Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop infected with Trojan.Spyeyes


  • This topic is locked This topic is locked
20 replies to this topic

#1 Kevmany

Kevmany

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 03 January 2015 - 05:03 PM

Hi,

 

I would be grateful if you could help me remove this trojan from my laptop completely. Please find the DDS logs below and attached. Please let me know if you need more information from me.: -

 

Thanks,

 

Kevin

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 11.25.2
Run by Kevin at 21:50:20 on 2015-01-03
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.8190.5089 [GMT 0:00]
.
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
c:\program files (x86)\cmcm\Clean Master\cmcore.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Windows\system32\lxcycoms.exe
C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\cmcm\Clean Master\cmtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\explorer.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\dfrgui.exe
C:\Windows\splwow64.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Bitdefender\Bitdefender\seccenter.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = about:blank
mDefault_Page_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Akamai NetSession Interface] "C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe"
uRun: [Google Update] "C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN27N174PL05ST:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
uRun: [Device Doctor Pro] C:\Program Files (x86)\Device Doctor Pro\DDProLauncher.exe
uRun: [SkyDrive] "C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [MP2 ClientLauncher] "C:\Program Files (x86)\Team MediaPortal\MP2-Client\Tools\MP2-ClientLauncher\MP2-ClientLauncher.exe"
uRunOnce: [Adobe Speed Launcher] 1420317401
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [cmsc] "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
StartupFolder: C:\Users\Kevin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTR~1.LNK - C:\pmw\PMREMIND.EXE
StartupFolder: C:\Users\Kevin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxp://vsrcm5.vlab.elementk.com/rcm/webcontrols/vmrc/VMRCActiveXClient.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {8B0F07E1-00F9-4B1B-9A2F-456DC0F54EBF} - hxxp://khse.vlab.elementk.com/vlab/webcontrols/porttester/PortTester.cab
DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} - hxxps://nlsremote.nls.uk/InternalSite/WhlCompMgr.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{1398039B-C940-4502-90C8-557BA22CB6CE} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{3D6EB1F8-EB97-471D-87F2-0E6540210EE1} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{42198FD2-7B08-4D81-9585-B6353E70F12A} : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp
x64-mStart Page = about:blank
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [lxcymon.exe] "C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe"
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\jtlp8uj3.default-1405780090041\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
FF - plugin: C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-8-1 82048]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-8-1 42624]
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-2-23 1288472]
R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubakup.sys [2014-2-24 61000]
R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMON.sys [2014-2-24 48200]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-2-23 150256]
R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2012-5-19 25688]
R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-11-22 69152]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2011-1-19 534104]
R0 vidsflt67;Acronis Disk Storage Filter (67);C:\Windows\System32\drivers\vsflt67.sys [2012-6-18 146528]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-2-23 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2014-2-23 76944]
R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy2.sys [2012-12-21 31344]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2012-4-25 93272]
R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\eudskacs.sys [2014-2-24 18504]
R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFdDisk.sys [2014-2-24 189000]
R1 RapportCerberus_80083;RapportCerberus_80083;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80083.sys [2014-12-8 761720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-11-21 445912]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-11-21 557656]
R1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\drivers\uim_vimx64.sys [2011-11-14 352816]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-30 238080]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-4-29 361984]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-5-12 2449592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 cmcore;Clean Master Core Service;C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe [2014-11-6 315240]
R2 Dokan;Dokan;C:\Windows\System32\drivers\dokan.sys [2012-5-19 106888]
R2 DokanMounter;DokanMounter;C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2012-5-19 11776]
R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2014-2-24 36936]
R2 Guard Agent;Guard Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2014-2-24 23624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2014-8-21 93184]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-9-15 89352]
R2 lxcy_device;lxcy_device;C:\Windows\System32\lxcycoms.exe -service --> C:\Windows\System32\lxcycoms.exe -service [?]
R2 MP2-Server;MediaPortal 2 Server Service;C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe [2014-9-11 334848]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-5-17 2079520]
R2 MSSQL$EONENERGYFIT;SQL Server (EONENERGYFIT);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-11-21 1919256]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2012-6-12 15672]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-1-1 5426448]
R2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [2014-11-25 150928]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2014-2-23 67320]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-1-29 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-1-23 263032]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-7-14 32880]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-9-4 64000]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-10-22 128352]
R3 ksapi64;ksapi64;C:\Windows\System32\drivers\ksapi64.sys [2014-11-6 56680]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver;C:\Windows\System32\drivers\pmkbdfltr.sys [2012-8-12 18832]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-15 726160]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-2-23 647752]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-2-23 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2014-2-23 82824]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2012-3-22 13352]
S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2012-5-10 113792]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys [2014-4-1 424856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-23 19456]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\System32\drivers\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;C:\Windows\System32\drivers\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;C:\Windows\System32\drivers\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);C:\Windows\System32\drivers\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;C:\Windows\System32\drivers\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);C:\Windows\System32\drivers\s0017unic.sys [2008-10-21 145960]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-9 1255736]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2014-8-13 77632]
S4 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-12-21 65536]
S4 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2014-2-23 94624]
S4 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-3-22 155320]
S4 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-8-5 898640]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1 [UserChoice]
.
=============== Created Last 30 ================
.
2015-01-03 19:00:47    --------    d-----w-    C:\Windows\ERUNT
2015-01-03 15:03:20    --------    dc----w-    C:\AdwCleaner
2015-01-02 23:14:10    --------    dcsh--w-    C:\$RECYCLE.BIN
2015-01-02 22:35:45    24064    ----a-w-    C:\Windows\zoek-delete.exe
2015-01-02 22:35:42    --------    dc----w-    C:\Users\Kevin\AppData\Local\Temp
2015-01-02 14:02:15    --------    dc----w-    C:\zoek_backup
2015-01-01 21:19:29    --------    dc----w-    C:\FRST
2014-12-30 20:53:17    --------    d-----w-    C:\Program Files (x86)\Dokan
2014-12-30 20:52:32    --------    d-----w-    C:\ProgramData\Team MediaPortal
2014-12-30 20:52:32    --------    d-----w-    C:\Program Files (x86)\Team MediaPortal
2014-12-24 11:51:00    --------    d-----w-    C:\Windows\en-gb
2014-12-24 11:50:28    --------    d-----w-    C:\Windows\en
2014-12-24 10:32:02    24576    ----a-w-    C:\Windows\System32\mfpmp.exe
2014-12-24 10:32:02    2048    ----a-w-    C:\Windows\SysWow64\mferror.dll
2014-12-24 10:32:02    2048    ----a-w-    C:\Windows\System32\mferror.dll
2014-12-24 10:32:01    55808    ----a-w-    C:\Windows\System32\rrinstaller.exe
2014-12-24 10:32:01    50176    ----a-w-    C:\Windows\SysWow64\rrinstaller.exe
2014-12-24 10:32:01    3209728    ----a-w-    C:\Windows\SysWow64\mf.dll
2014-12-24 10:32:01    23040    ----a-w-    C:\Windows\SysWow64\mfpmp.exe
2014-12-24 10:32:01    206848    ----a-w-    C:\Windows\System32\mfps.dll
2014-12-24 10:32:01    103424    ----a-w-    C:\Windows\SysWow64\mfps.dll
2014-12-24 10:32:00    4121600    ----a-w-    C:\Windows\System32\mf.dll
2014-12-24 10:29:19    165888    ----a-w-    C:\Windows\System32\charmap.exe
2014-12-24 10:29:19    155136    ----a-w-    C:\Windows\SysWow64\charmap.exe
2014-12-24 10:29:18    119296    ----a-w-    C:\Windows\System32\drivers\tdx.sys
2014-12-24 10:29:07    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-12-24 10:29:07    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-12-24 10:28:12    2020352    ----a-w-    C:\Windows\System32\WsmSvc.dll
2014-12-24 10:28:12    1177088    ----a-w-    C:\Windows\SysWow64\WsmSvc.dll
2014-12-24 10:28:11    346624    ----a-w-    C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-24 10:28:11    310272    ----a-w-    C:\Windows\System32\WsmWmiPl.dll
2014-12-24 10:28:11    266240    ----a-w-    C:\Windows\System32\WSManHTTPConfig.exe
2014-12-24 10:28:11    248832    ----a-w-    C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-12-24 10:28:11    214016    ----a-w-    C:\Windows\SysWow64\WsmWmiPl.dll
2014-12-24 10:28:11    198656    ----a-w-    C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-12-24 10:28:11    181248    ----a-w-    C:\Windows\System32\WsmAuto.dll
2014-12-24 10:28:11    145920    ----a-w-    C:\Windows\SysWow64\WsmAuto.dll
2014-12-24 10:28:01    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-12-24 10:28:01    2363904    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-12-22 22:17:41    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-12-22 22:17:41    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-12-12 23:22:40    773968    ----a-w-    C:\Windows\SysWow64\msvcr100.dll
2014-12-12 23:22:40    421200    ----a-w-    C:\Windows\SysWow64\msvcp100.dll
2014-12-10 23:25:40    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-12-10 23:25:39    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-12-10 23:23:59    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-12-10 22:26:05    --------    d-----w-    C:\Users\Kevin\AppData\Roaming\BatteryCare
2014-12-10 22:25:55    --------    d-----w-    C:\Program Files (x86)\BatteryCare
2014-12-10 21:50:55    --------    dc----w-    C:\PCTransImage
2014-12-08 23:23:34    --------    d-----w-    C:\Program Files\CPUID
2014-12-08 22:46:06    --------    dc----w-    C:\UserBenchmark
.
==================== Find3M  ====================
.
2015-01-03 19:31:41    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-22 23:01:12    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-22 23:01:12    701616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-13 01:50:38    829264    ----a-w-    C:\Windows\System32\msvcr100.dll
2014-12-13 01:50:38    608080    ----a-w-    C:\Windows\System32\msvcp100.dll
2014-12-08 22:48:24    263032    ----a-w-    C:\Windows\System32\drivers\avchv.sys
2014-12-08 22:48:07    452040    ----a-w-    C:\Windows\System32\drivers\trufos.sys
2014-12-08 22:47:54    1288472    ----a-w-    C:\Windows\System32\drivers\avc3.sys
2014-11-22 03:06:23    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10    580096    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07    6039552    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43    501248    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58    2125312    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26    4299264    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21    2358272    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-22 01:22:49    2052096    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:00:20    1888256    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-11-21 06:14:22    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-11-21 06:14:12    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 06:14:08    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-11-21 00:30:00    534104    ----a-w-    C:\Windows\System32\drivers\RapportKE64.sys
2014-11-11 03:08:52    241152    ----a-w-    C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-11-11 02:44:32    186880    ----a-w-    C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-11-10 23:02:49    6656    ----a-w-    C:\Windows\System32\bcmwlrc.dll
2014-11-06 23:38:29    56680    ----a-w-    C:\Windows\System32\drivers\ksapi64.sys
2014-11-06 23:38:28    81768    ----a-w-    C:\Windows\System32\drivers\ksapi.sys
2014-10-25 12:37:52    127760    ----a-w-    C:\Windows\System32\drivers\scdemu.sys
2014-10-25 01:57:59    77824    ----a-w-    C:\Windows\System32\packager.dll
2014-10-25 01:32:37    67584    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-10-19 11:40:28    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-18 02:05:23    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37    155064    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06    683520    ----a-w-    C:\Windows\System32\termsrv.dll
2014-10-14 02:12:57    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31    681984    ----a-w-    C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-10-14 01:49:38    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02    681984    ----a-w-    C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42    3198976    ----a-w-    C:\Windows\System32\win32k.sys
.
============= FINISH: 21:53:49.39 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:01 AM

Posted 05 January 2015 - 10:48 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 06 January 2015 - 04:11 PM

Hi Marius,

 

I ran the FSRT64.exe and it gave me an empty scan log apart from the following text: -

==================== End Of Log ============================

 

I had run FRST64.exe before on this laptop but I moved the logs to my documents before I ran this log.

 

I ran it again and got the FRST Log which I will post as code in my next reply as you advised.

 

A additional.txt log has not been created yet.

 

Thanks,

 

Kevin


Edited by Kevmany, 06 January 2015 - 04:37 PM.


#4 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 06 January 2015 - 04:13 PM

Ah I just realised I ran FRST64.exe as my own windows account. I will run again admininstrator.

 

Kevin



#5 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 06 January 2015 - 04:21 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Administrator (administrator) on KEVIN-PC on 06-01-2015 21:15:05
Running from C:\Users\Kevin\Desktop
Loaded Profiles: Kevin & Administrator (Available profiles: Kevin & Lorraine & Administrator & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Google Inc.) C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
( ) C:\Windows\System32\lxcycoms.exe
(Team MediaPortal) C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft ® Corporation) C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2012-07-09] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [lxcymon.exe] => C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe [291496 2009-05-01] ()
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-08] (Bitdefender)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [cmsc] => c:\program files (x86)\cmcm\Clean Master\cmtray.exe [468328 2014-11-06] (Kingsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-25] (Power Software Ltd)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Google Update] => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-26] (Google Inc.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Device Doctor Pro] => C:\Program Files (x86)\Device Doctor Pro\DDProLauncher.exe [133744 2013-11-26] (Device Doctor Software Inc.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [SkyDrive] => C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-24] (Microsoft Corporation)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [MP2 ClientLauncher] => C:\Program Files (x86)\Team MediaPortal\MP2-Client\Tools\MP2-ClientLauncher\MP2-ClientLauncher.exe [343552 2014-09-11] (Team MediaPortal)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\RunOnce: [Adobe Speed Launcher] => 1420577297
HKU\S-1-5-21-815093258-3654837366-4000460123-500\...\RunOnce: [Adobe Speed Launcher] => 1420240451
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk
ShortcutTarget: Event Reminder.lnk -> C:\pmw\PMREMIND.EXE ()
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Administrator.000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Administrator.000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Administrator.000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll No File
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-815093258-3654837366-4000460123-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-815093258-3654837366-4000460123-1001 -> DefaultScope {B487009B-F5A0-4995-8EC5-A5A47ECA94ED} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-815093258-3654837366-4000460123-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-815093258-3654837366-4000460123-1001 -> {B487009B-F5A0-4995-8EC5-A5A47ECA94ED} URL = https://www.google.com/search?q={searchTerms}
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4EFA317A-8569-4788-B175-5BAF9731A549} http://vsrcm5.vlab.elementk.com/rcm/webcontrols/vmrc/VMRCActiveXClient.cab
DPF: HKLM-x32 {8B0F07E1-00F9-4B1B-9A2F-456DC0F54EBF} http://khse.vlab.elementk.com/vlab/webcontrols/porttester/PortTester.cab
DPF: HKLM-x32 {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://nlsremote.nls.uk/InternalSite/WhlCompMgr.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @vmware.com/vmrc,version=5.1.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.1\Firefox\np-vmware-vmrc.dll No File
FF Plugin-x32: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @talk.google.com/O1DPlugin -> C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-02-23]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Kevin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-08-10]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-08]
CHR StartMenuInternet: Google Chrome - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-08-13] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315240 2014-11-06] (Kingsoft Corporation)
S4 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [65536 2012-11-09] () [File not signed]
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2012-05-19] () [File not signed]
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 lxcy_device; C:\Windows\system32\lxcycoms.exe [566192 2006-11-29] ( )
R2 lxcy_device; C:\Windows\SysWOW64\lxcycoms.exe [537520 2006-11-29] ( )
R2 MP2-Server; C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe [334848 2014-09-11] (Team MediaPortal) [File not signed]
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 MSSQL$EONENERGYFIT; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-11-21] (IBM Corp.)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 uagqecsvc; C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [150928 2010-09-15] (Microsoft ® Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-08] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-08] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-12-08] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-13] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-12-21] (Connectify)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [106888 2012-05-19] (Windows (R) Win 7 DDK provider)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [25688 2012-05-19] (JMicron Technology Corp.)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2014-11-06] (Kingsoft Corporation)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-09-23] (Lavasoft AB)
R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [18832 2012-08-12] (PenMount)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 RapportCerberus_80083; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80083.sys [761720 2014-12-08] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445912 2014-11-21] (IBM Corp.)
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [424856 2014-12-08] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [534104 2014-11-21] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557656 2014-11-21] (IBM Corp.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2012-01-11] () [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-08] (BitDefender S.R.L.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-14] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-14] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-14] (Paragon)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 20:56 - 2015-01-06 21:15 - 00033747 _____ () C:\Users\Kevin\Desktop\FRST.txt
2015-01-06 20:52 - 2015-01-06 20:52 - 00000000 ____D () C:\Users\Kevin\Desktop\FRST-OlderVersion
2015-01-03 22:27 - 2014-10-19 11:40 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-03 22:27 - 2014-10-19 11:40 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-03 22:27 - 2014-10-19 11:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-03 22:19 - 2015-01-03 22:19 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\QuickScan
2015-01-03 21:54 - 2015-01-03 21:54 - 00008687 _____ () C:\Users\Kevin\Documents\attach.txt
2015-01-03 21:54 - 2015-01-03 21:53 - 00037017 _____ () C:\Users\Kevin\Documents\dds.txt
2015-01-03 21:47 - 2015-01-03 21:47 - 00688992 ____R (Swearware) C:\Users\Kevin\Desktop\dds.com
2015-01-03 20:51 - 2015-01-06 20:37 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForKevin.job
2015-01-03 20:51 - 2015-01-03 20:51 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKevin
2015-01-03 19:27 - 2015-01-03 19:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-03 19:17 - 2015-01-03 19:17 - 00000826 _____ () C:\Users\Kevin\Documents\JRT.txt
2015-01-03 19:00 - 2015-01-03 19:00 - 00000000 ____D () C:\Windows\ERUNT
2015-01-03 18:49 - 2015-01-03 18:49 - 01707939 _____ (Thisisu) C:\Users\Kevin\Desktop\JRT.exe
2015-01-03 15:03 - 2015-01-03 18:47 - 00000000 ___DC () C:\AdwCleaner
2015-01-03 15:02 - 2015-01-03 15:02 - 02173952 _____ () C:\Users\Kevin\Desktop\adwcleaner_4.106.exe
2015-01-03 14:48 - 2015-01-03 14:50 - 00002920 _____ () C:\Users\Kevin\Documents\Rkill.txt
2015-01-03 14:47 - 2015-01-03 14:47 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\Kevin\Desktop\rkill.exe
2015-01-03 14:10 - 2015-01-03 14:10 - 00037721 _____ () C:\Users\Kevin\Documents\Result.txt
2015-01-03 14:07 - 2015-01-03 14:07 - 00401920 _____ (Farbar) C:\Users\Kevin\Desktop\MiniToolBox.exe
2015-01-03 14:06 - 2015-01-03 14:06 - 00001356 _____ () C:\Users\Kevin\Documents\checkup.txt
2015-01-03 13:44 - 2015-01-03 13:44 - 00852504 _____ () C:\Users\Kevin\Desktop\SecurityCheck.exe
2015-01-02 23:17 - 2015-01-02 23:17 - 00000000 ____D () C:\Users\Administrator.000\AppData\Roaming\Hewlett-Packard
2015-01-02 23:14 - 2015-01-02 23:14 - 00000385 _____ () C:\Users\Administrator.000\AppData\Roaminguser_gensett.xml
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 __SHD () C:\Users\Administrator.000\AppData\Local\EmieUserList
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 __SHD () C:\Users\Administrator.000\AppData\Local\EmieSiteList
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 __SHD () C:\Users\Administrator.000\AppData\Local\EmieBrowserModeList
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 ____D () C:\Users\Administrator.000\AppData\Roaming\ATI
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 ____D () C:\Users\Administrator.000\AppData\Local\ATI
2015-01-02 22:35 - 2015-01-02 20:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-02 20:53 - 2015-01-02 16:30 - 00040789 ____C () C:\zoek-results2015-01-02-163000.log
2015-01-02 14:05 - 2015-01-02 23:13 - 00008332 ____C () C:\zoek-results.log
2015-01-02 14:02 - 2015-01-02 22:22 - 00000000 ___DC () C:\zoek_backup
2015-01-02 13:53 - 2015-01-03 23:58 - 02847942 _____ () C:\Users\Kevin\Downloads\zoek.zip
2015-01-02 13:09 - 2015-01-02 13:09 - 00047809 _____ () C:\Users\Kevin\Documents\Avast-Browser-Cleanup.log
2015-01-01 21:47 - 2015-01-01 21:47 - 00002585 _____ () C:\Users\Kevin\Downloads\fixlist.txt
2015-01-01 21:45 - 2015-01-01 21:46 - 39420968 _____ () C:\Users\Kevin\Downloads\Firefox Setup 34.0.5.exe
2015-01-01 21:37 - 2015-01-01 21:37 - 00000890 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-01 21:37 - 2015-01-01 21:37 - 00000878 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-01 21:23 - 2015-01-01 21:25 - 00059565 _____ () C:\Users\Kevin\Documents\Addition.txt
2015-01-01 21:20 - 2015-01-06 20:56 - 00059746 _____ () C:\Users\Kevin\Documents\FRST.txt
2015-01-01 21:19 - 2015-01-06 21:15 - 00000000 ___DC () C:\FRST
2015-01-01 21:18 - 2015-01-06 20:52 - 02123776 ____C (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2015-01-01 20:47 - 2015-01-01 20:47 - 00085253 _____ () C:\Users\Kevin\Documents\KEVIN-PC.txt
2015-01-01 20:35 - 2015-01-02 15:37 - 00000008 __RSH () C:\Users\Kevin\ntuser.pol
2015-01-01 19:59 - 2015-01-06 20:35 - 00011024 _____ () C:\Windows\PFRO.log
2015-01-01 19:59 - 2015-01-01 21:52 - 00443056 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-01 17:43 - 2015-01-01 17:36 - 00095879 _____ () C:\Users\Kevin\Documents\Bitdefender Virus scan.xml
2015-01-01 15:41 - 2015-01-06 20:47 - 00001424 _____ () C:\Windows\setupact.log
2015-01-01 15:41 - 2015-01-01 15:41 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-01 13:30 - 2015-01-01 13:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-01 13:12 - 2015-01-01 13:12 - 00362880 _____ (Kaspersky Lab) C:\Users\Kevin\Downloads\setup.exe
2015-01-01 12:19 - 2015-01-01 21:55 - 00112576 _____ () C:\Users\Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 22:07 - 2014-12-30 22:07 - 00002356 _____ () C:\Users\Kevin\Desktop\Chrome App Launcher.lnk
2014-12-30 21:19 - 2014-12-30 21:19 - 00560760 _____ (Murray Hurps Software Pty Ltd) C:\Users\Kevin\Downloads\AM-Install (1).exe
2014-12-30 21:18 - 2014-12-30 21:18 - 00560760 _____ (Murray Hurps Software Pty Ltd) C:\Users\Kevin\Downloads\AM-Install.exe
2014-12-30 20:53 - 2014-12-30 20:53 - 00002252 _____ () C:\Users\Public\Desktop\MediaPortal 2 ServiceMonitor.lnk
2014-12-30 20:53 - 2014-12-30 20:53 - 00002110 _____ () C:\Users\Public\Desktop\MediaPortal 2.lnk
2014-12-30 20:53 - 2014-12-30 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team MediaPortal
2014-12-30 20:53 - 2014-12-30 20:53 - 00000000 ____D () C:\Program Files (x86)\Dokan
2014-12-30 20:52 - 2014-12-30 21:06 - 00000000 ____D () C:\ProgramData\Team MediaPortal
2014-12-30 20:52 - 2014-12-30 20:52 - 00000000 ____D () C:\Program Files (x86)\Team MediaPortal
2014-12-30 20:46 - 2014-12-30 20:47 - 56864905 _____ () C:\Users\Kevin\Downloads\MP2-Setup-10th_AE_Update_1.zip
2014-12-25 10:38 - 2014-12-25 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-24 11:51 - 2014-12-24 11:51 - 00000000 ____D () C:\Windows\en-gb
2014-12-24 11:50 - 2014-12-24 11:50 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-12-24 11:50 - 2014-12-24 11:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-12-24 11:50 - 2014-12-24 11:50 - 00000000 ____D () C:\Windows\en
2014-12-24 11:47 - 2014-12-24 11:47 - 00000000 ____D () C:\Program Files\Windows Live
2014-12-24 10:32 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-24 10:32 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-24 10:32 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-24 10:32 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-24 10:32 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-24 10:32 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-24 10:32 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-24 10:32 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-24 10:32 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-24 10:32 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-24 10:29 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-24 10:29 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-24 10:29 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-24 10:29 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-24 10:29 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-24 10:28 - 2014-10-14 02:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-24 10:28 - 2014-10-14 01:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-24 10:28 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-24 10:28 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-24 10:28 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-24 10:28 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-24 10:28 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-24 10:28 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-23 00:02 - 2014-12-23 00:02 - 00003944 _____ () C:\Users\Kevin\Desktop\cpuz.cvf
2014-12-22 23:09 - 2014-12-29 19:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-22 22:17 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-22 22:17 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-13 01:50 - 2014-12-13 01:50 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-12-13 01:50 - 2014-12-13 01:50 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-12-12 23:22 - 2014-12-12 23:22 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-12-12 23:22 - 2014-12-12 23:22 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-12-11 22:08 - 2014-12-11 22:08 - 12078500 _____ () C:\Users\Kevin\Downloads\TL-WDN3200_V1_20131113.zip
2014-12-11 20:12 - 2014-12-11 20:16 - 694157312 _____ () C:\Users\Kevin\Downloads\elementaryos-stable-i386.20130810.iso
2014-12-11 20:04 - 2014-12-11 20:06 - 42807296 _____ () C:\Users\Kevin\Downloads\BlackboardCollaborateLauncher-Win.msi
2014-12-10 23:25 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 23:25 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 23:24 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 23:24 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 23:24 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 23:24 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 23:24 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 23:24 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 23:24 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 23:24 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 23:24 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 23:24 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 23:24 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 23:24 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 23:24 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 23:24 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 23:24 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 23:24 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 23:24 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 23:24 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 23:24 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 23:24 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 23:24 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 23:24 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 23:24 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 23:24 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 23:24 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 23:24 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 23:24 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 23:24 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 23:24 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 23:24 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 23:24 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 23:24 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 23:24 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 23:24 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 23:24 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 23:23 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 23:23 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 23:23 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 23:23 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 23:23 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 23:23 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 23:23 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 23:23 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 23:23 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 23:23 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 23:23 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 23:23 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 23:23 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 23:23 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 23:23 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 23:23 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 23:23 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 23:23 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 23:23 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:26 - 2014-12-11 21:35 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\BatteryCare
2014-12-10 22:26 - 2014-12-10 22:26 - 00001043 _____ () C:\Users\Public\Desktop\BatteryCare.lnk
2014-12-10 22:26 - 2014-12-10 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare
2014-12-10 22:25 - 2014-12-10 22:26 - 00000000 ____D () C:\Program Files (x86)\BatteryCare
2014-12-10 22:25 - 2014-12-10 22:25 - 01577144 _____ (Filipe Lourenço ) C:\Users\Kevin\Downloads\SetupBatteryCare.exe
2014-12-10 21:50 - 2014-12-10 21:50 - 00001312 _____ () C:\Users\Public\Desktop\EaseUS Todo PCTrans 8.0.lnk
2014-12-10 21:50 - 2014-12-10 21:50 - 00000000 ___DC () C:\PCTransImage
2014-12-10 21:50 - 2014-12-10 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 8.0
2014-12-08 23:23 - 2014-12-08 23:23 - 01577464 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.71.1-setup-en.exe
2014-12-08 23:23 - 2014-12-08 23:23 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-12-08 23:23 - 2014-12-08 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-12-08 23:23 - 2014-12-08 23:23 - 00000000 ____D () C:\Program Files\CPUID
2014-12-08 22:46 - 2014-12-08 22:46 - 00000000 ___DC () C:\UserBenchmark

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 21:14 - 2014-02-12 20:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 21:09 - 2014-08-22 19:59 - 00004972 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kevin-PC-Kevin Kevin-PC
2015-01-06 21:03 - 2011-06-28 16:34 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001UA.job
2015-01-06 21:01 - 2009-07-14 04:45 - 00025808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 21:01 - 2009-07-14 04:45 - 00025808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 21:00 - 2009-07-14 05:13 - 00864070 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 20:59 - 2010-10-09 18:02 - 01866850 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 20:53 - 2013-08-10 09:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 20:49 - 2014-05-12 13:28 - 00000000 ___RD () C:\Users\Kevin\OneDrive
2015-01-06 20:47 - 2013-08-10 09:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 20:47 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 20:46 - 2012-08-12 15:50 - 00131708 ____C () C:\aaw7boot.log
2015-01-03 22:28 - 2011-01-21 22:55 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-03 20:34 - 2012-12-05 20:31 - 00000000 ____D () C:\Windows\RemotePackages
2015-01-03 20:07 - 2010-11-17 00:27 - 00000000 ____D () C:\Users\Kevin\Documents\IT Work
2015-01-03 19:58 - 2014-05-12 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-03 19:31 - 2014-11-27 00:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 18:51 - 2012-07-23 19:35 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-03 16:05 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-03 15:48 - 2014-05-12 11:43 - 00001746 _____ () C:\Users\Kevin\Desktop\MPC-HC x64.lnk
2015-01-03 15:37 - 2012-07-23 19:35 - 00001724 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-01-02 23:13 - 2014-04-09 22:08 - 00000000 ___RD () C:\Users\Administrator.000\Virtual Machines
2015-01-02 22:36 - 2013-10-01 20:41 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-02 15:37 - 2010-10-09 18:28 - 00000000 ____D () C:\Users\Kevin
2015-01-02 15:24 - 2009-07-14 03:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-02 13:50 - 2013-01-22 23:10 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-01 21:52 - 2012-11-17 14:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-01 13:29 - 2012-11-17 14:49 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-30 22:13 - 2010-12-26 13:16 - 00004608 _____ () C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-30 22:08 - 2013-02-02 00:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DivX
2014-12-30 22:07 - 2011-06-28 16:35 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-30 20:49 - 2010-11-02 22:26 - 00000000 ____D () C:\Users\Kevin\Tracing
2014-12-30 20:47 - 2010-11-09 22:40 - 00000000 ____D () C:\ProgramData\Skype
2014-12-29 19:48 - 2014-11-10 22:45 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-25 12:41 - 2010-11-09 22:40 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-12-25 11:03 - 2011-06-28 16:34 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001Core.job
2014-12-25 10:38 - 2014-02-18 23:51 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-25 10:38 - 2010-11-09 22:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-24 11:49 - 2013-07-23 22:36 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-12-24 11:49 - 2011-04-25 16:16 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-12-24 11:48 - 2010-11-02 22:19 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-12-24 11:47 - 2010-11-02 22:15 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-12-24 11:08 - 2011-04-25 16:20 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Windows Live Writer
2014-12-24 10:49 - 2014-05-12 13:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 23:30 - 2011-06-28 16:35 - 00002364 _____ () C:\Users\Kevin\Desktop\Google Chrome.lnk
2014-12-22 23:01 - 2012-04-10 19:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-22 23:01 - 2011-05-19 23:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-22 22:58 - 2014-08-22 20:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Adobe
2014-12-22 22:58 - 2014-02-12 20:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-22 22:15 - 2012-08-12 15:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-22 22:03 - 2013-05-08 21:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 23:53 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 23:52 - 2013-07-23 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 23:33 - 2010-10-09 18:42 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:19 - 2012-02-21 22:34 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 22:19 - 2012-02-21 22:34 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-10 21:50 - 2014-02-24 21:38 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-12-08 23:47 - 2014-11-27 00:16 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-08 23:47 - 2014-11-27 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 23:47 - 2014-11-27 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-08 23:47 - 2014-04-01 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-12-08 22:48 - 2014-02-23 20:43 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-12-08 22:48 - 2013-01-23 00:07 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-12-08 22:47 - 2014-02-23 20:51 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys

Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kevin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Kevin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-02 23:10

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Administrator (administrator) on KEVIN-PC on 06-01-2015 21:15:05
Running from C:\Users\Kevin\Desktop
Loaded Profiles: Kevin & Administrator (Available profiles: Kevin & Lorraine & Administrator & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Google Inc.) C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
( ) C:\Windows\System32\lxcycoms.exe
(Team MediaPortal) C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft ® Corporation) C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2012-07-09] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [lxcymon.exe] => C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe [291496 2009-05-01] ()
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-08] (Bitdefender)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [cmsc] => c:\program files (x86)\cmcm\Clean Master\cmtray.exe [468328 2014-11-06] (Kingsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-25] (Power Software Ltd)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Google Update] => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-26] (Google Inc.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [Device Doctor Pro] => C:\Program Files (x86)\Device Doctor Pro\DDProLauncher.exe [133744 2013-11-26] (Device Doctor Software Inc.)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [SkyDrive] => C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-24] (Microsoft Corporation)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Run: [MP2 ClientLauncher] => C:\Program Files (x86)\Team MediaPortal\MP2-Client\Tools\MP2-ClientLauncher\MP2-ClientLauncher.exe [343552 2014-09-11] (Team MediaPortal)
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\RunOnce: [Adobe Speed Launcher] => 1420577297
HKU\S-1-5-21-815093258-3654837366-4000460123-500\...\RunOnce: [Adobe Speed Launcher] => 1420240451
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk
ShortcutTarget: Event Reminder.lnk -> C:\pmw\PMREMIND.EXE ()
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Administrator.000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Administrator.000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Administrator.000\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll No File
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKU\S-1-5-21-815093258-3654837366-4000460123-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-815093258-3654837366-4000460123-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-815093258-3654837366-4000460123-1001 -> DefaultScope {B487009B-F5A0-4995-8EC5-A5A47ECA94ED} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-815093258-3654837366-4000460123-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-815093258-3654837366-4000460123-1001 -> {B487009B-F5A0-4995-8EC5-A5A47ECA94ED} URL = https://www.google.com/search?q={searchTerms}
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4EFA317A-8569-4788-B175-5BAF9731A549} http://vsrcm5.vlab.elementk.com/rcm/webcontrols/vmrc/VMRCActiveXClient.cab
DPF: HKLM-x32 {8B0F07E1-00F9-4B1B-9A2F-456DC0F54EBF} http://khse.vlab.elementk.com/vlab/webcontrols/porttester/PortTester.cab
DPF: HKLM-x32 {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://nlsremote.nls.uk/InternalSite/WhlCompMgr.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @vmware.com/vmrc,version=5.1.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.1\Firefox\np-vmware-vmrc.dll No File
FF Plugin-x32: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @talk.google.com/O1DPlugin -> C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-815093258-3654837366-4000460123-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-02-23]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Kevin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-08-10]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-08]
CHR StartMenuInternet: Google Chrome - C:\Users\Kevin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-08-13] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315240 2014-11-06] (Kingsoft Corporation)
S4 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [65536 2012-11-09] () [File not signed]
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2012-05-19] () [File not signed]
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 lxcy_device; C:\Windows\system32\lxcycoms.exe [566192 2006-11-29] ( )
R2 lxcy_device; C:\Windows\SysWOW64\lxcycoms.exe [537520 2006-11-29] ( )
R2 MP2-Server; C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe [334848 2014-09-11] (Team MediaPortal) [File not signed]
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 MSSQL$EONENERGYFIT; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-11-21] (IBM Corp.)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 uagqecsvc; C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [150928 2010-09-15] (Microsoft ® Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-08] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-08] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-12-08] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-13] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-12-21] (Connectify)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [106888 2012-05-19] (Windows (R) Win 7 DDK provider)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [25688 2012-05-19] (JMicron Technology Corp.)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2014-11-06] (Kingsoft Corporation)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-09-23] (Lavasoft AB)
R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [18832 2012-08-12] (PenMount)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 RapportCerberus_80083; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80083.sys [761720 2014-12-08] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445912 2014-11-21] (IBM Corp.)
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [424856 2014-12-08] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [534104 2014-11-21] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557656 2014-11-21] (IBM Corp.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2012-01-11] () [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-08] (BitDefender S.R.L.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-14] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-14] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-14] (Paragon)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 20:56 - 2015-01-06 21:15 - 00033747 _____ () C:\Users\Kevin\Desktop\FRST.txt
2015-01-06 20:52 - 2015-01-06 20:52 - 00000000 ____D () C:\Users\Kevin\Desktop\FRST-OlderVersion
2015-01-03 22:27 - 2014-10-19 11:40 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-03 22:27 - 2014-10-19 11:40 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-03 22:27 - 2014-10-19 11:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-03 22:19 - 2015-01-03 22:19 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\QuickScan
2015-01-03 21:54 - 2015-01-03 21:54 - 00008687 _____ () C:\Users\Kevin\Documents\attach.txt
2015-01-03 21:54 - 2015-01-03 21:53 - 00037017 _____ () C:\Users\Kevin\Documents\dds.txt
2015-01-03 21:47 - 2015-01-03 21:47 - 00688992 ____R (Swearware) C:\Users\Kevin\Desktop\dds.com
2015-01-03 20:51 - 2015-01-06 20:37 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForKevin.job
2015-01-03 20:51 - 2015-01-03 20:51 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKevin
2015-01-03 19:27 - 2015-01-03 19:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-03 19:17 - 2015-01-03 19:17 - 00000826 _____ () C:\Users\Kevin\Documents\JRT.txt
2015-01-03 19:00 - 2015-01-03 19:00 - 00000000 ____D () C:\Windows\ERUNT
2015-01-03 18:49 - 2015-01-03 18:49 - 01707939 _____ (Thisisu) C:\Users\Kevin\Desktop\JRT.exe
2015-01-03 15:03 - 2015-01-03 18:47 - 00000000 ___DC () C:\AdwCleaner
2015-01-03 15:02 - 2015-01-03 15:02 - 02173952 _____ () C:\Users\Kevin\Desktop\adwcleaner_4.106.exe
2015-01-03 14:48 - 2015-01-03 14:50 - 00002920 _____ () C:\Users\Kevin\Documents\Rkill.txt
2015-01-03 14:47 - 2015-01-03 14:47 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\Kevin\Desktop\rkill.exe
2015-01-03 14:10 - 2015-01-03 14:10 - 00037721 _____ () C:\Users\Kevin\Documents\Result.txt
2015-01-03 14:07 - 2015-01-03 14:07 - 00401920 _____ (Farbar) C:\Users\Kevin\Desktop\MiniToolBox.exe
2015-01-03 14:06 - 2015-01-03 14:06 - 00001356 _____ () C:\Users\Kevin\Documents\checkup.txt
2015-01-03 13:44 - 2015-01-03 13:44 - 00852504 _____ () C:\Users\Kevin\Desktop\SecurityCheck.exe
2015-01-02 23:17 - 2015-01-02 23:17 - 00000000 ____D () C:\Users\Administrator.000\AppData\Roaming\Hewlett-Packard
2015-01-02 23:14 - 2015-01-02 23:14 - 00000385 _____ () C:\Users\Administrator.000\AppData\Roaminguser_gensett.xml
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 __SHD () C:\Users\Administrator.000\AppData\Local\EmieUserList
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 __SHD () C:\Users\Administrator.000\AppData\Local\EmieSiteList
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 __SHD () C:\Users\Administrator.000\AppData\Local\EmieBrowserModeList
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 ____D () C:\Users\Administrator.000\AppData\Roaming\ATI
2015-01-02 23:14 - 2015-01-02 23:14 - 00000000 ____D () C:\Users\Administrator.000\AppData\Local\ATI
2015-01-02 22:35 - 2015-01-02 20:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-02 20:53 - 2015-01-02 16:30 - 00040789 ____C () C:\zoek-results2015-01-02-163000.log
2015-01-02 14:05 - 2015-01-02 23:13 - 00008332 ____C () C:\zoek-results.log
2015-01-02 14:02 - 2015-01-02 22:22 - 00000000 ___DC () C:\zoek_backup
2015-01-02 13:53 - 2015-01-03 23:58 - 02847942 _____ () C:\Users\Kevin\Downloads\zoek.zip
2015-01-02 13:09 - 2015-01-02 13:09 - 00047809 _____ () C:\Users\Kevin\Documents\Avast-Browser-Cleanup.log
2015-01-01 21:47 - 2015-01-01 21:47 - 00002585 _____ () C:\Users\Kevin\Downloads\fixlist.txt
2015-01-01 21:45 - 2015-01-01 21:46 - 39420968 _____ () C:\Users\Kevin\Downloads\Firefox Setup 34.0.5.exe
2015-01-01 21:37 - 2015-01-01 21:37 - 00000890 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-01 21:37 - 2015-01-01 21:37 - 00000878 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-01 21:23 - 2015-01-01 21:25 - 00059565 _____ () C:\Users\Kevin\Documents\Addition.txt
2015-01-01 21:20 - 2015-01-06 20:56 - 00059746 _____ () C:\Users\Kevin\Documents\FRST.txt
2015-01-01 21:19 - 2015-01-06 21:15 - 00000000 ___DC () C:\FRST
2015-01-01 21:18 - 2015-01-06 20:52 - 02123776 ____C (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2015-01-01 20:47 - 2015-01-01 20:47 - 00085253 _____ () C:\Users\Kevin\Documents\KEVIN-PC.txt
2015-01-01 20:35 - 2015-01-02 15:37 - 00000008 __RSH () C:\Users\Kevin\ntuser.pol
2015-01-01 19:59 - 2015-01-06 20:35 - 00011024 _____ () C:\Windows\PFRO.log
2015-01-01 19:59 - 2015-01-01 21:52 - 00443056 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-01 17:43 - 2015-01-01 17:36 - 00095879 _____ () C:\Users\Kevin\Documents\Bitdefender Virus scan.xml
2015-01-01 15:41 - 2015-01-06 20:47 - 00001424 _____ () C:\Windows\setupact.log
2015-01-01 15:41 - 2015-01-01 15:41 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-01 13:30 - 2015-01-01 13:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-01 13:12 - 2015-01-01 13:12 - 00362880 _____ (Kaspersky Lab) C:\Users\Kevin\Downloads\setup.exe
2015-01-01 12:19 - 2015-01-01 21:55 - 00112576 _____ () C:\Users\Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 22:07 - 2014-12-30 22:07 - 00002356 _____ () C:\Users\Kevin\Desktop\Chrome App Launcher.lnk
2014-12-30 21:19 - 2014-12-30 21:19 - 00560760 _____ (Murray Hurps Software Pty Ltd) C:\Users\Kevin\Downloads\AM-Install (1).exe
2014-12-30 21:18 - 2014-12-30 21:18 - 00560760 _____ (Murray Hurps Software Pty Ltd) C:\Users\Kevin\Downloads\AM-Install.exe
2014-12-30 20:53 - 2014-12-30 20:53 - 00002252 _____ () C:\Users\Public\Desktop\MediaPortal 2 ServiceMonitor.lnk
2014-12-30 20:53 - 2014-12-30 20:53 - 00002110 _____ () C:\Users\Public\Desktop\MediaPortal 2.lnk
2014-12-30 20:53 - 2014-12-30 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team MediaPortal
2014-12-30 20:53 - 2014-12-30 20:53 - 00000000 ____D () C:\Program Files (x86)\Dokan
2014-12-30 20:52 - 2014-12-30 21:06 - 00000000 ____D () C:\ProgramData\Team MediaPortal
2014-12-30 20:52 - 2014-12-30 20:52 - 00000000 ____D () C:\Program Files (x86)\Team MediaPortal
2014-12-30 20:46 - 2014-12-30 20:47 - 56864905 _____ () C:\Users\Kevin\Downloads\MP2-Setup-10th_AE_Update_1.zip
2014-12-25 10:38 - 2014-12-25 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-24 11:51 - 2014-12-24 11:51 - 00000000 ____D () C:\Windows\en-gb
2014-12-24 11:50 - 2014-12-24 11:50 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-12-24 11:50 - 2014-12-24 11:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-12-24 11:50 - 2014-12-24 11:50 - 00000000 ____D () C:\Windows\en
2014-12-24 11:47 - 2014-12-24 11:47 - 00000000 ____D () C:\Program Files\Windows Live
2014-12-24 10:32 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-24 10:32 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-24 10:32 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-24 10:32 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-24 10:32 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-24 10:32 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-24 10:32 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-24 10:32 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-24 10:32 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-24 10:32 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-24 10:29 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-24 10:29 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-24 10:29 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-24 10:29 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-24 10:29 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-24 10:28 - 2014-10-14 02:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-24 10:28 - 2014-10-14 01:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-24 10:28 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-24 10:28 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-24 10:28 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-24 10:28 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-24 10:28 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-24 10:28 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-24 10:28 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-23 00:02 - 2014-12-23 00:02 - 00003944 _____ () C:\Users\Kevin\Desktop\cpuz.cvf
2014-12-22 23:09 - 2014-12-29 19:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-22 22:17 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-22 22:17 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-13 01:50 - 2014-12-13 01:50 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-12-13 01:50 - 2014-12-13 01:50 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-12-12 23:22 - 2014-12-12 23:22 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-12-12 23:22 - 2014-12-12 23:22 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-12-11 22:08 - 2014-12-11 22:08 - 12078500 _____ () C:\Users\Kevin\Downloads\TL-WDN3200_V1_20131113.zip
2014-12-11 20:12 - 2014-12-11 20:16 - 694157312 _____ () C:\Users\Kevin\Downloads\elementaryos-stable-i386.20130810.iso
2014-12-11 20:04 - 2014-12-11 20:06 - 42807296 _____ () C:\Users\Kevin\Downloads\BlackboardCollaborateLauncher-Win.msi
2014-12-10 23:25 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 23:25 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 23:24 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 23:24 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 23:24 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 23:24 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 23:24 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 23:24 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 23:24 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 23:24 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 23:24 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 23:24 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 23:24 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 23:24 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 23:24 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 23:24 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 23:24 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 23:24 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 23:24 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 23:24 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 23:24 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 23:24 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 23:24 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 23:24 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 23:24 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 23:24 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 23:24 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 23:24 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 23:24 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 23:24 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 23:24 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 23:24 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 23:24 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 23:24 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 23:24 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 23:24 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 23:24 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 23:23 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 23:23 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 23:23 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 23:23 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 23:23 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 23:23 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 23:23 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 23:23 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 23:23 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 23:23 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 23:23 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 23:23 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 23:23 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 23:23 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 23:23 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 23:23 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 23:23 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 23:23 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 23:23 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:26 - 2014-12-11 21:35 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\BatteryCare
2014-12-10 22:26 - 2014-12-10 22:26 - 00001043 _____ () C:\Users\Public\Desktop\BatteryCare.lnk
2014-12-10 22:26 - 2014-12-10 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare
2014-12-10 22:25 - 2014-12-10 22:26 - 00000000 ____D () C:\Program Files (x86)\BatteryCare
2014-12-10 22:25 - 2014-12-10 22:25 - 01577144 _____ (Filipe Lourenço ) C:\Users\Kevin\Downloads\SetupBatteryCare.exe
2014-12-10 21:50 - 2014-12-10 21:50 - 00001312 _____ () C:\Users\Public\Desktop\EaseUS Todo PCTrans 8.0.lnk
2014-12-10 21:50 - 2014-12-10 21:50 - 00000000 ___DC () C:\PCTransImage
2014-12-10 21:50 - 2014-12-10 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 8.0
2014-12-08 23:23 - 2014-12-08 23:23 - 01577464 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.71.1-setup-en.exe
2014-12-08 23:23 - 2014-12-08 23:23 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-12-08 23:23 - 2014-12-08 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-12-08 23:23 - 2014-12-08 23:23 - 00000000 ____D () C:\Program Files\CPUID
2014-12-08 22:46 - 2014-12-08 22:46 - 00000000 ___DC () C:\UserBenchmark

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 21:14 - 2014-02-12 20:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 21:09 - 2014-08-22 19:59 - 00004972 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kevin-PC-Kevin Kevin-PC
2015-01-06 21:03 - 2011-06-28 16:34 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001UA.job
2015-01-06 21:01 - 2009-07-14 04:45 - 00025808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 21:01 - 2009-07-14 04:45 - 00025808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 21:00 - 2009-07-14 05:13 - 00864070 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 20:59 - 2010-10-09 18:02 - 01866850 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 20:53 - 2013-08-10 09:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 20:49 - 2014-05-12 13:28 - 00000000 ___RD () C:\Users\Kevin\OneDrive
2015-01-06 20:47 - 2013-08-10 09:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 20:47 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 20:46 - 2012-08-12 15:50 - 00131708 ____C () C:\aaw7boot.log
2015-01-03 22:28 - 2011-01-21 22:55 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-03 20:34 - 2012-12-05 20:31 - 00000000 ____D () C:\Windows\RemotePackages
2015-01-03 20:07 - 2010-11-17 00:27 - 00000000 ____D () C:\Users\Kevin\Documents\IT Work
2015-01-03 19:58 - 2014-05-12 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-03 19:31 - 2014-11-27 00:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 18:51 - 2012-07-23 19:35 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-03 16:05 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-03 15:48 - 2014-05-12 11:43 - 00001746 _____ () C:\Users\Kevin\Desktop\MPC-HC x64.lnk
2015-01-03 15:37 - 2012-07-23 19:35 - 00001724 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-01-02 23:13 - 2014-04-09 22:08 - 00000000 ___RD () C:\Users\Administrator.000\Virtual Machines
2015-01-02 22:36 - 2013-10-01 20:41 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-02 15:37 - 2010-10-09 18:28 - 00000000 ____D () C:\Users\Kevin
2015-01-02 15:24 - 2009-07-14 03:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-02 13:50 - 2013-01-22 23:10 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-01 21:52 - 2012-11-17 14:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-01 13:29 - 2012-11-17 14:49 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-30 22:13 - 2010-12-26 13:16 - 00004608 _____ () C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-30 22:08 - 2013-02-02 00:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DivX
2014-12-30 22:07 - 2011-06-28 16:35 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-30 20:49 - 2010-11-02 22:26 - 00000000 ____D () C:\Users\Kevin\Tracing
2014-12-30 20:47 - 2010-11-09 22:40 - 00000000 ____D () C:\ProgramData\Skype
2014-12-29 19:48 - 2014-11-10 22:45 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-25 12:41 - 2010-11-09 22:40 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-12-25 11:03 - 2011-06-28 16:34 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001Core.job
2014-12-25 10:38 - 2014-02-18 23:51 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-25 10:38 - 2010-11-09 22:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-24 11:49 - 2013-07-23 22:36 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-12-24 11:49 - 2011-04-25 16:16 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-12-24 11:48 - 2010-11-02 22:19 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-12-24 11:47 - 2010-11-02 22:15 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-12-24 11:08 - 2011-04-25 16:20 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Windows Live Writer
2014-12-24 10:49 - 2014-05-12 13:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 23:30 - 2011-06-28 16:35 - 00002364 _____ () C:\Users\Kevin\Desktop\Google Chrome.lnk
2014-12-22 23:01 - 2012-04-10 19:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-22 23:01 - 2011-05-19 23:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-22 22:58 - 2014-08-22 20:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Adobe
2014-12-22 22:58 - 2014-02-12 20:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-22 22:15 - 2012-08-12 15:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-22 22:03 - 2013-05-08 21:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 23:53 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 23:52 - 2013-07-23 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 23:33 - 2010-10-09 18:42 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:19 - 2012-02-21 22:34 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 22:19 - 2012-02-21 22:34 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-10 21:50 - 2014-02-24 21:38 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-12-08 23:47 - 2014-11-27 00:16 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-08 23:47 - 2014-11-27 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 23:47 - 2014-11-27 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-08 23:47 - 2014-04-01 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-12-08 22:48 - 2014-02-23 20:43 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-12-08 22:48 - 2013-01-23 00:07 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-12-08 22:47 - 2014-02-23 20:51 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys

Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kevin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Kevin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-02 23:10

==================== End Of Log ============================


#6 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 06 January 2015 - 04:31 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by Administrator at 2015-01-06 21:16:35
Running from C:\Users\Kevin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3 WiFi Manager (HKLM-x32\...\3 WiFi Manager) (Version: 11.302.04.08.156 - Huawei Technologies Co.,Ltd)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Kindle (HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVerMedia TV Tuner Card 1.0.0.4 (HKLM-x32\...\AVerMedia TV Tuner Card) (Version: 1.0.0.4 - AVerMedia TECHNOLOGIES, Inc.)
BatteryCare 0.9.20 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.20 - Filipe Lourenço)
BBC iPlayer Downloads (HKLM-x32\...\{D8753E3F-B86E-4BA6-A44A-6D92BFB38519}) (Version: 1.11.0 - BBC)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.25.0.1074 - Bitdefender)
Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.18.12 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Codecs for Windows 7 Pack 4.0.5 (HKLM-x32\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack)
Connectify Hotspot (HKLM\...\Connectify) (Version: 3.7.1.25486 - Connectify)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dokan Library 0.5.3 (HKLM-x32\...\DokanLibrary) (Version:  - )
EaseUS Todo Backup Free 6.5 (HKLM-x32\...\EaseUS Todo Backup Free 6.5_is1) (Version: 6.5 - CHENGDU YIWO Tech Development Co., Ltd)
EaseUS Todo PCTrans 8.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
eSupport UndeletePlus 3.0.5.506 (HKLM-x32\...\eSupport UndeletePlus_is1) (Version:  - Copyright © 2011 eSupport.com • All Rights Reserved)
FlashPeak SlimBrowser (HKLM-x32\...\SlimBrowser) (Version: 7.00.109 - FlashPeak Inc.)
get_iplayer 4.8 (HKLM-x32\...\get_iplayer) (Version: 4.8 - infradead.org)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3123 - Hewlett-Packard)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
InvisibleHand (HKLM-x32\...\{4B0BA7AA-10BE-432D-92AF-577D5A8E595E}) (Version: 1.0.10 - InvisibleHand)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JMicron JMB38X Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.20.07 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Lexmark 3400 Series (HKLM\...\Lexmark 3400 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Go Video Playback Engine 2.0.107.08290 (HKLM-x32\...\{49D9CE9D-C8B7-B941-90E1-608044A0FC8D}) (Version: 2.0.107.08290 - Sony)
MediaPortal 2 (HKLM-x32\...\{8332146C-EBE1-4601-A3E4-204D9C15E4C0}) (Version: 2.0.0.1409 - Team MediaPortal)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-815093258-3654837366-4000460123-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Online Services Sign-in Assistant (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.5 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.5 - MPC-HC Team)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Oracle VM VirtualBox 4.2.18 (HKLM\...\{230C9C86-26A9-437F-8152-34D5F4C3F680}) (Version: 4.2.18 - Oracle Corporation)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Paragon Backup and Recovery™ 11 Compact Edition (HKLM-x32\...\{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}) (Version: 90.00.0003 - Paragon Software)
PE Builder 3.1.10a (HKLM-x32\...\PE Builder_is1) (Version:  - Bart Lagerweij)
PL-2303 USB-to-Serial (HKLM-x32\...\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}) (Version: 1.00.000 - Prolific Technology INC)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
PS5520FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapport (Version: 3.5.1201.78 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1404.34 - Trusteer) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Resident Evil 6 Benchmark Tool (HKLM-x32\...\Steam App 229950) (Version:  - Capcom)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Self-service Plug-in (x32 Version: 3.3.0.27839 - Citrix Systems, Inc.) Hidden
Sense (HKLM-x32\...\Sense) (Version: Build 187 - The Open University) <==== ATTENTION
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimComputer (HKLM-x32\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.7.29 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.108 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.108 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.33.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.3.1 - TP-LINK)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
Ultimate Soccer Manager 98-99 (HKLM-x32\...\Ultimate Soccer Manager 98-99) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual CertExam Suite 1.9 (HKLM-x32\...\Visual CertExam Suite_is1) (Version:  - Visual CertExam Software)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware vSphere Client 5.5 (HKLM-x32\...\{4CFB0494-2E96-4631-8364-538E2AA91324}) (Version: 5.5.0.3838 - VMware, Inc.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 7.1.4.16648 - VMware, Inc)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.07.0000 - Western Digital Technologies)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wise Memory Optimizer 3.32 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.32 - WiseCleaner.com, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.2.3972 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.3972 - Zinio LLC) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-815093258-3654837366-4000460123-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {061D02EE-572D-4496-91A1-96EF484AED35} - System32\Tasks\{9678A635-E24C-49F9-ACB0-1204225AE3A1} => pcalua.exe -a "C:\Program Files (x86)\orange3\uninstall.exe" -c -uninstall -prompt
Task: {0C3844BC-50CB-4194-A76F-5F9226E243CD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {0C6F906F-894A-4116-8214-C321F1AF918A} - System32\Tasks\SlimComputer Run => C:\Program Files (x86)\SlimComputer\SlimComputer.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {111BD79A-AF6C-4E20-837F-504B63BD98AA} - System32\Tasks\{118F8B9D-FDCE-47B7-83E6-59AD094C97D2} => pcalua.exe -a C:\Users\Kevin\Downloads\sp52095.exe -d C:\Users\Kevin\Downloads
Task: {2474E166-27F2-4C32-9488-BDC06DD3F79D} - System32\Tasks\{00243D8D-7DD8-43CB-BF7E-B48DE04BD753} => pcalua.exe -a "C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2HAPEU8\VirtualBox-4.2.16-86992-Win.exe" -d C:\Users\Kevin\Desktop
Task: {2A013595-5587-476B-AD5D-FD49CC0B46EF} - System32\Tasks\{4E4D582C-94CE-4F91-9F24-B02DA51F2A35} => pcalua.exe -a "C:\ProgramData\VMware\VMware Workstation\Uninstaller\uninstall.exe" -c -x -S "C:\ProgramData\VMware\VMware Workstation\Uninstaller\"
Task: {2C02A19B-95E7-4E90-96CB-3287633231EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {2C882F8A-805B-4BB2-95E5-E5C39894EBC4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {39061F6C-84B8-4D5F-9ADC-4A2213219922} - System32\Tasks\{4D8933AA-1466-4A5F-82AB-413F4D166A94} => pcalua.exe -a E:\Kevin's\ST330_VistaSetup_v0.3.exe -d E:\Kevin's
Task: {3A1B340B-7056-4CF1-B4D4-433D5316E8BB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-815093258-3654837366-4000460123-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3B417A07-92D8-4F21-AB0F-A59757488EE7} - System32\Tasks\{7917D978-DAB8-41F4-9FF0-D231E7D6E695} => pcalua.exe -a "C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\39N1NU5Y\sp42446.exe" -d C:\Users\Kevin\Desktop
Task: {3C163660-F730-45CE-BB03-BB4DC1428609} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10] (Google Inc.)
Task: {45E1ABAC-9F0D-4037-9A9F-98C85AEAC961} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {50F396A0-2B4D-4BDC-9D34-4C24BAC7CADC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-22] (Adobe Systems Incorporated)
Task: {5E0A94C1-BE6C-4476-B18D-56B0341AC043} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2014-08-21] (Hewlett-Packard Company)
Task: {68A9592F-26D8-4E01-93C5-DE3613231308} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {6FA51CAE-AA88-4C06-935D-48D1864B423E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-815093258-3654837366-4000460123-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7229B50D-2451-4764-8F5E-C100E7802F64} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {72383BBF-C73C-4A4E-8358-5570E61A49E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {75AA9123-B3E4-4BB5-85D3-4FBDEB4A1AE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {7FF90903-6A79-45A4-AAA9-6F51CB429637} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-07-14] (CyberLink)
Task: {80E34CB6-B8F9-4CB1-85EF-774B2E890898} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9BAAFFF8-C0FA-4B1F-99ED-5AD27184287C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001Core => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {A35B184E-4189-4607-843B-311296F3E502} - System32\Tasks\{A3C8D6E0-50A1-4C88-91CA-6E4AF184ED99} => pcalua.exe -a C:\Users\Kevin\Documents\WebInterface.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {AA5FDFD5-2B58-4558-BE60-08C62DE25DA1} - System32\Tasks\{F06A87B5-D093-477F-A797-1F05AB914A3A} => pcalua.exe -a C:\Users\Kevin\Downloads\AudibleDM_iTunesSetup.exe -d C:\Windows\system32
Task: {B0606410-0F94-4F76-A7FA-9B28B9EBF39F} - System32\Tasks\{DB2FBC3A-5DC8-4537-9C06-E18E9B5742A7} => pcalua.exe -a D:\DWizard615.exe -d D:\
Task: {B06569AD-518F-4D58-A1F1-746A2491EC1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10] (Google Inc.)
Task: {B8D1FFCD-E390-4CBE-88B8-75BAA418DB47} - System32\Tasks\HPCeeScheduleForKevin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {BB920D51-DC5D-4F8D-9D12-1B74E42DB0CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {BC8EE1DC-2821-44EE-A105-9445478E6E0E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {C468BDD5-8BAF-418D-B765-3AB3873A0C1C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Kevin-PC-Kevin Kevin-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {CD63B152-2205-4D7A-A85F-B447935CB320} - System32\Tasks\{AEB0700E-0C52-4BC6-8440-08FC834EE914} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {CECA4C2E-1F65-4B99-8C0D-E853EFE44C6C} - System32\Tasks\{FEB9098E-1C17-4616-BD22-5B6B1362C567} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.2.0.169.259&amp;LastError=404
Task: {D628C846-039D-4AEB-B80B-B24A0BCC9260} - System32\Tasks\{D5ABC985-09FA-4897-B505-D249FC55C472} => pcalua.exe -a D:\Ebook\Setup.exe -d D:\Ebook
Task: {DADF812E-465B-4A21-9967-73F47D0FF813} - System32\Tasks\{256EC45D-6618-4FC0-A17F-C455F72CA745} => pcalua.exe -a C:\Users\Kevin\Downloads\msicuu2.exe -d C:\Users\Kevin\Downloads
Task: {E4F2B5E5-20BC-4BF3-969E-9F763A6904D4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001UA => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {EBB5AB0C-CED5-4403-88E4-396FB97232D8} - System32\Tasks\{2B122AA3-35B5-443D-84F8-E8F29434B8DF} => pcalua.exe -a "C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XPXR23P\VirtualBox-4.2.4-81684-Win.exe" -d C:\Users\Kevin\Desktop
Task: {FD9EA317-C5AE-4CCC-8A67-37713006E805} - System32\Tasks\{8BA62AB2-4968-40B1-A79E-EC57AD93E7C5} => pcalua.exe -a "C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEROWTZY\VirtualBox-4.2.6-82870-Win.exe" -d C:\Users\Kevin\Desktop
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001Core.job => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-815093258-3654837366-4000460123-1001UA.job => C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKevin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\SlimComputer Run.job => C:\Program Files (x86)\SlimComputer\SlimComputer.exe

==================== Loaded Modules (whitelisted) =============

2014-10-13 20:37 - 2014-10-13 20:37 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-08-13 21:01 - 2014-08-13 21:01 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-02-23 20:52 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-02-23 20:52 - 2014-08-13 21:01 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-07-28 18:38 - 2014-07-28 18:39 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_010\ashttpbr.mdl
2014-07-28 18:38 - 2014-07-28 18:38 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_010\ashttpdsp.mdl
2014-07-28 18:38 - 2014-07-28 18:39 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_010\ashttpph.mdl
2014-07-28 18:38 - 2014-07-28 18:39 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_010\ashttprbl.mdl
2013-02-12 22:35 - 2006-11-27 03:55 - 00144896 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxcypp6c.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-11-25 10:48 - 2014-11-25 10:48 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-12 13:13 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-05-19 00:03 - 2012-05-19 00:03 - 00011776 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2014-02-24 21:38 - 2013-11-14 14:59 - 00031304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2014-02-24 21:38 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2014-02-24 21:39 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2014-02-24 21:39 - 2013-09-04 11:19 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2014-02-24 21:38 - 2014-01-13 18:06 - 00105544 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00192072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2014-02-24 21:38 - 2013-12-23 11:01 - 00281672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2014-02-24 21:39 - 2013-09-04 11:19 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2014-02-24 21:39 - 2013-09-04 11:19 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00192584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2014-02-24 21:38 - 2013-09-04 11:19 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2014-02-24 21:38 - 2013-10-22 17:31 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2014-02-24 21:39 - 2013-09-04 11:19 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2014-02-24 21:38 - 2013-12-24 17:42 - 00017992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2014-02-24 21:39 - 2013-09-04 11:19 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-02-23 20:51 - 2014-10-13 20:36 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-09-24 20:00 - 2014-09-24 20:00 - 00081056 _____ () C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-11-25 10:48 - 2014-11-25 10:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Kevin\Desktop\sp45524.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\AM-Install (1).exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\AM-Install.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\amdcompatibilitychecker.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\cleanmaster_12_1.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\cpu-z_1.71.1-setup-en.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\Firefox Setup 34.0.5.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\pebuilder3110a.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\PortableApps.com_Platform_Setup_12.0.5.paf.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\PowerISO6.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\PSISetup.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\setup.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\SetupBatteryCare.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\windowsxp-kb936929-sp3-x86-enu_c81472f7eeea2eca421e116cd4c03e2300ebfde4.exe:BDU
AlternateDataStreams: C:\Users\Kevin\Downloads\WMOSetup.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: Connectify => 2
MSCONFIG\Services: RapportMgmtService => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: SafeBox => 2
MSCONFIG\Services: SandraAgentSrv => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Single Sign-On Background Process.lnk => C:\Windows\pss\Citrix Single Sign-On Background Process.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Connectify => C:\Program Files (x86)\Connectify\Connectify.exe
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 3400 Series\ezprint.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LXCYCATS => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCYtime.dll,RunDLLEntry
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-815093258-3654837366-4000460123-500 - Administrator - Enabled) => C:\Users\Administrator.000
Guest (S-1-5-21-815093258-3654837366-4000460123-501 - Limited - Disabled) => C:\Users\Guest
Kevin (S-1-5-21-815093258-3654837366-4000460123-1001 - Administrator - Enabled) => C:\Users\Kevin
Lorraine (S-1-5-21-815093258-3654837366-4000460123-1019 - Limited - Enabled) => C:\Users\Lorraine

==================== Faulty Device Manager Devices =============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2015 08:57:40 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: Your backup configuration is not valid. Review your backup settings. (0x81000029).

Error: (01/03/2015 10:01:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/03/2015 10:01:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/06/2015 09:11:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (01/06/2015 08:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error: 
%%1053

Error: (01/06/2015 08:48:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

Error: (01/06/2015 08:47:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:45:19 on ‎06/‎01/‎2015 was unexpected.

Error: (01/06/2015 08:36:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:36:14 on ‎04/‎01/‎2015 was unexpected.

Error: (01/04/2015 10:11:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (01/04/2015 05:56:40 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/03/2015 08:35:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:32:54 on ‎03/‎01/‎2015 was unexpected.


Microsoft Office Sessions:
=========================
Error: (01/06/2015 08:57:40 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Your backup configuration is not valid. Review your backup settings. (0x81000029)

Error: (01/03/2015 10:01:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (01/03/2015 10:01:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe


CodeIntegrity Errors:
===================================
  Date: 2014-02-12 23:06:39.636
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:39.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:39.589
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:39.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\x86_microsoft-windows-bcrypt-primitives-dll_31bf3856ad364e35_6.2.9200.16384_none_0edc8545e871119d\bcryptprimitives.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:28.497
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_6745ff9db87675c9\webservices.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:28.435
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_6745ff9db87675c9\webservices.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:28.357
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_6745ff9db87675c9\webservices.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:28.247
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_6745ff9db87675c9\webservices.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:25.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_e90a11d7d5070f99\userenv.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-12 23:06:25.112
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_e90a11d7d5070f99\userenv.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-72
Percentage of memory in use: 26%
Total physical RAM: 8189.84 MB
Available physical RAM: 6006.85 MB
Total Pagefile: 16377.85 MB
Available Pagefile: 14078.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:14.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:48.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 3835856C)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0059889C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================


#7 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 06 January 2015 - 05:11 PM

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-06 22:10:14
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000089 FUJITSU_ rev.0000 149.05GB
Running: iwztj39t.exe; Driver: C:\Users\ADMINI~1.000\AppData\Local\Temp\agloqpod.sys


---- Devices - GMER 2.1 ----

Device   \Driver\atapi \Device\Ide\IdePort0                                                                                                                                                                                        fffffa80076242c0
Device   \Driver\atapi \Device\Ide\IdePort1                                                                                                                                                                                        fffffa80076242c0
Device   \Driver\JMCR \Device\Scsi\JMCR1                                                                                                                                                                                           fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR3Port5Path0TargetffLun0                                                                                                                                                                     fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR2                                                                                                                                                                                           fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR3                                                                                                                                                                                           fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR4                                                                                                                                                                                           fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR2Port4Path0TargetffLun0                                                                                                                                                                     fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR4Port6Path0TargetffLun0                                                                                                                                                                     fffffa8007d8a2c0
Device   \Driver\JMCR \Device\Scsi\JMCR1Port3Path0TargetffLun0                                                                                                                                                                     fffffa8007d8a2c0
Device   \FileSystem\Ntfs \Ntfs                                                                                                                                                                                                    fffffa800762e2c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{924365E6-2460-4181-94D2-A70BAF693B61}                                                                                                                                                  fffffa8007ffb2c0
Device   \Driver\usbehci \Device\USBPDO-5                                                                                                                                                                                          fffffa80087682c0
Device   \Driver\amd_sata \Device\0000008a                                                                                                                                                                                         fffffa80076282c0
Device   \Driver\usbohci \Device\USBFDO-3                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\usbohci \Device\USBPDO-1                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\amd_sata \Device\RaidPort0                                                                                                                                                                                        fffffa80076282c0
Device   \Driver\cdrom \Device\CdRom0                                                                                                                                                                                              fffffa8007f412c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{42198FD2-7B08-4D81-9585-B6353E70F12A}                                                                                                                                                  fffffa8007ffb2c0
Device   \Driver\usbohci \Device\USBFDO-4                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\amd_sata \Device\00000089                                                                                                                                                                                         fffffa80076282c0
Device   \Driver\usbehci \Device\USBPDO-2                                                                                                                                                                                          fffffa80087682c0
Device   \Driver\usbohci \Device\USBFDO-0                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{187BD11E-2DEA-41F9-832D-C0A2A639515E}                                                                                                                                                  fffffa8007ffb2c0
Device   \Driver\usbehci \Device\USBFDO-5                                                                                                                                                                                          fffffa80087682c0
Device   \Driver\USBSTOR \Device\000000c1                                                                                                                                                                                          fffffa80095be2c0
Device   \Driver\usbohci \Device\USBPDO-3                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\usbohci \Device\USBFDO-1                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                                                                                   fffffa8007ffb2c0
Device   \Driver\USBSTOR \Device\000000c2                                                                                                                                                                                          fffffa80095be2c0
Device   \Driver\usbohci \Device\USBPDO-4                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\usbehci \Device\USBFDO-2                                                                                                                                                                                          fffffa80087682c0
Device   \Driver\amd_sata \Device\ScsiPort0                                                                                                                                                                                        fffffa80076282c0
Device   \Driver\usbohci \Device\USBPDO-0                                                                                                                                                                                          fffffa800876a2c0
Device   \Driver\atapi \Device\ScsiPort1                                                                                                                                                                                           fffffa80076242c0
Device   \Driver\atapi \Device\ScsiPort2                                                                                                                                                                                           fffffa80076242c0
Device   \Driver\JMCR \Device\ScsiPort3                                                                                                                                                                                            fffffa8007d8a2c0
Device   \Driver\JMCR \Device\ScsiPort4                                                                                                                                                                                            fffffa8007d8a2c0
Device   \Driver\JMCR \Device\ScsiPort5                                                                                                                                                                                            fffffa8007d8a2c0
Device   \Driver\JMCR \Device\ScsiPort6                                                                                                                                                                                            fffffa8007d8a2c0

---- Trace I/O - GMER 2.1 ----

Trace    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys vsflt67.sys >>UNKNOWN [0xfffffa800762a2c0]<< sptd.sys amd_xata.sys storport.sys hal.dll amd_sata.sys                                                                      fffffa800762a2c0
Trace    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d42060]                                                                                                                                                           fffffa8007d42060
Trace    3 CLASSPNP.SYS[fffff88001c7e43f] -> nt!IofCallDriver -> [0xfffffa8007d41950]                                                                                                                                              fffffa8007d41950
Trace    5 hpdskflt.sys[fffff88001c02189] -> nt!IofCallDriver -> [0xfffffa8007d40e10]                                                                                                                                              fffffa8007d40e10
Trace    7 vsflt67.sys[fffff880011d67cd] -> nt!IofCallDriver -> [0xfffffa8007c63ac0]                                                                                                                                               fffffa8007c63ac0
Trace    \Driver\amd_xata[0xfffffa80076c16b0] -> IRP_MJ_CREATE -> 0xfffffa800762a2c0                                                                                                                                               fffffa800762a2c0
Trace    9 amd_xata.sys[fffff88001360d00] -> nt!IofCallDriver -> \Device\00000089[0xfffffa8007c5f9c0]                                                                                                                              fffffa8007c5f9c0
Trace    \Driver\amd_sata[0xfffffa80076c0710] -> IRP_MJ_CREATE -> 0xfffffa80076282c0                                                                                                                                               fffffa80076282c0

---- Modules - GMER 2.1 ----

Module   \??\C:\Users\ADMINI~1.000\AppData\Local\Temp\agloqpod.sys (GMER)                                                                                                                                                          fffff88019fec000-fffff88019ffc000 (65536 bytes)

---- Threads - GMER 2.1 ----

Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4448]                                                                                                                                   00000000779f3e85
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4488]                                                                                                                                   00000000779f2e65
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4860]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4864]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4868]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4872]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4876]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4880]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4944]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4948]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4968]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:3792]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4108]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4140]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4124]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4128]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4120]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4116]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4224]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:4296]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:5072]                                                                                                                                   00000000779f3e85
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:5304]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:5312]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:6100]                                                                                                                                   000000006d4b29e1
Thread   c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [4356:6104]                                                                                                                                   000000006d4b29e1
---- Processes - GMER 2.1 ----

Library  \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\trufos.dll (*** suspicious ***) @ C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [956] (FILE NOT FOUND)                                     000007fefbec0000
Library  \\?\C:\Program Files\Bitdefender\Bitdefender\bdnc.dll (*** suspicious ***) @ C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [956] (FILE NOT FOUND)                                                                   000007fefbcc0000
Library  C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [3680]       0000000064d20000
Library  C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\csi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [3680]       000000005eea0000
Library  C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [3680]  000000006df20000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                                                                                                                        771343423
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                                                                                                                        285507792
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                                                                                                                        1
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                                                                                                          
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                                                                       0
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                                                                    0xE7 0x41 0xFC 0xAF ...
Reg      HKLM\SYSTEM\ControlSet002\Control@BootDriverFlags                                                                                                                                                                         0
Reg      HKLM\SYSTEM\ControlSet002\Control@ServiceControlManagerExtension                                                                                                                                                          %systemroot%\system32\scext.dll
Reg      HKLM\SYSTEM\ControlSet002\Control@SystemStartOptions                                                                                                                                                                       NOEXECUTE=OPTIN
Reg      HKLM\SYSTEM\ControlSet002\Control@SystemBootDevice                                                                                                                                                                        multi(0)disk(0)rdisk(0)partition(1)
Reg      HKLM\SYSTEM\ControlSet002\Control@FirmwareBootDevice                                                                                                                                                                      multi(0)disk(0)rdisk(0)partition(1)
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@CriticalSectionTimeout                                                                                                                                                  2592000
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@GlobalFlag                                                                                                                                                              0
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@HeapDeCommitFreeBlockThreshold                                                                                                                                          0
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@HeapDeCommitTotalFreeThreshold                                                                                                                                          0
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@HeapSegmentCommit                                                                                                                                                       0
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@HeapSegmentReserve                                                                                                                                                      0
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@ProcessorControl                                                                                                                                                        2
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@ResourceTimeoutCount                                                                                                                                                    648000
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@BootExecute                                                                                                                                                             autocheck autochk *?lsdelete?
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@ExcludeFromKnownDlls                                                                                                                                                    
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@ObjectDirectories                                                                                                                                                       \Windows?\RPC Control?
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@ProtectionMode                                                                                                                                                          1
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@NumberOfInitialSessions                                                                                                                                                 2
Reg      HKLM\SYSTEM\ControlSet002\Control\Session Manager@SetupExecute                                                                                                                                                            
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                                                                                                      
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                                                                           0
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                                                                        0xE7 0x41 0xFC 0xAF ...

---- EOF - GMER 2.1 ----



#8 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 06 January 2015 - 05:16 PM

22:14:10.0371 0x0ddc  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
22:14:22.0535 0x0ddc  ============================================================
22:14:22.0535 0x0ddc  Current date / time: 2015/01/06 22:14:22.0535
22:14:22.0535 0x0ddc  SystemInfo:
22:14:22.0535 0x0ddc  
22:14:22.0535 0x0ddc  OS Version: 6.1.7601 ServicePack: 1.0
22:14:22.0535 0x0ddc  Product type: Workstation
22:14:22.0535 0x0ddc  ComputerName: KEVIN-PC
22:14:22.0535 0x0ddc  UserName: Administrator
22:14:22.0535 0x0ddc  Windows directory: C:\Windows
22:14:22.0535 0x0ddc  System windows directory: C:\Windows
22:14:22.0535 0x0ddc  Running under WOW64
22:14:22.0535 0x0ddc  Processor architecture: Intel x64
22:14:22.0535 0x0ddc  Number of processors: 2
22:14:22.0535 0x0ddc  Page size: 0x1000
22:14:22.0535 0x0ddc  Boot type: Normal boot
22:14:22.0535 0x0ddc  ============================================================
22:14:23.0020 0x0ddc  KLMD registered as C:\Windows\system32\drivers\83003662.sys
22:14:23.0785 0x0ddc  System UUID: {33BD9D27-8029-24F4-C46F-131B3077751E}
22:14:24.0738 0x0ddc  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:14:24.0769 0x0ddc  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:14:24.0785 0x0ddc  ============================================================
22:14:24.0785 0x0ddc  \Device\Harddisk0\DR0:
22:14:24.0785 0x0ddc  MBR partitions:
22:14:24.0785 0x0ddc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
22:14:24.0785 0x0ddc  \Device\Harddisk1\DR1:
22:14:24.0785 0x0ddc  MBR partitions:
22:14:24.0785 0x0ddc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747065AC
22:14:24.0785 0x0ddc  ============================================================
22:14:24.0816 0x0ddc  C: <-> \Device\Harddisk0\DR0\Partition1
22:14:24.0863 0x0ddc  E: <-> \Device\Harddisk1\DR1\Partition1
22:14:24.0863 0x0ddc  ============================================================
22:14:24.0863 0x0ddc  Initialize success
22:14:24.0863 0x0ddc  ============================================================
22:14:33.0670 0x1840  ============================================================
22:14:33.0670 0x1840  Scan started
22:14:33.0670 0x1840  Mode: Manual; 
22:14:33.0670 0x1840  ============================================================
22:14:33.0670 0x1840  KSN ping started
22:14:36.0560 0x1840  KSN ping finished: true
22:14:38.0277 0x1840  ================ Scan system memory ========================
22:14:38.0277 0x1840  System memory - ok
22:14:38.0293 0x1840  ================ Scan services =============================
22:14:38.0511 0x1840  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:14:38.0527 0x1840  1394ohci - ok
22:14:38.0605 0x1840  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
22:14:38.0605 0x1840  Accelerometer - ok
22:14:38.0636 0x1840  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:14:38.0652 0x1840  ACPI - ok
22:14:38.0683 0x1840  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:14:38.0683 0x1840  AcpiPmi - ok
22:14:38.0839 0x1840  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:14:38.0839 0x1840  AdobeARMservice - ok
22:14:38.0979 0x1840  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:14:38.0995 0x1840  AdobeFlashPlayerUpdateSvc - ok
22:14:39.0057 0x1840  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:14:39.0073 0x1840  adp94xx - ok
22:14:39.0182 0x1840  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:14:39.0198 0x1840  adpahci - ok
22:14:39.0229 0x1840  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:14:39.0244 0x1840  adpu320 - ok
22:14:39.0276 0x1840  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:14:39.0291 0x1840  AeLookupSvc - ok
22:14:39.0385 0x1840  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
22:14:39.0385 0x1840  AESTFilters - ok
22:14:39.0447 0x1840  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:14:39.0463 0x1840  AFD - ok
22:14:39.0541 0x1840  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
22:14:39.0572 0x1840  AgereSoftModem - ok
22:14:39.0634 0x1840  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:14:39.0650 0x1840  agp440 - ok
22:14:39.0697 0x1840  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:14:39.0712 0x1840  ALG - ok
22:14:39.0775 0x1840  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:14:39.0775 0x1840  aliide - ok
22:14:39.0853 0x1840  [ DDEA39A56B801A675E118429AF6A30D2, D61A702E8777514A6926D1D5EB180F33C6317871013B355E7C17FE37C14C5D7F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:14:39.0884 0x1840  AMD External Events Utility - ok
22:14:39.0946 0x1840  AMD FUEL Service - ok
22:14:39.0993 0x1840  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:14:39.0993 0x1840  amdide - ok
22:14:40.0040 0x1840  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
22:14:40.0056 0x1840  amdiox64 - ok
22:14:40.0102 0x1840  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:14:40.0118 0x1840  AmdK8 - ok
22:14:40.0664 0x1840  [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:14:41.0023 0x1840  amdkmdag - ok
22:14:41.0148 0x1840  [ 8E2A3479CF4E871F37D0F023692E6694, BE995D5679ABEF800E24208A068C44A10607305A8C328FF29A11DCAAB4D18FBB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:14:41.0148 0x1840  amdkmdap - ok
22:14:41.0179 0x1840  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:14:41.0179 0x1840  AmdPPM - ok
22:14:41.0226 0x1840  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:14:41.0226 0x1840  amdsata - ok
22:14:41.0257 0x1840  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:14:41.0272 0x1840  amdsbs - ok
22:14:41.0288 0x1840  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:14:41.0304 0x1840  amdxata - ok
22:14:41.0319 0x1840  [ A1434F35B7B171CB697D74D33F7D029F, 97688D8C388066D02036DEF388AD7D8BE55DB268185CECE88128195D87422496 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
22:14:41.0319 0x1840  amd_sata - ok
22:14:41.0366 0x1840  [ E9B5A82FA268BB2D1B012030D5F4E096, 9EBE4DD2B86EE62D5E47ED85FC6271FE66A5A564227C7C8B7A576FD54A2CFACB ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
22:14:41.0366 0x1840  amd_xata - ok
22:14:41.0413 0x1840  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:14:41.0413 0x1840  AppID - ok
22:14:41.0444 0x1840  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:14:41.0444 0x1840  AppIDSvc - ok
22:14:41.0475 0x1840  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:14:41.0475 0x1840  Appinfo - ok
22:14:41.0569 0x1840  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:14:41.0584 0x1840  Apple Mobile Device - ok
22:14:41.0662 0x1840  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:14:41.0678 0x1840  AppMgmt - ok
22:14:41.0709 0x1840  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:14:41.0725 0x1840  arc - ok
22:14:41.0772 0x1840  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:14:41.0787 0x1840  arcsas - ok
22:14:41.0943 0x1840  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:14:41.0943 0x1840  aspnet_state - ok
22:14:41.0974 0x1840  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:14:41.0974 0x1840  AsyncMac - ok
22:14:42.0006 0x1840  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:14:42.0006 0x1840  atapi - ok
22:14:42.0177 0x1840  [ 481CC0E01A941BA4DD0D949C1D47B417, 871634A4C05C3CDB3DB085A4819B0161E779FCB31731609F7A1B30F7DD0B8C59 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
22:14:42.0286 0x1840  athr - ok
22:14:42.0364 0x1840  [ B0790FF0E25B7A2674296052F2162C1A, 930D1A09E93117E081C532D6EDB1E870736AE3806D13AE7F0C7748FD4EAB3D89 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:14:42.0380 0x1840  AtiHDAudioService - ok
22:14:42.0427 0x1840  [ 04A5815DF7E8B037DF674D3CCACC0C31, BC49D6C135C50254BF952B790046BE364DFDDA786F1EACEE4CC8880B764B7A92 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
22:14:42.0442 0x1840  AtiHdmiService - ok
22:14:42.0988 0x1840  [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:14:43.0316 0x1840  atikmdag - ok
22:14:43.0410 0x1840  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
22:14:43.0410 0x1840  AtiPcie - ok
22:14:43.0488 0x1840  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:14:43.0503 0x1840  AudioEndpointBuilder - ok
22:14:43.0550 0x1840  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:14:43.0566 0x1840  AudioSrv - ok
22:14:43.0659 0x1840  [ 70CCDD9BCBAA5A918A7D135E28A824E2, D98A6D7885A7E44AD32F25BECE65151773E50D3B155020A03A5801DE5A090EA3 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
22:14:43.0706 0x1840  avc3 - ok
22:14:43.0784 0x1840  [ D0B093DDF5FD05E4D0109159E9153A52, 2F8430F4B7EECB3C9712E443460F1F9B4FA52EB123FE3B0ED63AAD88616C13A4 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
22:14:43.0815 0x1840  avchv - ok
22:14:43.0893 0x1840  [ 0956716D5565680DC83992C11BBDB2C2, 7349F32F3E8596E680EE26BB1CA97AFADB42ED1B4652859CE5E221F67371B412 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
22:14:43.0924 0x1840  avckf - ok
22:14:43.0971 0x1840  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:14:43.0971 0x1840  AxInstSV - ok
22:14:44.0049 0x1840  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:14:44.0049 0x1840  b06bdrv - ok
22:14:44.0096 0x1840  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:14:44.0112 0x1840  b57nd60a - ok
22:14:44.0252 0x1840  [ 1C2B62D30100E6DC3C29B5344E73F99F, 83EE77BE98786C1B25F3E17FE79BAF9DC17855FCD4C4681A244F46956438F1D0 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
22:14:44.0252 0x1840  BdDesktopParental - ok
22:14:44.0299 0x1840  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:14:44.0299 0x1840  BDESVC - ok
22:14:44.0408 0x1840  [ 4CE4B0098FC315C237FA8867F07886C4, 475B2D86EE7658372D868ABC9ACA965FDD8212D3AE2C6E4749DC53DBA3DC19D6 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
22:14:44.0408 0x1840  bdfwfpf - ok
22:14:44.0470 0x1840  [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc      C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
22:14:44.0470 0x1840  bdfwfpf_pc - ok
22:14:44.0517 0x1840  [ B9ECE7FD9F58DAF19450C88338DC5267, 9857DFE0BDDEA791F2DDA99C24A064D488B52E4AC1402A37EF22C244C9283681 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
22:14:44.0533 0x1840  BDSandBox - ok
22:14:44.0564 0x1840  [ 50F796CB1E8C80F3D19435CB50C3DAB5, 20CE5C1242F8D0DFEE13C8D07EF1A67F670A078BA44E810A3A042C6A060FACC9 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
22:14:44.0564 0x1840  BDVEDISK - ok
22:14:44.0595 0x1840  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:14:44.0595 0x1840  Beep - ok
22:14:44.0673 0x1840  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:14:44.0689 0x1840  BFE - ok
22:14:44.0767 0x1840  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:14:44.0782 0x1840  BITS - ok
22:14:44.0860 0x1840  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:14:44.0860 0x1840  blbdrive - ok
22:14:44.0985 0x1840  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:14:45.0016 0x1840  Bonjour Service - ok
22:14:45.0048 0x1840  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:14:45.0063 0x1840  bowser - ok
22:14:45.0079 0x1840  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:14:45.0079 0x1840  BrFiltLo - ok
22:14:45.0126 0x1840  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:14:45.0126 0x1840  BrFiltUp - ok
22:14:45.0172 0x1840  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:14:45.0188 0x1840  Browser - ok
22:14:45.0250 0x1840  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:14:45.0266 0x1840  Brserid - ok
22:14:45.0297 0x1840  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:14:45.0297 0x1840  BrSerWdm - ok
22:14:45.0328 0x1840  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:14:45.0328 0x1840  BrUsbMdm - ok
22:14:45.0344 0x1840  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:14:45.0344 0x1840  BrUsbSer - ok
22:14:45.0375 0x1840  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:14:45.0375 0x1840  BTHMODEM - ok
22:14:45.0422 0x1840  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:14:45.0422 0x1840  bthserv - ok
22:14:45.0469 0x1840  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:14:45.0469 0x1840  cdfs - ok
22:14:45.0516 0x1840  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:14:45.0516 0x1840  cdrom - ok
22:14:45.0547 0x1840  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:14:45.0562 0x1840  CertPropSvc - ok
22:14:45.0594 0x1840  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:14:45.0594 0x1840  circlass - ok
22:14:45.0656 0x1840  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:14:45.0656 0x1840  CLFS - ok
22:14:45.0843 0x1840  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
22:14:45.0906 0x1840  ClickToRunSvc - ok
22:14:46.0030 0x1840  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:14:46.0030 0x1840  clr_optimization_v2.0.50727_32 - ok
22:14:46.0108 0x1840  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:14:46.0124 0x1840  clr_optimization_v2.0.50727_64 - ok
22:14:46.0233 0x1840  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:14:46.0264 0x1840  clr_optimization_v4.0.30319_32 - ok
22:14:46.0296 0x1840  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:14:46.0311 0x1840  clr_optimization_v4.0.30319_64 - ok
22:14:46.0358 0x1840  [ 9573E8C7C3B3D1625FD941841FD0859C, FDAB4FA6F6C249D6BC7BA73DBB70CBD99CA62BB4989A73A3A01929FC8DF26D62 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
22:14:46.0358 0x1840  clwvd - ok
22:14:46.0405 0x1840  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:14:46.0405 0x1840  CmBatt - ok
22:14:46.0498 0x1840  [ E6D260721A9DF6A254FEDB7990FB5E77, BD6DAD6DDEDA86B4D2FFF080142FFE83838574BA84409F2C5399253B3B0097AB ] cmcore          c:\program files (x86)\cmcm\Clean Master\cmcore.exe
22:14:46.0514 0x1840  cmcore - ok
22:14:46.0545 0x1840  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:14:46.0545 0x1840  cmdide - ok
22:14:46.0623 0x1840  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:14:46.0639 0x1840  CNG - ok
22:14:46.0670 0x1840  [ 040FF3B09F26926A3792E047DB0F47DD, 665A4D692C5654B5D4FBAACB25057A28D7EB9464DDA5C9A9A737675D4BBDF990 ] cnnctfy2        C:\Windows\system32\DRIVERS\cnnctfy2.sys
22:14:46.0670 0x1840  cnnctfy2 - ok
22:14:46.0717 0x1840  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:14:46.0717 0x1840  Compbatt - ok
22:14:46.0748 0x1840  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:14:46.0748 0x1840  CompositeBus - ok
22:14:46.0764 0x1840  COMSysApp - ok
22:14:46.0842 0x1840  [ 27A6C0D6DF4734852A9065624F3580D4, C6C03FE240756808618C34E96FFEABCDFB4103238CCB931C2B0817F4A93BEA00 ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
22:14:46.0857 0x1840  Connectify - ok
22:14:46.0888 0x1840  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:14:46.0888 0x1840  crcdisk - ok
22:14:46.0951 0x1840  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:14:46.0951 0x1840  CryptSvc - ok
22:14:47.0013 0x1840  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:14:47.0029 0x1840  CSC - ok
22:14:47.0139 0x1840  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:14:47.0155 0x1840  CscService - ok
22:14:47.0201 0x1840  [ F02D7FD231AF76C69A8F09C619DEE384, 8A491BB0BFBD99804262A23E2687C58323A4042748CF201A32E35079FEDAF218 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
22:14:47.0217 0x1840  ctxusbm - ok
22:14:47.0295 0x1840  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:14:47.0311 0x1840  DcomLaunch - ok
22:14:47.0373 0x1840  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:14:47.0389 0x1840  defragsvc - ok
22:14:47.0451 0x1840  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:14:47.0467 0x1840  DfsC - ok
22:14:47.0513 0x1840  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:14:47.0529 0x1840  Dhcp - ok
22:14:47.0576 0x1840  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:14:47.0576 0x1840  discache - ok
22:14:47.0607 0x1840  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:14:47.0607 0x1840  Disk - ok
22:14:47.0654 0x1840  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:14:47.0669 0x1840  Dnscache - ok
22:14:47.0747 0x1840  [ 1C92CE85ED00554BDD118923E751A162, 8F91BF8ED73585FCA74320D783180C80FF4F420E5B30FCC085D5929FC1AD4373 ] Dokan           C:\Windows\system32\drivers\dokan.sys
22:14:47.0763 0x1840  Dokan - ok
22:14:47.0794 0x1840  [ CA41DFFFB8BA956FFE9729D0B3853A58, EDD138DAD37F03559D590FDF3D0DACD1BDC592054FBB2F8E4E811BB9C683D027 ] DokanMounter    C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
22:14:47.0794 0x1840  DokanMounter - ok
22:14:47.0857 0x1840  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:14:47.0872 0x1840  dot3svc - ok
22:14:47.0950 0x1840  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
22:14:47.0950 0x1840  Dot4 - ok
22:14:47.0998 0x1840  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:14:47.0998 0x1840  Dot4Print - ok
22:14:48.0045 0x1840  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
22:14:48.0045 0x1840  dot4usb - ok
22:14:48.0076 0x1840  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:14:48.0092 0x1840  DPS - ok
22:14:48.0138 0x1840  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:14:48.0138 0x1840  drmkaud - ok
22:14:48.0232 0x1840  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:14:48.0263 0x1840  DXGKrnl - ok
22:14:48.0310 0x1840  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:14:48.0310 0x1840  EapHost - ok
22:14:48.0419 0x1840  [ 34820F6A33918BE24B76AD670C167F28, 0F40A8401E579CA574A88AB8EA68EC2B9129096E6980E2C72DF7D00033371B80 ] EaseUS Agent    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
22:14:48.0419 0x1840  EaseUS Agent - ok
22:14:48.0622 0x1840  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:14:48.0731 0x1840  ebdrv - ok
22:14:48.0794 0x1840  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
22:14:48.0809 0x1840  EFS - ok
22:14:48.0918 0x1840  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:14:48.0965 0x1840  ehRecvr - ok
22:14:48.0996 0x1840  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:14:49.0013 0x1840  ehSched - ok
22:14:49.0107 0x1840  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:14:49.0122 0x1840  elxstor - ok
22:14:49.0153 0x1840  [ F218A3A27ED6592C0E22EC3595554447, 14510F0EB64314C5E1DD1D88F4C374A704EF4512ECCC411D445BCACF9B4F2B96 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
22:14:49.0153 0x1840  enecir - ok
22:14:49.0169 0x1840  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:14:49.0169 0x1840  ErrDev - ok
22:14:49.0247 0x1840  [ F9EF24890DA338C53724B93C91F571BB, 44369735250DD9A9FB250047CAFF7780070F87D5B221C127160588AC51BA5F02 ] EUBAKUP         C:\Windows\system32\drivers\eubakup.sys
22:14:49.0247 0x1840  EUBAKUP - ok
22:14:49.0294 0x1840  [ 343B00C623DDD8F4DCF5B373841B4D2D, 593794A8A0A58CF156B84B714E2E95FC1FC9E7D79C5B3A9B1E20103623480EA6 ] EUBKMON         C:\Windows\system32\drivers\EUBKMON.sys
22:14:49.0294 0x1840  EUBKMON - ok
22:14:49.0325 0x1840  [ 8B5CDECAFF12FBE0740AEC11A9253C6C, 95B994B539D404ADCB06993E21A5C913C20F661880BB421CD0B9329697D694A4 ] EUDSKACS        C:\Windows\system32\drivers\eudskacs.sys
22:14:49.0325 0x1840  EUDSKACS - ok
22:14:49.0341 0x1840  [ 401E216AE985DDEFE2262B1E7FC92B21, BF51EF67444CEE35434A89BB948B8D8889E157FAE6D7B2A37D2C1D8B7D396864 ] EUFDDISK        C:\Windows\system32\drivers\EuFdDisk.sys
22:14:49.0356 0x1840  EUFDDISK - ok
22:14:49.0419 0x1840  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:14:49.0419 0x1840  EventSystem - ok
22:14:49.0465 0x1840  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:14:49.0465 0x1840  exfat - ok
22:14:49.0481 0x1840  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:14:49.0497 0x1840  fastfat - ok
22:14:49.0575 0x1840  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:14:49.0590 0x1840  Fax - ok
22:14:49.0606 0x1840  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:14:49.0606 0x1840  fdc - ok
22:14:49.0653 0x1840  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:14:49.0653 0x1840  fdPHost - ok
22:14:49.0684 0x1840  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:14:49.0699 0x1840  FDResPub - ok
22:14:49.0715 0x1840  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:14:49.0731 0x1840  FileInfo - ok
22:14:49.0746 0x1840  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:14:49.0762 0x1840  Filetrace - ok
22:14:49.0777 0x1840  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:14:49.0793 0x1840  flpydisk - ok
22:14:49.0871 0x1840  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:14:49.0871 0x1840  FltMgr - ok
22:14:49.0965 0x1840  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:14:49.0996 0x1840  FontCache - ok
22:14:50.0105 0x1840  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:14:50.0105 0x1840  FontCache3.0.0.0 - ok
22:14:50.0136 0x1840  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:14:50.0136 0x1840  FsDepends - ok
22:14:50.0167 0x1840  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:14:50.0167 0x1840  Fs_Rec - ok
22:14:50.0214 0x1840  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:14:50.0245 0x1840  fvevol - ok
22:14:50.0292 0x1840  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:14:50.0308 0x1840  gagp30kx - ok
22:14:50.0355 0x1840  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:14:50.0355 0x1840  GEARAspiWDM - ok
22:14:50.0401 0x1840  [ A4198F2BD8AA592CB90476277A81B5E1, D099E636541CC2D4B74541E73A7B1C0BD4FFA7B699212AD98A8615AC3066A8BB ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
22:14:50.0401 0x1840  ggflt - ok
22:14:50.0464 0x1840  [ D266350BDAAB9EB6C1AEC370EEAAFF3A, 51F482AF0C4D823F5F0DE8BB22756B89E74D62257FE5FD251E76308D8C42EE00 ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
22:14:50.0464 0x1840  ggsemc - ok
22:14:50.0589 0x1840  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:14:50.0604 0x1840  gpsvc - ok
22:14:50.0667 0x1840  [ B5B81876470C099E6DB3B63BDFBE58FC, B04221680BF4890829B817B6A89BF0408CE6AF3BFA9BFBF25D55BF7F99BAA8DE ] Guard Agent     C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
22:14:50.0667 0x1840  Guard Agent - ok
22:14:50.0745 0x1840  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:14:50.0760 0x1840  gupdate - ok
22:14:50.0823 0x1840  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:14:50.0838 0x1840  gupdatem - ok
22:14:50.0916 0x1840  [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
22:14:50.0916 0x1840  gzflt - ok
22:14:51.0010 0x1840  [ 43426EC7BAC44DF158DF371CA2070B60, D920FEC0BB069FDADB699CB8985A3F15F89E8E73ACD10CFCAC151C74B9F319C5 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
22:14:51.0010 0x1840  hcmon - ok
22:14:51.0072 0x1840  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:14:51.0072 0x1840  hcw85cir - ok
22:14:51.0119 0x1840  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:14:51.0119 0x1840  HdAudAddService - ok
22:14:51.0166 0x1840  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:14:51.0181 0x1840  HDAudBus - ok
22:14:51.0213 0x1840  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:14:51.0228 0x1840  HidBatt - ok
22:14:51.0244 0x1840  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:14:51.0244 0x1840  HidBth - ok
22:14:51.0291 0x1840  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:14:51.0291 0x1840  HidIr - ok
22:14:51.0337 0x1840  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:14:51.0337 0x1840  hidserv - ok
22:14:51.0369 0x1840  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:14:51.0384 0x1840  HidUsb - ok
22:14:51.0415 0x1840  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:14:51.0415 0x1840  hkmsvc - ok
22:14:51.0447 0x1840  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:14:51.0462 0x1840  HomeGroupListener - ok
22:14:51.0493 0x1840  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:14:51.0493 0x1840  HomeGroupProvider - ok
22:14:51.0603 0x1840  [ 5F8D5933392AA2EA6ECD5118428FFEB2, F208AE73F6A4689C265EDC5C801E7125ACB62CA2338D025ADDFC36A599ABD3DD ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
22:14:51.0618 0x1840  HP Support Assistant Service - ok
22:14:51.0649 0x1840  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
22:14:51.0649 0x1840  hpdskflt - ok
22:14:51.0790 0x1840  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
22:14:51.0821 0x1840  hpqwmiex - ok
22:14:51.0883 0x1840  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:14:51.0883 0x1840  HpSAMD - ok
22:14:51.0946 0x1840  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
22:14:51.0946 0x1840  hpsrv - ok
22:14:52.0055 0x1840  [ 82C47A85494249623F40E43C7B04051C, 97EF087B49219B68686914B250634FF67D13B7D3F81562614F108D2A40BEBA54 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
22:14:52.0055 0x1840  HPSupportSolutionsFrameworkService - ok
22:14:52.0102 0x1840  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:14:52.0133 0x1840  HTTP - ok
22:14:52.0180 0x1840  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:14:52.0180 0x1840  hwpolicy - ok
22:14:52.0242 0x1840  [ E0C7255498640FC64B19AAE17FD6F965, 10BCE55F36A36F962A7BA774B8B4C0F07081EA1EAB0FD3B8C57AA01FE8CFDF48 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
22:14:52.0242 0x1840  hwusbdev - ok
22:14:52.0305 0x1840  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:14:52.0320 0x1840  i8042prt - ok
22:14:52.0414 0x1840  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:14:52.0445 0x1840  iaStorV - ok
22:14:52.0570 0x1840  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:14:52.0632 0x1840  idsvc - ok
22:14:52.0695 0x1840  IEEtwCollectorService - ok
22:14:52.0741 0x1840  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:14:52.0741 0x1840  iirsp - ok
22:14:52.0819 0x1840  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:14:52.0835 0x1840  IKEEXT - ok
22:14:52.0897 0x1840  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:14:52.0897 0x1840  intelide - ok
22:14:52.0944 0x1840  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:14:52.0944 0x1840  intelppm - ok
22:14:53.0007 0x1840  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:14:53.0007 0x1840  IPBusEnum - ok
22:14:53.0038 0x1840  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:14:53.0038 0x1840  IpFilterDriver - ok
22:14:53.0116 0x1840  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:14:53.0147 0x1840  iphlpsvc - ok
22:14:53.0194 0x1840  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:14:53.0194 0x1840  IPMIDRV - ok
22:14:53.0256 0x1840  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:14:53.0272 0x1840  IPNAT - ok
22:14:53.0428 0x1840  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:14:53.0443 0x1840  iPod Service - ok
22:14:53.0475 0x1840  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:14:53.0475 0x1840  IRENUM - ok
22:14:53.0521 0x1840  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:14:53.0537 0x1840  isapnp - ok
22:14:53.0615 0x1840  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:14:53.0646 0x1840  iScsiPrt - ok
22:14:53.0709 0x1840  [ 54DF9EAFB54A98E1A2AC3DB69C16CF05, B3837C8AD0406B5EF0304E5C465D5582669D818C8787E5C0A7457CFF632B5E01 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
22:14:53.0724 0x1840  JMCR - ok
22:14:53.0755 0x1840  [ C54FA746F0E7061526F10FD396DE7D19, 80161520792E17416A732D46473617DFAA07EC135221137DB3AE7726BD929667 ] johci           C:\Windows\system32\DRIVERS\johci.sys
22:14:53.0771 0x1840  johci - ok
22:14:53.0787 0x1840  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:14:53.0787 0x1840  kbdclass - ok
22:14:53.0818 0x1840  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:14:53.0833 0x1840  kbdhid - ok
22:14:53.0849 0x1840  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
22:14:53.0849 0x1840  KeyIso - ok
22:14:53.0896 0x1840  [ 6968FC608A61791C13CEFE6C8496CBD2, E934C1410E41D95762D303CACFC1322F0F79DDBAC5566D0F196BB52AC5494DF0 ] ksapi64         C:\Windows\system32\drivers\ksapi64.sys
22:14:53.0896 0x1840  ksapi64 - ok
22:14:53.0927 0x1840  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:14:53.0943 0x1840  KSecDD - ok
22:14:53.0989 0x1840  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:14:54.0005 0x1840  KSecPkg - ok
22:14:54.0067 0x1840  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:14:54.0083 0x1840  ksthunk - ok
22:14:54.0177 0x1840  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:14:54.0177 0x1840  KtmRm - ok
22:14:54.0239 0x1840  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:14:54.0239 0x1840  LanmanServer - ok
22:14:54.0317 0x1840  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:14:54.0333 0x1840  LanmanWorkstation - ok
22:14:54.0379 0x1840  [ 3C46290F7A5D45BA6EF32C248E22AA69, E2EAC359B38AE1A36DACDFE6E3923C1D70D6F5B9E5E411279B074802CB019760 ] Lbd             C:\Windows\system32\DRIVERS\Lbd.sys
22:14:54.0379 0x1840  Lbd - ok
22:14:54.0442 0x1840  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:14:54.0442 0x1840  lltdio - ok
22:14:54.0535 0x1840  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:14:54.0551 0x1840  lltdsvc - ok
22:14:54.0613 0x1840  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:14:54.0613 0x1840  lmhosts - ok
22:14:54.0645 0x1840  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:14:54.0660 0x1840  LSI_FC - ok
22:14:54.0691 0x1840  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:14:54.0691 0x1840  LSI_SAS - ok
22:14:54.0723 0x1840  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:14:54.0723 0x1840  LSI_SAS2 - ok
22:14:54.0769 0x1840  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:14:54.0769 0x1840  LSI_SCSI - ok
22:14:54.0816 0x1840  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:14:54.0816 0x1840  luafv - ok
22:14:54.0832 0x1840  lxcy_device - ok
22:14:54.0863 0x1840  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:14:54.0863 0x1840  Mcx2Svc - ok
22:14:54.0910 0x1840  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:14:54.0925 0x1840  megasas - ok
22:14:54.0972 0x1840  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:14:54.0972 0x1840  MegaSR - ok
22:14:55.0019 0x1840  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:14:55.0019 0x1840  MMCSS - ok
22:14:55.0050 0x1840  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:14:55.0050 0x1840  Modem - ok
22:14:55.0081 0x1840  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:14:55.0081 0x1840  monitor - ok
22:14:55.0113 0x1840  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:14:55.0113 0x1840  mouclass - ok
22:14:55.0144 0x1840  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:14:55.0144 0x1840  mouhid - ok
22:14:55.0191 0x1840  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:14:55.0191 0x1840  mountmgr - ok
22:14:55.0253 0x1840  [ 35BE659B9A2B73E80E076A436B98CA4F, 0B497BC38FC2CC383759D70D311A6202AEB4045F3C2A48E6D0C503F7A7DC605E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:14:55.0269 0x1840  MozillaMaintenance - ok
22:14:55.0362 0x1840  [ 4C6ECD0F908436E6D255D8B48C18B349, 7F6CFF6367F40472FA3C7A0A526B3F75AF73BFA9B6FE4C6DD769F80A703A7EA4 ] MP2-Server      C:\Program Files (x86)\Team MediaPortal\MP2-Server\MP2-Server.exe
22:14:55.0378 0x1840  MP2-Server - ok
22:14:55.0409 0x1840  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:14:55.0409 0x1840  mpio - ok
22:14:55.0440 0x1840  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:14:55.0440 0x1840  mpsdrv - ok
22:14:55.0503 0x1840  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:14:55.0534 0x1840  MpsSvc - ok
22:14:55.0581 0x1840  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:14:55.0581 0x1840  MRxDAV - ok
22:14:55.0627 0x1840  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:14:55.0627 0x1840  mrxsmb - ok
22:14:55.0659 0x1840  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:14:55.0674 0x1840  mrxsmb10 - ok
22:14:55.0705 0x1840  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:14:55.0705 0x1840  mrxsmb20 - ok
22:14:55.0752 0x1840  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:14:55.0768 0x1840  msahci - ok
22:14:55.0815 0x1840  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:14:55.0830 0x1840  msdsm - ok
22:14:55.0877 0x1840  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:14:55.0908 0x1840  MSDTC - ok
22:14:56.0017 0x1840  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:14:56.0033 0x1840  Msfs - ok
22:14:56.0095 0x1840  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:14:56.0111 0x1840  mshidkmdf - ok
22:14:56.0142 0x1840  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:14:56.0142 0x1840  msisadrv - ok
22:14:56.0189 0x1840  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:14:56.0189 0x1840  MSiSCSI - ok
22:14:56.0205 0x1840  msiserver - ok
22:14:56.0251 0x1840  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:14:56.0251 0x1840  MSKSSRV - ok
22:14:56.0423 0x1840  [ 47A616802531735DF88CD331739D6E97, 28A28794186CC0B5EC5A3838C7CAE16B9DCE2C0BD5873F59CE59F8F4EDA4268B ] msoidsvc        C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
22:14:56.0470 0x1840  msoidsvc - ok
22:14:56.0517 0x1840  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:14:56.0517 0x1840  MSPCLOCK - ok
22:14:56.0532 0x1840  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:14:56.0548 0x1840  MSPQM - ok
22:14:56.0563 0x1840  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:14:56.0579 0x1840  MsRPC - ok
22:14:56.0610 0x1840  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:14:56.0610 0x1840  mssmbios - ok
22:14:56.0688 0x1840  MSSQL$EONENERGYFIT - ok
22:14:56.0735 0x1840  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:14:56.0735 0x1840  MSSQLServerADHelper - ok
22:14:56.0766 0x1840  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:14:56.0766 0x1840  MSTEE - ok
22:14:56.0797 0x1840  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:14:56.0797 0x1840  MTConfig - ok
22:14:56.0829 0x1840  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:14:56.0844 0x1840  Mup - ok
22:14:56.0875 0x1840  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:14:56.0891 0x1840  napagent - ok
22:14:56.0953 0x1840  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:14:56.0953 0x1840  NativeWifiP - ok
22:14:57.0031 0x1840  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:14:57.0063 0x1840  NDIS - ok
22:14:57.0094 0x1840  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:14:57.0094 0x1840  NdisCap - ok
22:14:57.0125 0x1840  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:14:57.0125 0x1840  NdisTapi - ok
22:14:57.0141 0x1840  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:14:57.0141 0x1840  Ndisuio - ok
22:14:57.0187 0x1840  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:14:57.0187 0x1840  NdisWan - ok
22:14:57.0203 0x1840  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:14:57.0219 0x1840  NDProxy - ok
22:14:57.0250 0x1840  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:14:57.0265 0x1840  Net Driver HPZ12 - ok
22:14:57.0297 0x1840  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:14:57.0297 0x1840  NetBIOS - ok
22:14:57.0328 0x1840  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:14:57.0328 0x1840  NetBT - ok
22:14:57.0343 0x1840  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
22:14:57.0359 0x1840  Netlogon - ok
22:14:57.0406 0x1840  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:14:57.0421 0x1840  Netman - ok
22:14:57.0484 0x1840  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:14:57.0499 0x1840  NetMsmqActivator - ok
22:14:57.0531 0x1840  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:14:57.0531 0x1840  NetPipeActivator - ok
22:14:57.0562 0x1840  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:14:57.0577 0x1840  netprofm - ok
22:14:57.0733 0x1840  [ 6193669D716B17F35BE1C80C675CAAD8, 4BF096FF7CEA6E36E241407048E75F2399F07BA39E0EF7D2F99AF9A849895728 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
22:14:57.0780 0x1840  netr28ux - ok
22:14:57.0811 0x1840  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:14:57.0811 0x1840  NetTcpActivator - ok
22:14:57.0827 0x1840  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:14:57.0843 0x1840  NetTcpPortSharing - ok
22:14:57.0889 0x1840  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:14:57.0905 0x1840  nfrd960 - ok
22:14:57.0936 0x1840  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:14:57.0952 0x1840  NlaSvc - ok
22:14:57.0967 0x1840  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:14:57.0983 0x1840  Npfs - ok
22:14:57.0999 0x1840  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:14:57.0999 0x1840  nsi - ok
22:14:58.0030 0x1840  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:14:58.0030 0x1840  nsiproxy - ok
22:14:58.0139 0x1840  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:14:58.0186 0x1840  Ntfs - ok
22:14:58.0233 0x1840  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:14:58.0233 0x1840  Null - ok
22:14:58.0264 0x1840  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:14:58.0279 0x1840  nvraid - ok
22:14:58.0311 0x1840  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:14:58.0326 0x1840  nvstor - ok
22:14:58.0357 0x1840  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:14:58.0373 0x1840  nv_agp - ok
22:14:58.0389 0x1840  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:14:58.0404 0x1840  ohci1394 - ok
22:14:58.0482 0x1840  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:14:58.0482 0x1840  ose - ok
22:14:58.0779 0x1840  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:14:58.0903 0x1840  osppsvc - ok
22:14:58.0981 0x1840  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:14:58.0997 0x1840  p2pimsvc - ok
22:14:59.0044 0x1840  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:14:59.0059 0x1840  p2psvc - ok
22:14:59.0091 0x1840  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:14:59.0091 0x1840  Parport - ok
22:14:59.0107 0x1840  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:14:59.0123 0x1840  partmgr - ok
22:14:59.0138 0x1840  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:14:59.0138 0x1840  PcaSvc - ok
22:14:59.0171 0x1840  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:14:59.0171 0x1840  pci - ok
22:14:59.0217 0x1840  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:14:59.0217 0x1840  pciide - ok
22:14:59.0249 0x1840  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:14:59.0264 0x1840  pcmcia - ok
22:14:59.0295 0x1840  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:14:59.0295 0x1840  pcw - ok
22:14:59.0342 0x1840  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:14:59.0358 0x1840  PEAUTH - ok
22:14:59.0498 0x1840  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:14:59.0529 0x1840  PeerDistSvc - ok
22:14:59.0639 0x1840  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:14:59.0654 0x1840  PerfHost - ok
22:14:59.0763 0x1840  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:14:59.0795 0x1840  pla - ok
22:14:59.0873 0x1840  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:14:59.0888 0x1840  PlugPlay - ok
22:14:59.0919 0x1840  [ BDEA03A01DD58FF120C9D757A28DAA8B, CB3F8A65DCB91FA6E10F312ACC13175453C097A25D191DBA1D2692F0E57F6D33 ] pmkbdfltr       C:\Windows\system32\DRIVERS\pmkbdfltr.sys
22:14:59.0919 0x1840  pmkbdfltr - ok
22:14:59.0982 0x1840  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:14:59.0982 0x1840  Pml Driver HPZ12 - ok
22:14:59.0997 0x1840  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:14:59.0997 0x1840  PNRPAutoReg - ok
22:15:00.0060 0x1840  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:15:00.0060 0x1840  PNRPsvc - ok
22:15:00.0107 0x1840  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:15:00.0122 0x1840  PolicyAgent - ok
22:15:00.0153 0x1840  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:15:00.0169 0x1840  Power - ok
22:15:00.0217 0x1840  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:15:00.0217 0x1840  PptpMiniport - ok
22:15:00.0248 0x1840  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:15:00.0248 0x1840  Processor - ok
22:15:00.0295 0x1840  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:15:00.0295 0x1840  ProfSvc - ok
22:15:00.0310 0x1840  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:15:00.0326 0x1840  ProtectedStorage - ok
22:15:00.0357 0x1840  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:15:00.0357 0x1840  Psched - ok
22:15:00.0404 0x1840  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
22:15:00.0404 0x1840  PSI - ok
22:15:00.0498 0x1840  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:15:00.0544 0x1840  ql2300 - ok
22:15:00.0576 0x1840  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:15:00.0576 0x1840  ql40xx - ok
22:15:00.0622 0x1840  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:15:00.0622 0x1840  QWAVE - ok
22:15:00.0654 0x1840  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:15:00.0654 0x1840  QWAVEdrv - ok
22:15:00.0810 0x1840  [ CE326BF56348BC91F79B7CD2DE0DBD3D, BB7D44D00DB9B21AD4D3489F775EFEF166F35546D561E5BA9A64C62733688991 ] RapportCerberus_80083 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80083.sys
22:15:00.0825 0x1840  RapportCerberus_80083 - ok
22:15:00.0903 0x1840  [ 81081518C227381318CFAF01EB068BF4, AFC794476F25930AB12720CBBBF7D789B777C3B9DC6E8EFA12903D6AB9ADBFC0 ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
22:15:00.0903 0x1840  RapportEI64 - ok
22:15:00.0997 0x1840  [ 2877500C0145F8E6C69CA3B971A54223, C53E52D47E9039C908BE5FAD3D0D81825B3443561A167C631EB9D369AEDF3A56 ] RapportIaso     c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys
22:15:00.0997 0x1840  RapportIaso - ok
22:15:01.0044 0x1840  [ 0791AB639648828D0277A06937454D33, CBE9B011EAD599BCC502CCDE2BD0F2189C756710B7ECAB02E23C76E3A5DBFB53 ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
22:15:01.0059 0x1840  RapportKE64 - ok
22:15:01.0184 0x1840  [ 6BA0E2EED2C1C65A7FBFE26467AF5013, 6CB3AE9D1130D5DF60B8265781D8B33C99E0B270E44B9498E074FB987070A02D ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
22:15:01.0247 0x1840  RapportMgmtService - ok
22:15:01.0310 0x1840  [ 76A3C5FF47F66EFEA997DC88529C4FCC, 39FEF25267EAD898DB8C2565677009FBD2E84B84336DBFDF95D4EEE9F3A1D066 ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
22:15:01.0325 0x1840  RapportPG64 - ok
22:15:01.0357 0x1840  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:15:01.0357 0x1840  RasAcd - ok
22:15:01.0403 0x1840  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:15:01.0403 0x1840  RasAgileVpn - ok
22:15:01.0450 0x1840  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:15:01.0450 0x1840  RasAuto - ok
22:15:01.0466 0x1840  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:15:01.0481 0x1840  Rasl2tp - ok
22:15:01.0528 0x1840  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:15:01.0544 0x1840  RasMan - ok
22:15:01.0575 0x1840  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:15:01.0575 0x1840  RasPppoe - ok
22:15:01.0591 0x1840  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:15:01.0591 0x1840  RasSstp - ok
22:15:01.0622 0x1840  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:15:01.0637 0x1840  rdbss - ok
22:15:01.0653 0x1840  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:15:01.0653 0x1840  rdpbus - ok
22:15:01.0669 0x1840  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:15:01.0669 0x1840  RDPCDD - ok
22:15:01.0700 0x1840  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:15:01.0715 0x1840  RDPDR - ok
22:15:01.0731 0x1840  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:15:01.0747 0x1840  RDPENCDD - ok
22:15:01.0762 0x1840  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:15:01.0762 0x1840  RDPREFMP - ok
22:15:01.0809 0x1840  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:15:01.0809 0x1840  RdpVideoMiniport - ok
22:15:01.0856 0x1840  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:15:01.0856 0x1840  RDPWD - ok
22:15:01.0918 0x1840  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:15:01.0918 0x1840  rdyboost - ok
22:15:01.0965 0x1840  [ 84C83C7577407C4FF6AB1379EE944610, 497695C775D193357996BE6009247026596907B5568BDD32DA8677042F9BA302 ] regi            C:\Windows\system32\drivers\regi.sys
22:15:01.0965 0x1840  regi - ok
22:15:02.0012 0x1840  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:15:02.0012 0x1840  RemoteAccess - ok
22:15:02.0059 0x1840  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:15:02.0059 0x1840  RemoteRegistry - ok
22:15:02.0121 0x1840  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:15:02.0121 0x1840  RpcEptMapper - ok
22:15:02.0152 0x1840  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:15:02.0152 0x1840  RpcLocator - ok
22:15:02.0199 0x1840  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:15:02.0216 0x1840  RpcSs - ok
22:15:02.0247 0x1840  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:15:02.0262 0x1840  rspndr - ok
22:15:02.0325 0x1840  [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:15:02.0356 0x1840  RTL8167 - ok
22:15:02.0403 0x1840  [ 032F537623A7B2FB81AAA184C30B70C3, C9E0569322A173D62D357CEA7BFECB0CF9D5817E3AE4B46955760BF98F5D16B3 ] s0017bus        C:\Windows\system32\DRIVERS\s0017bus.sys
22:15:02.0403 0x1840  s0017bus - ok
22:15:02.0450 0x1840  [ 9964A28E569B4FF105B446EF8978FD5C, 7872699B528C31E8B8699B6F8D2127440CD67A3BEAD0E5941BD58FDCD73DBE2C ] s0017mdfl       C:\Windows\system32\DRIVERS\s0017mdfl.sys
22:15:02.0450 0x1840  s0017mdfl - ok
22:15:02.0496 0x1840  [ 06347087D274C23DCFA8C4AB5C4314DB, 757DDAC72524EB59854A05E46A16CE2B0AF0CE1FC411110712576327D3984E91 ] s0017mdm        C:\Windows\system32\DRIVERS\s0017mdm.sys
22:15:02.0512 0x1840  s0017mdm - ok
22:15:02.0543 0x1840  [ F0F0747B3FA50272DE6B1BF575FA4700, FCB9007C630A0FD23CA0A8286BA9E498F6B36F1090F717B4A713286EEC4346C0 ] s0017mgmt       C:\Windows\system32\DRIVERS\s0017mgmt.sys
22:15:02.0543 0x1840  s0017mgmt - ok
22:15:02.0606 0x1840  [ 7224412CEA2FF2DF7D4842C1B0E71045, A2773319909B66F4DEA2E6134BB2723383866A63C482A26E2ADB65F29A405281 ] s0017nd5        C:\Windows\system32\DRIVERS\s0017nd5.sys
22:15:02.0606 0x1840  s0017nd5 - ok
22:15:02.0637 0x1840  [ 3FEADBC7F09B8B596CBFB82F12ABA87F, FBA6209893FF7C07823AB6F89FF7E36CF116C9FE202868DB4289233AF85E659A ] s0017obex       C:\Windows\system32\DRIVERS\s0017obex.sys
22:15:02.0652 0x1840  s0017obex - ok
22:15:02.0684 0x1840  [ 2B63BEA31D939888B2A8F3F14D89B5C1, 0C1333885DB315A63C1FAA53ED2160695F97C1B336B8DA986A48B97F39A46954 ] s0017unic       C:\Windows\system32\DRIVERS\s0017unic.sys
22:15:02.0684 0x1840  s0017unic - ok
22:15:02.0777 0x1840  [ E228C336F195FA629D00B02F9FFC5667, 114F562882EF2A439EC4783029A977A53588F3870AED158B46F8DA51B4CB2715 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
22:15:02.0777 0x1840  SafeBox - ok
22:15:02.0808 0x1840  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
22:15:02.0808 0x1840  SamSs - ok
22:15:02.0855 0x1840  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:15:02.0855 0x1840  sbp2port - ok
22:15:02.0918 0x1840  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:15:02.0933 0x1840  SCardSvr - ok
22:15:02.0996 0x1840  [ 443E5A76A169D95EAC02BA002F00B9D7, 1424B6D3B4ACFADBC85E6ED7F440952A8E1B285A7994C49DF97DA9D4A934EAE2 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
22:15:03.0011 0x1840  SCDEmu - ok
22:15:03.0042 0x1840  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:15:03.0042 0x1840  scfilter - ok
22:15:03.0136 0x1840  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:15:03.0167 0x1840  Schedule - ok
22:15:03.0231 0x1840  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:15:03.0231 0x1840  SCPolicySvc - ok
22:15:03.0277 0x1840  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
22:15:03.0277 0x1840  sdbus - ok
22:15:03.0324 0x1840  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:15:03.0340 0x1840  SDRSVC - ok
22:15:03.0355 0x1840  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:15:03.0355 0x1840  secdrv - ok
22:15:03.0387 0x1840  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:15:03.0402 0x1840  seclogon - ok
22:15:03.0511 0x1840  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
22:15:03.0558 0x1840  Secunia PSI Agent - ok
22:15:03.0574 0x1840  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:15:03.0589 0x1840  SENS - ok
22:15:03.0636 0x1840  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:15:03.0636 0x1840  SensrSvc - ok
22:15:03.0652 0x1840  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:15:03.0667 0x1840  Serenum - ok
22:15:03.0699 0x1840  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:15:03.0699 0x1840  Serial - ok
22:15:03.0745 0x1840  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:15:03.0745 0x1840  sermouse - ok
22:15:03.0808 0x1840  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:15:03.0808 0x1840  SessionEnv - ok
22:15:03.0839 0x1840  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:15:03.0839 0x1840  sffdisk - ok
22:15:03.0855 0x1840  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:15:03.0855 0x1840  sffp_mmc - ok
22:15:03.0901 0x1840  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:15:03.0901 0x1840  sffp_sd - ok
22:15:03.0917 0x1840  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:15:03.0917 0x1840  sfloppy - ok
22:15:03.0964 0x1840  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:15:03.0979 0x1840  SharedAccess - ok
22:15:04.0026 0x1840  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:15:04.0042 0x1840  ShellHWDetection - ok
22:15:04.0089 0x1840  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:15:04.0089 0x1840  SiSRaid2 - ok
22:15:04.0120 0x1840  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:15:04.0120 0x1840  SiSRaid4 - ok
22:15:04.0198 0x1840  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:15:04.0213 0x1840  SkypeUpdate - ok
22:15:04.0261 0x1840  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:15:04.0277 0x1840  Smb - ok
22:15:04.0339 0x1840  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:15:04.0355 0x1840  SNMPTRAP - ok
22:15:04.0464 0x1840  [ 5177D14A78E60FD61DCFC6B388E7E971, 19BE5CCF035C5E6C42DB299FBF39AB93E8B25AF56E903735D80F52FE7FFE8389 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
22:15:04.0464 0x1840  Sony PC Companion - ok
22:15:04.0573 0x1840  [ 5F9785E7535F8F602CB294A54962C9E7, 22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C ] speedfan        C:\Windows\syswow64\speedfan.sys
22:15:04.0573 0x1840  speedfan - ok
22:15:04.0604 0x1840  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:15:04.0604 0x1840  spldr - ok
22:15:04.0651 0x1840  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:15:04.0682 0x1840  Spooler - ok
22:15:04.0838 0x1840  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:15:04.0948 0x1840  sppsvc - ok
22:15:04.0994 0x1840  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:15:05.0010 0x1840  sppuinotify - ok
22:15:05.0088 0x1840  [ 34F974F8B3C86DE03A30DCBE79091C97, 14E12E3A145F898CB8B89FB75E0100D47D04E3BFD3078C315FE1F3CBF30FEFEE ] sptd            C:\Windows\system32\Drivers\sptd.sys
22:15:05.0104 0x1840  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C97, sha256: 14E12E3A145F898CB8B89FB75E0100D47D04E3BFD3078C315FE1F3CBF30FEFEE
22:15:05.0104 0x1840  sptd - detected LockedFile.Multi.Generic ( 1 )
22:15:07.0883 0x1840  Detect skipped due to KSN trusted
22:15:07.0883 0x1840  sptd - ok
22:15:08.0008 0x1840  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:15:08.0024 0x1840  SQLBrowser - ok
22:15:08.0117 0x1840  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:15:08.0133 0x1840  SQLWriter - ok
22:15:08.0195 0x1840  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:15:08.0227 0x1840  srv - ok
22:15:08.0305 0x1840  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:15:08.0321 0x1840  srv2 - ok
22:15:08.0368 0x1840  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:15:08.0384 0x1840  srvnet - ok
22:15:08.0430 0x1840  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:15:08.0446 0x1840  SSDPSRV - ok
22:15:08.0462 0x1840  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:15:08.0477 0x1840  SstpSvc - ok
22:15:08.0586 0x1840  [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
22:15:08.0586 0x1840  STacSV - ok
22:15:08.0680 0x1840  [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:15:08.0696 0x1840  Steam Client Service - ok
22:15:08.0727 0x1840  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:15:08.0742 0x1840  stexstor - ok
22:15:08.0805 0x1840  [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
22:15:08.0820 0x1840  STHDA - ok
22:15:08.0883 0x1840  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
22:15:08.0883 0x1840  StillCam - ok
22:15:08.0945 0x1840  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:15:08.0961 0x1840  stisvc - ok
22:15:09.0008 0x1840  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:15:09.0008 0x1840  swenum - ok
22:15:09.0054 0x1840  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:15:09.0086 0x1840  swprv - ok
22:15:09.0164 0x1840  [ 2F494CF2EC5DF71465A052CF9A494C06, E2018B28693699291AD384BB4DED666D0B3BE8F35880A945A39EF74DF56A44B0 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:15:09.0179 0x1840  SynTP - ok
22:15:09.0288 0x1840  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:15:09.0336 0x1840  SysMain - ok
22:15:09.0383 0x1840  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:15:09.0383 0x1840  TabletInputService - ok
22:15:09.0414 0x1840  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:15:09.0430 0x1840  TapiSrv - ok
22:15:09.0445 0x1840  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:15:09.0461 0x1840  TBS - ok
22:15:09.0570 0x1840  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:15:09.0617 0x1840  Tcpip - ok
22:15:09.0773 0x1840  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:15:09.0835 0x1840  TCPIP6 - ok
22:15:09.0898 0x1840  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:15:09.0898 0x1840  tcpipreg - ok
22:15:09.0929 0x1840  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:15:09.0929 0x1840  TDPIPE - ok
22:15:09.0960 0x1840  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:15:09.0960 0x1840  TDTCP - ok
22:15:10.0007 0x1840  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:15:10.0023 0x1840  tdx - ok
22:15:10.0351 0x1840  [ C0C121B537DA3AD87481C0502CACE462, E0FC2AC71B60C796DCD03217A510C47425FB7783713FCCC477130E69715D2B8D ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:15:10.0507 0x1840  TeamViewer - ok
22:15:10.0570 0x1840  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:15:10.0570 0x1840  TermDD - ok
22:15:10.0632 0x1840  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:15:10.0648 0x1840  TermService - ok
22:15:10.0679 0x1840  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:15:10.0694 0x1840  Themes - ok
22:15:10.0726 0x1840  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:15:10.0726 0x1840  THREADORDER - ok
22:15:10.0741 0x1840  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:15:10.0757 0x1840  TrkWks - ok
22:15:10.0835 0x1840  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
22:15:10.0850 0x1840  trufos - ok
22:15:10.0928 0x1840  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:15:10.0960 0x1840  TrustedInstaller - ok
22:15:11.0006 0x1840  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:15:11.0006 0x1840  tssecsrv - ok
22:15:11.0069 0x1840  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:15:11.0069 0x1840  TsUsbFlt - ok
22:15:11.0116 0x1840  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:15:11.0116 0x1840  tunnel - ok
22:15:11.0147 0x1840  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:15:11.0147 0x1840  uagp35 - ok
22:15:11.0209 0x1840  [ 7CE47CD0062468AC750906618FAC11A5, D2C3FE1999FCCCF911D42B3CBC025170C2968D4689295018BE0A519EBF4C22FE ] uagqecsvc       C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
22:15:11.0209 0x1840  uagqecsvc - ok
22:15:11.0256 0x1840  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:15:11.0256 0x1840  udfs - ok
22:15:11.0303 0x1840  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:15:11.0318 0x1840  UI0Detect - ok
22:15:11.0382 0x1840  [ BD955C54F7759F4833E8DF6BEE20849E, DD3F2364A6A468CC886533F86DACCCC53DEDF6EE04D5F3B3CE6953A4C03AA633 ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys
22:15:11.0382 0x1840  UimBus - ok
22:15:11.0429 0x1840  [ FF50AC44B6FCD61FEE4D5F3A5CED6E27, BF4216C60C309CC7D021C8EF1C412BAFFA60A06979F4060205624738A0FC474D ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys
22:15:11.0444 0x1840  Uim_IM - ok
22:15:11.0475 0x1840  [ F0430333EC10A151DE633D2362960BDE, 485F828FD8EB91C537070A3C25FBDA8D5AD45880A2BDDD46036CDDF52721CE11 ] Uim_VIM         C:\Windows\system32\Drivers\uim_vimx64.sys
22:15:11.0475 0x1840  Uim_VIM - ok
22:15:11.0522 0x1840  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:15:11.0522 0x1840  uliagpkx - ok
22:15:11.0553 0x1840  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:15:11.0553 0x1840  umbus - ok
22:15:11.0569 0x1840  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:15:11.0569 0x1840  UmPass - ok
22:15:11.0631 0x1840  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:15:11.0631 0x1840  UmRdpService - ok
22:15:11.0772 0x1840  [ B239FDC885A77E4D5FB93AD1BA2A80EC, EA4D6DF359FD9BD6465C44D718638ECF2F68F163F44F72B1897065012FBF7426 ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
22:15:11.0772 0x1840  UPDATESRV - ok
22:15:11.0834 0x1840  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:15:11.0850 0x1840  upnphost - ok
22:15:11.0897 0x1840  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:15:11.0897 0x1840  USBAAPL64 - ok
22:15:11.0960 0x1840  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:15:11.0960 0x1840  usbaudio - ok
22:15:12.0022 0x1840  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:15:12.0038 0x1840  usbccgp - ok
22:15:12.0069 0x1840  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:15:12.0085 0x1840  usbcir - ok
22:15:12.0116 0x1840  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:15:12.0116 0x1840  usbehci - ok
22:15:12.0210 0x1840  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:15:12.0225 0x1840  usbhub - ok
22:15:12.0256 0x1840  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
22:15:12.0272 0x1840  usbohci - ok
22:15:12.0319 0x1840  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:15:12.0319 0x1840  usbprint - ok
22:15:12.0350 0x1840  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
22:15:12.0350 0x1840  usbscan - ok
22:15:12.0398 0x1840  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:15:12.0398 0x1840  USBSTOR - ok
22:15:12.0429 0x1840  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:15:12.0429 0x1840  usbuhci - ok
22:15:12.0476 0x1840  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:15:12.0476 0x1840  usbvideo - ok
22:15:12.0523 0x1840  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
22:15:12.0523 0x1840  usb_rndisx - ok
22:15:12.0569 0x1840  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:15:12.0569 0x1840  UxSms - ok
22:15:12.0616 0x1840  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
22:15:12.0632 0x1840  VaultSvc - ok
22:15:12.0741 0x1840  [ 2292941A3522B2AEB2C4138B8336027B, 71E9A1FA2F9C2C2E471A287C080F1946AF242EB06465C1DE4D5EF795D0E270C7 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
22:15:12.0772 0x1840  VBoxDrv - ok
22:15:12.0819 0x1840  [ 7BA06676AC91AF2EEAB05BCC70F14003, C3373EBA72A11885E26FBCF6CB24452661132E17981F813D8E806A4B78B97622 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:15:12.0819 0x1840  VBoxNetAdp - ok
22:15:12.0850 0x1840  [ 4628619D91EB87183977158AA8386A7A, C0528B91A8FCEF1EB950B5C18C094E822A7449DE41AC9E058516CF34C2041759 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
22:15:12.0866 0x1840  VBoxNetFlt - ok
22:15:12.0897 0x1840  [ 93BDA0BF20F02E509354D1EBDE69E300, 9F34DE137A921C9842123ABEE841C27D224E3B8AB0AE2FC51F19943DB05B5DF3 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
22:15:12.0897 0x1840  VBoxUSBMon - ok
22:15:12.0928 0x1840  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:15:12.0928 0x1840  vdrvroot - ok
22:15:13.0006 0x1840  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:15:13.0022 0x1840  vds - ok
22:15:13.0053 0x1840  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:15:13.0053 0x1840  vga - ok
22:15:13.0069 0x1840  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:15:13.0084 0x1840  VgaSave - ok
22:15:13.0100 0x1840  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:15:13.0115 0x1840  vhdmp - ok
22:15:13.0147 0x1840  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:15:13.0147 0x1840  viaide - ok
22:15:13.0193 0x1840  [ 905DD422D28A32FACE8AE695B3823843, 7C3742B668CE02B9229A366EC5F2EDADD613ECDCD035FF8A2E6D1DA4406715FC ] vidsflt67       C:\Windows\system32\DRIVERS\vsflt67.sys
22:15:13.0193 0x1840  vidsflt67 - ok
22:15:13.0334 0x1840  [ C4C8A2EC68EDBED15EB7C723F81D591C, 61EE8B98C26DA669B727C15223039A00FE28D40656C17B160404C82BC5778040 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
22:15:13.0349 0x1840  VMUSBArbService - ok
22:15:13.0414 0x1840  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:15:13.0429 0x1840  volmgr - ok
22:15:13.0476 0x1840  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:15:13.0507 0x1840  volmgrx - ok
22:15:13.0539 0x1840  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:15:13.0554 0x1840  volsnap - ok
22:15:13.0617 0x1840  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
22:15:13.0648 0x1840  vpcbus - ok
22:15:13.0695 0x1840  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
22:15:13.0695 0x1840  vpcnfltr - ok
22:15:13.0773 0x1840  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
22:15:13.0773 0x1840  vpcusb - ok
22:15:13.0819 0x1840  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
22:15:13.0835 0x1840  vpcvmm - ok
22:15:13.0897 0x1840  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:15:13.0929 0x1840  vsmraid - ok
22:15:14.0053 0x1840  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:15:14.0100 0x1840  VSS - ok
22:15:14.0209 0x1840  [ ACEC3397D7FE8DF37DAD3B175CA2E148, EC917AC9274784E22A7D25B14B0294A7804FD098D8BD6295CFF4F17A2507694C ] VSSERV          C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
22:15:14.0256 0x1840  VSSERV - ok
22:15:14.0287 0x1840  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:15:14.0287 0x1840  vwifibus - ok
22:15:14.0303 0x1840  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:15:14.0319 0x1840  vwififlt - ok
22:15:14.0350 0x1840  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:15:14.0350 0x1840  vwifimp - ok
22:15:14.0397 0x1840  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:15:14.0413 0x1840  W32Time - ok
22:15:14.0444 0x1840  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:15:14.0444 0x1840  WacomPen - ok
22:15:14.0491 0x1840  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:15:14.0491 0x1840  WANARP - ok
22:15:14.0507 0x1840  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:15:14.0507 0x1840  Wanarpv6 - ok
22:15:14.0616 0x1840  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:15:14.0647 0x1840  WatAdminSvc - ok
22:15:14.0788 0x1840  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:15:14.0850 0x1840  wbengine - ok
22:15:14.0881 0x1840  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:15:14.0897 0x1840  WbioSrvc - ok
22:15:14.0928 0x1840  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:15:14.0959 0x1840  wcncsvc - ok
22:15:14.0990 0x1840  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:15:14.0990 0x1840  WcsPlugInService - ok
22:15:15.0006 0x1840  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:15:15.0022 0x1840  Wd - ok
22:15:15.0100 0x1840  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:15:15.0131 0x1840  Wdf01000 - ok
22:15:15.0178 0x1840  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:15:15.0193 0x1840  WdiServiceHost - ok
22:15:15.0193 0x1840  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:15:15.0209 0x1840  WdiSystemHost - ok
22:15:15.0287 0x1840  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:15:15.0318 0x1840  WebClient - ok
22:15:15.0380 0x1840  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:15:15.0396 0x1840  Wecsvc - ok
22:15:15.0428 0x1840  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:15:15.0428 0x1840  wercplsupport - ok
22:15:15.0475 0x1840  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:15:15.0475 0x1840  WerSvc - ok
22:15:15.0522 0x1840  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:15:15.0522 0x1840  WfpLwf - ok
22:15:15.0537 0x1840  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:15:15.0537 0x1840  WIMMount - ok
22:15:15.0569 0x1840  WinDefend - ok
22:15:15.0600 0x1840  WinHttpAutoProxySvc - ok
22:15:15.0662 0x1840  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:15:15.0662 0x1840  Winmgmt - ok
22:15:15.0818 0x1840  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:15:15.0943 0x1840  WinRM - ok
22:15:16.0021 0x1840  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:15:16.0021 0x1840  WinUsb - ok
22:15:16.0099 0x1840  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:15:16.0146 0x1840  Wlansvc - ok
22:15:16.0333 0x1840  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:15:16.0411 0x1840  wlidsvc - ok
22:15:16.0473 0x1840  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:15:16.0489 0x1840  WmiAcpi - ok
22:15:16.0551 0x1840  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:15:16.0551 0x1840  wmiApSrv - ok
22:15:16.0583 0x1840  WMPNetworkSvc - ok
22:15:16.0629 0x1840  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:15:16.0629 0x1840  WPCSvc - ok
22:15:16.0661 0x1840  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:15:16.0676 0x1840  WPDBusEnum - ok
22:15:16.0692 0x1840  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:15:16.0692 0x1840  ws2ifsl - ok
22:15:16.0739 0x1840  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:15:16.0739 0x1840  wscsvc - ok
22:15:16.0754 0x1840  WSearch - ok
22:15:16.0910 0x1840  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:15:17.0004 0x1840  wuauserv - ok
22:15:17.0082 0x1840  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:15:17.0097 0x1840  WudfPf - ok
22:15:17.0175 0x1840  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:15:17.0175 0x1840  WUDFRd - ok
22:15:17.0222 0x1840  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:15:17.0222 0x1840  wudfsvc - ok
22:15:17.0253 0x1840  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:15:17.0269 0x1840  WwanSvc - ok
22:15:17.0347 0x1840  ================ Scan global ===============================
22:15:17.0378 0x1840  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:15:17.0425 0x1840  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:15:17.0441 0x1840  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:15:17.0472 0x1840  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:15:17.0503 0x1840  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:15:17.0519 0x1840  [ Global ] - ok
22:15:17.0519 0x1840  ================ Scan MBR ==================================
22:15:17.0534 0x1840  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:15:17.0862 0x1840  \Device\Harddisk0\DR0 - ok
22:15:17.0877 0x1840  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:15:17.0909 0x1840  \Device\Harddisk1\DR1 - ok
22:15:17.0909 0x1840  ================ Scan VBR ==================================
22:15:17.0924 0x1840  [ 907AE9F03A9EE02EC6A8EEF321D11683 ] \Device\Harddisk0\DR0\Partition1
22:15:17.0924 0x1840  \Device\Harddisk0\DR0\Partition1 - ok
22:15:17.0924 0x1840  [ A399F01E98102BF5605FE0A19CD1B8FB ] \Device\Harddisk1\DR1\Partition1
22:15:18.0205 0x1840  \Device\Harddisk1\DR1\Partition1 - ok
22:15:18.0221 0x1840  ================ Scan generic autorun ======================
22:15:18.0221 0x1840  SynTPEnh - ok
22:15:18.0283 0x1840  [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
22:15:18.0299 0x1840  SysTrayApp - ok
22:15:18.0361 0x1840  [ 3EBF6065B004802A7499D6F7EAE072D1, CDAFB2461754B0955267EAE81F4C0A9CC7CF2DCD68AD3446255D4E5D0F0F0E98 ] C:\Program Files (x86)\Lexmark 3400 Series\lxcymon.exe
22:15:18.0377 0x1840  lxcymon.exe - ok
22:15:18.0470 0x1840  [ D5F1ADEA6513A230E27A3ADAD2A3B160, 947AA3C8C2AB8C07832BE1BE337ADD4B3105785FDF5844537D658554EF265A73 ] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
22:15:18.0517 0x1840  Bdagent - ok
22:15:18.0611 0x1840  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
22:15:18.0626 0x1840  NCPluginUpdater - ok
22:15:18.0751 0x1840  [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:15:18.0798 0x1840  Adobe ARM - ok
22:15:18.0907 0x1840  [ BB937B4013A6AA26ECE781E09E3A7EFD, 43ECD2A6E45731F66376B7BA0B7ABE7FB20F07806C03AACBB447F825BA37C821 ] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
22:15:18.0907 0x1840  EaseUs Watch - ok
22:15:18.0985 0x1840  [ B59DD9692B585940194EBEDE55783351, 141AF0455BC16F679321C6656C026B64F26DB70CDC1824AF85420678EA6925A5 ] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
22:15:19.0079 0x1840  EaseUs Tray - ok
22:15:19.0157 0x1840  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
22:15:19.0172 0x1840  HP Software Update - ok
22:15:19.0266 0x1840  [ 43A1E2ADF070C541290084D741B0310F, 556D7CE3F615B2785CD45E1426539A487830E8395B1AC29D0021120890371522 ] c:\program files (x86)\cmcm\Clean Master\cmtray.exe
22:15:19.0297 0x1840  cmsc - ok
22:15:19.0422 0x1840  [ AFF32534C8DEBC60607CDBCA3F18619C, 0701F91FFD15458383DD2AC40E538440F470A6BF5A5E53C55282083C8DF99912 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:15:19.0437 0x1840  StartCCC - ok
22:15:19.0500 0x1840  [ 5D9ADB02D75CCB1B7B40B82958A15416, 6D2E8CF8E00C16253F1F88946CBDA167A40FB16D4E861A21249C1B23A9E39978 ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
22:15:19.0515 0x1840  PWRISOVM.EXE - ok
22:15:19.0640 0x1840  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:15:19.0781 0x1840  Sidebar - ok
22:15:19.0827 0x1840  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:15:19.0843 0x1840  mctadmin - ok
22:15:19.0905 0x1840  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:15:19.0937 0x1840  Sidebar - ok
22:15:19.0952 0x1840  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:15:19.0952 0x1840  mctadmin - ok
22:15:20.0264 0x1840  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
22:15:20.0389 0x1840  Akamai NetSession Interface - ok
22:15:20.0483 0x1840  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe
22:15:20.0498 0x1840  Google Update - ok
22:15:20.0685 0x1840  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
22:15:20.0748 0x1840  HP Photosmart 5520 series (NET) - ok
22:15:20.0857 0x1840  [ 0DFC21F95480B688E83C715A6C668095, 43D5B04031F991B2866B369CFA83079AC43DF362D1524541F39C648D1A516D07 ] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
22:15:20.0888 0x1840  Bitdefender Wallet Agent - ok
22:15:20.0966 0x1840  [ DD5A8388F7BC7052EED93207A8B3A0B7, E3EEC0B262D2C0063C694118A634A2F09C019D7A024A18C8BE83AF60BE45ECDC ] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
22:15:21.0013 0x1840  Bitdefender Wallet - ok
22:15:21.0122 0x1840  [ DB1919F34AB9CD5F43B0ED463D7E8D28, B7FC47EACF3B0B352AC7552743A43CD1DF147D8E1F6D0BF30D300000E12859A6 ] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
22:15:21.0153 0x1840  Bitdefender Wallet Application Agent - ok
22:15:21.0200 0x1840  [ A99585B606717BA4C9BD90616643451C, C5C1E94E6E9856F1E376F8682AC69DC0AF98B4FFE67A7BCDC016A0F970FD7A45 ] C:\Program Files (x86)\Device Doctor Pro\DDProLauncher.exe
22:15:21.0216 0x1840  Device Doctor Pro - ok
22:15:21.0294 0x1840  [ 0EC83E2DA29365048CBEB9A9A963BDFA, 49A41056403042B21AF3C1936489942B703BE609CB7DFC3303C417A5702501B9 ] C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
22:15:21.0325 0x1840  SkyDrive - ok
22:15:21.0731 0x1840  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
22:15:22.0121 0x1840  CCleaner Monitoring - ok
22:15:22.0277 0x1840  [ E112D5EBE63D3F6DF9DA2832DD76A3D0, FC8FC8C909770080D24C1BBB510651FEC1758BD8E13FA96C3C32E64EAD3BCC35 ] C:\Program Files (x86)\Team MediaPortal\MP2-Client\Tools\MP2-ClientLauncher\MP2-ClientLauncher.exe
22:15:22.0292 0x1840  MP2 ClientLauncher - ok
22:15:22.0324 0x1840  Adobe Speed Launcher - ok
22:15:22.0324 0x1840  Adobe Speed Launcher - ok
22:15:22.0324 0x1840  Waiting for KSN requests completion. In queue: 188
22:15:23.0339 0x1840  Waiting for KSN requests completion. In queue: 188
22:15:24.0354 0x1840  Waiting for KSN requests completion. In queue: 188
22:15:25.0493 0x1840  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.30.0.1307 ), 0x41000 ( enabled : updated )
22:15:25.0493 0x1840  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.30.0.1307 ), 0x41010 ( enabled )
22:15:28.0336 0x1840  ============================================================
22:15:28.0336 0x1840  Scan finished
22:15:28.0336 0x1840  ============================================================
22:15:28.0367 0x1b8c  Detected object count: 0
22:15:28.0367 0x1b8c  Actual detected object count: 0



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:01 AM

Posted 08 January 2015 - 04:49 AM

 

2015-01-02 22:35 - 2015-01-02 20:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-02 20:53 - 2015-01-02 16:30 - 00040789 ____C () C:\zoek-results2015-01-02-163000.log
2015-01-02 14:05 - 2015-01-02 23:13 - 00008332 ____C () C:\zoek-results.log
2015-01-02 14:02 - 2015-01-02 22:22 - 00000000 ___DC () C:\zoek_backup
2015-01-02 13:53 - 2015-01-03 23:58 - 02847942 _____ () C:\Users\Kevin\Downloads\zoek.zip

Are you being helped in another forum already?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 08 January 2015 - 08:33 AM

Yes I was getting help to remove an Orange toolbar PUP and my laptop being slow to boot from MalwareTips website see post below: -

http://malwaretips.com/threads/laptop-slow-to-boot-and-orange-toolbar-pup.39979/#post-326854

 

I wasn't aware of the trojan.spyeyes or that I had the trojan on my laptop until I create the thread below but they referred me to this thread for specific Virus and Malware removal: -

http://www.bleepingcomputer.com/forums/t/561747/my-laptop-is-slow-to-startup-and-i-cannot-uninstall-the-orange-toolbar/

 

I am not getting help from any other forums.



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:01 AM

Posted 08 January 2015 - 08:46 AM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 10 January 2015 - 03:34 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 09/01/2015
Scan Time: 18:59:07
Logfile: 
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.09.14
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kevin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 497438
Time Elapsed: 48 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

C:\Program Files (x86)\Device Doctor Pro\DDProSmartScan.exe    a variant of Win32/Adware.SpeedingUpMyPC.C application
C:\Program Files (x86)\EaseUS\Todo Backup\bin\PxeServer.dll    a variant of Win32/TFTPD32.A potentially unsafe application
C:\Program Files (x86)\EaseUS\Todo Backup\BUILDPE\EaseUS\tb\bin\PxeServer.dll    a variant of Win32/TFTPD32.A potentially unsafe application
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO3.zip    Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO3.zip    Win32/Bagle.gen.zip worm
C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OE9JL7Q\dfsetup218.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Kevin\AppData\Local\SlimWare Utilities Inc\SlimComputer\Downloads\068DA71F8D3D782CD3E8ED7E5952D1B50000000000C94198.exe    a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Kevin\Downloads\PowerISO6.exe    a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\Kevin\Downloads\SetupBatteryCare.exe    a variant of Win32/OpenCandy.C potentially unsafe application
C:\zoek_backup\C_PROGRA~2_Conduit\Community Alerts\Alert0.dll    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\zoek_backup\C_Users_Guest_AppData_LocalLow_uTorrentBar\ldrtbuTo0.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\zoek_backup\C_Users_Guest_AppData_LocalLow_uTorrentBar\tbuTo0.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\zoek_backup\C_Users_Guest_AppData_LocalLow_uTorrentBar\tbuTo1.dll    a variant of Win32/Toolbar.Conduit.Y potentially unwanted application
C:\zoek_backup\C_Users_Kevin_AppData_LocalLow_uTorrentBar\ldrtbuTo0.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\zoek_backup\C_Users_Kevin_AppData_LocalLow_uTorrentBar\ldrtbuTo2.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\zoek_backup\C_Users_Kevin_AppData_LocalLow_uTorrentBar\tbuTo0.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\zoek_backup\C_Users_Kevin_AppData_LocalLow_uTorrentBar\tbuTo1.dll    a variant of Win32/Toolbar.Conduit.Y potentially unwanted application
C:\zoek_backup\C_Users_Kevin_AppData_LocalLow_uTorrentBar\tbuTo2.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\zoek_backup\C_Users_Kevin_AppData_LocalLow_uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application





#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:01 AM

Posted 12 January 2015 - 04:34 AM

 

C:\Program Files (x86)\Device Doctor Pro\DDProSmartScan.exe    a variant of Win32/Adware.SpeedingUpMyPC.C application
C
:\Program Files (x86)\EaseUS\Todo Backup\bin\PxeServer.dll    a variant of Win32/TFTPD32.A potentially unsafe application
C
:\Program Files (x86)\EaseUS\Todo Backup\BUILDPE\EaseUS\tb\bin\PxeServer.dll    a variant of Win32/TFTPD32.A potentially unsafe application
C:\Users\Kevin\AppData\Local\SlimWare Utilities Inc\SlimComputer\Downloads\068DA71F8D3D782CD3E8ED7E5952D1B50000000000C94198.exe    a variant of Win32/OpenCandy.C potentially unsafe application
C
:\Users\Kevin\Downloads\PowerISO6.exe    a variant of Win32/OpenCandy.C potentially unsafe application
C
:\Users\Kevin\Downloads\SetupBatteryCare.exe    a variant of Win32/OpenCandy.C potentially unsafe application

These files aren´t malware but contain security risks. I´d delete them immediately - your choice.

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!

 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 13 January 2015 - 09:02 AM

# AdwCleaner v4.107 - Report created 12/01/2015 at 22:43:36
# Updated 07/01/2015 by Xplode
# Database : 2015-01-12.3 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Kevin - KEVIN-PC
# Running from : C:\Users\Kevin\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sense
Folder Deleted : C:\Program Files (x86)\Sense
File Deleted : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\jtlp8uj3.default-1405780090041\searchplugins\search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [5967 octets] - [03/01/2015 15:03:23]
AdwCleaner[R1].txt - [1254 octets] - [12/01/2015 22:30:21]
AdwCleaner[S0].txt - [5639 octets] - [03/01/2015 18:47:00]
AdwCleaner[S1].txt - [1185 octets] - [12/01/2015 22:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1245 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by Kevin on 12/01/2015 at 22:59:39.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Kevin\AppData\Roaming\mozilla\firefox\profiles\jtlp8uj3.default-1405780090041\searchplugins\search.xml



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/01/2015 at 23:22:37.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#15 Kevmany

Kevmany
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 13 January 2015 - 09:04 AM

I have passted the Adwcleaner and JRT logs.

 

I get the following error trying to run SecurityCheck.exe as admininstrator.

 

Is there a 64bit version of this software?

 

"UNSUPPORTED OPERATING SYSTEM! ABORTED!"

 

Thanks,

 

Kevin






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users