x1f20  PinnacleUpdateSvc - ok
18:27:59.0806 0x1f20  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:27:59.0854 0x1f20  pla - ok
18:28:00.0068 0x1f20  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:28:00.0089 0x1f20  PlugPlay - ok
18:28:00.0117 0x1f20  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:28:00.0135 0x1f20  PNRPAutoReg - ok
18:28:00.0237 0x1f20  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:28:00.0247 0x1f20  PNRPsvc - ok
18:28:01.0036 0x1f20  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:28:01.0053 0x1f20  PolicyAgent - ok
18:28:01.0202 0x1f20  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:28:01.0222 0x1f20  Power - ok
18:28:01.0290 0x1f20  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:28:01.0295 0x1f20  PptpMiniport - ok
18:28:01.0368 0x1f20  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:28:01.0394 0x1f20  Processor - ok
18:28:01.0475 0x1f20  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:28:01.0483 0x1f20  ProfSvc - ok
18:28:01.0509 0x1f20  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:28:01.0514 0x1f20  ProtectedStorage - ok
18:28:01.0569 0x1f20  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:28:01.0574 0x1f20  Psched - ok
18:28:01.0673 0x1f20  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:28:01.0717 0x1f20  ql2300 - ok
18:28:01.0763 0x1f20  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:28:01.0780 0x1f20  ql40xx - ok
18:28:01.0851 0x1f20  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:28:01.0864 0x1f20  QWAVE - ok
18:28:01.0885 0x1f20  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:28:01.0901 0x1f20  QWAVEdrv - ok
18:28:01.0926 0x1f20  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:28:01.0929 0x1f20  RasAcd - ok
18:28:02.0088 0x1f20  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:02.0121 0x1f20  RasAgileVpn - ok
18:28:02.0221 0x1f20  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:28:02.0263 0x1f20  RasAuto - ok
18:28:02.0349 0x1f20  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:02.0355 0x1f20  Rasl2tp - ok
18:28:02.0451 0x1f20  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:28:02.0466 0x1f20  RasMan - ok
18:28:02.0501 0x1f20  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:02.0504 0x1f20  RasPppoe - ok
18:28:02.0555 0x1f20  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:28:02.0559 0x1f20  RasSstp - ok
18:28:02.0671 0x1f20  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:28:02.0678 0x1f20  rdbss - ok
18:28:02.0760 0x1f20  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:28:03.0519 0x1f20  rdpbus - ok
18:28:03.0552 0x1f20  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:28:03.0553 0x1f20  RDPCDD - ok
18:28:03.0815 0x1f20  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:28:03.0819 0x1f20  RDPDR - ok
18:28:04.0001 0x1f20  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:28:04.0691 0x1f20  RDPENCDD - ok
18:28:04.0721 0x1f20  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:28:04.0723 0x1f20  RDPREFMP - ok
18:28:04.0838 0x1f20  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:28:04.0841 0x1f20  RdpVideoMiniport - ok
18:28:04.0936 0x1f20  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:28:04.0942 0x1f20  RDPWD - ok
18:28:04.0989 0x1f20  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:28:04.0996 0x1f20  rdyboost - ok
18:28:05.0041 0x1f20  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:28:05.0046 0x1f20  RemoteAccess - ok
18:28:05.0083 0x1f20  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:28:05.0091 0x1f20  RemoteRegistry - ok
18:28:05.0138 0x1f20  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:28:05.0145 0x1f20  RpcEptMapper - ok
18:28:05.0206 0x1f20  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:28:05.0234 0x1f20  RpcLocator - ok
18:28:05.0298 0x1f20  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:28:05.0314 0x1f20  RpcSs - ok
18:28:05.0361 0x1f20  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:28:05.0364 0x1f20  rspndr - ok
18:28:05.0518 0x1f20  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
18:28:05.0529 0x1f20  RtkAudioService - ok
18:28:05.0705 0x1f20  [ FEFA32073D77BB9C741A63B6286479F6, 7E62CF6244ACC964C21248AF6A7010EA9BBE220345E2DF361E661A746C18CBD1 ] RzKLService     C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
18:28:05.0725 0x1f20  RzKLService - ok
18:28:05.0798 0x1f20  [ D30A8C2D23A7AB6664028A9C72E1809E, 1F2486F02A332CA68BA82B69B0188861EA0BA470D0A8CA1C0A4A771D84BC3613 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
18:28:05.0804 0x1f20  rzudd - ok
18:28:05.0882 0x1f20  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:28:05.0903 0x1f20  s3cap - ok
18:28:05.0929 0x1f20  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
18:28:05.0933 0x1f20  SamSs - ok
18:28:06.0017 0x1f20  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:28:06.0020 0x1f20  sbp2port - ok
18:28:06.0333 0x1f20  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:28:06.0359 0x1f20  SCardSvr - ok
18:28:06.0419 0x1f20  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:28:06.0445 0x1f20  scfilter - ok
18:28:06.0687 0x1f20  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:28:06.0750 0x1f20  Schedule - ok
18:28:06.0791 0x1f20  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:28:06.0794 0x1f20  SCPolicySvc - ok
18:28:06.0877 0x1f20  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:28:06.0880 0x1f20  ScreamBAudioSvc - ok
18:28:06.0932 0x1f20  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:28:06.0940 0x1f20  SDRSVC - ok
18:28:06.0965 0x1f20  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:28:06.0967 0x1f20  secdrv - ok
18:28:07.0007 0x1f20  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:28:07.0012 0x1f20  seclogon - ok
18:28:07.0043 0x1f20  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
18:28:07.0049 0x1f20  SENS - ok
18:28:07.0081 0x1f20  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:28:07.0086 0x1f20  SensrSvc - ok
18:28:07.0121 0x1f20  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:28:07.0123 0x1f20  Serenum - ok
18:28:07.0151 0x1f20  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:28:07.0154 0x1f20  Serial - ok
18:28:07.0166 0x1f20  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:28:07.0169 0x1f20  sermouse - ok
18:28:07.0207 0x1f20  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:28:07.0215 0x1f20  SessionEnv - ok
18:28:07.0239 0x1f20  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:28:07.0241 0x1f20  sffdisk - ok
18:28:07.0252 0x1f20  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:28:07.0254 0x1f20  sffp_mmc - ok
18:28:07.0277 0x1f20  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:28:07.0278 0x1f20  sffp_sd - ok
18:28:07.0303 0x1f20  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:28:07.0305 0x1f20  sfloppy - ok
18:28:07.0345 0x1f20  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:28:07.0356 0x1f20  SharedAccess - ok
18:28:07.0404 0x1f20  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:28:07.0417 0x1f20  ShellHWDetection - ok
18:28:07.0445 0x1f20  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:28:07.0447 0x1f20  SiSRaid2 - ok
18:28:07.0469 0x1f20  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:28:07.0473 0x1f20  SiSRaid4 - ok
18:28:07.0705 0x1f20  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:28:07.0787 0x1f20  Skype C2C Service - ok
18:28:07.0918 0x1f20  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:28:07.0934 0x1f20  SkypeUpdate - ok
18:28:07.0998 0x1f20  [ DD0443BC6CC78A19FD399817F8C51401, 06D945DB1E2C45C01D9900A4C9A557269CCD7F0AD5F1864E31E03879BC4CDF7F ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
18:28:08.0000 0x1f20  SmartDefragDriver - ok
18:28:08.0024 0x1f20  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:28:08.0034 0x1f20  Smb - ok
18:28:08.0107 0x1f20  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:28:08.0118 0x1f20  SNMPTRAP - ok
18:28:08.0142 0x1f20  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:28:08.0144 0x1f20  spldr - ok
18:28:08.0247 0x1f20  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:28:08.0270 0x1f20  Spooler - ok
18:28:08.0477 0x1f20  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:28:08.0635 0x1f20  sppsvc - ok
18:28:08.0693 0x1f20  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:28:08.0700 0x1f20  sppuinotify - ok
18:28:08.0753 0x1f20  [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd            C:\Windows\System32\Drivers\sptd.sys
18:28:08.0769 0x1f20  sptd - ok
18:28:08.0776 0x1f20  SpyHunter 4 Service - ok
18:28:08.0821 0x1f20  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:28:08.0835 0x1f20  srv - ok
18:28:08.0872 0x1f20  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:28:08.0886 0x1f20  srv2 - ok
18:28:08.0933 0x1f20  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:28:08.0938 0x1f20  srvnet - ok
18:28:09.0039 0x1f20  [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
18:28:09.0051 0x1f20  sscdbus - ok
18:28:09.0086 0x1f20  [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:28:09.0088 0x1f20  sscdmdfl - ok
18:28:09.0114 0x1f20  [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
18:28:09.0120 0x1f20  sscdmdm - ok
18:28:09.0204 0x1f20  [ 05FFA552F578E27AB2D41B6828DB477F, F3292A431D656C039F4300AA584FA13F26A69B351C2F903B3E47CEF464A6233A ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
18:28:09.0219 0x1f20  sscdserd - ok
18:28:09.0247 0x1f20  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:28:09.0258 0x1f20  SSDPSRV - ok
18:28:09.0278 0x1f20  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:28:09.0284 0x1f20  SstpSvc - ok
18:28:09.0386 0x1f20  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:28:09.0409 0x1f20  Steam Client Service - ok
18:28:09.0538 0x1f20  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:28:09.0551 0x1f20  Stereo Service - ok
18:28:09.0592 0x1f20  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:28:09.0594 0x1f20  stexstor - ok
18:28:09.0645 0x1f20  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:28:09.0668 0x1f20  stisvc - ok
18:28:09.0725 0x1f20  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:28:09.0728 0x1f20  storflt - ok
18:28:09.0756 0x1f20  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:28:09.0758 0x1f20  storvsc - ok
18:28:09.0776 0x1f20  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:28:09.0777 0x1f20  swenum - ok
18:28:09.0812 0x1f20  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:28:09.0831 0x1f20  swprv - ok
18:28:09.0851 0x1f20  Synth3dVsc - ok
18:28:09.0947 0x1f20  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:28:09.0995 0x1f20  SysMain - ok
18:28:10.0034 0x1f20  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:28:10.0042 0x1f20  TabletInputService - ok
18:28:10.0083 0x1f20  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:28:10.0096 0x1f20  TapiSrv - ok
18:28:10.0116 0x1f20  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:28:10.0123 0x1f20  TBS - ok
18:28:10.0261 0x1f20  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:28:10.0310 0x1f20  Tcpip - ok
18:28:10.0398 0x1f20  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:28:10.0448 0x1f20  TCPIP6 - ok
18:28:10.0498 0x1f20  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:28:10.0501 0x1f20  tcpipreg - ok
18:28:10.0542 0x1f20  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:28:10.0543 0x1f20  TDPIPE - ok
18:28:10.0593 0x1f20  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:28:10.0595 0x1f20  TDTCP - ok
18:28:10.0663 0x1f20  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:28:10.0668 0x1f20  tdx - ok
18:28:10.0694 0x1f20  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:28:10.0697 0x1f20  TermDD - ok
18:28:10.0766 0x1f20  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:28:10.0787 0x1f20  TermService - ok
18:28:10.0813 0x1f20  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:28:10.0818 0x1f20  Themes - ok
18:28:10.0852 0x1f20  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:28:10.0875 0x1f20  THREADORDER - ok
18:28:10.0907 0x1f20  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:28:10.0914 0x1f20  TrkWks - ok
18:28:11.0005 0x1f20  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:28:11.0011 0x1f20  TrustedInstaller - ok
18:28:11.0062 0x1f20  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:28:11.0067 0x1f20  tssecsrv - ok
18:28:11.0102 0x1f20  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:28:11.0107 0x1f20  TsUsbFlt - ok
18:28:11.0128 0x1f20  tsusbhub - ok
18:28:11.0183 0x1f20  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:28:11.0188 0x1f20  tunnel - ok
18:28:11.0209 0x1f20  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:28:11.0214 0x1f20  uagp35 - ok
18:28:11.0258 0x1f20  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:28:11.0268 0x1f20  udfs - ok
18:28:11.0309 0x1f20  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:28:11.0316 0x1f20  UI0Detect - ok
18:28:11.0347 0x1f20  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:28:11.0351 0x1f20  uliagpkx - ok
18:28:11.0387 0x1f20  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:28:11.0389 0x1f20  umbus - ok
18:28:11.0453 0x1f20  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:28:11.0455 0x1f20  UmPass - ok
18:28:11.0506 0x1f20  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:28:11.0524 0x1f20  UmRdpService - ok
18:28:11.0564 0x1f20  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:28:11.0593 0x1f20  upnphost - ok
18:28:11.0746 0x1f20  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:28:11.0770 0x1f20  usbaudio - ok
18:28:11.0827 0x1f20  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:28:11.0852 0x1f20  usbccgp - ok
18:28:11.0917 0x1f20  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:28:11.0922 0x1f20  usbcir - ok
18:28:11.0941 0x1f20  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:28:11.0944 0x1f20  usbehci - ok
18:28:12.0082 0x1f20  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:28:12.0092 0x1f20  usbhub - ok
18:28:12.0136 0x1f20  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:28:12.0138 0x1f20  usbohci - ok
18:28:12.0184 0x1f20  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:28:12.0186 0x1f20  usbprint - ok
18:28:12.0217 0x1f20  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:28:12.0219 0x1f20  usbscan - ok
18:28:12.0272 0x1f20  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:28:12.0275 0x1f20  USBSTOR - ok
18:28:12.0328 0x1f20  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:28:12.0332 0x1f20  usbuhci - ok
18:28:12.0366 0x1f20  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:28:12.0372 0x1f20  UxSms - ok
18:28:12.0406 0x1f20  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
18:28:12.0410 0x1f20  VaultSvc - ok
18:28:12.0463 0x1f20  [ A19BC248306CD27A3013042AD17ADEB8, DA0B7E3AEB6E58816F31B639C5E5BE34698299260A2A08C232DFBB172C115259 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:28:12.0469 0x1f20  VBoxNetAdp - ok
18:28:12.0505 0x1f20  VBoxNetFlt - ok
18:28:12.0536 0x1f20  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:28:12.0538 0x1f20  vdrvroot - ok
18:28:12.0590 0x1f20  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:28:12.0609 0x1f20  vds - ok
18:28:12.0650 0x1f20  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:28:12.0652 0x1f20  vga - ok
18:28:12.0670 0x1f20  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:28:12.0673 0x1f20  VgaSave - ok
18:28:12.0685 0x1f20  VGPU - ok
18:28:12.0732 0x1f20  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:28:12.0744 0x1f20  vhdmp - ok
18:28:12.0770 0x1f20  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:28:12.0773 0x1f20  viaide - ok
18:28:12.0816 0x1f20  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:28:12.0824 0x1f20  vmbus - ok
18:28:12.0855 0x1f20  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:28:12.0858 0x1f20  VMBusHID - ok
18:28:12.0883 0x1f20  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:28:12.0886 0x1f20  volmgr - ok
18:28:12.0920 0x1f20  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:28:12.0933 0x1f20  volmgrx - ok
18:28:12.0966 0x1f20  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:28:12.0985 0x1f20  volsnap - ok
18:28:13.0018 0x1f20  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:28:13.0025 0x1f20  vsmraid - ok
18:28:13.0112 0x1f20  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:28:13.0157 0x1f20  VSS - ok
18:28:13.0234 0x1f20  [ 93132C69394A99D992095D8CFE464801, A76C0371E9E18B038B0745C3F38AC4E958D43CB87EAB358EB88F431A33EE1F6E ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
18:28:13.0247 0x1f20  VST64HWBS2 - ok
18:28:13.0327 0x1f20  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:28:13.0366 0x1f20  VST64_DPV - ok
18:28:13.0396 0x1f20  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:28:13.0398 0x1f20  vwifibus - ok
18:28:13.0436 0x1f20  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:28:13.0467 0x1f20  W32Time - ok
18:28:13.0492 0x1f20  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:28:13.0494 0x1f20  WacomPen - ok
18:28:13.0526 0x1f20  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:28:13.0530 0x1f20  WANARP - ok
18:28:13.0541 0x1f20  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:28:13.0544 0x1f20  Wanarpv6 - ok
18:28:13.0637 0x1f20  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:28:13.0683 0x1f20  WatAdminSvc - ok
18:28:13.0780 0x1f20  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:28:13.0842 0x1f20  wbengine - ok
18:28:13.0907 0x1f20  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:28:13.0917 0x1f20  WbioSrvc - ok
18:28:13.0969 0x1f20  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:28:13.0984 0x1f20  wcncsvc - ok
18:28:14.0008 0x1f20  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:28:14.0022 0x1f20  WcsPlugInService - ok
18:28:14.0048 0x1f20  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:28:14.0052 0x1f20  Wd - ok
18:28:14.0126 0x1f20  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:28:14.0154 0x1f20  Wdf01000 - ok
18:28:14.0196 0x1f20  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:28:14.0203 0x1f20  WdiServiceHost - ok
18:28:14.0211 0x1f20  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:28:14.0217 0x1f20  WdiSystemHost - ok
18:28:14.0277 0x1f20  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:28:14.0288 0x1f20  WebClient - ok
18:28:14.0321 0x1f20  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:28:14.0333 0x1f20  Wecsvc - ok
18:28:14.0349 0x1f20  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:28:14.0356 0x1f20  wercplsupport - ok
18:28:14.0376 0x1f20  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:28:14.0383 0x1f20  WerSvc - ok
18:28:14.0401 0x1f20  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:28:14.0403 0x1f20  WfpLwf - ok
18:28:14.0422 0x1f20  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\DRIVERS\wimmount.sys
18:28:14.0425 0x1f20  WIMMount - ok
18:28:14.0482 0x1f20  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:28:14.0505 0x1f20  winachsf - ok
18:28:14.0544 0x1f20  WinDefend - ok
18:28:14.0577 0x1f20  WinHttpAutoProxySvc - ok
18:28:14.0646 0x1f20  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:28:14.0655 0x1f20  Winmgmt - ok
18:28:14.0756 0x1f20  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:28:14.0817 0x1f20  WinRM - ok
18:28:14.0909 0x1f20  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:28:14.0911 0x1f20  WinUsb - ok
18:28:14.0985 0x1f20  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:28:15.0012 0x1f20  Wlansvc - ok
18:28:15.0560 0x1f20  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:28:15.0636 0x1f20  wlidsvc - ok
18:28:15.0688 0x1f20  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:28:15.0691 0x1f20  WmiAcpi - ok
18:28:15.0745 0x1f20  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:28:15.0753 0x1f20  wmiApSrv - ok
18:28:15.0793 0x1f20  WMPNetworkSvc - ok
18:28:15.0814 0x1f20  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:28:15.0819 0x1f20  WPCSvc - ok
18:28:15.0855 0x1f20  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:28:15.0863 0x1f20  WPDBusEnum - ok
18:28:15.0898 0x1f20  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:28:15.0905 0x1f20  ws2ifsl - ok
18:28:15.0941 0x1f20  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
18:28:15.0951 0x1f20  wscsvc - ok
18:28:15.0956 0x1f20  WSearch - ok
18:28:16.0098 0x1f20  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:28:16.0196 0x1f20  wuauserv - ok
18:28:16.0299 0x1f20  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:28:16.0319 0x1f20  WudfPf - ok
18:28:16.0411 0x1f20  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:28:16.0421 0x1f20  WUDFRd - ok
18:28:16.0484 0x1f20  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:28:16.0491 0x1f20  wudfsvc - ok
18:28:16.0566 0x1f20  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:28:16.0596 0x1f20  WwanSvc - ok
18:28:16.0705 0x1f20  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
18:28:16.0723 0x1f20  xnacc - ok
18:28:16.0751 0x1f20  ================ Scan global ===============================
18:28:16.0815 0x1f20  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:28:16.0863 0x1f20  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:28:16.0909 0x1f20  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:28:16.0985 0x1f20  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:28:17.0093 0x1f20  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:28:17.0105 0x1f20  [ Global ] - ok
18:28:17.0105 0x1f20  ================ Scan MBR ==================================
18:28:17.0124 0x1f20  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:28:17.0348 0x1f20  \Device\Harddisk0\DR0 - ok
18:28:17.0352 0x1f20  ================ Scan VBR ==================================
18:28:17.0375 0x1f20  [ 4BBEF27038BC51769018B70DD2A79431 ] \Device\Harddisk0\DR0\Partition1
18:28:17.0390 0x1f20  \Device\Harddisk0\DR0\Partition1 - ok
18:28:17.0395 0x1f20  [ 91CF0BCA7A9FD127C68FA6FC4D9926DE ] \Device\Harddisk0\DR0\Partition2
18:28:17.0398 0x1f20  \Device\Harddisk0\DR0\Partition2 - ok
18:28:17.0399 0x1f20  ================ Scan generic autorun ======================
18:28:17.0557 0x1f20  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:28:17.0577 0x1f20  AdobeAAMUpdater-1.0 - ok
18:28:18.0291 0x1f20  [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:28:18.0763 0x1f20  RTHDVCPL - ok
18:28:19.0007 0x1f20  [ C56AEF21A76A6E2BB36A384B2C96389F, A9C8B90631AB4BBFEAABDE3D854283C5073B8786A263B941FF631531F30B7F9A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:28:19.0068 0x1f20  NvBackend - ok
18:28:19.0101 0x1f20  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:28:19.0106 0x1f20  ShadowPlay - ok
18:28:19.0339 0x1f20  [ FFB8CB731D62EC434A552680E0F8EC1A, 7738881188FF99820F6FD667E32FE73E63260289188C449D3462F8B19C48D3FA ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:28:19.0468 0x1f20  AvastUI.exe - ok
18:28:19.0616 0x1f20  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
18:28:19.0666 0x1f20  Sidebar - ok
18:28:19.0947 0x1f20  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
18:28:20.0125 0x1f20  CCleaner Monitoring - ok
18:28:20.0249 0x1f20  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:28:20.0279 0x1f20  Sidebar - ok
18:28:20.0320 0x1f20  Advanced SystemCare 5 - ok
18:28:20.0321 0x1f20  SmartRAM - ok
18:28:20.0373 0x1f20  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:28:20.0378 0x1f20  mctadmin - ok
18:28:20.0414 0x1f20  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:28:20.0438 0x1f20  Sidebar - ok
18:28:20.0448 0x1f20  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:28:20.0453 0x1f20  mctadmin - ok
18:28:20.0594 0x1f20  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
18:28:20.0622 0x1f20  Sidebar - ok
18:28:20.0757 0x1f20  FlashPlayerUpdate - ok
18:28:20.0796 0x1f20  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:28:20.0820 0x1f20  Sidebar - ok
18:28:20.0832 0x1f20  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:28:20.0836 0x1f20  mctadmin - ok
18:28:20.0882 0x1f20  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
18:28:20.0910 0x1f20  Sidebar - ok
18:28:20.0918 0x1f20  FlashPlayerUpdate - ok
18:28:20.0918 0x1f20  Waiting for KSN requests completion. In queue: 94
18:28:21.0918 0x1f20  Waiting for KSN requests completion. In queue: 94
18:28:22.0918 0x1f20  Waiting for KSN requests completion. In queue: 94
18:28:24.0088 0x1f20  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
18:28:24.0109 0x1f20  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41010 ( enabled )
18:28:27.0056 0x1f20  ============================================================
18:28:27.0056 0x1f20  Scan finished
18:28:27.0056 0x1f20  ============================================================
18:28:27.0065 0x12f0  Detected object count: 0
18:28:27.0065 0x12f0  Actual detected object count: 0
 



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:03 AM

Posted 02 January 2015 - 07:48 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

p22002970.gif Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:

p4436801.gif

Paste the content of AutoRuns.txt into your next reply.

p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Mieshaxo

Mieshaxo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Boston MA
  • Local time:09:03 AM

Posted 03 January 2015 - 05:20 AM

# AdwCleaner v4.106 - Report created 02/01/2015 at 21:32:11
# Updated 21/12/2014 by Xplode
# Database : 2015-01-01.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Sick Mosh - RONINEXCALIBUR
# Running from : C:\Users\Sick Mosh\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Skype C2C Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Users\Sick Mosh\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sick Mosh\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Sick Mosh\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Sick Mosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
File Deleted : C:\Users\Sick Mosh\AppData\Roaming\Mozilla\Firefox\Profiles\7do4w1bk.default-1403386374052\user.js
File Deleted : C:\Users\Sick Mosh\AppData\Roaming\Mozilla\Firefox\Profiles\bzw0f56q.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Browser Manager
Task Deleted : LaunchSignup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\e08dd9b438ed48
Key Deleted : HKLM\SOFTWARE\e08dd9b438ed48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\dlQUE
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[7do4w1bk.default-1403386374052\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Groovorio");

-\\ Google Chrome v

[C:\Users\Sick Mosh\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Sick Mosh\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [9786 octets] - [02/01/2015 21:28:47]
AdwCleaner[S0].txt - [9451 octets] - [02/01/2015 21:32:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9511 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by Sick Mosh on Fri 01/02/2015 at 21:47:10.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78816D70-9D7A-4200-8107-00586BD2CB2E}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{78816D70-9D7A-4200-8107-00586BD2CB2E}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78816D70-9D7A-4200-8107-00586BD2CB2E}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{78816D70-9D7A-4200-8107-00586BD2CB2E}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\freerip"
Successfully deleted: [Folder] "C:\Users\Sick Mosh\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Program Files (x86)\freerip"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{039D822B-525C-4B8E-9C61-D8659998AF41}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{07CD4990-894A-4611-AF7C-0D28F9E892AC}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{09F23AE1-23A0-4DD3-8373-31832557FCB1}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{28EA4F89-9687-43B7-ACFE-7DE26D51D873}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{2DE0D13B-FEE8-4C30-A607-F2550C4DED34}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{2EDAF6D8-D934-4882-A842-171E54DA56DE}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{32CE45B5-8440-4E84-A82F-EDE1CD506339}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{37EC3D8D-CA2D-4BF3-8A3C-FBE4D571B815}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{3C1F001D-4702-4B87-B9F5-AFE4C3B4BEDD}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{4310BB19-FA99-4E00-A2EB-12917DF5F0B4}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{5130FC07-EE82-4989-9781-7B7DABCED105}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{5BFCE079-CAC1-4F17-9A38-86496AFE48F3}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{5E0EA0EA-E653-480A-A66D-7D8CA6A821E8}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{66D41E3F-6528-4F90-9D4B-4EEF88505B83}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{68F2F356-D602-4EAA-93A1-1A91EB296870}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{7F8195DF-3AB4-49F1-A8B6-784DD28AE169}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{82BE007A-13B6-452C-BDD2-6EDDCB557749}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{899F5652-CEFA-40B6-B31C-6ADA0F84B090}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{952FE269-C422-4A7C-9FB3-EFA9498467FF}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{9A0B7411-8B31-4321-B052-43BE48CC0567}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{9D6F86C1-76A0-4DD8-A136-4EC7B0BBDF96}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{AF4583EA-1CA6-47AD-97F1-396E8C1AA10E}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{BEBD7A1A-FB40-45DE-BBA1-21AF6589C67B}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{C0A2BE16-32FC-4D0D-BE1A-C7FD011E5696}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{CD86291B-6F82-44D9-BD9C-39F7A2EFA8DC}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{E32BE04B-B301-48D0-B7D6-180EBA7F910E}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{F3B13B77-03AC-49E5-B032-D67F614788A8}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{FEF40929-A4E0-489E-9950-620B96027BF3}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{FFCB273A-E8D5-4CA0-9F69-6821159C54C1}
Successfully deleted: [Empty Folder] C:\Users\Sick Mosh\appdata\local\{FFF2B254-E738-4FA2-B23F-05E5A1F37C4D}



~~~ FireFox

Successfully deleted the following from C:\Users\Sick Mosh\AppData\Roaming\mozilla\firefox\profiles\7do4w1bk.default-1403386374052\prefs.js

user_pref("extensions.adblockpluspopupaddon.rules", "baseball.fantasysports.yahoo.com;1;ALLOW;WINDOWS,TABS;0|cisnationwide.com;1;ALLOW;WINDOWS,TABS;0|dickssportinggoods.com;1;
Emptied folder: C:\Users\Sick Mosh\AppData\Roaming\mozilla\firefox\profiles\7do4w1bk.default-1403386374052\minidumps [49 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/02/2015 at 21:53:36.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "1/1/2015 2:12 PM"
+ "AdobeAAMUpdater-1.0"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"    "2/27/2014 7:35 AM"
+ "NvBackend"    "NVIDIA GeForce Experience Backend"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\update core\nvbackend.exe"    "7/25/2014 5:55 AM"
+ "RTHDVCPL"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\ravcpl64.exe"    "5/9/2014 4:07 AM"
+ "ShadowPlay"    "NVIDIA Capture Server Proxy"    "NVIDIA Corporation"    "c:\windows\system32\nvspcap64.dll"    "7/25/2014 6:44 AM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "1/2/2015 12:17 PM"
+ "AvastUI.exe"    "avast! Antivirus"    "AVAST Software"    "c:\program files\avast software\avast\avastui.exe"    "11/20/2014 5:17 AM"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"    "10/2/2014 3:54 PM"
+ "Razer Synapse"    "Razer Synapse"    "Razer Inc."    "c:\program files (x86)\razer\synapse\rzsynapse.exe"    "6/23/2014 1:39 PM"
"C:\Users\Sick Mosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "1/2/2015 2:37 PM"
+ "Dropbox.lnk"    "Dropbox"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropbox.exe"    "12/8/2014 9:49 PM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "1/1/2015 2:23 PM"
+ "Browsing Enhancements"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"
+ "DirectDrawEx"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"
+ "Internet Explorer Help"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"
+ "Internet Explorer Setup Tools"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"
+ "Microsoft Windows Script 5.6"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "1/2/2015 12:26 PM"
+ "Browsing Enhancements"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"
+ "DirectDrawEx"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"
+ "Internet Explorer Help"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"
+ "Internet Explorer Setup Tools"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"
+ "Microsoft Windows Script 5.6"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "1/2/2015 2:59 AM"
+ "CCleaner Monitoring"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner64.exe"    "12/9/2014 4:57 PM"
+ "Sidebar"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"    "11/20/2010 5:24 AM"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "5/23/2013 2:21 AM"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"    "2/28/2010 4:24 AM"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "1/2/2015 1:34 PM"
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"    "11/7/2012 7:17 AM"
+ "skype-ie-addon-data"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"    "10/2/2012 7:05 AM"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/1/2015 1:39 AM"
+ " SkyDriveEx"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\amd64\skydriveshell64.dll"    "12/20/2013 4:11 PM"
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"    "11/6/2014 8:10 AM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshls64.dll"    "10/21/2014 9:45 AM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "11/6/2014 7:51 AM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshlstb.dll"    "10/21/2014 9:37 AM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/20/2013 8:59 PM"
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"    "11/6/2014 8:10 AM"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/20/2013 8:59 PM"
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "11/6/2014 7:51 AM"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/1/2015 1:39 AM"
+ " SkyDriveEx"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\amd64\skydriveshell64.dll"    "12/20/2013 4:11 PM"
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshls64.dll"    "10/21/2014 9:45 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshlstb.dll"    "10/21/2014 9:37 AM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshls64.dll"    "10/21/2014 9:45 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshlstb.dll"    "10/21/2014 9:37 AM"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/1/2015 1:39 AM"
+ " SkyDriveEx"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\amd64\skydriveshell64.dll"    "12/20/2013 4:11 PM"
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "5/23/2011 12:50 AM"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"    "7/13/2009 8:32 PM"
+ "NvCplDesktopContext"    "NVIDIA Display Shell Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"    "7/2/2014 1:38 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "5/23/2011 12:50 AM"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"    "7/13/2009 8:09 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "11/16/2011 9:43 PM"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"    "12/18/2012 8:02 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/2/2015 12:23 PM"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"    "11/6/2014 8:10 AM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshls64.dll"    "10/21/2014 9:45 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/2/2015 12:23 PM"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "11/6/2014 7:51 AM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshlstb.dll"    "10/21/2014 9:37 AM"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshls64.dll"    "10/21/2014 9:45 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "1/2/2015 12:24 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files (x86)\winzip\wzshlstb.dll"    "10/21/2014 9:37 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "1/1/2015 1:39 AM"
+ " SkyDrive1"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\amd64\skydriveshell64.dll"    "12/20/2013 4:11 PM"
+ " SkyDrive2"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\amd64\skydriveshell64.dll"    "12/20/2013 4:11 PM"
+ " SkyDrive3"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\amd64\skydriveshell64.dll"    "12/20/2013 4:11 PM"
+ ""DropboxExt1""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt2""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt3""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt4""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt5""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt6""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt7""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ ""DropboxExt8""    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\sick mosh\appdata\roaming\dropbox\bin\dropboxext64.24.dll"    "6/23/2014 7:32 PM"
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashsha64.dll"    "11/6/2014 8:10 AM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "1/1/2015 12:34 AM"
+ " SkyDrive1"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\skydriveshell.dll"    "12/20/2013 4:24 PM"
+ " SkyDrive2"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\skydriveshell.dll"    "12/20/2013 4:24 PM"
+ " SkyDrive3"    "Microsoft SkyDrive Shell Extension"    "Microsoft Corporation"    "c:\users\sick mosh\appdata\local\microsoft\skydrive\17.0.4024.1220\skydriveshell.dll"    "12/20/2013 4:24 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "1/2/2015 9:32 PM"
+ "avast! Online Security"    "IE Webrep plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie64.dll"    "10/31/2014 7:58 AM"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\urlredir.dll"    "3/6/2013 2:39 AM"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"    "7/17/2012 5:11 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "1/2/2015 9:50 PM"
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"    "12/18/2012 7:32 AM"
+ "avast! Online Security"    "IE Webrep plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie.dll"    "10/31/2014 7:57 AM"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre1.8.0_25\bin\jp2ssv.dll"    "10/7/2014 5:04 PM"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre1.8.0_25\bin\ssv.dll"    "10/7/2014 5:04 PM"
+ "Office Document Cache Handler"    "Microsoft Office Document Cache Handler"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\urlredir.dll"    "3/6/2013 2:38 AM"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"    "7/17/2012 4:46 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "10/14/2012 1:26 PM"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"    "10/2/2012 7:05 AM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "4/12/2014 8:10 AM"
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"    "1/10/2014 4:25 PM"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"    "10/2/2012 7:13 AM"
"Task Scheduler"    ""    ""    ""    ""
+ "\AdobeAAMUpdater-1.0-RoninExcalibur-Sick Mosh"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"    "2/27/2014 7:35 AM"
+ "\CCleanerSkipUAC"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner.exe"    "12/9/2014 4:53 PM"
+ "\GoogleUpdateTaskUserS-1-5-21-3112461849-2868182616-320357554-1000Core"    "Google Installer"    "Google Inc."    "c:\users\sick mosh\appdata\local\google\update\googleupdate.exe"    "9/29/2014 8:19 PM"
+ "\GoogleUpdateTaskUserS-1-5-21-3112461849-2868182616-320357554-1000UA"    "Google Installer"    "Google Inc."    "c:\users\sick mosh\appdata\local\google\update\googleupdate.exe"    "9/29/2014 8:19 PM"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"    "7/13/2009 6:53 PM"
+ "\Microsoft\Windows Defender\MpIdleTask"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"    "7/13/2009 6:53 PM"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"    "1/10/2014 4:25 PM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"    "6/10/2009 3:36 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"    "7/13/2009 7:24 PM"
+ "\SidebarExecute"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"    "11/20/2010 5:24 AM"
+ "\SpyHunter4Startup"    ""    ""    "File not found: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"    ""
+ "\{2BBECB81-3AED-4320-A641-9DEAA83B07F9}"    "Skype "    "Skype Technologies S.A."    "c:\program files (x86)\skype\phone\skype.exe"    "11/14/2013 11:33 AM"
+ "\{A24C2D8A-C5C3-48F3-8BA3-86542B0DAD46}"    ""    ""    "File not found: C:\Program Files (x86)\Steam\Steam.exe"    ""
+ "\{D2C279DD-51F0-4125-A89B-2C3E632FB19A}"    "Skype "    "Skype Technologies S.A."    "c:\program files (x86)\skype\phone\skype.exe"    "11/14/2013 11:33 AM"
+ "\{DD5F8145-7CA3-45F6-9624-1E1CD9722D73}"    "Firefox"    "Mozilla Corporation"    "c:\program files (x86)\mozilla firefox\firefox.exe"    "11/26/2014 9:16 AM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "1/2/2015 9:45 PM"
+ "avast! Antivirus"    "Manages and implements Avast antivirus services for this computer. This includes the real-time shields, the virus chest and the scheduler."    "AVAST Software"    "c:\program files\avast software\avast\avastsvc.exe"    "11/6/2014 7:58 AM"
+ "avast! Firewall"    "Implements main functionality for avast! Firewall"    "AVAST Software"    "c:\program files\avast software\avast\afwserv.exe"    "11/6/2014 8:03 AM"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe"    "9/11/2014 8:29 PM"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe"    "11/20/2014 3:08 PM"
+ "NvNetworkService"    "NVIDIA Network Service"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe"    "7/24/2014 1:22 AM"
+ "NvStreamSvc"    "Service for SHIELD Streaming"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe"    "7/25/2014 8:13 AM"
+ "NVSvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvvsvc.exe"    "7/2/2014 1:38 PM"
+ "ose64"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"    "1/9/2010 11:19 PM"
+ "RtkAudioService"    "For cooperation with Realtek audio driver."    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\rtkaudioservice64.exe"    "1/8/2014 1:09 AM"
+ "Stereo Service"    "Provides system support for NVIDIA Stereoscopic 3D driver"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"    "7/2/2014 12:41 PM"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"    "5/27/2013 12:51 AM"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "11/20/2010 6:18 AM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "1/2/2015 9:45 PM"
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"    "12/5/2008 6:54 PM"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"    "5/1/2007 12:30 PM"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"    "2/27/2007 7:04 PM"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"    "7/13/2009 6:19 PM"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"    "3/18/2010 7:45 PM"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"    "3/20/2009 1:36 PM"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"    "3/19/2010 11:18 AM"
+ "an55sqjb"    ""    ""    "File not found: C:\Windows\System32\Drivers\an55sqjb.sys"    ""
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"    "5/24/2007 4:27 PM"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"    "1/14/2009 2:27 PM"
+ "aswHwid"    "avast! HardwareID"    ""    "c:\windows\system32\drivers\aswhwid.sys"    "11/6/2014 7:55 AM"
+ "aswKbd"    "avast! keyboard filter driver (aswKbd)"    "AVAST Software"    "c:\windows\system32\drivers\aswkbd.sys"    "11/6/2014 7:53 AM"
+ "aswMonFlt"    "avast! mini-filter driver (aswMonFlt)"    "AVAST Software"    "c:\windows\system32\drivers\aswmonflt.sys"    "11/6/2014 7:53 AM"
+ "aswNdisFlt"    "Avast! Firewall Driver"    "AVAST Software"    "c:\windows\system32\drivers\aswndisflt.sys"    "11/6/2014 7:55 AM"
+ "aswRdr"    "avast! WFP Redirect driver"    "AVAST Software"    "c:\windows\system32\drivers\aswrdr2.sys"    "11/6/2014 7:54 AM"
+ "aswRvrt"    "avast! Revert"    ""    "c:\windows\system32\drivers\aswrvrt.sys"    "11/6/2014 7:53 AM"
+ "aswSnx"    "avast! virtualization driver (aswSnx)"    "AVAST Software"    "c:\windows\system32\drivers\aswsnx.sys"    "11/21/2014 6:17 AM"
+ "aswSP"    "avast! Self Protection"    "AVAST Software"    "c:\windows\system32\drivers\aswsp.sys"    "11/6/2014 8:09 AM"
+ "aswStm"    "avast! StreamFilter Callout Driver"    "AVAST Software"    "c:\windows\system32\drivers\aswstm.sys"    "11/6/2014 8:11 AM"
+ "aswVmm"    "avast! VM Monitor"    ""    "c:\windows\system32\drivers\aswvmm.sys"    "11/6/2014 7:53 AM"
+ "atksgt"    ""    ""    "c:\windows\system32\drivers\atksgt.sys"    "9/14/2007 8:41 AM"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"    "2/13/2009 5:18 PM"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"    "4/26/2009 6:14 AM"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"    "8/6/2006 8:51 PM"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"    "8/6/2006 8:51 PM"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"    "8/6/2006 8:51 PM"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"    "8/6/2006 8:51 PM"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"    "8/6/2006 8:51 PM"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"    "8/9/2006 7:11 AM"
+ "catchme"    ""    ""    "File not found: C:\ComboFix\catchme.sys"    ""
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"    "7/13/2009 6:19 PM"
+ "CORK70"    ""    " "    "c:\windows\system32\drivers\cork70.sys"    "10/31/2012 3:55 AM"
+ "DigiNet"    "Digidesign Ethernet Support"    "Avid Technology, Inc."    "c:\windows\system32\drivers\diginet.sys"    "3/3/2013 2:21 AM"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"    "12/31/2008 11:29 AM"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"    "2/3/2009 5:52 PM"
+ "EsgScanner"    "Enigma Scan filter"    ""    "c:\windows\system32\drivers\esgscanner.sys"    "5/31/2012 2:38 AM"
+ "ffusb2audio"    "Focusrite USB 2.0 Audio Driver"    "Focusrite Audio Engineering Limited."    "c:\windows\system32\drivers\ffusb2audio.sys"    "9/25/2013 8:40 AM"
+ "hcw18bda"    "Cx418 Raptor Driver"    "Hauppauge Computer Works, Inc"    "c:\windows\system32\drivers\hcw18bda.sys"    "5/28/2009 10:48 AM"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"    "5/11/2009 3:26 AM"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"    "4/20/2010 1:32 PM"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"    "6/10/2010 7:46 PM"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"    "12/13/2005 4:47 PM"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"    "5/14/2014 5:28 AM"
+ "lirsgt"    ""    ""    "c:\windows\system32\drivers\lirsgt.sys"    "6/17/2008 10:17 AM"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"    "12/9/2008 5:46 PM"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"    "5/18/2009 7:20 PM"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"    "5/18/2009 7:31 PM"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"    "4/16/2009 5:13 PM"
+ "MAUSBFASTTRACK"    "M-Audio USB Audio Driver (WDM)"    "Avid Technology, Inc."    "c:\windows\system32\drivers\maudiofasttrack.sys"    "12/7/2010 7:05 PM"
+ "mbamchameleon"    "Malwarebytes Chameleon Protection Driver"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbamchameleon.sys"    "8/18/2014 9:53 AM"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"    "9/3/2014 12:50 PM"
+ "MBAMWebAccessControl"    "Malwarebytes Web Access Control"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mwac.sys"    "6/17/2014 9:06 PM"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"    "5/18/2009 8:09 PM"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"    "5/18/2009 8:25 PM"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"    "6/6/2006 4:11 PM"
+ "NVENETFD"    "NVIDIA MCP Networking Function Driver."    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvm62x64.sys"    "10/17/2008 4:01 PM"
+ "nvlddmkm"    "NVIDIA Windows Kernel Mode Driver, Version 340.52 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"    "7/2/2014 12:42 PM"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"    "3/19/2010 3:59 PM"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"    "3/19/2010 3:45 PM"
+ "NvStreamKms"    "Nvidia Streaming Kernel Service"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvstreamsrv\nvstreamkms.sys"    "7/25/2014 6:35 AM"
+ "nvvad_WaveExtensible"    "NVIDIA Virtual Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvvad64v.sys"    "3/28/2014 8:32 AM"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"    "1/22/2009 6:05 PM"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"    "5/18/2009 8:18 PM"
+ "rzudd"    "Razer Rzudd Engine"    "Razer Inc"    "c:\windows\system32\drivers\rzudd.sys"    "5/19/2014 1:43 AM"
+ "ScreamBAudioSvc"    "Screaming Bee Audio Driver"    "Screaming Bee LLC"    "c:\windows\system32\drivers\screamingbaudio64.sys"    "7/1/2010 1:54 PM"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "9/13/2006 8:18 AM"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"    "9/24/2008 1:28 PM"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"    "10/1/2008 4:56 PM"
+ "SmartDefragDriver"    "File driver of SmartDefrag"    ""    "c:\windows\system32\drivers\smartdefragdriver.sys"    "11/26/2010 4:29 AM"
+ "sptd"    "SCSI Pass Through Direct Host"    "Duplex Secure Ltd."    "c:\windows\system32\drivers\sptd.sys"    "8/18/2012 4:05 PM"
+ "sscdbus"    "SAMSUNG USB Composite Device Driver"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdbus.sys"    "11/10/2010 4:37 PM"
+ "sscdmdfl"    "SAMSUNG Mobile Modem Filter"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdmdfl.sys"    "11/10/2010 4:41 PM"
+ "sscdmdm"    "SAMSUNG Mobile Modem Drivers"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdmdm.sys"    "11/10/2010 4:41 PM"
+ "sscdserd"    "SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)"    "MCCI Corporation"    "c:\windows\system32\drivers\sscdserd.sys"    "11/10/2010 4:44 PM"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"    "2/17/2009 6:03 PM"
+ "Synth3dVsc"    ""    ""    "File not found: System32\drivers\synth3dvsc.sys"    ""
+ "tsusbhub"    ""    ""    "File not found: system32\drivers\tsusbhub.sys"    ""
+ "VBoxNetAdp"    "VirtualBox Host-Only Network Adapter Driver"    "Oracle Corporation"    "c:\windows\system32\drivers\vboxnetadp.sys"    "2/25/2014 12:24 PM"
+ "VBoxNetFlt"    ""    ""    "File not found: system32\DRIVERS\VBoxNetFlt.sys"    ""
+ "VGPU"    ""    ""    "File not found: System32\drivers\rdvgkmd.sys"    ""
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"    "7/13/2009 6:19 PM"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"    "1/30/2009 8:18 PM"
+ "VST64_DPV"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstdpv6.sys"    "10/15/2008 7:57 PM"
+ "VST64HWBS2"    "HSF_HWB2 WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstbs26.sys"    "10/15/2008 7:54 PM"
+ "winachsf"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstcnxt6.sys"    "10/15/2008 7:52 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "12/19/2014 5:43 AM"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "7/13/2009 8:28 PM"
+ "vidc.XVID"    ""    ""    "c:\windows\system32\xvidvfw.dll"    "5/30/2011 8:42 AM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "1/2/2015 3:16 AM"
+ "msacm.l3acm"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codecp.acm"    "7/13/2009 8:06 PM"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"    "11/20/2010 6:59 AM"
+ "vidc.DIVX"    "DivX"    "DivX, Inc."    "c:\windows\syswow64\divx.dll"    "2/19/2010 2:26 PM"
+ "vidc.XVID"    ""    ""    "c:\windows\syswow64\xvidvfw.dll"    "5/30/2011 8:42 AM"
+ "vidc.yv12"    "DivX"    "DivX, Inc."    "c:\windows\syswow64\divx.dll"    "2/19/2010 2:26 PM"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "9/26/2014 7:06 PM"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\divx\codecs\mc_demux_mp2_ds.ax"    "7/23/2014 9:48 AM"
+ "Sony Amplitude Modulation"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Chorus"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"    "2/26/2014 4:08 PM"
+ "Sony Distortion"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Dither"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Amplitude Modulation"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Audio Restoration"    "Sony ExpressFX Audio Restoration"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\xpvinyl_x64.dll"    "2/26/2014 4:11 PM"
+ "Sony ExpressFX Chorus"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Delay"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Distortion"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Dynamics"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Equalization"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Flange/Wah-Wah"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Graphic EQ"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Noise Gate"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Reverb"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Stutter"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony ExpressFX Time Stretch"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony Flange/Wah-wah"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Gapper/Snipper"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Graphic Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Graphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Multi-Band Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Multi-Tap Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"    "2/26/2014 4:08 PM"
+ "Sony Noise Gate"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Pan"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sffrgpnv_x64.dll"    "2/26/2014 4:11 PM"
+ "Sony Paragraphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Parametric EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Pitch Shift"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"    "2/26/2014 4:08 PM"
+ "Sony Resonant Filter"    "Sony Resonant Filter"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfresfilter_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony Reverb"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"    "2/26/2014 4:08 PM"
+ "Sony Simple Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"    "2/26/2014 4:08 PM"
+ "Sony Smooth/Enhance"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Time Stretch"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"    "2/26/2014 4:08 PM"
+ "Sony Track Compressor"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony Track EQ"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony Track Noise Gate"    "Sony TrackFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"    "2/26/2014 4:10 PM"
+ "Sony Vibrato"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"    "2/26/2014 4:09 PM"
+ "Sony Volume"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sffrgpnv_x64.dll"    "2/26/2014 4:11 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "1/1/2015 1:13 AM"
+ "Hauppauge WinTV 418 Color Format Converter"    "Hauppauge WinTV 418 Color Format Converter"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\hcw18ccv.ax"    "5/28/2009 10:47 AM"
+ "Sony Wave Hammer Surround"    "Sony Wave Hammer 5.1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\mchammer_x64.dll"    "2/26/2014 4:11 PM"
+ "Xvid MPEG-4 Video Decoder"    ""    ""    "c:\windows\system32\xvid.ax"    "5/23/2011 2:49 AM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "1/1/2015 12:24 AM"
+ "Capture File Writer"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "DivX AAC Decoder"    "AAC audio decoder filter"    "DivX, Inc."    "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"    "3/5/2011 12:28 PM"
+ "DivX Decoder Filter"    "DivX Decoder Filter"    "DivX, Inc."    "c:\program files (x86)\divx\divx codec\divxdec.ax"    "7/26/2011 1:51 PM"
+ "DivX Demux Filter"    "DivX Demux Filter"    "DivX, Inc."    "c:\program files (x86)\divx\codecs\directshowdemuxfilter.dll"    "12/10/2013 5:33 AM"
+ "DivX Demux Filter (Unrestricted Edition)"    "DivX Demux Filter"    "DivX, Inc."    "c:\program files (x86)\divx\codecs\directshowdemuxfilter.dll"    "12/10/2013 5:33 AM"
+ "DivX H.264 Decoder"    "DivX H.264 Decoder Filter"    "DivX, Inc."    "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"    "4/2/2010 4:00 PM"
+ "MainConcept MPEG Demultiplexer"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\divx\codecs\mc_demux_mp2_ds.ax"    "7/23/2014 9:48 AM"
+ "MainConcept Stream Parser"    "MPEG-1/2 Demultiplexer"    "MainConcept GmbH"    "c:\program files (x86)\divx\codecs\mc_demux_mp2_ds.ax"    "7/23/2014 9:48 AM"
+ "Record Queue"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "WM VIH2 Fix"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "WMT DV Extract Filter"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "WMT Sample Info Filter"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "WMT Switch Filter"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "WMT Virtual Renderer"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "WMT Virtual Source"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "1/10/2014 4:24 PM"
+ "Xvid MPEG-4 Video Decoder"    ""    ""    "c:\windows\syswow64\xvid.ax"    "5/23/2011 4:52 AM"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"    ""    ""    ""    "1/2/2015 9:34 PM"
+ "SmartDefragBootTime.exe"    ""    ""    "c:\windows\system32\smartdefragboottime.exe"    "12/7/2010 4:15 AM"
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)"    ""    ""    ""    "5/23/2013 2:21 AM"
+ "C:\Program Files\Internet Explorer\iexplore.exe"    "Internet Explorer"    "Microsoft Corporation"    "c:\program files\internet explorer\iexplore.exe"    "11/21/2014 7:57 PM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""    "4/12/2014 8:08 AM"
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"    "7/17/2012 5:11 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "1/1/2015 12:28 AM"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"    "7/17/2012 4:45 PM"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"    "7/17/2012 4:45 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""    "1/1/2015 12:28 AM"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"    "7/17/2012 5:09 PM"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"    "7/17/2012 5:09 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "11/16/2011 9:51 AM"
+ "KODAK EASYSHARE All-in-One Printer"    "Language Monitor for KODAK AiO Printer (64-Bit AMD Athlon™/Opteron™ Build)"    "Eastman Kodak Company"    "c:\windows\system32\ekij5000mon.dll"    "9/2/2010 7:31 AM"
+ "LIDIL hpzlllhn"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpzlllhn.dll"    "8/9/2006 10:27 PM"
"C:\Users\Sick Mosh\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""    "1/2/2015 12:19 PM"
+ "CPU Meter"    "See the current computer CPU and system memory (RAM)."    "Microsoft Corporation"    "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"    "7/13/2009 9:30 PM"
+ "Weather"    "See what the weather looks like around the world."    "Microsoft Corporation"    "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"    "7/13/2009 9:29 PM"

 

2015-01-03 03:09:27.536    Sophos Virus Removal Tool version 2.5.4
2015-01-03 03:09:27.536    Copyright © 2009-2014 Sophos Limited. All rights reserved.

2015-01-03 03:09:27.536    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2015-01-03 03:09:27.536    Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
2015-01-03 03:09:27.538    Checking for updates...
2015-01-03 03:09:30.745    Update progress: proxy server not available
2015-01-03 03:09:39.859    Option all = no
2015-01-03 03:09:39.860    Option recurse = yes
2015-01-03 03:09:39.860    Option archive = no
2015-01-03 03:09:39.860    Option service = yes
2015-01-03 03:09:39.860    Option confirm = yes
2015-01-03 03:09:39.860    Option sxl = yes
2015-01-03 03:09:39.862    Option max-data-age = 35
2015-01-03 03:09:39.862    Option EnableSafeClean = yes
2015-01-03 03:09:41.204    Option vdl-logging = yes
2015-01-03 03:09:41.224    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-01-03 03:09:41.224    Machine ID:    5e56dd1f8ed748269b6bc9f0953e86fe
2015-01-03 03:09:41.224    Component SVRTcli.exe version 2.5.4
2015-01-03 03:09:41.224    Component control.dll version 2.5.4
2015-01-03 03:09:41.224    Component SVRTservice.exe version 2.5.4
2015-01-03 03:09:41.224    Component engine\osdp.dll version 1.44.1.2183
2015-01-03 03:09:41.224    Component engine\veex.dll version 3.58.3.2183
2015-01-03 03:09:41.224    Component engine\savi.dll version 8.1.5.2183
2015-01-03 03:09:41.224    Component rkdisk.dll version 1.5.30.0
2015-01-03 03:09:41.224    Version info:    Product version    2.5.4
2015-01-03 03:09:41.224    Version info:    Detection engine    3.58.3
2015-01-03 03:09:41.224    Version info:    Detection data    5.08
2015-01-03 03:09:41.224    Version info:    Build date    11/11/2014
2015-01-03 03:09:41.224    Version info:    Data files added    503
2015-01-03 03:09:41.224    Version info:    Last successful update    (not yet updated)
2015-01-03 03:09:46.526    Downloading updates...
2015-01-03 03:09:46.528    Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2015-01-03 03:09:46.528    Update progress: [I49502] Found supplement SAVIW32 LATEST
2015-01-03 03:09:46.528    Update progress: [I49502] Found supplement IDE509 LATEST
2015-01-03 03:09:46.528    Update progress: [I49502] Found supplement IDE510 LATEST
2015-01-03 03:09:46.528    Update progress: [I49502] Found supplement IDE511 LATEST
2015-01-03 03:09:46.528    Update progress: [I49502] Found supplement IDE512 LATEST
2015-01-03 03:09:46.528    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-01-03 03:09:46.528    Update progress: [I19463] Syncing product SAVIW32 48
2015-01-03 03:09:59.876    Update progress: [I19463] Syncing product IDE509 177
2015-01-03 03:10:11.233    Installing updates...
2015-01-03 03:10:11.845    Error level 1
2015-01-03 03:10:11.867    Update progress: [I19463] Syncing product IDE510 179
2015-01-03 03:10:11.867    Update progress: [I19463] Syncing product IDE511 150
2015-01-03 03:10:11.867    Update progress: [I19463] Syncing product IDE512 1
2015-01-03 03:10:32.016    Update successful
2015-01-03 03:10:53.837    Option all = no
2015-01-03 03:10:53.837    Option recurse = yes
2015-01-03 03:10:53.837    Option archive = no
2015-01-03 03:10:53.837    Option service = yes
2015-01-03 03:10:53.837    Option confirm = yes
2015-01-03 03:10:53.837    Option sxl = yes
2015-01-03 03:10:53.839    Option max-data-age = 35
2015-01-03 03:10:53.839    Option EnableSafeClean = yes
2015-01-03 03:10:53.902    Option vdl-logging = yes
2015-01-03 03:10:53.906    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2015-01-03 03:10:53.906    Machine ID:    5e56dd1f8ed748269b6bc9f0953e86fe
2015-01-03 03:10:53.908    Component SVRTcli.exe version 2.5.4
2015-01-03 03:10:53.908    Component control.dll version 2.5.4
2015-01-03 03:10:53.909    Component SVRTservice.exe version 2.5.4
2015-01-03 03:10:53.909    Component engine\osdp.dll version 1.44.1.2183
2015-01-03 03:10:53.910    Component engine\veex.dll version 3.58.3.2183
2015-01-03 03:10:53.910    Component engine\savi.dll version 8.1.5.2183
2015-01-03 03:10:53.911    Component rkdisk.dll version 1.5.30.0
2015-01-03 03:10:53.911    Version info:    Product version    2.5.4
2015-01-03 03:10:53.912    Version info:    Detection engine    3.58.3
2015-01-03 03:10:53.912    Version info:    Detection data    5.08G
2015-01-03 03:10:53.912    Version info:    Build date    11/11/2014
2015-01-03 03:10:53.912    Version info:    Data files added    503
2015-01-03 03:10:53.912    Version info:    Last successful update    1/2/2015 10:10:32 PM

2015-01-03 04:30:15.170    Could not open C:\Boot\BCD
2015-01-03 04:30:45.796    >>> Virus 'Troj/Agent-ABWY' found in file C:\Games\The Walking Dead\steam_api.dll
2015-01-03 04:30:45.797    >>> Virus 'Troj/Agent-ABWY' found in file HKU\S-1-5-21-3112461849-2868182616-320357554-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-01-03 04:30:45.797    >>> Virus 'Troj/Agent-ABWY' found in file HKU\S-1-5-21-3112461849-2868182616-320357554-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-01-03 04:30:45.797    >>> Virus 'Troj/Agent-ABWY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-01-03 04:30:48.580    Could not open C:\hiberfil.sys
2015-01-03 04:31:22.182    Could not open C:\pagefile.sys
2015-01-03 04:36:17.297    >>> Virus 'Troj/Agent-WFN' found in file C:\Program Files\Sony\Vegas Pro 13.0\Sony Vegas Pro 13.exe
2015-01-03 04:36:17.298    >>> Virus 'Troj/Agent-WFN' found in file HKU\S-1-5-21-3112461849-2868182616-320357554-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-01-03 04:36:17.299    >>> Virus 'Troj/Agent-WFN' found in file HKU\S-1-5-21-3112461849-2868182616-320357554-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-01-03 04:36:17.299    >>> Virus 'Troj/Agent-WFN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{6cf714a9-92f3-11e4-81a4-001e9024fb60}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{7b992a6e-91e9-11e4-95f7-001e9024fb60}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{7b992a7f-91e9-11e4-95f7-001e9024fb60}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{7e873432-92a5-11e4-b064-001e9024fb60}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{b494e972-92a1-11e4-b064-001e9024fb60}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 04:48:14.338    Could not open C:\System Volume Information\{fa7f6a24-91cb-11e4-a894-001e9024fb60}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-01-03 05:38:09.398    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-01-03 05:38:09.398    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-01-03 05:38:19.148    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-01-03 05:38:19.163    Could not open C:\Windows\System32\config\RegBack\SAM
2015-01-03 05:38:19.179    Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-01-03 05:38:19.179    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-01-03 05:38:19.179    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-01-03 06:09:50.460    Could not open LOGICAL:0006:00000000
2015-01-03 06:09:50.476    Could not open G:\
2015-01-03 06:09:50.476    Could not open LOGICAL:0007:00000000
2015-01-03 06:09:50.492    Could not open H:\
2015-01-03 06:09:50.492    Could not open LOGICAL:0008:00000000
2015-01-03 06:09:50.507    Could not open I:\
2015-01-03 06:09:50.507    Could not open LOGICAL:0009:00000000
2015-01-03 06:09:50.507    Could not open J:\
2015-01-03 06:09:50.601    Could not open PHYSICAL:0081:0000:0000:0001
2015-01-03 06:09:50.601    Could not open PHYSICAL:0082:0000:0000:0001
2015-01-03 06:09:50.601    Could not open PHYSICAL:0083:0000:0000:0001
2015-01-03 06:09:50.601    Could not open PHYSICAL:0084:0000:0000:0001
2015-01-03 06:09:50.679    The following items will be cleaned up:
2015-01-03 06:09:50.679    Troj/Agent-ABWY
2015-01-03 06:09:50.679    Troj/Agent-WFN
2015-01-03 10:20:21.778    Threat 'Troj/Agent-ABWY' has been cleaned up.
2015-01-03 10:20:21.794    File "C:\Games\The Walking Dead\steam_api.dll" belongs to 'Troj/Agent-ABWY'.
2015-01-03 10:20:21.794    File "C:\Games\The Walking Dead\steam_api.dll" has been cleaned up.
2015-01-03 10:20:21.794    Registry value "HKU\S-1-5-21-3112461849-2868182616-320357554-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect" belongs to 'Troj/Agent-ABWY'.
2015-01-03 10:20:21.794    Registry value "HKU\S-1-5-21-3112461849-2868182616-320357554-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect" has been cleaned up.
2015-01-03 10:20:21.794    Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect" belongs to 'Troj/Agent-ABWY'.
2015-01-03 10:20:21.794    Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect" has been cleaned up.
2015-01-03 10:20:21.794    Removal successful
2015-01-03 10:20:27.472    Threat 'Troj/Agent-WFN' has been cleaned up.
2015-01-03 10:20:27.472    File "C:\Program Files\Sony\Vegas Pro 13.0\Sony Vegas Pro 13.exe" belongs to 'Troj/Agent-WFN'.
2015-01-03 10:20:27.472    File "C:\Program Files\Sony\Vegas Pro 13.0\Sony Vegas Pro 13.exe" has been cleaned up.
2015-01-03 10:20:27.472    Removal successful
2015-01-03 10:20:27.519    Contents of SafeClean bin directory:
2015-01-03 10:20:27.534    {
2015-01-03 10:20:27.534        RecordID   : "0000000000000001",
2015-01-03 10:20:27.534        ItemType   : "1",
2015-01-03 10:20:27.534        Location   : "C:\Games\The Walking Dead\",
2015-01-03 10:20:27.534        FileName   : "steam_api.dll",
2015-01-03 10:20:27.534        ThreatName : "Troj/Agent-ABWY",
2015-01-03 10:20:27.534        Checksum   : "cbf70c5c511e3078d073d4d8ca1d9030a4d3dccda32c7436f589c6221b77a768",
2015-01-03 10:20:27.534        TimeStamp  : "Sat Jan 03 05:20:14 2015"
2015-01-03 10:20:27.534    }
2015-01-03 10:20:27.534    {
2015-01-03 10:20:27.534        RecordID   : "0000000000000002",
2015-01-03 10:20:27.534        ItemType   : "1",
2015-01-03 10:20:27.534        Location   : "C:\Program Files\Sony\Vegas Pro 13.0\",
2015-01-03 10:20:27.534        FileName   : "Sony Vegas Pro 13.exe",
2015-01-03 10:20:27.534        ThreatName : "Troj/Agent-WFN",
2015-01-03 10:20:27.534        Checksum   : "2de7d9404cab632a7e39e74e911cb295d21506ec8d66c0c565438d3051219e67",
2015-01-03 10:20:27.534        TimeStamp  : "Sat Jan 03 05:20:21 2015"
2015-01-03 10:20:27.534    }
2015-01-03 10:20:28.158    Error level 0



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:03 AM

Posted 03 January 2015 - 11:21 AM

How is computer doing?

 

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Mieshaxo

Mieshaxo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Boston MA
  • Local time:09:03 AM

Posted 03 January 2015 - 02:28 PM

It hasn't popped up yet since the last bit of scans we did. Thank you very much for your timely responses and help, you are the best =). I updated Adobe Reader, and didn't have to uninstall a previous version, I guess it did that automatically.



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:03 AM

Posted 03 January 2015 - 03:38 PM

Your computer is clean p3879546.jpg

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download 51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly ((you need to redownload these tools since they were removed by DelFix))

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Mieshaxo

Mieshaxo
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Boston MA
  • Local time:09:03 AM

Posted 03 January 2015 - 07:28 PM

Thank you very much for your help. I have followed all your instructions and will make the effort to run all of these programs to avoid future problems. What was the malware/virus that I had, any idea? It was hiding in the windows files right?

Thank you very much!!!!



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:03 AM

Posted 03 January 2015 - 07:37 PM

You're very welcome p22002759.gif


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users