Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Urgent help needed


  • This topic is locked This topic is locked
7 replies to this topic

#1 MrFaux

MrFaux

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 23 February 2015 - 04:47 PM

I came in to my work computer today with emails sent from me to me

 

Things like "i know" so i did the regular changed my email password i then get an email saying 

 

"a simple email password change wont help" From one of my email to another one of mine.

 

This is my work computer as I'm self employed and i have ran Malware bytes and AVG but all turned up with nothing here is my hijack log -

 

 

Please help asap as its got me worrying and pulling my hair out and i need to work knowing my computer is safe.

 

Regards

Jack

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:37:51, on 23/02/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
 
FIREFOX: 34.0.5 (x86 en-US)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Jack\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jack\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] "C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Jack\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=d0999ec0da6547d68ac4d152badf5664-863b5e529647675fef13182a8d404bdad669ddeb /CMPID=0214c
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [X-Lite] "C:\Program Files\CounterPath\X-Lite\X-Lite.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4DCD0A585AE1D27D19F4EB1351CC758F] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HsdService - Virgin Media - C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
O23 - Service: SupportSoft Sprocket Service (O2DA) (sprtsvc_O2DA) - SupportSoft, Inc. - C:\Program Files\O2 Assistant\bin\sprtsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SupportSoft Repair Service (O2DA) (tgsrvc_O2DA) - SupportSoft, Inc. - C:\Program Files\O2 Assistant\bin\tgsrvc.exe
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
 
--
End of file - 12043 bytes

Edited by MrFaux, 23 February 2015 - 05:35 PM.


BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:21 AM

Posted 25 February 2015 - 02:53 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Step 2

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

zoek.jpg

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    process;
    services-list;
    systemspecs;
    startupall;
    filesrcm;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 MrFaux

MrFaux
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 25 February 2015 - 04:33 PM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01
Ran by Jack at 2015-02-25 21:31:06
Running from C:\Users\Jack\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - )
µTorrent (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
888poker (HKLM\...\888poker) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CS5 (HKLM\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amnesia - The Dark Descent  (HKLM\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.1 - Frictional Games)
Anker Precision Laser Gaming Mouse version 1.2 (HKLM\...\{F9A7ED2C-34E1-4A96-9A25-B022C23C3361}_is1) (Version: 1.2 - ANKER Technology)
AntiLogger Free version 1.8.2.198 (HKLM\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.198 - Zemana Ltd.)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}) (Version: 3.3.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar Updater (HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.35882 - Ask.com) <==== ATTENTION
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG PC Tuneup 2011 (HKLM\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.24 - AVG)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)
Command & Conquer Generals (HKLM\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000 - Electronic Arts) Hidden
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creative ALchemy (HKLM\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Diagnostics (HKLM\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
Creative Media Toolbox 6 (HKLM\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Media Toolbox 6 (Shared Components) (HKLM\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs)
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties (HKLM\...\Creative Sound Blaster Properties) (Version: 1.02 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
DolbyFiles (Version: 0.1 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Easy Macro Recorder 4.2 (HKLM\...\Easy Macro Recorder_is1) (Version:  - GoldSolution Software, Inc.)
EPSON SX210 Series Printer Uninstall (HKLM\...\EPSON SX210 Series) (Version:  - SEIKO EPSON Corporation)
f.lux (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Flux) (Version:  - )
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Garmin POI Loader (HKLM\...\{D181A318-28DF-4B83-8F13-24C2D0BDA12D}) (Version: 2.6.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{E394CC6D-9F54-41CC-9415-6FFF07885881}) (Version: 2.5.1 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Chrome (HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Google Chrome) (Version: 27.0.1453.110 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HMA! Pro VPN 2.8.2.4 (HKLM\...\HMA! Pro VPN) (Version: 2.8.2.4 - )
Host OpenAL (HKLM\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 2.0.7.016 - HTC Corporation)
HTC Sync (HKLM\...\{98B8052E-1E55-41D4-9A03-E2F718825D38}) (Version: 2.0.28 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{AAD47011-8518-4608-9656-951DA35B587B}) (Version: 10.1.2.17 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Logitech Gaming Software 7.00 (HKLM\...\{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}) (Version: 7.00.291 - Logitech Inc.)
LogMeIn (HKLM\...\{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}) (Version: 4.1.1578 - LogMeIn, Inc.)
Macro Recorder 5.6.5 (HKLM\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 3.0.80 (remove only) (HKLM\...\ManyCam) (Version: 3.0.80 - ManyCam LLC)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My O2 (HKLM\...\{5B035501-3F57-4772-B0CA-3D5E613A5D86}) (Version: 2.0.11212 - Telefonica O2)
NETGEAR WG311v3 PCI Adapter (HKLM\...\InstallShield_{70014586-7BBA-4A92-A610-CDC896C48F8F}) (Version: 1.00 - NETGEAR)
NETGEAR WG311v3 PCI Adapter (Version: 1.00 - NETGEAR) Hidden
Next Car Game Free Technology Demo (HKLM\...\Next Car Game Free Technology Demo) (Version:  - Bugbear Entertainment)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Postal 2 (HKLM\...\Postal 2) (Version:  - )
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Radialpoint Dashboard Patch version 13.12.23.29994 (Version: 13.12.23.29994 - ) Hidden
Radialpoint Security Advisor 2.5.23 (Version: 2.5.23 - Radialpoint SafeCare Inc.) Hidden
Razer Diamondback (HKLM\...\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}) (Version: 5.01 - Razer USA Ltd.)
Razer Nostromo (HKLM\...\{3FB61967-FF66-43B6-89F9-DF15FD9F3015}) (Version: 1.03.05 - Razer USA Ltd.)
Rome - Total War (HKLM\...\{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.5 - The Creative Assembly)
Rome - Total War (Version: 1.5 - The Creative Assembly) Hidden
Screen Grab Pro (HKLM\...\{581125F9-D1C6-4797-93BB-47A992D69AA8}) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SimCity 4 Deluxe (HKLM\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version:  - )
Sky Go Desktop (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\208544472.go.sky.com) (Version:  - go.sky.com)
Sky Go Desktop (HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\208544472.go.sky.com) (Version:  - go.sky.com)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SopCast 3.2.9 (HKLM\...\SopCast) (Version: 3.2.9 - www.sopcast.com)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.4151 - Analog Devices)
Spotify (HKLM\...\Spotify) (Version: 0.4.8 - )
Spotify (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Spotify (HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
System Requirements Lab CYRI (HKLM\...\{1F77C418-2C90-459C-BD33-B56A4182B9FA}) (Version: 4.4.26.0 - Husdawg, LLC)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.2.7 - Electronic Arts)
T-Mobile Internet Manager (HKLM\...\T-Mobile Internet Manager) (Version: 11.301.05.06.105 - Huawei Technologies Co.,Ltd)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.5 - Flagship Industries, Inc.)
Virgin Media Digital Home Support 2.1.27 (HKLM\...\RadialpointHomeSecurityDashboard_is1) (Version: 2.1.27 - Virgin Media)
Virgin Media Service Manager 3.7.47 (HKLM\...\RadialpointClientGateway_is1) (Version: 3.7.47 - Virgin Media)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.4 (HKLM\...\VLC media player) (Version: 1.1.4 - VideoLAN)
V-Line (HKLM\...\{B0AADB21-054A-43AE-9AC9-724C825FFA08}) (Version: 1.2.0.0 - Buzznetwork)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 4.6 - Vuze Inc.)
William Hill Poker (HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\William Hill Poker) (Version:  - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.00 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.1 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
World of Warcraft (HKLM\...\World of Warcraft) (Version: 5.3.0.17128 - Blizzard Entertainment)
X-Lite (HKLM\...\{C3BCD420-E3AB-41F2-BF6A-24011A337EC2}) (Version: 47.7.4247 - CounterPath Corporation)
Yahoo! Toolbar (HKLM\...\Yahoo! Toolbar) (Version:  - )
Yawcam 0.4.1 (HKLM\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Users\Jack\AppData\Local\William Hill Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{19430bf6-66c2-4121-beba-6098e9919a30}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{492042A2-4432-44A1-9A39-85B2D3C0119E}\InprocServer32 -> C:\Users\Jack\AppData\Local\William Hill Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Users\Jack\AppData\Local\William Hill Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Users\Jack\AppData\Local\William Hill Poker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Users\Jack\AppData\Local\William Hill Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Jack\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\Jack\AppData\Local\Google\Update\GoogleUpdate.exe" No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{19430bf6-66c2-4121-beba-6098e9919a30}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Jack\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Jack\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Jack\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Jack\AppData\Local\Google\Chrome\Application\27.0.1453.110\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Jack\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll No File
CustomCLSID: HKU\S-1-5-21-4169622593-101393419-2795113958-1006_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
 
==================== Restore Points  =========================
 
26-01-2015 03:00:21 Windows Update
03-02-2015 00:36:58 Scheduled Checkpoint
11-02-2015 21:15:06 Windows Update
12-02-2015 02:59:21 Windows Update
13-02-2015 00:53:08 Windows Update
23-02-2015 06:01:56 Scheduled Checkpoint
25-02-2015 03:00:16 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:04 - 2009-06-10 21:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {13E4A597-93B2-42B6-9EC6-A5B29C4A3E58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-04] (Google Inc.)
Task: {59ADE81E-6B3A-48D1-BC51-B5A383847C9A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5DDFF449-DD9B-4727-A902-55AA929D7C42} - System32\Tasks\{DEEE4965-C15A-4FA2-8558-8933B06E1797} => pcalua.exe -a "C:\Program Files\Analog Devices\SoundMAX\SMax4.cpl" -c SoundMAX
Task: {92424837-C9FF-4298-9C9A-BC96C94D7EA6} - System32\Tasks\AdobeAAMUpdater-1.0-Jack-PC-Stephen => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {98259F0B-4D11-41A5-B734-B966360CB21F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-04] (Google Inc.)
Task: {B37E6F2E-F6F7-478D-9E26-6D02CDF1C6CB} - System32\Tasks\{48B6CA9D-180C-4522-97CA-07A1FC24579E} => pcalua.exe -a "C:\Program Files\Creative\AudioCS\CTAudCS.cpl" -c Audio Console
Task: {C4B53859-5776-485E-9F78-DDF8D5CF8772} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F3B685D7-5CB5-40C1-8DBE-89DBF7A294F5} - System32\Tasks\AdobeAAMUpdater-1.0-Jack-PC-Jack => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {F9712EDE-7A22-45E6-A2BF-7E772FE6AEF2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-JACK-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2010-11-16 13:37 - 2010-11-16 13:37 - 00264704 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2014-09-01 22:16 - 2014-09-01 22:16 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
2014-09-01 22:16 - 2014-09-01 22:16 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll
2013-04-15 02:08 - 2013-01-18 14:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-10-16 09:15 - 2014-10-16 09:15 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2013-06-19 02:45 - 2009-02-06 17:52 - 00073728 _____ () C:\Windows\SYSTEM32\CmdRtr.DLL
2013-06-19 02:45 - 2009-03-26 13:46 - 00148480 _____ () C:\Windows\SYSTEM32\APOMngr.DLL
2009-08-26 05:29 - 2009-08-26 05:29 - 00150016 _____ () C:\Windows\SYSTEM32\OemSpiE.dll
2010-11-17 13:16 - 2010-11-17 13:16 - 00067872 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-09-01 22:16 - 2014-10-06 22:06 - 02662424 _____ () C:\Program Files\AVG Web TuneUp\vprot.exe
2014-09-17 15:02 - 2014-09-17 15:02 - 44784992 _____ () C:\Program Files\CounterPath\X-Lite\CPCLR.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00047616 _____ () C:\Program Files\CounterPath\X-Lite\boost_signals-vc100-mt-1_51.dll
2012-11-20 15:10 - 2012-11-20 15:10 - 00015360 _____ () C:\Program Files\CounterPath\X-Lite\boost_system-vc100-mt-1_51.dll
2010-10-29 13:00 - 2010-10-29 13:00 - 01992192 _____ () C:\Program Files\CounterPath\X-Lite\YLUSBTEL.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00066560 _____ () C:\Program Files\CounterPath\X-Lite\boost_thread-vc100-mt-1_51.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00023040 _____ () C:\Program Files\CounterPath\X-Lite\boost_chrono-vc100-mt-1_51.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00627200 _____ () C:\Program Files\CounterPath\X-Lite\boost_regex-vc100-mt-1_51.dll
2012-11-20 15:10 - 2012-11-20 15:10 - 00100352 _____ () C:\Program Files\CounterPath\X-Lite\boost_filesystem-vc100-mt-1_51.dll
2012-11-20 15:11 - 2012-11-20 15:11 - 00040448 _____ () C:\Program Files\CounterPath\X-Lite\boost_date_time-vc100-mt-1_51.dll
2015-02-22 21:36 - 2015-02-17 22:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-22 21:36 - 2015-02-17 22:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-22 21:36 - 2015-02-17 22:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll
2013-10-29 08:59 - 2013-10-29 08:59 - 01100784 _____ () C:\Program Files\CounterPath\X-Lite\avcodec-53.dll
2013-10-29 08:59 - 2013-10-29 08:59 - 00124400 _____ () C:\Program Files\CounterPath\X-Lite\avutil-51.dll
2013-10-29 08:59 - 2013-10-29 08:59 - 00191984 _____ () C:\Program Files\CounterPath\X-Lite\avformat-53.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG311v3 Smart Wizard.lnk => C:\Windows\pss\NETGEAR WG311v3 Smart Wizard.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DHSClient.exe => "C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe" /AUTORUN
MSCONFIG\startupreg: Diamondback => C:\Program Files\Razer\Diamondback\Razer\Diamondback\razerhid.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EsternTimesMouseExRun => "C:\Program Files\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe" -runauto
MSCONFIG\startupreg: FILE NAME => C:\Program Files\Razer\Nostromo\t2Hid.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Jack\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
MSCONFIG\startupreg: Mobile Connectivity Suite => "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ServiceManager.exe => "C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe" /AUTORUN
MSCONFIG\startupreg: SoundMAX => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: V-Line => "C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe"-minimizemode
MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4169622593-101393419-2795113958-500 - Administrator - Disabled)
Guest (S-1-5-21-4169622593-101393419-2795113958-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4169622593-101393419-2795113958-1004 - Limited - Enabled)
Jack (S-1-5-21-4169622593-101393419-2795113958-1000 - Administrator - Enabled) => C:\Users\Jack
LogMeInRemoteUser (S-1-5-21-4169622593-101393419-2795113958-1005 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
Mcx1-JACK-PC (S-1-5-21-4169622593-101393419-2795113958-1003 - Limited - Enabled) => C:\Users\Mcx1-JACK-PC
Tom (S-1-5-21-4169622593-101393419-2795113958-1008 - Limited - Enabled) => C:\Users\Tom
UpdatusUser (S-1-5-21-4169622593-101393419-2795113958-1006 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Atheros AR5007G Wireless Network Adapter
Description: Atheros AR5007G Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/25/2015 00:45:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/23/2015 06:14:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/23/2015 06:04:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/17/2015 09:20:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: udsserver_automatic_browse_domain_changed ERROR . not found
 
Error: (02/17/2015 09:19:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_StartBrowse returned -65540 for type _rp-hsd._tcp. domain .
 
Error: (02/17/2015 09:19:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ConstructServiceName: Service domain must be non-empty: ._rp-hsd._tcp..
 
Error: (02/17/2015 00:09:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mDNSResponder.exe, version: 2.0.4.0, time stamp: 0x4cae1be1
Faulting module name: mDNSResponder.exe, version: 2.0.4.0, time stamp: 0x4cae1be1
Exception code: 0xc0000005
Fault offset: 0x00008108
Faulting process id: 0x59c
Faulting application start time: 0xmDNSResponder.exe0
Faulting application path: mDNSResponder.exe1
Faulting module path: mDNSResponder.exe2
Report Id: mDNSResponder.exe3
 
Error: (02/12/2015 02:17:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (02/12/2015 01:53:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (02/12/2015 00:19:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (02/24/2015 10:25:00 PM) (Source: Microsoft-Windows-Application-Experience) (EventID: 205) (User: NT AUTHORITY)
Description: The Program Compatibility Assistant service failed to perform the phase two initialization.
 
Error: (02/17/2015 00:09:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/12/2015 03:04:54 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
 
Error: (02/11/2015 09:37:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 (KB3021917).
 
Error: (02/11/2015 09:37:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Visual C++ 2012 Update 4 Redistributable Package (KB3032622).
 
Error: (02/11/2015 09:30:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F020-0000-0000-C000-000000000046}
 
Error: (02/11/2015 09:08:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 02:53:54 on ‎11/‎02/‎2015 was unexpected.
 
Error: (02/09/2015 01:40:33 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer TONY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0597ABB1-AB91-4075-B371-06CA8D008B.
The master browser is stopping or an election is being forced.
 
Error: (02/06/2015 02:36:09 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
 
Error: (02/03/2015 11:00:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (02/25/2015 00:45:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\Nostromo\driver64\DPInst.exe
 
Error: (02/23/2015 06:14:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\Nostromo\driver64\DPInst.exe
 
Error: (02/23/2015 06:04:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\Nostromo\driver64\DPInst.exe
 
Error: (02/17/2015 09:20:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: udsserver_automatic_browse_domain_changed ERROR . not found
 
Error: (02/17/2015 09:19:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_StartBrowse returned -65540 for type _rp-hsd._tcp. domain .
 
Error: (02/17/2015 09:19:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ConstructServiceName: Service domain must be non-empty: ._rp-hsd._tcp..
 
Error: (02/17/2015 00:09:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mDNSResponder.exe2.0.4.04cae1be1mDNSResponder.exe2.0.4.04cae1be1c00000050000810859c01d04a308f9da3d8C:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Bonjour\mDNSResponder.exe2df6bac8-b639-11e4-a83d-001bfc3bbf97
 
Error: (02/12/2015 02:17:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (02/12/2015 01:53:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (02/12/2015 00:19:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Razer\Nostromo\driver64\DPInst.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 CPU 6600 @ 2.40GHz
Percentage of memory in use: 74%
Total physical RAM: 3071.55 MB
Available physical RAM: 770.58 MB
Total Pagefile: 6141.4 MB
Available Pagefile: 2711.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.73 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:297.99 GB) (Free:129.52 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 22878CE3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01
Ran by Jack (administrator) on JACK-PC on 25-02-2015 21:28:22
Running from C:\Users\Jack\Downloads
Loaded Profiles: Jack & UpdatusUser (Available profiles: Jack & Mcx1-JACK-PC & LogMeInRemoteUser & UpdatusUser & Tom)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Virgin Media) C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Radialpoint Inc.) C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
(SupportSoft, Inc.) C:\Program Files\O2 Assistant\bin\sprtsvc.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(SupportSoft, Inc.) C:\Program Files\O2 Assistant\bin\tgsrvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiLogger Free\AntiLogger Free.exe
(Spotify Ltd) C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe
(CounterPath) C:\Program Files\CounterPath\X-Lite\X-Lite.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd.) C:\Users\Jack\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Awesomium Technologies) C:\Program Files\CounterPath\X-Lite\awesomium_process
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [DataCardMonitor] => C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe [253952 2011-12-27] (Huawei Technologies Co., Ltd.)
HKLM\...\Run: [SPIRunE] => Rundll32 SPIRunE.dll,RunDLLEntry
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2011-01-25] (Apple Inc.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2662424 2014-10-06] ()
HKLM\...\Run: [ZALFree] => C:\Program Files\Zemana AntiLogger Free\AntiLogger Free.exe [8205944 2014-12-30] (Zemana Ltd.)
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] => C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Run: [Spotify Web Helper] => C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-27] (Spotify Ltd)
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Jack\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=d0999ec0da6547d68ac4d152badf5664-863b5e529647675fef13182a8d404bdad669ddeb /CMPID=0214c
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Run: [f.lux] => C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Run: [X-Lite] => C:\Program Files\CounterPath\X-Lite\X-Lite.exe [4981600 2014-09-17] (CounterPath)
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\Run: [GoogleChromeAutoLaunch_4DCD0A585AE1D27D19F4EB1351CC758F] => C:\Program Files\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: {33044376-e83b-11df-b9e9-001bfc3bbf97} - H:\LaunchU3.exe -a
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: {34509727-e458-11df-bb5c-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: {c363f90b-30aa-11e1-8763-001bfc3bbf97} - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: {c363f928-30aa-11e1-8763-001bfc3bbf97} - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: {d66126a3-fbed-11df-a6ef-001bfc3bbf97} - G:\Autoplay\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\...\MountPoints2: {f3f52f33-7960-11e0-8bec-001bfc3bbf97} - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [Google Update] => "C:\Users\Jack\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [EPSON SX210 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE [199680 2008-11-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft Development Team)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [Akamai NetSession Interface] => C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] => C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [Spotify Web Helper] => C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-27] (Spotify Ltd)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [ManyCam] => C:\Program Files\ManyCam\Bin\ManyCam.exe [2160024 2012-06-28] (ManyCam LLC)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [DriverScanner] => "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\Run: [V-Line] => C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe [5959680 2013-06-19] (Buzz Networks)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\RunOnce: [CTAutoUpdate] => C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd)
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\RunOnce: [InetReg] => "C:\Program Files\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: {33044376-e83b-11df-b9e9-001bfc3bbf97} - H:\LaunchU3.exe -a
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: {34509727-e458-11df-bb5c-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: {c363f90b-30aa-11e1-8763-001bfc3bbf97} - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: {c363f928-30aa-11e1-8763-001bfc3bbf97} - E:\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: {d66126a3-fbed-11df-a6ef-001bfc3bbf97} - G:\Autoplay\AutoRun.exe
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\...\MountPoints2: {f3f52f33-7960-11e0-8bec-001bfc3bbf97} - E:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-20] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jack\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-4169622593-101393419-2795113958-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKU\S-1-5-21-4169622593-101393419-2795113958-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-4169622593-101393419-2795113958-1000 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4169622593-101393419-2795113958-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\fa0aey6s.default
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: Mysearchdial
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll No File
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF user.js: detected! => C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\fa0aey6s.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\fa0aey6s.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\SearchTheWeb.xml
FF Extension: iMacros for Firefox - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\fa0aey6s.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-12-17]
FF Extension: Yet Another Remove It Permanently - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\fa0aey6s.default\Extensions\yarip@mozdev.org.xpi [2014-12-17]
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-12-15]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-10]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2011-12-27]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-28]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.co.nz/
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={14C12660-6E35-4E96-9AB2-733521F6FA6F}&mid=d0999ec0da6547d68ac4d152badf5664-863b5e529647675fef13182a8d404bdad669ddeb&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-09-01 23:16:53&v=3.2.0.15&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> google.co.nz_
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Service Manager) - C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-17]
CHR Extension: (Google Drive) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (Hootsuite Hootlet) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn [2013-10-17]
CHR Extension: (YouTube) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-27]
CHR Extension: (Google Search) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-27]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-02-16]
CHR Extension: (AdBlock) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-19]
CHR Extension: (Google Wallet) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-10]
CHR Extension: (Hover Zoom) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-06-19]
CHR Extension: (Gmail) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-27]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-10-26]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-06-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-11-20] (Creative Labs) [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2010-11-21] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 HsdService; C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe [1406264 2011-03-23] (Virgin Media)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] () [File not signed]
S3 OpenVPNService; C:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe [32568 2013-09-25] (The OpenVPN Project)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 ServicepointService; C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe [689464 2011-03-25] (Radialpoint Inc.)
R2 sprtsvc_O2DA; C:\Program Files\O2 Assistant\bin\sprtsvc.exe [206120 2010-04-23] (SupportSoft, Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [383408 2010-04-23] (SupportSoft, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 tgsrvc_O2DA; C:\Program Files\O2 Assistant\bin\tgsrvc.exe [185640 2010-04-23] (SupportSoft, Inc.)
R2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-01] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AEAudioService; C:\Windows\System32\drivers\AEAudio.sys [127872 2005-03-04] (Andrea Electronics Corporation)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-09-01] (AVG Technologies)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2009-12-15] (Bytemobile, Inc.) [File not signed]
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25160 2007-08-07] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [11984 2007-02-16] (Elaborate Bytes AG)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2011-01-30] (Huawei Technologies Co., Ltd.)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt32.sys [69816 2014-12-30] (Zemana Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows ® Codename Longhorn DDK provider)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2011-04-09] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2011-04-09] (Logitech Inc.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [32000 2012-01-11] (ManyCam LLC)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-23] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22400 2012-02-22] (ManyCam LLC)
S3 MRV6X32P; C:\Windows\System32\DRIVERS\MRVW13B.sys [256000 2007-05-03] (Marvell Semiconductor, Inc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [9472 2009-07-24] (Primax Ltd)
R3 nvmpu401; C:\Windows\System32\drivers\nvmpu401.sys [10240 2005-04-13] (NVIDIA Corporation)
S3 Razerlow; C:\Windows\System32\Drivers\Razerlow.sys [13225 2005-04-24] (Razer (Asia-Pacific) Pte Ltd)
S3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [393088 2005-08-11] (Sensaura)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-11-29] () [File not signed]
S3 T2Fltr; C:\Windows\System32\Drivers\T2Fltr.sys [17792 2011-01-16] ()
R3 t3; C:\Windows\System32\drivers\t3.sys [413208 2009-05-06] (Creative Technology Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-09-25] (The OpenVPN Project)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [24192 2009-12-15] (Bytemobile, Inc.) [File not signed]
R3 VJoystick; C:\Windows\System32\DRIVERS\VJoystick.sys [10240 2010-09-30] (Windows ® Win 7 DDK provider)
U3 a6cmir6x; C:\Windows\system32\Drivers\a6cmir6x.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S4 LMIRfsClientNP; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-25 21:28 - 2015-02-25 21:29 - 00033076 _____ () C:\Users\Jack\Downloads\FRST.txt
2015-02-25 21:22 - 2015-02-25 21:28 - 00000000 ____D () C:\FRST
2015-02-25 21:15 - 2015-02-25 21:15 - 01127424 _____ (Farbar) C:\Users\Jack\Downloads\FRST.exe
2015-02-25 03:01 - 2015-01-08 23:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-23 21:52 - 2015-02-23 21:52 - 00001098 _____ () C:\Users\Public\Desktop\AntiLogger Free.lnk
2015-02-23 21:52 - 2015-02-23 21:52 - 00000000 ____D () C:\Users\Jack\AppData\Local\AntiLogger Free
2015-02-23 21:52 - 2015-02-23 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2015-02-23 21:52 - 2015-02-23 21:52 - 00000000 ____D () C:\Program Files\Zemana AntiLogger Free
2015-02-23 21:52 - 2015-02-23 21:52 - 00000000 ____D () C:\Program Files\KeyCryptSDK
2015-02-23 21:52 - 2014-12-30 13:18 - 00069816 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt32.sys
2015-02-23 21:51 - 2015-02-23 21:51 - 03688000 _____ (Zemana Ltd. ) C:\Users\Jack\Downloads\AntiLoggerFree_Setup.exe
2015-02-23 21:37 - 2015-02-23 21:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jack\Downloads\HijackThis.exe
2015-02-23 21:37 - 2015-02-23 21:37 - 00012045 _____ () C:\Users\Jack\Downloads\hijackthis.log
2015-02-23 00:01 - 2015-02-23 00:10 - 00000000 ____D () C:\Users\Jack\Downloads\Silicon.Valley.S01E02.HDTV.x264-2HD[rarbg]
2015-02-23 00:00 - 2015-02-23 00:00 - 00017718 _____ () C:\Users\Jack\Downloads\[kickass.to]silicon.valley.s01e02.hdtv.x264.2hd.rartv.torrent
2015-02-16 02:29 - 2015-02-25 03:22 - 00187127 _____ () C:\Users\Jack\Desktop\icomplete-export-northwestgraphicsltd-2014-01-05-195736_1388951856277_contact.xlsm
2015-02-13 00:19 - 2015-02-13 00:27 - 00000000 ____D () C:\Users\Jack\AppData\Local\William Hill Poker
2015-02-13 00:19 - 2015-02-13 00:19 - 00001838 _____ () C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\William Hill Poker.lnk
2015-02-13 00:19 - 2015-02-13 00:19 - 00001836 _____ () C:\Users\Jack\Desktop\William Hill Poker.lnk
2015-02-12 21:23 - 2015-01-23 03:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 21:23 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 02:58 - 2015-02-16 02:28 - 00446054 _____ () C:\Users\Jack\Desktop\icomplete-export-northwestgraphicsltd-2014-01-05-195736_1388951856277_contact.csv
2015-02-10 23:05 - 2015-01-09 02:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-10 23:05 - 2015-01-09 02:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-10 23:05 - 2015-01-09 02:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-10 23:04 - 2015-01-15 07:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 23:04 - 2015-01-15 07:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 23:04 - 2015-01-15 07:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 23:04 - 2015-01-15 07:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 23:04 - 2015-01-15 07:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 23:04 - 2015-01-15 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 23:04 - 2015-01-15 07:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 23:04 - 2015-01-15 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 23:04 - 2015-01-15 07:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 23:04 - 2015-01-15 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 23:04 - 2015-01-15 07:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 23:04 - 2015-01-15 04:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 23:04 - 2015-01-09 01:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 23:04 - 2014-12-08 02:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 23:03 - 2015-01-14 05:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-10 23:03 - 2015-01-14 05:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 23:03 - 2014-10-04 01:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 23:03 - 2014-10-04 01:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-10 23:02 - 2015-02-04 02:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 23:02 - 2015-02-04 02:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 23:02 - 2015-02-04 02:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 23:02 - 2015-02-04 02:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 23:02 - 2015-02-04 02:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 23:02 - 2015-02-04 02:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 23:02 - 2015-02-04 02:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 23:02 - 2015-01-27 23:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 23:02 - 2015-01-14 05:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 23:02 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 23:02 - 2015-01-12 02:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 23:02 - 2015-01-12 02:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 23:02 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 23:02 - 2015-01-12 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 23:02 - 2015-01-12 02:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 23:02 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 23:02 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 23:02 - 2015-01-12 02:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 23:02 - 2015-01-12 01:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 23:02 - 2015-01-12 01:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 23:02 - 2015-01-12 01:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 23:02 - 2015-01-12 01:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 23:02 - 2015-01-12 01:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 23:02 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 23:02 - 2015-01-12 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 23:02 - 2015-01-12 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 23:02 - 2015-01-12 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 23:02 - 2015-01-12 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 23:02 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 23:02 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 23:02 - 2015-01-12 01:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 23:02 - 2015-01-12 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 23:02 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 23:02 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 23:02 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 23:02 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 23:02 - 2015-01-10 06:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 23:02 - 2014-11-26 03:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 23:01 - 2014-12-12 05:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 23:01 - 2014-07-07 01:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 23:01 - 2014-07-07 01:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 22:56 - 2015-01-13 02:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-25 21:29 - 2011-02-26 11:13 - 00000000 ____D () C:\Users\Jack\Documents\Outlook Files
2015-02-25 21:25 - 2010-10-30 19:05 - 01093632 _____ () C:\Windows\WindowsUpdate.log
2015-02-25 21:25 - 2009-07-14 04:34 - 00024096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 21:25 - 2009-07-14 04:34 - 00024096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 21:13 - 2010-10-30 19:40 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-25 21:09 - 2013-09-04 22:38 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-25 21:07 - 2011-05-15 17:47 - 00127439 _____ () C:\Windows\setupact.log
2015-02-25 21:07 - 2011-01-22 00:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-25 21:07 - 2009-07-14 04:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-25 02:34 - 2013-09-04 22:38 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 01:52 - 2010-11-09 00:11 - 02444288 ___SH () C:\Users\Jack\Downloads\Thumbs.db
2015-02-23 20:12 - 2014-07-31 22:06 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-23 06:11 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\rescache
2015-02-23 05:06 - 2011-01-15 15:04 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\uTorrent
2015-02-23 05:06 - 2010-12-28 19:32 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Skype
2015-02-16 02:46 - 2014-12-15 00:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-15 22:14 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-12 22:03 - 2010-10-31 13:17 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Spotify
2015-02-12 21:24 - 2010-10-31 13:17 - 00000000 ____D () C:\Users\Jack\AppData\Local\Spotify
2015-02-12 21:07 - 2009-07-14 04:33 - 03784912 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 03:04 - 2014-12-15 03:34 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:04 - 2014-05-07 02:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:04 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\tracing
2015-02-11 21:47 - 2013-08-15 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 21:32 - 2010-11-20 19:19 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 21:27 - 2013-09-04 22:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 21:27 - 2010-11-29 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 21:27 - 2009-07-14 02:04 - 00000478 _____ () C:\Windows\win.ini
2015-02-11 02:54 - 2013-03-26 22:40 - 00000000 ____D () C:\Users\Jack\Desktop\JT Media
2015-02-10 02:00 - 2011-02-15 19:08 - 00230424 _____ () C:\img2-001.raw
2015-02-06 02:37 - 2011-01-03 23:16 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\vlc
 
==================== Files in the root of some directories =======
 
2010-12-13 20:43 - 2014-07-17 22:31 - 0000132 _____ () C:\Users\Jack\AppData\Roaming\Adobe BMP Format CS5 Prefs
2010-12-13 20:43 - 2013-07-29 02:18 - 0000132 _____ () C:\Users\Jack\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-02-25 20:46 - 2014-03-05 21:45 - 0000085 _____ () C:\Users\Jack\AppData\Roaming\WB.CFG
2011-05-20 23:46 - 2012-11-09 16:36 - 0001456 _____ () C:\Users\Jack\AppData\Local\Adobe Save for Web 12.0 Prefs
2010-11-01 21:36 - 2013-10-10 00:59 - 0007168 _____ () C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-05-25 10:53 - 2012-05-25 10:53 - 0034814 _____ () C:\Users\Jack\AppData\Local\dt.dat
2011-02-10 22:26 - 2011-02-12 15:17 - 0000085 ___SH () C:\ProgramData\.zreglib
2010-12-28 19:36 - 2010-12-28 19:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
 
Some content of TEMP:
====================
C:\Users\Jack\AppData\Local\Temp\5wcwf2mk.dll
C:\Users\Jack\AppData\Local\Temp\AutoRun.exe
C:\Users\Jack\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jack\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jack\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Jack\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Jack\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jack\AppData\Local\Temp\ri5xfoh2.dll
C:\Users\Jack\AppData\Local\Temp\setup.exe
C:\Users\Jack\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jack\AppData\Local\Temp\thfinunf.dll
C:\Users\Jack\AppData\Local\Temp\utt7BA9.tmp.exe
C:\Users\Jack\AppData\Local\Temp\uttDE5E.tmp.exe
C:\Users\Jack\AppData\Local\Temp\uttE1DA.tmp.exe
C:\Users\Jack\AppData\Local\Temp\uv13ml0l.dll
C:\Users\Jack\AppData\Local\Temp\wp44qlri.dll
C:\Users\Jack\AppData\Local\Temp\x2nhad5h.dll
C:\Users\Jack\AppData\Local\Temp\znk2axxf.dll
C:\Users\Tom\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-23 05:54
 
==================== End Of Log ============================


#4 MrFaux

MrFaux
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 25 February 2015 - 05:27 PM

Thanks For the reply here is the zoek report  :bounce:

 
Zoek.exe v5.0.0.0 Updated 24-February-2015
Tool run by Jack on 25/02/2015 at 22:08:42.72.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jack\Downloads\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
25/02/2015 22:12:13 Zoek.exe System Restore Point Created Succesfully.
 
==== Running Processes ======================
 
C:\Windows\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
C:\Program Files\O2 Assistant\bin\sprtsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\O2 Assistant\bin\tgsrvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\Zemana AntiLogger Free\AntiLogger Free.exe
C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\CounterPath\X-Lite\X-Lite.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jack\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\CounterPath\X-Lite\awesomium_process
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jack\Downloads\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k swprv
 
==== Services(whitelist) ======================
Powered by E Dev
 
R2 - [Apple Mobile Device] - Apple Mobile Device - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files\avg\avg2014\avgidsagent.exe
R2 - [avgwd] - AVG WatchDog - c:\program files\avg\avg2014\avgwdsvc.exe
R2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe
R2 - [CTAudSvcService] - Creative Audio Service - c:\program files\creative\shared files\ctaudsvc.exe
R2 - [HsdService] - HsdService - c:\program files\virgin media\digital home support\hsdservice.exe
R2 - [LMIGuardianSvc] - LMIGuardianSvc - c:\program files\logmein\x86\lmiguardiansvc.exe
R2 - [MSCamSvc] - MSCamSvc - c:\program files\microsoft lifecam\mscams32.exe
R2 - [Nero BackItUp Scheduler 4.0] - Nero BackItUp Scheduler 4.0 - c:\program files\common files\nero\nero backitup 4\nbservice.exe
R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files\nvidia corporation\nvidia update core\daemonu.exe
R2 - [PDF Architect Helper Service] - PDF Architect Helper Service - c:\program files\pdf architect\helperservice.exe
R2 - [PDF Architect Service] - PDF Architect Service - c:\program files\pdf architect\conversionservice.exe
R2 - [ServicepointService] - ServicepointService - c:\program files\virgin media\service manager\servicepointservice.exe
R2 - [StarWindServiceAE] - StarWind AE Service - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [vToolbarUpdater3.2.0] - vToolbarUpdater3.2.0 - c:\program files\common files\avg secure search\vtoolbarupdater\3.2.0\toolbarupdater.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe
R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files\google\update\googleupdate.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [Creative ALchemy AL6 Licensing Service] - Creative ALchemy AL6 Licensing Service - c:\program files\common files\creative labs shared\service\al6licensing.exe
S3 - [Creative Audio Engine Licensing Service] - Creative Audio Engine Licensing Service - c:\program files\common files\creative labs shared\service\ctaelicensing.exe
S3 - [Creative Media Toolbox 6 Licensing Service] - Creative Media Toolbox 6 Licensing Service - c:\program files\common files\creative labs shared\service\mt6licensing.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [OpenVPNService] - OpenVPN Service - c:\program files\hma! pro vpn\bin\openvpnserv.exe
S3 - [ose] - Office  Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [SwitchBoard] - SwitchBoard - c:\program files\common files\adobe\switchboard\switchboard.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S4 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S4 - [LMIMaint] - LogMeIn Maintenance Service - c:\program files\logmein\x86\ramaint.exe
S4 - [LogMeIn] - LogMeIn - c:\program files\logmein\x86\logmein.exe
S4 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
 
==== System Specs ======================
 
Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3072 MB
CPU Info: Intel® Core™2 CPU          6600  @ 2.40GHz
CPU Speed: 2398.1 MHz
Sound Card: Speakers (Sound Blaster X-Fi Xt | 
Digital Audio (S/PDIF) (Sound B | 
Digital Audio (S/PDIF) (High De | 
Display Adapters: NVIDIA GeForce 8500 GT | NVIDIA GeForce 8500 GT | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver | LogMeIn Mirror Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1680 X 1050 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
CD / DVD Drives: 2x (D: | G: | ) D: ATAPI   iHAS124   B      | G: IJCLSB  8XIZ4523SPUV
Ports: COM1 LPT1
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  298.0GB
Hard Disks - Free: C:  131.0GB
Manufacturer *: Phoenix Technologies, LTD
BIOS Info: AT/AT COMPATIBLE | 03/05/07 | Nvidia - 42302e31
Time Zone: GMT Standard Time
Motherboard *: ASUSTeK Computer INC. P5ND2 SE
Country: United Kingdom 
Language: ENG 
 
==== System Specs (Software) ======================
 
Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Google Chrome 40.0.2214.115
Internet Explorer Version: 11.0.9600.17633 
Mozilla Firefox version: 34.0.5 (x86 en-US)
Google Chrome version: 40.0.2214.115
Adobe Reader version: 9.4.0.195
Sun Java version: 1.7.0_45 (32-bit) 
Flash Player version: 11.7.700.202
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
====== C:\Users\Jack\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2015-02-25 03:01:03 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\System32\locale.nls
2015-02-12 21:23:32 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\System32\jscript9.dll
2015-02-12 21:23:32 01BD2653F2185218837CF4A175617F8A 620032 ----a-w- C:\Windows\System32\jscript9diag.dll
====== C:\Windows\system32\drivers =====
2015-02-23 21:52:28 A5DAB4F9C0BAE20478D36B34C9A6F756 69816 ----a-w- C:\Windows\System32\drivers\KeyCrypt32.sys
2015-02-10 23:04:34 F516F1167EFBBC5ABC90687C94497869 369968 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-02-10 23:04:34 EF88BAC2B489D9C46F4E41ACF0219CD0 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-02-10 23:04:34 49D70660EE8266988C1F99A0297A1430 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-23 21:52:28 -------- d-----w- C:\Program Files\Zemana AntiLogger Free
2015-02-23 21:52:28 -------- d-----w- C:\Program Files\KeyCryptSDK
======= C: =====
====== C:\Users\Jack\AppData\Roaming ======
2015-02-23 21:52:19 -------- d-----w- C:\Users\Jack\AppData\Local\AntiLogger Free
2015-02-13 00:19:24 -------- d-----w- C:\Users\Jack\AppData\Local\William Hill Poker
====== C:\Users\Jack ======
2015-02-25 21:15:31 3BCC06EDCB2E7AA9AEF87737208E4993 1127424 ----a-w- C:\Users\Jack\Downloads\FRST.exe
2015-02-23 21:52:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2015-02-23 21:51:43 85C9EF1104C076F613E302C08228F326 3688000 ----a-w- C:\Users\Jack\Downloads\AntiLoggerFree_Setup.exe
 
====== C: exe-files ==
2015-02-23 21:52:28 90B5A98DEEC9F41A364D35CE3989EB66 1176856 ----a-w- C:\Program Files\Zemana AntiLogger Free\unins000.exe
2015-02-23 21:52:28 8D71BB209D84BE4DD6DB335D19A845CB 8205944 ----a-w- C:\Program Files\Zemana AntiLogger Free\AntiLogger Free.exe
2015-02-23 01:56:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jack\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FHHHNZD\SkypeSetupFull[1].exe
2015-02-22 21:35:12 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files\Google\Update\Install\{34318788-45F9-4886-A1E6-B70EA22621B9}\40.0.2214.115_40.0.2214.111_chrome_updater.exe
2015-02-22 21:35:12 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe
=== C: other files ==
2015-02-23 21:52:28 A5DAB4F9C0BAE20478D36B34C9A6F756 69816 ----a-w- C:\Windows\System32\drivers\KeyCrypt32.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"
"Spotify Web Helper"="C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"AVG-Secure-Search-Update_0214c"="C:\Users\Jack\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=d0999ec0da6547d68ac4d152badf5664-863b5e529647675fef13182a8d404bdad669ddeb /CMPID=0214c"
"f.lux"="C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe /noshow"
"X-Lite"="C:\Program Files\CounterPath\X-Lite\X-Lite.exe"
"GoogleChromeAutoLaunch_4DCD0A585AE1D27D19F4EB1351CC758F"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Jack\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"EPSON SX210 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU C:\Windows\TEMP\E_SEC91.tmp /EF HKCU"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Akamai NetSession Interface"="C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe"
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"
"Spotify Web Helper"="C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"ManyCam"="C:\Program Files\ManyCam\Bin\ManyCam.exe /silent"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"DriverScanner"="C:\Program Files\Uniblue\DriverScanner\launcher.exe delay 20000 "
"V-Line"="C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe-minimizemode"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Jack\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"EPSON SX210 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU C:\Windows\TEMP\E_SEC91.tmp /EF HKCU"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Akamai NetSession Interface"="C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe"
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"
"Spotify Web Helper"="C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"ManyCam"="C:\Program Files\ManyCam\Bin\ManyCam.exe /silent"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"DriverScanner"="C:\Program Files\Uniblue\DriverScanner\launcher.exe delay 20000 "
"V-Line"="C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe-minimizemode"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1006\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Jack\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"EPSON SX210 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU C:\Windows\TEMP\E_SEC91.tmp /EF HKCU"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"
"Akamai NetSession Interface"="C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe"
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"
"Spotify Web Helper"="C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"ManyCam"="C:\Program Files\ManyCam\Bin\ManyCam.exe /silent"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"DriverScanner"="C:\Program Files\Uniblue\DriverScanner\launcher.exe delay 20000 "
"V-Line"="C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe-minimizemode"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"CTAutoUpdate"="C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe /RunFromInstaller"
"StartMSu"="C:\Program Files\Creative\MediaSource5\Startmsu.exe /s"
"InetReg"="C:\Program Files\Creative\Product Registration\English\InetReg.exe /PreProcess=RegFlash.exe /Delay=6"
"spchecker"="C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"CTAutoUpdate"="C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe /RunFromInstaller"
"InetReg"="C:\Program Files\Creative\Product Registration\English\InetReg.exe /PreProcess=RegFlash.exe /Delay=6"
 
[HKEY_USERS\S-1-5-21-4169622593-101393419-2795113958-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"CTAutoUpdate"="C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe /RunFromInstaller"
"InetReg"="C:\Program Files\Creative\Product Registration\English\InetReg.exe /PreProcess=RegFlash.exe /Delay=6"
 
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DataCardMonitor"="C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"vProt"="C:\Program Files\AVG Web TuneUp\vprot.exe"
"ZALFree"="C:\Program Files\Zemana AntiLogger Free\AntiLogger Free.exe /MINIMIZED"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe"
"Spotify Web Helper"="C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"AVG-Secure-Search-Update_0214c"="C:\Users\Jack\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=d0999ec0da6547d68ac4d152badf5664-863b5e529647675fef13182a8d404bdad669ddeb /CMPID=0214c"
"f.lux"="C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe /noshow"
"X-Lite"="C:\Program Files\CounterPath\X-Lite\X-Lite.exe"
"GoogleChromeAutoLaunch_4DCD0A585AE1D27D19F4EB1351CC758F"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KEYCRY~1\\KEYCRY~3.DLL"
 
==== Startup Registry Disabled ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Akamai NetSession Interface"
"hkey"="HKCU"
"command"="\"C:\\Users\\Jack\\AppData\\Local\\Akamai\\netsession_win.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AlcoholAutomount]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AlcoholAutomount"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Alcohol Soft\\Alcohol 120\\axcmd.exe\" /automount"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DHSClient.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DHSClient.exe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Virgin Media\\Digital Home Support\\DHSClient.exe\" /AUTORUN"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Diamondback]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Diamondback"
"hkey"="HKLM"
"command"="C:\\Program Files\\Razer\\Diamondback\\Razer\\Diamondback\\razerhid.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DivXUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EsternTimesMouseExRun]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EsternTimesMouseExRun"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Anker Precision Laser Gaming Mouse\\AnkerMonEx.exe\" -runauto"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FILE NAME]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FILE NAME"
"hkey"="HKLM"
"command"="C:\\Program Files\\Razer\\Nostromo\\t2Hid.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Jack\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Launch LCore]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Launch LCore"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Logitech Gaming Software\\LCore.exe\" /minimized"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LifeCam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LifeCam"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn GUI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn GUI"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\LogMeIn\\x86\\LogMeInSystray.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Mobile Connectivity Suite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Mobile Connectivity Suite"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\HTC\\HTC Sync\\Application Launcher\\Application Launcher.exe\" /startoptions"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ServiceManager.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ServiceManager.exe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Virgin Media\\Service Manager\\ServiceManager.exe\" /AUTORUN"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMAX]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SoundMAX"
"hkey"="HKLM"
"command"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Jack\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\V-Line]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="V-Line"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Buzz Networks\\V-Line\\PCSoftPhone.exe\"-minimizemode"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VX3000]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VX3000"
"hkey"="HKLM"
"command"="C:\\Windows\\vVX3000.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Windows Mobile Device Center"
"hkey"="HKLM"
"command"="%windir%\\WindowsMobile\\wmdc.exe"
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG311v3 Smart Wizard.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\NETGEAR WG311v3 Smart Wizard.lnk"
"backup"="C:\\Windows\\pss\\NETGEAR WG311v3 Smart Wizard.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\NETGEAR\\WG311v3\\WG311v3.exe /HIDE"
"item"="NETGEAR WG311v3 Smart Wizard"
 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehRecvr]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehSched]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc]
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/09/2013 22:38]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/09/2013 22:38]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Jack-PC-Jack" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Jack-PC-Stephen" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{5C58C085-017C-45F6-B286-2DD1417EB375}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on 25/02/2015 at 22:20:12.99 ======================


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:21 AM

Posted 25 February 2015 - 05:41 PM

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.
tdss.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 MrFaux

MrFaux
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 25 February 2015 - 06:37 PM

23:32:19.0186 0x0b34  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
23:32:22.0031 0x0b34  ============================================================
23:32:22.0032 0x0b34  Current date / time: 2015/02/25 23:32:22.0031
23:32:22.0032 0x0b34  SystemInfo:
23:32:22.0032 0x0b34  
23:32:22.0032 0x0b34  OS Version: 6.1.7601 ServicePack: 1.0
23:32:22.0032 0x0b34  Product type: Workstation
23:32:22.0032 0x0b34  ComputerName: JACK-PC
23:32:22.0032 0x0b34  UserName: Jack
23:32:22.0032 0x0b34  Windows directory: C:\Windows
23:32:22.0032 0x0b34  System windows directory: C:\Windows
23:32:22.0032 0x0b34  Processor architecture: Intel x86
23:32:22.0032 0x0b34  Number of processors: 2
23:32:22.0032 0x0b34  Page size: 0x1000
23:32:22.0032 0x0b34  Boot type: Normal boot
23:32:22.0032 0x0b34  ============================================================
23:32:25.0037 0x0b34  KLMD registered as C:\Windows\system32\drivers\64083187.sys
23:32:26.0378 0x0b34  System UUID: {BADE33BF-F8A8-486D-50FC-B32C25B9B281}
23:32:28.0085 0x0b34  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
23:32:28.0088 0x0b34  ============================================================
23:32:28.0088 0x0b34  \Device\Harddisk0\DR0:
23:32:28.0088 0x0b34  MBR partitions:
23:32:28.0088 0x0b34  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:32:28.0088 0x0b34  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
23:32:28.0088 0x0b34  ============================================================
23:32:28.0110 0x0b34  C: <-> \Device\Harddisk0\DR0\Partition2
23:32:28.0221 0x0b34  ============================================================
23:32:28.0221 0x0b34  Initialize success
23:32:28.0221 0x0b34  ============================================================
23:34:22.0292 0x05d4  ============================================================
23:34:22.0292 0x05d4  Scan started
23:34:22.0292 0x05d4  Mode: Manual; SigCheck; TDLFS; 
23:34:22.0292 0x05d4  ============================================================
23:34:22.0292 0x05d4  KSN ping started
23:34:25.0004 0x05d4  KSN ping finished: true
23:34:26.0935 0x05d4  ================ Scan system memory ========================
23:34:26.0935 0x05d4  System memory - ok
23:34:26.0935 0x05d4  ================ Scan services =============================
23:34:27.0109 0x05d4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:34:27.0310 0x05d4  1394ohci - ok
23:34:27.0394 0x05d4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:34:27.0427 0x05d4  ACPI - ok
23:34:27.0464 0x05d4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:34:27.0572 0x05d4  AcpiPmi - ok
23:34:27.0626 0x05d4  [ D392183CC5379E302E50CEBA635248EB, 43DDD87C7F749B2F6DD3BC7759BC25C1C5968ABAAEE4A9E13CA0851AF0E394BE ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
23:34:27.0766 0x05d4  ADIHdAudAddService - ok
23:34:27.0829 0x05d4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:34:27.0856 0x05d4  adp94xx - ok
23:34:27.0889 0x05d4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:34:27.0912 0x05d4  adpahci - ok
23:34:27.0935 0x05d4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:34:27.0954 0x05d4  adpu320 - ok
23:34:27.0975 0x05d4  [ 9F59AE2DE835641FBB0C6AFD80D8FA9B, 20DBA4F85654C637305CC9429D1942EC5E4F54731F605292B3851F931A5B1039 ] AEAudioService  C:\Windows\system32\drivers\AEAudio.sys
23:34:28.0020 0x05d4  AEAudioService - ok
23:34:28.0041 0x05d4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:34:28.0105 0x05d4  AeLookupSvc - ok
23:34:28.0180 0x05d4  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
23:34:28.0240 0x05d4  AFD - ok
23:34:28.0277 0x05d4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
23:34:28.0294 0x05d4  agp440 - ok
23:34:28.0334 0x05d4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
23:34:28.0354 0x05d4  aic78xx - ok
23:34:28.0389 0x05d4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
23:34:28.0443 0x05d4  ALG - ok
23:34:28.0488 0x05d4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:34:28.0523 0x05d4  aliide - ok
23:34:28.0573 0x05d4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:34:28.0595 0x05d4  amdagp - ok
23:34:28.0687 0x05d4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:34:28.0711 0x05d4  amdide - ok
23:34:28.0725 0x05d4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:34:28.0770 0x05d4  AmdK8 - ok
23:34:28.0780 0x05d4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:34:28.0827 0x05d4  AmdPPM - ok
23:34:28.0859 0x05d4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:34:28.0878 0x05d4  amdsata - ok
23:34:28.0894 0x05d4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:34:28.0915 0x05d4  amdsbs - ok
23:34:28.0930 0x05d4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:34:28.0947 0x05d4  amdxata - ok
23:34:28.0988 0x05d4  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
23:34:29.0113 0x05d4  AppID - ok
23:34:29.0164 0x05d4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:34:29.0225 0x05d4  AppIDSvc - ok
23:34:29.0279 0x05d4  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
23:34:29.0350 0x05d4  Appinfo - ok
23:34:29.0479 0x05d4  [ 5AA788D5A2C6737BB9C45933985BC1B8, 6449514A776001BCA134A1DEF1EB05C537583C4A153FDF3D8E9F5ABE6923447C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:34:29.0499 0x05d4  Apple Mobile Device - ok
23:34:29.0550 0x05d4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:34:29.0568 0x05d4  arc - ok
23:34:29.0587 0x05d4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:34:29.0605 0x05d4  arcsas - ok
23:34:29.0706 0x05d4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:34:29.0738 0x05d4  aspnet_state - ok
23:34:29.0766 0x05d4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:34:29.0866 0x05d4  AsyncMac - ok
23:34:29.0905 0x05d4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:34:29.0920 0x05d4  atapi - ok
23:34:30.0071 0x05d4  [ 76BAB0C824E2D05B940C4DD40A9B08BF, 237C60123F5AFF06C20757E2791C0CA383DE094DB634C239E375639B1B923844 ] athr            C:\Windows\system32\DRIVERS\athr.sys
23:34:30.0174 0x05d4  athr - ok
23:34:30.0260 0x05d4  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:34:30.0362 0x05d4  AudioEndpointBuilder - ok
23:34:30.0400 0x05d4  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:34:30.0432 0x05d4  Audiosrv - ok
23:34:30.0539 0x05d4  [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
23:34:30.0592 0x05d4  Avgdiskx - ok
23:34:30.0863 0x05d4  [ 5AFCA73A6807B6ABA67E01C3AD1F4E2B, 39F68A2C09F1F1032AFB1817D297F3D7C0FABC119F42CBE319A42970F967276D ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
23:34:30.0985 0x05d4  AVGIDSAgent - ok
23:34:31.0049 0x05d4  [ 8F07F27A2954775823A89C5976BF4F36, 232B10ECFD420B1BCB390FC495670FE092AAE9726185D2B50CBF6A5DD5D5C7A6 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
23:34:31.0079 0x05d4  AVGIDSDriver - ok
23:34:31.0138 0x05d4  [ C0701A3C53F0A0F5E4900F26365A10A1, 2755AF8C98F4855FD467F0174D6AE7AC3E7050D95008FE521918194593684D51 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
23:34:31.0157 0x05d4  AVGIDSHX - ok
23:34:31.0197 0x05d4  [ E7FEE532CEF01C97D7682E35D156244F, CF54B4B83E1A060FF52BDEAC4E20492ACFAABC87BC6BE784D6AB4CD64C965B92 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
23:34:31.0237 0x05d4  AVGIDSShim - ok
23:34:31.0278 0x05d4  [ 83645E273A9EEFB3B554AD0D8A01F33D, 23491C196156BC7BF47FCD4825CCE4DEC6BE0764D7113F2D612473551305860B ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
23:34:31.0365 0x05d4  Avgldx86 - ok
23:34:31.0430 0x05d4  [ 8D37558421330218C98722DF4AD85E83, 24C33B317BA605DFC9B9CE2868391A815870A61F58A172806533A16F29F92B0A ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
23:34:31.0462 0x05d4  Avglogx - ok
23:34:31.0496 0x05d4  [ BE4C960D8B2B5DE08B87970D89146ABE, 18523356835D296C25FD73DA9F5CC3A5F4542D713ABEB9F8253CC871BBFCC958 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
23:34:31.0530 0x05d4  Avgmfx86 - ok
23:34:31.0565 0x05d4  [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
23:34:31.0582 0x05d4  Avgrkx86 - ok
23:34:31.0604 0x05d4  [ 674B31FADA5C6A8678B1CCFE1D1F8796, 1EB85DC5A426C19ED2EED5993F2B6A1C81904832FAA746169A42FEA1A969B423 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
23:34:31.0631 0x05d4  Avgtdix - ok
23:34:31.0679 0x05d4  [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
23:34:31.0696 0x05d4  avgtp - ok
23:34:31.0749 0x05d4  [ 4A3D6702F4A101C4DDC7000B59530DD5, D89AB84C2834DD72883A989C7915DCE294A455986301A7529AEB8F7B68762E99 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
23:34:31.0789 0x05d4  avgwd - ok
23:34:31.0829 0x05d4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:34:31.0945 0x05d4  AxInstSV - ok
23:34:31.0995 0x05d4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
23:34:32.0055 0x05d4  b06bdrv - ok
23:34:32.0090 0x05d4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
23:34:32.0231 0x05d4  b57nd60x - ok
23:34:32.0274 0x05d4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
23:34:32.0371 0x05d4  BDESVC - ok
23:34:32.0387 0x05d4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:34:32.0443 0x05d4  Beep - ok
23:34:32.0638 0x05d4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
23:34:32.0784 0x05d4  BFE - ok
23:34:32.0839 0x05d4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
23:34:32.0928 0x05d4  BITS - ok
23:34:32.0960 0x05d4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:34:32.0979 0x05d4  blbdrive - ok
23:34:33.0024 0x05d4  [ 70CD6D71FC48BBBD1385D7B35AEADECC, B4F899D3072F4B6CAA9FFED8FD805EC8FB6B5BCF29875553FBBF3B90D3DAA4DF ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
23:34:33.0081 0x05d4  BMLoad - detected UnsignedFile.Multi.Generic ( 1 )
23:34:35.0463 0x05d4  Detect skipped due to KSN trusted
23:34:35.0463 0x05d4  BMLoad - ok
23:34:35.0543 0x05d4  [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:34:35.0573 0x05d4  Bonjour Service - ok
23:34:35.0620 0x05d4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:34:35.0665 0x05d4  bowser - ok
23:34:35.0682 0x05d4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:34:35.0714 0x05d4  BrFiltLo - ok
23:34:35.0730 0x05d4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:34:35.0762 0x05d4  BrFiltUp - ok
23:34:35.0795 0x05d4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
23:34:35.0825 0x05d4  Browser - ok
23:34:35.0850 0x05d4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:34:35.0902 0x05d4  Brserid - ok
23:34:35.0919 0x05d4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:34:35.0942 0x05d4  BrSerWdm - ok
23:34:35.0954 0x05d4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:34:35.0974 0x05d4  BrUsbMdm - ok
23:34:35.0992 0x05d4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:34:36.0023 0x05d4  BrUsbSer - ok
23:34:36.0038 0x05d4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:34:36.0059 0x05d4  BTHMODEM - ok
23:34:36.0094 0x05d4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
23:34:36.0160 0x05d4  bthserv - ok
23:34:36.0184 0x05d4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:34:36.0304 0x05d4  cdfs - ok
23:34:36.0357 0x05d4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:34:36.0437 0x05d4  cdrom - ok
23:34:36.0482 0x05d4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:34:36.0524 0x05d4  CertPropSvc - ok
23:34:36.0547 0x05d4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:34:36.0590 0x05d4  circlass - ok
23:34:36.0626 0x05d4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
23:34:36.0649 0x05d4  CLFS - ok
23:34:36.0712 0x05d4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:34:36.0727 0x05d4  clr_optimization_v2.0.50727_32 - ok
23:34:36.0769 0x05d4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:34:36.0786 0x05d4  clr_optimization_v4.0.30319_32 - ok
23:34:36.0801 0x05d4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:34:36.0836 0x05d4  CmBatt - ok
23:34:36.0866 0x05d4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:34:36.0882 0x05d4  cmdide - ok
23:34:36.0921 0x05d4  [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG             C:\Windows\system32\Drivers\cng.sys
23:34:36.0959 0x05d4  CNG - ok
23:34:36.0971 0x05d4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:34:36.0986 0x05d4  Compbatt - ok
23:34:37.0032 0x05d4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:34:37.0051 0x05d4  CompositeBus - ok
23:34:37.0064 0x05d4  COMSysApp - ok
23:34:37.0100 0x05d4  [ 75FA19142531CBF490770C2988A7DB64, C673F2EED5D0EED307A67119D20A91C8818A53A3CB616E2984876B07E5C62547 ] cpuz134         C:\Windows\system32\drivers\cpuz134_x32.sys
23:34:37.0114 0x05d4  cpuz134 - ok
23:34:37.0126 0x05d4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:34:37.0142 0x05d4  crcdisk - ok
23:34:37.0222 0x05d4  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
23:34:37.0246 0x05d4  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
23:34:39.0699 0x05d4  Detect skipped due to KSN trusted
23:34:39.0699 0x05d4  Creative ALchemy AL6 Licensing Service - ok
23:34:39.0720 0x05d4  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:34:39.0744 0x05d4  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
23:34:42.0257 0x05d4  Detect skipped due to KSN trusted
23:34:42.0257 0x05d4  Creative Audio Engine Licensing Service - ok
23:34:42.0307 0x05d4  [ D03466C36EF0E5C7694FF38B45271D9D, 367E0C1F0C49C31F26EC6A8828FE5727D70C637FD8C4213D10E43C80A0EA259E ] Creative Media Toolbox 6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
23:34:42.0357 0x05d4  Creative Media Toolbox 6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
23:34:44.0727 0x05d4  Detect skipped due to KSN trusted
23:34:44.0727 0x05d4  Creative Media Toolbox 6 Licensing Service - ok
23:34:44.0794 0x05d4  [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:34:44.0889 0x05d4  CryptSvc - ok
23:34:44.0971 0x05d4  [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
23:34:44.0997 0x05d4  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
23:34:47.0367 0x05d4  Detect skipped due to KSN trusted
23:34:47.0367 0x05d4  CTAudSvcService - ok
23:34:47.0416 0x05d4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:34:47.0461 0x05d4  DcomLaunch - ok
23:34:47.0505 0x05d4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
23:34:47.0627 0x05d4  defragsvc - ok
23:34:47.0718 0x05d4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:34:47.0761 0x05d4  DfsC - ok
23:34:47.0807 0x05d4  [ 649705E3DAE598BC0F957BACBF9A2BD5, DC3FF2D703AA8AF5CCDF996E2130E71AD0666C5C7E8AD8C41775820A8FAD9413 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
23:34:47.0833 0x05d4  dg_ssudbus - ok
23:34:47.0898 0x05d4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:34:47.0932 0x05d4  Dhcp - ok
23:34:47.0948 0x05d4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
23:34:48.0017 0x05d4  discache - ok
23:34:48.0046 0x05d4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:34:48.0063 0x05d4  Disk - ok
23:34:48.0107 0x05d4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:34:48.0171 0x05d4  Dnscache - ok
23:34:48.0227 0x05d4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:34:48.0307 0x05d4  dot3svc - ok
23:34:48.0363 0x05d4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
23:34:48.0495 0x05d4  DPS - ok
23:34:48.0568 0x05d4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:34:48.0814 0x05d4  drmkaud - ok
23:34:48.0964 0x05d4  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:34:49.0019 0x05d4  DXGKrnl - ok
23:34:49.0057 0x05d4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
23:34:49.0123 0x05d4  EapHost - ok
23:34:49.0252 0x05d4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
23:34:49.0496 0x05d4  ebdrv - ok
23:34:49.0619 0x05d4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] EFS             C:\Windows\System32\lsass.exe
23:34:49.0732 0x05d4  EFS - ok
23:34:49.0863 0x05d4  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:34:49.0933 0x05d4  ehRecvr - ok
23:34:49.0963 0x05d4  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
23:34:50.0113 0x05d4  ehSched - ok
23:34:50.0227 0x05d4  [ AAA8999A169E39FB8B48AE49CD6AC30A, 8137CE22D0D0FC5EA5B174D6AD3506A4949506477B1325DA2CCB76511F4C4F60 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
23:34:50.0256 0x05d4  ElbyCDIO - ok
23:34:50.0289 0x05d4  [ E205C313417DA6FA7AFE85912A310A65, E58941DEDA9F48BB0D1E1DBAA1CB196CCC6FCFC102825823B34BF878B345215A ] ElbyDelay       C:\Windows\system32\Drivers\ElbyDelay.sys
23:34:50.0306 0x05d4  ElbyDelay - ok
23:34:50.0415 0x05d4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:34:50.0465 0x05d4  elxstor - ok
23:34:50.0538 0x05d4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:34:50.0624 0x05d4  ErrDev - ok
23:34:50.0683 0x05d4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
23:34:50.0756 0x05d4  EventSystem - ok
23:34:50.0843 0x05d4  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
23:34:50.0912 0x05d4  ew_hwusbdev - ok
23:34:50.0955 0x05d4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:34:51.0050 0x05d4  exfat - ok
23:34:51.0076 0x05d4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:34:51.0137 0x05d4  fastfat - ok
23:34:51.0313 0x05d4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
23:34:51.0422 0x05d4  Fax - ok
23:34:51.0453 0x05d4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:34:51.0507 0x05d4  fdc - ok
23:34:51.0545 0x05d4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
23:34:51.0601 0x05d4  fdPHost - ok
23:34:51.0617 0x05d4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:34:51.0667 0x05d4  FDResPub - ok
23:34:51.0687 0x05d4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:34:51.0703 0x05d4  FileInfo - ok
23:34:51.0723 0x05d4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:34:51.0768 0x05d4  Filetrace - ok
23:34:51.0785 0x05d4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:34:51.0803 0x05d4  flpydisk - ok
23:34:51.0831 0x05d4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:34:51.0853 0x05d4  FltMgr - ok
23:34:51.0922 0x05d4  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
23:34:52.0006 0x05d4  FontCache - ok
23:34:52.0061 0x05d4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:34:52.0082 0x05d4  FontCache3.0.0.0 - ok
23:34:52.0110 0x05d4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:34:52.0127 0x05d4  FsDepends - ok
23:34:52.0165 0x05d4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:34:52.0208 0x05d4  Fs_Rec - ok
23:34:52.0250 0x05d4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:34:52.0273 0x05d4  fvevol - ok
23:34:52.0290 0x05d4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:34:52.0306 0x05d4  gagp30kx - ok
23:34:52.0346 0x05d4  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:34:52.0367 0x05d4  GEARAspiWDM - ok
23:34:52.0417 0x05d4  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:34:52.0487 0x05d4  gpsvc - ok
23:34:52.0566 0x05d4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:34:52.0588 0x05d4  gupdate - ok
23:34:52.0596 0x05d4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:34:52.0610 0x05d4  gupdatem - ok
23:34:52.0638 0x05d4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:34:52.0665 0x05d4  hcw85cir - ok
23:34:52.0710 0x05d4  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:34:52.0742 0x05d4  HdAudAddService - ok
23:34:52.0773 0x05d4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:34:52.0813 0x05d4  HDAudBus - ok
23:34:52.0833 0x05d4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:34:52.0852 0x05d4  HidBatt - ok
23:34:52.0867 0x05d4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:34:52.0911 0x05d4  HidBth - ok
23:34:52.0943 0x05d4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:34:53.0006 0x05d4  HidIr - ok
23:34:53.0033 0x05d4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
23:34:53.0077 0x05d4  hidserv - ok
23:34:53.0125 0x05d4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:34:53.0163 0x05d4  HidUsb - ok
23:34:53.0200 0x05d4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:34:53.0246 0x05d4  hkmsvc - ok
23:34:53.0281 0x05d4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:34:53.0326 0x05d4  HomeGroupListener - ok
23:34:53.0368 0x05d4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:34:53.0392 0x05d4  HomeGroupProvider - ok
23:34:53.0431 0x05d4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:34:53.0455 0x05d4  HpSAMD - ok
23:34:53.0606 0x05d4  [ EAC76A9283E8B2192351E5C0B3820624, 0D9C18899E32826B629EDC3FE8C54491E56AD6DBF13FF05AE821ABD01235278F ] HsdService      C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
23:34:53.0677 0x05d4  HsdService - ok
23:34:53.0733 0x05d4  [ 950CC1E6AE3A6CD23E0945CDE089B02C, C242AE9F21FE7FBC269BD11BDD3346936626DA15596561B527EF20CFAEF77055 ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
23:34:53.0761 0x05d4  HTCAND32 - ok
23:34:53.0806 0x05d4  [ 89E2296561FCE84AC9F34EE7243D78AC, 9643FB3A99EC94E3F2A6332970D0D68C77CA8AB3B4F688004EC0BFC2881D5A38 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV32.sys
23:34:53.0883 0x05d4  HtcVCom32 - ok
23:34:53.0940 0x05d4  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:34:53.0997 0x05d4  HTTP - ok
23:34:54.0051 0x05d4  [ 42A64382A0607B80C99C37170911B346, 54914F2C401824546E7F41F10A42FF242177740F5DE3F34EFC2B8F3E8F7C1480 ] huawei_cdcacm   C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
23:34:54.0121 0x05d4  huawei_cdcacm - ok
23:34:54.0172 0x05d4  [ F44461E66F1B7DD267957FE9BAA63ED0, 5B51692F1670A43A8C1B9E2EECB4042AB04BA92AAA347405A61D3EA8C478BC5A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
23:34:54.0206 0x05d4  huawei_enumerator - ok
23:34:54.0261 0x05d4  HWDeviceService.exe - ok
23:34:54.0295 0x05d4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:34:54.0330 0x05d4  hwpolicy - ok
23:34:54.0378 0x05d4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:34:54.0398 0x05d4  i8042prt - ok
23:34:54.0448 0x05d4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:34:54.0472 0x05d4  iaStorV - ok
23:34:54.0542 0x05d4  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:34:54.0596 0x05d4  idsvc - ok
23:34:54.0617 0x05d4  IEEtwCollectorService - ok
23:34:54.0641 0x05d4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:34:54.0658 0x05d4  iirsp - ok
23:34:54.0723 0x05d4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:34:54.0781 0x05d4  IKEEXT - ok
23:34:54.0815 0x05d4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:34:54.0831 0x05d4  intelide - ok
23:34:54.0907 0x05d4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:34:54.0955 0x05d4  intelppm - ok
23:34:54.0981 0x05d4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:34:55.0033 0x05d4  IPBusEnum - ok
23:34:55.0053 0x05d4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:34:55.0087 0x05d4  IpFilterDriver - ok
23:34:55.0145 0x05d4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:34:55.0195 0x05d4  iphlpsvc - ok
23:34:55.0227 0x05d4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:34:55.0261 0x05d4  IPMIDRV - ok
23:34:55.0296 0x05d4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:34:55.0330 0x05d4  IPNAT - ok
23:34:55.0388 0x05d4  [ 8E5E5A8CC84DA3F683E3BBC045138D52, A28AB69C57972404EBE98DBE48E3642B1BDB9B7415D7BEF0A485406B9BA1D67A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:34:55.0431 0x05d4  iPod Service - ok
23:34:55.0459 0x05d4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:34:55.0512 0x05d4  IRENUM - ok
23:34:55.0530 0x05d4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:34:55.0548 0x05d4  isapnp - ok
23:34:55.0594 0x05d4  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:34:55.0617 0x05d4  iScsiPrt - ok
23:34:55.0649 0x05d4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:34:55.0667 0x05d4  kbdclass - ok
23:34:55.0683 0x05d4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:34:55.0704 0x05d4  kbdhid - ok
23:34:55.0764 0x05d4  [ A5DAB4F9C0BAE20478D36B34C9A6F756, C2CC8E2AFD7D0E4802F7BB91C9E357A9DD0CD5AA88D6D3A53C6A67DC58BFDFC3 ] keycrypt        C:\Windows\system32\DRIVERS\KeyCrypt32.sys
23:34:55.0783 0x05d4  keycrypt - ok
23:34:55.0794 0x05d4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] KeyIso          C:\Windows\system32\lsass.exe
23:34:55.0813 0x05d4  KeyIso - ok
23:34:55.0869 0x05d4  [ 4476FE98AAF505ACDCD3EE6360AABEC1, 1573C5B9F1B12FEEE6D771AFF8969FB9D06878B1E0BECCD4AF13DA9F194FB256 ] KMWDFILTERx86   C:\Windows\system32\DRIVERS\KMWDFILTER.sys
23:34:55.0883 0x05d4  KMWDFILTERx86 - ok
23:34:55.0918 0x05d4  [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:34:55.0935 0x05d4  KSecDD - ok
23:34:55.0975 0x05d4  [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:34:55.0994 0x05d4  KSecPkg - ok
23:34:56.0024 0x05d4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:34:56.0079 0x05d4  KtmRm - ok
23:34:56.0120 0x05d4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:34:56.0158 0x05d4  LanmanServer - ok
23:34:56.0210 0x05d4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:34:56.0244 0x05d4  LanmanWorkstation - ok
23:34:56.0295 0x05d4  [ 170E7093A77AD586F3A012A3DB651D94, 43A7C3BFBEC8FB255AB2B77C2A9705777EF6607F6BF0E8F2664766116EAAD536 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
23:34:56.0309 0x05d4  LGBusEnum - ok
23:34:56.0335 0x05d4  [ D2DD04D1C8DF65EECD1F2C7FB947D43E, 980FCE188FCB57C8F210A4905D345D2D6D32545EFE673BE51B3D3AE18084243B ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
23:34:56.0352 0x05d4  LGVirHid - ok
23:34:56.0394 0x05d4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:34:56.0442 0x05d4  lltdio - ok
23:34:56.0463 0x05d4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:34:56.0502 0x05d4  lltdsvc - ok
23:34:56.0508 0x05d4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:34:56.0540 0x05d4  lmhosts - ok
23:34:56.0648 0x05d4  [ C6A4FA0BEED6E4198DDD8B8EE136CF80, F8A23FD67E36AA68961235DA740421C7FB1C101153320E104D1171D510C3CE7E ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
23:34:56.0678 0x05d4  LMIGuardianSvc - ok
23:34:56.0775 0x05d4  [ 4F69FAAABB7DB0D43E327C0B6AAB40FC, D3F8B51609BACE85BF3762B07B895B5F737550F44689773FCE3792AE951075A1 ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
23:34:56.0798 0x05d4  LMIInfo - ok
23:34:56.0845 0x05d4  [ 6295A19E8A6486FF8A13A1B2F4E461E0, 8A5F7F4B7EB0A8D26D811037FDEDBFDA8CCDFBA81CEDF630E25A4CB5EDE80EEA ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
23:34:56.0880 0x05d4  LMIMaint - ok
23:34:56.0939 0x05d4  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
23:34:56.0953 0x05d4  lmimirr - ok
23:34:56.0974 0x05d4  LMIRfsClientNP - ok
23:34:57.0010 0x05d4  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
23:34:57.0024 0x05d4  LMIRfsDriver - ok
23:34:57.0075 0x05d4  [ 432618FA75B61059D2C57D6A7E55147A, 0E7D771AE9F98667A68C8C07A664D70B71B78EC08D7FEA92AD979E1E049EC0B1 ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
23:34:57.0098 0x05d4  LogMeIn - ok
23:34:57.0140 0x05d4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:34:57.0162 0x05d4  LSI_FC - ok
23:34:57.0182 0x05d4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:34:57.0200 0x05d4  LSI_SAS - ok
23:34:57.0215 0x05d4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:34:57.0233 0x05d4  LSI_SAS2 - ok
23:34:57.0249 0x05d4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:34:57.0268 0x05d4  LSI_SCSI - ok
23:34:57.0283 0x05d4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:34:57.0330 0x05d4  luafv - ok
23:34:57.0403 0x05d4  [ 8E17D513D8011B0EE03C355EAAB0E0CC, 39EF55FEE27C496E21BD601B3ADC145EDFE9297FFBC20F33160ABE2E7042D4EC ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
23:34:57.0435 0x05d4  ManyCam - ok
23:34:57.0482 0x05d4  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:34:57.0499 0x05d4  MBAMSwissArmy - ok
23:34:57.0549 0x05d4  [ 562D95E00E14A944DEBE655DECBD3F5B, 3F0A58546F1E5B8FD7BDE75C53BD81278DB32A1E67126839763EE438A727F15B ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv.sys
23:34:57.0590 0x05d4  mcaudrv_simple - ok
23:34:57.0627 0x05d4  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:34:57.0648 0x05d4  Mcx2Svc - ok
23:34:57.0700 0x05d4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:34:57.0717 0x05d4  megasas - ok
23:34:57.0770 0x05d4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:34:57.0793 0x05d4  MegaSR - ok
23:34:57.0858 0x05d4  Microsoft SharePoint Workspace Audit Service - ok
23:34:57.0903 0x05d4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
23:34:57.0938 0x05d4  MMCSS - ok
23:34:57.0948 0x05d4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
23:34:57.0994 0x05d4  Modem - ok
23:34:58.0018 0x05d4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:34:58.0044 0x05d4  monitor - ok
23:34:58.0083 0x05d4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:34:58.0099 0x05d4  mouclass - ok
23:34:58.0124 0x05d4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:34:58.0152 0x05d4  mouhid - ok
23:34:58.0183 0x05d4  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:34:58.0200 0x05d4  mountmgr - ok
23:34:58.0264 0x05d4  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:34:58.0282 0x05d4  MozillaMaintenance - ok
23:34:58.0299 0x05d4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:34:58.0318 0x05d4  mpio - ok
23:34:58.0345 0x05d4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:34:58.0393 0x05d4  mpsdrv - ok
23:34:58.0438 0x05d4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:34:58.0508 0x05d4  MpsSvc - ok
23:34:58.0562 0x05d4  [ 7E7370BF64462A09D5E82FCF4A481D78, F07F1ADFA5D70566F5AF250212C47CB4B1468AB0BCE5B07798DBA2714B90D747 ] MRV6X32P        C:\Windows\system32\DRIVERS\MRVW13B.sys
23:34:58.0593 0x05d4  MRV6X32P - ok
23:34:58.0628 0x05d4  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:34:58.0679 0x05d4  MRxDAV - ok
23:34:58.0719 0x05d4  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:34:58.0775 0x05d4  mrxsmb - ok
23:34:58.0812 0x05d4  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:34:58.0858 0x05d4  mrxsmb10 - ok
23:34:58.0877 0x05d4  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:34:58.0904 0x05d4  mrxsmb20 - ok
23:34:58.0937 0x05d4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:34:58.0954 0x05d4  msahci - ok
23:34:59.0034 0x05d4  [ D98350792A7CE82E7459A7C36481BEDA, 7A7634F78ECF4E26F83C49A52806F2DD84158DFC0A33EDC3C87B38B3846129F2 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
23:34:59.0064 0x05d4  MSCamSvc - ok
23:34:59.0108 0x05d4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:34:59.0125 0x05d4  msdsm - ok
23:34:59.0148 0x05d4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
23:34:59.0173 0x05d4  MSDTC - ok
23:34:59.0204 0x05d4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:34:59.0254 0x05d4  Msfs - ok
23:34:59.0270 0x05d4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:34:59.0313 0x05d4  mshidkmdf - ok
23:34:59.0377 0x05d4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:34:59.0393 0x05d4  msisadrv - ok
23:34:59.0443 0x05d4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:34:59.0478 0x05d4  MSiSCSI - ok
23:34:59.0483 0x05d4  msiserver - ok
23:34:59.0534 0x05d4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:34:59.0579 0x05d4  MSKSSRV - ok
23:34:59.0610 0x05d4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:34:59.0652 0x05d4  MSPCLOCK - ok
23:34:59.0670 0x05d4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:34:59.0715 0x05d4  MSPQM - ok
23:34:59.0740 0x05d4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:34:59.0760 0x05d4  MsRPC - ok
23:34:59.0800 0x05d4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:34:59.0817 0x05d4  mssmbios - ok
23:34:59.0832 0x05d4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:34:59.0862 0x05d4  MSTEE - ok
23:34:59.0874 0x05d4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:34:59.0905 0x05d4  MTConfig - ok
23:34:59.0945 0x05d4  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
23:35:00.0015 0x05d4  MTsensor - ok
23:35:00.0092 0x05d4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:35:00.0124 0x05d4  Mup - ok
23:35:00.0201 0x05d4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
23:35:00.0271 0x05d4  napagent - ok
23:35:00.0322 0x05d4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:35:00.0367 0x05d4  NativeWifiP - ok
23:35:00.0471 0x05d4  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:35:00.0520 0x05d4  NDIS - ok
23:35:00.0559 0x05d4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:35:00.0624 0x05d4  NdisCap - ok
23:35:00.0659 0x05d4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:35:00.0734 0x05d4  NdisTapi - ok
23:35:00.0800 0x05d4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:35:00.0878 0x05d4  Ndisuio - ok
23:35:00.0923 0x05d4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:35:00.0993 0x05d4  NdisWan - ok
23:35:01.0020 0x05d4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:35:01.0051 0x05d4  NDProxy - ok
23:35:01.0146 0x05d4  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
23:35:01.0219 0x05d4  Nero BackItUp Scheduler 4.0 - ok
23:35:01.0263 0x05d4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:35:01.0298 0x05d4  NetBIOS - ok
23:35:01.0339 0x05d4  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:35:01.0380 0x05d4  NetBT - ok
23:35:01.0394 0x05d4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] Netlogon        C:\Windows\system32\lsass.exe
23:35:01.0415 0x05d4  Netlogon - ok
23:35:01.0449 0x05d4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
23:35:01.0499 0x05d4  Netman - ok
23:35:01.0542 0x05d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:35:01.0563 0x05d4  NetMsmqActivator - ok
23:35:01.0600 0x05d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:35:01.0620 0x05d4  NetPipeActivator - ok
23:35:01.0650 0x05d4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
23:35:01.0715 0x05d4  netprofm - ok
23:35:01.0724 0x05d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:35:01.0743 0x05d4  NetTcpActivator - ok
23:35:01.0755 0x05d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:35:01.0782 0x05d4  NetTcpPortSharing - ok
23:35:01.0807 0x05d4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:35:01.0827 0x05d4  nfrd960 - ok
23:35:01.0875 0x05d4  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:35:01.0952 0x05d4  NlaSvc - ok
23:35:01.0998 0x05d4  [ DD0216110AE219F333D0F99079A4BE42, 0C23799763D7DAC48F7760274E698DC37BD22E7CF792B9B5FD8615EF861CC05C ] NMgamingmsFltr  C:\Windows\system32\drivers\NMgamingms.sys
23:35:02.0063 0x05d4  NMgamingmsFltr - ok
23:35:02.0077 0x05d4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:35:02.0108 0x05d4  Npfs - ok
23:35:02.0121 0x05d4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
23:35:02.0165 0x05d4  nsi - ok
23:35:02.0183 0x05d4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:35:02.0230 0x05d4  nsiproxy - ok
23:35:02.0300 0x05d4  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:35:02.0364 0x05d4  Ntfs - ok
23:35:02.0406 0x05d4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
23:35:02.0444 0x05d4  Null - ok
23:35:03.0058 0x05d4  [ B69E6F70CE1151C8D62ABC9DEF64DFBE, B7BD731D1CCF4E71EF1CF4AFA9189C1831306483B4BF57B12B89113A5230871B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:35:03.0381 0x05d4  nvlddmkm - ok
23:35:03.0460 0x05d4  [ D509EF6E99D1B55887FDC0CB61FD5A42, 9C2478FB94FD1C47FDE73AB84B829661434F7FA4C2970DD960556DFE92C70D53 ] nvmpu401        C:\Windows\system32\drivers\nvmpu401.sys
23:35:03.0500 0x05d4  nvmpu401 - ok
23:35:03.0517 0x05d4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:35:03.0537 0x05d4  nvraid - ok
23:35:03.0572 0x05d4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:35:03.0591 0x05d4  nvstor - ok
23:35:03.0658 0x05d4  [ E4284FCF99FEA13A7E1836F87AE356F6, 541C40DD3483810632320E8F23427BB52593D156E876C6023BE7F7A8589383E8 ] NVSvc           C:\Windows\system32\nvvsvc.exe
23:35:03.0706 0x05d4  NVSvc - ok
23:35:03.0815 0x05d4  [ 03E60E0BFA53ED15DC984FA34B44BB0F, 50ABF2E303B9A2B6DDD0DB411C24C3CD6CC30AFA664B5682CF9189F96548CC10 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:35:03.0877 0x05d4  nvUpdatusService - ok
23:35:03.0917 0x05d4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:35:03.0937 0x05d4  nv_agp - ok
23:35:03.0971 0x05d4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:35:04.0005 0x05d4  ohci1394 - ok
23:35:04.0107 0x05d4  [ 9FBEA28BF2B440A36777B9EBA32B9E49, 3F9BA8777A30B6F9DFCED507FCB38B8BF22BAA8D9F6A7514A5E5A938251EA35E ] OpenVPNService  C:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe
23:35:04.0135 0x05d4  OpenVPNService - ok
23:35:04.0192 0x05d4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:35:04.0209 0x05d4  ose - ok
23:35:04.0429 0x05d4  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:35:04.0611 0x05d4  osppsvc - ok
23:35:04.0680 0x05d4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:35:04.0743 0x05d4  p2pimsvc - ok
23:35:04.0757 0x05d4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:35:04.0787 0x05d4  p2psvc - ok
23:35:04.0822 0x05d4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:35:04.0860 0x05d4  Parport - ok
23:35:04.0895 0x05d4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:35:04.0912 0x05d4  partmgr - ok
23:35:04.0927 0x05d4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
23:35:04.0961 0x05d4  Parvdm - ok
23:35:04.0985 0x05d4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:35:05.0020 0x05d4  PcaSvc - ok
23:35:05.0041 0x05d4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
23:35:05.0061 0x05d4  pci - ok
23:35:05.0102 0x05d4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:35:05.0125 0x05d4  pciide - ok
23:35:05.0141 0x05d4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:35:05.0161 0x05d4  pcmcia - ok
23:35:05.0175 0x05d4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:35:05.0191 0x05d4  pcw - ok
23:35:05.0310 0x05d4  [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
23:35:05.0377 0x05d4  PDF Architect Helper Service - ok
23:35:05.0438 0x05d4  [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
23:35:05.0481 0x05d4  PDF Architect Service - ok
23:35:05.0526 0x05d4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:35:05.0630 0x05d4  PEAUTH - ok
23:35:05.0723 0x05d4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
23:35:05.0813 0x05d4  pla - ok
23:35:05.0877 0x05d4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:35:05.0921 0x05d4  PlugPlay - ok
23:35:05.0935 0x05d4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:35:05.0966 0x05d4  PNRPAutoReg - ok
23:35:05.0988 0x05d4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:35:06.0015 0x05d4  PNRPsvc - ok
23:35:06.0045 0x05d4  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:35:06.0096 0x05d4  PolicyAgent - ok
23:35:06.0136 0x05d4  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
23:35:06.0170 0x05d4  Power - ok
23:35:06.0201 0x05d4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:35:06.0250 0x05d4  PptpMiniport - ok
23:35:06.0272 0x05d4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:35:06.0302 0x05d4  Processor - ok
23:35:06.0346 0x05d4  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:35:06.0393 0x05d4  ProfSvc - ok
23:35:06.0411 0x05d4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:35:06.0445 0x05d4  ProtectedStorage - ok
23:35:06.0471 0x05d4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:35:06.0520 0x05d4  Psched - ok
23:35:06.0588 0x05d4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:35:06.0652 0x05d4  ql2300 - ok
23:35:06.0690 0x05d4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:35:06.0710 0x05d4  ql40xx - ok
23:35:06.0746 0x05d4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
23:35:06.0778 0x05d4  QWAVE - ok
23:35:06.0798 0x05d4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:35:06.0838 0x05d4  QWAVEdrv - ok
23:35:06.0891 0x05d4  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
23:35:06.0914 0x05d4  RapiMgr - ok
23:35:06.0934 0x05d4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:35:07.0010 0x05d4  RasAcd - ok
23:35:07.0043 0x05d4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:35:07.0092 0x05d4  RasAgileVpn - ok
23:35:07.0123 0x05d4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
23:35:07.0158 0x05d4  RasAuto - ok
23:35:07.0182 0x05d4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:35:07.0217 0x05d4  Rasl2tp - ok
23:35:07.0275 0x05d4  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
23:35:07.0320 0x05d4  RasMan - ok
23:35:07.0337 0x05d4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:35:07.0403 0x05d4  RasPppoe - ok
23:35:07.0413 0x05d4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:35:07.0457 0x05d4  RasSstp - ok
23:35:07.0500 0x05d4  [ 116C340ACF37602D12CAC6DE6B8107CD, 3D77DB108F17C80E75A31D871D738DAD4010088668300CB696A1384635091BEA ] Razerlow        C:\Windows\system32\Drivers\Razerlow.sys
23:35:07.0528 0x05d4  Razerlow - ok
23:35:07.0573 0x05d4  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:35:07.0623 0x05d4  rdbss - ok
23:35:07.0661 0x05d4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:35:07.0681 0x05d4  rdpbus - ok
23:35:07.0721 0x05d4  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:35:07.0783 0x05d4  RDPCDD - ok
23:35:07.0820 0x05d4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:35:07.0849 0x05d4  RDPENCDD - ok
23:35:07.0865 0x05d4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:35:07.0905 0x05d4  RDPREFMP - ok
23:35:07.0943 0x05d4  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:35:08.0010 0x05d4  RDPWD - ok
23:35:08.0074 0x05d4  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:35:08.0125 0x05d4  rdyboost - ok
23:35:08.0162 0x05d4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:35:08.0204 0x05d4  RemoteAccess - ok
23:35:08.0283 0x05d4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:35:08.0338 0x05d4  RemoteRegistry - ok
23:35:08.0371 0x05d4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:35:08.0467 0x05d4  RpcEptMapper - ok
23:35:08.0500 0x05d4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
23:35:08.0518 0x05d4  RpcLocator - ok
23:35:08.0566 0x05d4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
23:35:08.0607 0x05d4  RpcSs - ok
23:35:08.0647 0x05d4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:35:08.0680 0x05d4  rspndr - ok
23:35:08.0712 0x05d4  [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
23:35:08.0761 0x05d4  RTL8167 - ok
23:35:08.0816 0x05d4  [ CD17C8E42D82BD0CB07B2DE00DABE202, D9E878E5200078361637CA155630F1BC3C63017FC716FD11409F54A7FD55F672 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
23:35:08.0890 0x05d4  RTL8192su - ok
23:35:08.0911 0x05d4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] SamSs           C:\Windows\system32\lsass.exe
23:35:08.0930 0x05d4  SamSs - ok
23:35:08.0962 0x05d4  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:35:08.0981 0x05d4  sbp2port - ok
23:35:09.0013 0x05d4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:35:09.0050 0x05d4  SCardSvr - ok
23:35:09.0063 0x05d4  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:35:09.0093 0x05d4  scfilter - ok
23:35:09.0152 0x05d4  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
23:35:09.0227 0x05d4  Schedule - ok
23:35:09.0265 0x05d4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:35:09.0298 0x05d4  SCPolicySvc - ok
23:35:09.0339 0x05d4  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:35:09.0395 0x05d4  SDRSVC - ok
23:35:09.0427 0x05d4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:35:09.0479 0x05d4  secdrv - ok
23:35:09.0503 0x05d4  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
23:35:09.0557 0x05d4  seclogon - ok
23:35:09.0624 0x05d4  [ ECA77BEEB2BE8D573CF1B265E44FBFBD, 1F4EC2ED5CE3AF359DC9F430F36FCDA4B3C045FDBEF075C7E5F36DCC71A3B273 ] SenFiltService  C:\Windows\system32\drivers\Senfilt.sys
23:35:09.0654 0x05d4  SenFiltService - ok
23:35:09.0679 0x05d4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
23:35:09.0724 0x05d4  SENS - ok
23:35:09.0750 0x05d4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:35:09.0779 0x05d4  SensrSvc - ok
23:35:09.0801 0x05d4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:35:09.0838 0x05d4  Serenum - ok
23:35:09.0872 0x05d4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:35:09.0904 0x05d4  Serial - ok
23:35:09.0919 0x05d4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:35:09.0954 0x05d4  sermouse - ok
23:35:10.0186 0x05d4  [ AEC6C79F72AA0E86BAFCB18D2BD2E74C, 21CFD6EF7CD0EBE47A58A2C0F1E53600C9A45EDCEFB07CD5C8B03F8626A7340E ] ServicepointService C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
23:35:10.0237 0x05d4  ServicepointService - ok
23:35:10.0295 0x05d4  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:35:10.0523 0x05d4  SessionEnv - ok
23:35:10.0592 0x05d4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:35:10.0834 0x05d4  sffdisk - ok
23:35:10.0881 0x05d4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:35:10.0932 0x05d4  sffp_mmc - ok
23:35:10.0978 0x05d4  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:35:11.0046 0x05d4  sffp_sd - ok
23:35:11.0077 0x05d4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:35:11.0134 0x05d4  sfloppy - ok
23:35:11.0202 0x05d4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:35:11.0370 0x05d4  SharedAccess - ok
23:35:11.0430 0x05d4  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:35:11.0694 0x05d4  ShellHWDetection - ok
23:35:11.0711 0x05d4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:35:11.0796 0x05d4  sisagp - ok
23:35:11.0852 0x05d4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:35:11.0927 0x05d4  SiSRaid2 - ok
23:35:11.0959 0x05d4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:35:12.0016 0x05d4  SiSRaid4 - ok
23:35:12.0063 0x05d4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:35:12.0178 0x05d4  Smb - ok
23:35:12.0253 0x05d4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:35:12.0315 0x05d4  SNMPTRAP - ok
23:35:12.0345 0x05d4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:35:12.0386 0x05d4  spldr - ok
23:35:12.0482 0x05d4  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
23:35:12.0613 0x05d4  Spooler - ok
23:35:12.0757 0x05d4  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
23:35:13.0000 0x05d4  sppsvc - ok
23:35:13.0058 0x05d4  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:35:13.0100 0x05d4  sppuinotify - ok
23:35:13.0181 0x05d4  [ 9BE42E99BBD5461F1F94FE39FEE2E6F5, 0688BF6E39A28EBAD339A1B0FE5C2E44BAB23CAAE1D9E8A05E9629D9B37D6027 ] sprtsvc_O2DA    C:\Program Files\O2 Assistant\bin\sprtsvc.exe
23:35:13.0211 0x05d4  sprtsvc_O2DA - ok
23:35:13.0287 0x05d4  [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd            C:\Windows\system32\Drivers\sptd.sys
23:35:13.0288 0x05d4  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
23:35:13.0290 0x05d4  sptd - detected LockedFile.Multi.Generic ( 1 )
23:35:15.0826 0x05d4  Detect skipped due to KSN trusted
23:35:15.0826 0x05d4  sptd - ok
23:35:15.0905 0x05d4  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:35:16.0220 0x05d4  srv - ok
23:35:16.0253 0x05d4  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:35:16.0536 0x05d4  srv2 - ok
23:35:16.0580 0x05d4  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:35:16.0792 0x05d4  srvnet - ok
23:35:16.0828 0x05d4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:35:16.0935 0x05d4  SSDPSRV - ok
23:35:16.0966 0x05d4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:35:17.0292 0x05d4  SstpSvc - ok
23:35:17.0345 0x05d4  [ 6D82CB78DE57A073E95431F3486B1B27, 3B9A3AEB2788402CEFA541E3855CDBF92578031DC08BE83B00CBD32D79CCAF9B ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
23:35:17.0451 0x05d4  ssudmdm - ok
23:35:17.0727 0x05d4  [ B1691AF4A072CB674D600DB16DD7308E, 214E35001E7BA10E8C329CE8904E900AA54F9B35C5329F2FF20E3156D6F21A8E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:35:17.0838 0x05d4  StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
23:35:20.0908 0x05d4  Detect skipped due to KSN trusted
23:35:20.0908 0x05d4  StarWindServiceAE - ok
23:35:20.0980 0x05d4  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:35:21.0024 0x05d4  Stereo Service - ok
23:35:21.0052 0x05d4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:35:21.0079 0x05d4  stexstor - ok
23:35:21.0131 0x05d4  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
23:35:21.0200 0x05d4  StiSvc - ok
23:35:21.0272 0x05d4  [ 518EEB2043B66E733489A715852BF839, 2525C5328C5DC13DB2E54209C8BADE303AE98A1438C2B73E5C48F160B1C24DCB ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
23:35:21.0348 0x05d4  SupportSoft RemoteAssist - detected UnsignedFile.Multi.Generic ( 1 )
23:35:23.0913 0x05d4  Detect skipped due to KSN trusted
23:35:23.0913 0x05d4  SupportSoft RemoteAssist - ok
23:35:23.0948 0x05d4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:35:24.0015 0x05d4  swenum - ok
23:35:24.0162 0x05d4  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:35:24.0370 0x05d4  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
23:35:30.0230 0x05d4  Detect skipped due to KSN trusted
23:35:30.0231 0x05d4  SwitchBoard - ok
23:35:30.0322 0x05d4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
23:35:30.0554 0x05d4  swprv - ok
23:35:30.0631 0x05d4  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
23:35:30.0915 0x05d4  SysMain - ok
23:35:30.0968 0x05d4  [ A1470E3C9BA00DAE554340C0C54CC212, 2B764970A0C91EB74827B3EACD94C7953533435962D7BA824B8AADA102E3E4AD ] T2Fltr          C:\Windows\system32\Drivers\T2Fltr.sys
23:35:31.0170 0x05d4  T2Fltr - ok
23:35:31.0259 0x05d4  [ 5F5D2CA8D3E15B183E6BDF59C370B39A, CC8510CF4918433E445850EF7DAC5AEF62CAE06ADE2D5CBF328A866686243BC0 ] t3              C:\Windows\system32\drivers\t3.sys
23:35:31.0303 0x05d4  t3 - ok
23:35:31.0344 0x05d4  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
23:35:31.0443 0x05d4  TabletInputService - ok
23:35:31.0656 0x05d4  [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
23:35:31.0682 0x05d4  tap0901 - ok
23:35:31.0754 0x05d4  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:35:31.0939 0x05d4  TapiSrv - ok
23:35:32.0024 0x05d4  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
23:35:32.0140 0x05d4  TBS - ok
23:35:32.0256 0x05d4  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:35:32.0409 0x05d4  Tcpip - ok
23:35:32.0503 0x05d4  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:35:32.0674 0x05d4  TCPIP6 - ok
23:35:32.0742 0x05d4  [ 74905EBCBB8CBDB1F3C0B1778BBCB4BC, D869FDFD98B9C972933FB6B7C521BB6181A47698D27D53CBEF329EE26C12F1BA ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
23:35:32.0772 0x05d4  tcpipBM - detected UnsignedFile.Multi.Generic ( 1 )
23:35:35.0432 0x05d4  Detect skipped due to KSN trusted
23:35:35.0432 0x05d4  tcpipBM - ok
23:35:35.0509 0x05d4  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:35:35.0912 0x05d4  tcpipreg - ok
23:35:35.0961 0x05d4  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:35:36.0229 0x05d4  TDPIPE - ok
23:35:36.0254 0x05d4  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:35:36.0340 0x05d4  TDTCP - ok
23:35:36.0389 0x05d4  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:35:36.0566 0x05d4  tdx - ok
23:35:36.0614 0x05d4  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:35:36.0698 0x05d4  TermDD - ok
23:35:36.0760 0x05d4  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
23:35:36.0893 0x05d4  TermService - ok
23:35:36.0972 0x05d4  [ C4E3BBCBA4E10A34E31C26A0CF933E32, FBC091A4BA7D44B5EB5EA9E4D9B6D87FAB7A8AB8CD4201E82EBCA5C7D94525E7 ] tgsrvc_O2DA     C:\Program Files\O2 Assistant\bin\tgsrvc.exe
23:35:37.0004 0x05d4  tgsrvc_O2DA - ok
23:35:37.0036 0x05d4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
23:35:37.0117 0x05d4  Themes - ok
23:35:37.0137 0x05d4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
23:35:37.0184 0x05d4  THREADORDER - ok
23:35:37.0202 0x05d4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
23:35:37.0266 0x05d4  TrkWks - ok
23:35:37.0322 0x05d4  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:35:37.0409 0x05d4  TrustedInstaller - ok
23:35:37.0481 0x05d4  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:35:37.0601 0x05d4  tssecsrv - ok
23:35:37.0704 0x05d4  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:35:37.0792 0x05d4  TsUsbFlt - ok
23:35:37.0856 0x05d4  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:35:37.0964 0x05d4  tunnel - ok
23:35:37.0985 0x05d4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:35:38.0017 0x05d4  uagp35 - ok
23:35:38.0044 0x05d4  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:35:38.0094 0x05d4  udfs - ok
23:35:38.0129 0x05d4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:35:38.0178 0x05d4  UI0Detect - ok
23:35:38.0214 0x05d4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:35:38.0235 0x05d4  uliagpkx - ok
23:35:38.0277 0x05d4  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:35:38.0328 0x05d4  umbus - ok
23:35:38.0365 0x05d4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:35:38.0520 0x05d4  UmPass - ok
23:35:38.0565 0x05d4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
23:35:38.0730 0x05d4  upnphost - ok
23:35:38.0810 0x05d4  [ 5C2BDC152BBAB34F36473DEAF7713F22, DC7D6FD3BE2F4D8832BB62AB76E5332BB65255AB45F6E28E6B1991A976C1A058 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
23:35:39.0023 0x05d4  USBAAPL - ok
23:35:39.0118 0x05d4  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:35:39.0193 0x05d4  usbaudio - ok
23:35:39.0234 0x05d4  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:35:39.0291 0x05d4  usbccgp - ok
23:35:39.0331 0x05d4  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:35:39.0414 0x05d4  usbcir - ok
23:35:39.0477 0x05d4  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:35:39.0518 0x05d4  usbehci - ok
23:35:39.0570 0x05d4  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:35:39.0671 0x05d4  usbhub - ok
23:35:39.0722 0x05d4  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:35:39.0811 0x05d4  usbohci - ok
23:35:39.0864 0x05d4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:35:39.0934 0x05d4  usbprint - ok
23:35:39.0977 0x05d4  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:35:40.0112 0x05d4  USBSTOR - ok
23:35:40.0157 0x05d4  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:35:40.0278 0x05d4  usbuhci - ok
23:35:40.0425 0x05d4  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
23:35:40.0517 0x05d4  usb_rndisx - ok
23:35:40.0564 0x05d4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
23:35:40.0748 0x05d4  UxSms - ok
23:35:40.0777 0x05d4  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] VaultSvc        C:\Windows\system32\lsass.exe
23:35:40.0856 0x05d4  VaultSvc - ok
23:35:40.0890 0x05d4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:35:40.0921 0x05d4  vdrvroot - ok
23:35:40.0972 0x05d4  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
23:35:41.0064 0x05d4  vds - ok
23:35:41.0128 0x05d4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:35:41.0233 0x05d4  vga - ok
23:35:41.0264 0x05d4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:35:41.0386 0x05d4  VgaSave - ok
23:35:41.0433 0x05d4  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:35:41.0537 0x05d4  vhdmp - ok
23:35:41.0594 0x05d4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:35:41.0635 0x05d4  viaagp - ok
23:35:41.0687 0x05d4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
23:35:41.0765 0x05d4  ViaC7 - ok
23:35:41.0806 0x05d4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:35:41.0857 0x05d4  viaide - ok
23:35:41.0907 0x05d4  [ 6C794DEB1607D05D0E2033B108BD4FEE, 7B50BFB92EC8F0B7E2714DAEFB440F573389A5441E4D247D6AFC8AB682FADE57 ] VJoystick       C:\Windows\system32\DRIVERS\VJoystick.sys
23:35:42.0018 0x05d4  VJoystick - ok
23:35:42.0082 0x05d4  [ 07C20E596A0838809BC5FF5DE5A65973, 1BDB2B5C3253AC2A8FD98199DB41101ECA7933D9EECCA598572EAF6D3686C83D ] VKbms           C:\Windows\system32\DRIVERS\VKbms.sys
23:35:42.0185 0x05d4  VKbms - ok
23:35:42.0208 0x05d4  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:35:42.0288 0x05d4  volmgr - ok
23:35:42.0329 0x05d4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:35:42.0432 0x05d4  volmgrx - ok
23:35:42.0511 0x05d4  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:35:42.0571 0x05d4  volsnap - ok
23:35:42.0616 0x05d4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:35:42.0640 0x05d4  vsmraid - ok
23:35:42.0747 0x05d4  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
23:35:42.0881 0x05d4  VSS - ok
23:35:43.0047 0x05d4  [ C3382C99F1D10BCBEBC689BF847B77B5, BB11A866595D745BA7427CCB9E1F39F2340BC55B3E61B48B47B8E64384D3FFEA ] vToolbarUpdater3.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
23:35:43.0165 0x05d4  vToolbarUpdater3.2.0 - ok
23:35:43.0278 0x05d4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:35:43.0409 0x05d4  vwifibus - ok
23:35:43.0441 0x05d4  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:35:43.0538 0x05d4  vwififlt - ok
23:35:43.0743 0x05d4  [ E26744E5DD71A16E80D4DD5A286B8423, 877F06ADDDF60D3524055C7FF0D9D04BE7A6477F64CF8030576025E72598EB25 ] VX3000          C:\Windows\system32\DRIVERS\VX3000.sys
23:35:43.0933 0x05d4  VX3000 - ok
23:35:43.0981 0x05d4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
23:35:44.0071 0x05d4  W32Time - ok
23:35:44.0108 0x05d4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:35:44.0181 0x05d4  WacomPen - ok
23:35:44.0232 0x05d4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:35:44.0301 0x05d4  WANARP - ok
23:35:44.0312 0x05d4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:35:44.0400 0x05d4  Wanarpv6 - ok
23:35:44.0468 0x05d4  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:35:44.0688 0x05d4  WatAdminSvc - ok
23:35:44.0773 0x05d4  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
23:35:45.0096 0x05d4  wbengine - ok
23:35:45.0136 0x05d4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:35:45.0325 0x05d4  WbioSrvc - ok
23:35:45.0402 0x05d4  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
23:35:45.0480 0x05d4  WcesComm - ok
23:35:45.0543 0x05d4  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:35:45.0591 0x05d4  wcncsvc - ok
23:35:45.0607 0x05d4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:35:45.0675 0x05d4  WcsPlugInService - ok
23:35:45.0706 0x05d4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:35:45.0735 0x05d4  Wd - ok
23:35:45.0786 0x05d4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:35:45.0848 0x05d4  Wdf01000 - ok
23:35:45.0903 0x05d4  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:35:45.0970 0x05d4  WdiServiceHost - ok
23:35:45.0977 0x05d4  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:35:45.0999 0x05d4  WdiSystemHost - ok
23:35:46.0027 0x05d4  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
23:35:46.0081 0x05d4  WebClient - ok
23:35:46.0108 0x05d4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:35:46.0166 0x05d4  Wecsvc - ok
23:35:46.0183 0x05d4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:35:46.0216 0x05d4  wercplsupport - ok
23:35:46.0254 0x05d4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
23:35:46.0304 0x05d4  WerSvc - ok
23:35:46.0349 0x05d4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:35:46.0381 0x05d4  WfpLwf - ok
23:35:46.0399 0x05d4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:35:46.0437 0x05d4  WIMMount - ok
23:35:46.0507 0x05d4  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:35:46.0820 0x05d4  WinDefend - ok
23:35:46.0850 0x05d4  WinHttpAutoProxySvc - ok
23:35:46.0908 0x05d4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:35:47.0053 0x05d4  Winmgmt - ok
23:35:47.0144 0x05d4  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:35:47.0243 0x05d4  WinRM - ok
23:35:47.0325 0x05d4  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:35:47.0546 0x05d4  WinUsb - ok
23:35:47.0701 0x05d4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:35:47.0896 0x05d4  Wlansvc - ok
23:35:48.0107 0x05d4  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:35:48.0205 0x05d4  wlidsvc - ok
23:35:48.0307 0x05d4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:35:48.0449 0x05d4  WmiAcpi - ok
23:35:48.0502 0x05d4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:35:48.0591 0x05d4  wmiApSrv - ok
23:35:48.0702 0x05d4  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:35:49.0145 0x05d4  WMPNetworkSvc - ok
23:35:49.0186 0x05d4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:35:49.0324 0x05d4  WPCSvc - ok
23:35:49.0482 0x05d4  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:35:49.0787 0x05d4  WPDBusEnum - ok
23:35:49.0820 0x05d4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:35:49.0888 0x05d4  ws2ifsl - ok
23:35:49.0910 0x05d4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:35:49.0974 0x05d4  wscsvc - ok
23:35:50.0025 0x05d4  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
23:35:50.0143 0x05d4  WSDPrintDevice - ok
23:35:50.0229 0x05d4  [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
23:35:50.0332 0x05d4  WSDScan - ok
23:35:50.0362 0x05d4  WSearch - ok
23:35:50.0495 0x05d4  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
23:35:50.0706 0x05d4  wuauserv - ok
23:35:50.0782 0x05d4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:35:50.0910 0x05d4  WudfPf - ok
23:35:50.0981 0x05d4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:35:51.0096 0x05d4  WUDFRd - ok
23:35:51.0145 0x05d4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:35:51.0209 0x05d4  wudfsvc - ok
23:35:51.0282 0x05d4  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:35:51.0414 0x05d4  WwanSvc - ok
23:35:51.0545 0x05d4  ================ Scan global ===============================
23:35:51.0584 0x05d4  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
23:35:51.0634 0x05d4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
23:35:51.0670 0x05d4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
23:35:51.0703 0x05d4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
23:35:51.0735 0x05d4  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
23:35:51.0747 0x05d4  [ Global ] - ok
23:35:51.0748 0x05d4  ================ Scan MBR ==================================
23:35:51.0757 0x05d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:35:52.0197 0x05d4  \Device\Harddisk0\DR0 - ok
23:35:52.0198 0x05d4  ================ Scan VBR ==================================
23:35:52.0201 0x05d4  [ 960E0963772D59489F83D28B1A7AB62B ] \Device\Harddisk0\DR0\Partition1
23:35:52.0203 0x05d4  \Device\Harddisk0\DR0\Partition1 - ok
23:35:52.0212 0x05d4  [ F447C692F8E6FEA879D363F921DE4AE6 ] \Device\Harddisk0\DR0\Partition2
23:35:52.0214 0x05d4  \Device\Harddisk0\DR0\Partition2 - ok
23:35:52.0215 0x05d4  ================ Scan generic autorun ======================
23:35:52.0374 0x05d4  [ 813F9EA38AEB2AD4D9BD689388DDD93A, 68766E259C0D7F6EAFBF8C24A903C34CE624FF37EBFB8CDBFC1405AC6DA6E8F8 ] C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe
23:35:52.0457 0x05d4  DataCardMonitor - detected UnsignedFile.Multi.Generic ( 1 )
23:35:55.0621 0x05d4  Detect skipped due to KSN trusted
23:35:55.0621 0x05d4  DataCardMonitor - ok
23:35:55.0627 0x05d4  SPIRunE - ok
23:35:55.0946 0x05d4  [ 28D29874E6B31DCB68A01127EF3D4DB5, 3D79C53FEF5C4CE17E155D92B59BB868378EA2A69A28B92FAF882020D48D57F5 ] C:\Program Files\AVG\AVG2014\avgui.exe
23:35:56.0258 0x05d4  AVG_UI - ok
23:35:56.0369 0x05d4  [ F3DEAA1F2FCF70FAF6DE3757CA343FA5, D65029353AD51CDF99C1CB18A2AB08F0C8F0835B70439B778B0816566D283D7E ] C:\Program Files\iTunes\iTunesHelper.exe
23:35:56.0427 0x05d4  iTunesHelper - ok
23:35:56.0632 0x05d4  [ 1E677E475F85F6CB94AE42B545F45FE7, C2CCEC00E28B7D057FE1E96BC7934EDF40C5F79A149B8061334FDB90AC1F98B6 ] C:\Program Files\AVG Web TuneUp\vprot.exe
23:35:56.0884 0x05d4  vProt - ok
23:35:57.0486 0x05d4  [ 8D71BB209D84BE4DD6DB335D19A845CB, A7D104DDC14534ADBD5BC11E29E836B23493CB98AB947DF92789CAB2CD69305E ] C:\Program Files\Zemana AntiLogger Free\AntiLogger Free.exe
23:35:57.0982 0x05d4  ZALFree - ok
23:35:58.0131 0x05d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:35:58.0341 0x05d4  Sidebar - ok
23:35:58.0380 0x05d4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:35:58.0481 0x05d4  mctadmin - ok
23:35:58.0522 0x05d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:35:58.0594 0x05d4  Sidebar - ok
23:35:58.0611 0x05d4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:35:58.0675 0x05d4  mctadmin - ok
23:35:58.0736 0x05d4  [ 75F26DE6CFCC49AD02D99BB9922D863B, 8043540932A70E7A316E3F76723087711889A0772A7E94DF03EC8FC368AD1BA6 ] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
23:35:58.0810 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - detected UnsignedFile.Multi.Generic ( 1 )
23:36:01.0285 0x05d4  Detect skipped due to KSN trusted
23:36:01.0285 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - ok
23:36:01.0476 0x05d4  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:36:01.0712 0x05d4  Spotify Web Helper - ok
23:36:01.0773 0x05d4  AVG-Secure-Search-Update_0214c - ok
23:36:01.0913 0x05d4  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Jack\AppData\Local\FluxSoftware\Flux\flux.exe
23:36:01.0970 0x05d4  f.lux - ok
23:36:02.0420 0x05d4  [ 37AA7B33C69408EC79115DDDB95D31FF, 38E7BB2C24F06D48C54438993CBA7159F002DB8F2A1B86CA492DB911EE046099 ] C:\Program Files\CounterPath\X-Lite\X-Lite.exe
23:36:02.0907 0x05d4  X-Lite - ok
23:36:03.0080 0x05d4  [ B9D6D7E6E5C4FCD8DD7F88EC9D563085, C99B96924C8F2E24C39557E527E7F9E3C385A48D808EC343FB3368CEA92B3EAF ] C:\Program Files\Google\Chrome\Application\chrome.exe
23:36:03.0129 0x05d4  GoogleChromeAutoLaunch_4DCD0A585AE1D27D19F4EB1351CC758F - ok
23:36:03.0149 0x05d4  Google Update - ok
23:36:03.0455 0x05d4  [ 24B1666FD14CC71C7B0679AC61625B90, 4243F0B91BF9EAB365BBC724F5984FEB3AD74DF91EAF15F36A44DEA0AEDB7D20 ] C:\Program Files\Windows Live\Messenger\msnmsgr.exe
23:36:03.0827 0x05d4  msnmsgr - ok
23:36:04.0167 0x05d4  [ 9C59BA09559E4002C18B8C139BBDF37D, EC63D01E8FB034B58176E1459315A2C518BCEF069B507C27F0830BD6133BDDAB ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE
23:36:04.0364 0x05d4  EPSON SX210 Series - detected UnsignedFile.Multi.Generic ( 1 )
23:36:07.0306 0x05d4  Detect skipped due to KSN trusted
23:36:07.0306 0x05d4  EPSON SX210 Series - ok
23:36:07.0343 0x05d4  [ DEC3FD74822AE1310062E9EAC73E8C44, 5DAB3625266AA958C1C8E57BE2503619615F74A803357CEAFA1C85B45991ECF0 ] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
23:36:07.0389 0x05d4  AlcoholAutomount - ok
23:36:07.0678 0x05d4  [ 10E89F598469C60D8C87A8218089A87D, BE40B0DAB9F19E325086605A795469FC8A501FA66E05AD4D990E3C1A0326BAEF ] C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe
23:36:08.0152 0x05d4  Akamai NetSession Interface - ok
23:36:08.0301 0x05d4  [ 75F26DE6CFCC49AD02D99BB9922D863B, 8043540932A70E7A316E3F76723087711889A0772A7E94DF03EC8FC368AD1BA6 ] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
23:36:08.0414 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - detected UnsignedFile.Multi.Generic ( 1 )
23:36:08.0415 0x05d4  Detect skipped due to KSN trusted
23:36:08.0415 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - ok
23:36:08.0826 0x05d4  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:36:09.0018 0x05d4  Spotify Web Helper - ok
23:36:09.0172 0x05d4  [ C476376D4937D1BFF6CB5E26716309F6, 5716FB04B611A871BB042CF0270395D1A6053D06FA120B6FFD13F7E087E7DACA ] C:\Program Files\ManyCam\Bin\ManyCam.exe
23:36:09.0360 0x05d4  ManyCam - ok
23:36:09.0515 0x05d4  Skype - ok
23:36:09.0521 0x05d4  DriverScanner - ok
23:36:09.0804 0x05d4  [ 1AB3E0B5D2FE2993D1333E3F0B93DBB2, A6B02FA6EA53174DD5AAB884FE30C6C973193559D620662B4185038264776BBB ] C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe
23:36:10.0330 0x05d4  V-Line - detected UnsignedFile.Multi.Generic ( 1 )
23:36:13.0255 0x05d4  V-Line ( UnsignedFile.Multi.Generic ) - warning
23:36:16.0331 0x05d4  [ C74E5601C2D3B80746D8489421BE4A56, 57C6ACBA6C1B91983AE3B34BFA05A9FF9300807F10DE94308AAA8525C807DBD6 ] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe
23:36:16.0575 0x05d4  CTAutoUpdate - ok
23:36:16.0668 0x05d4  [ CF384C3A268A8BEA014ADA0A5346BCD7, A6614CC576A168A8F6239518AF81521CEB086027DACB8CD5AE80C157EA8084C9 ] C:\Program Files\Creative\MediaSource5\Startmsu.exe
23:36:17.0046 0x05d4  StartMSu - detected UnsignedFile.Multi.Generic ( 1 )
23:36:20.0536 0x05d4  Detect skipped due to KSN trusted
23:36:20.0536 0x05d4  StartMSu - ok
23:36:20.0711 0x05d4  [ 15BA44432E0BAC44233D1203DD33457B, 73874E1AD8D8E94EBAAAE4CEDED963A74AD0EE03D0AA660E34043DDAAFD06DCC ] C:\Program Files\Creative\Product Registration\English\InetReg.exe
23:36:21.0624 0x05d4  InetReg - ok
23:36:21.0663 0x05d4  spchecker - ok
23:36:21.0744 0x05d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:36:22.0005 0x05d4  Sidebar - ok
23:36:22.0011 0x05d4  Google Update - ok
23:36:22.0049 0x05d4  [ 9C59BA09559E4002C18B8C139BBDF37D, EC63D01E8FB034B58176E1459315A2C518BCEF069B507C27F0830BD6133BDDAB ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE
23:36:22.0100 0x05d4  EPSON SX210 Series - detected UnsignedFile.Multi.Generic ( 1 )
23:36:22.0101 0x05d4  Detect skipped due to KSN trusted
23:36:22.0101 0x05d4  EPSON SX210 Series - ok
23:36:22.0209 0x05d4  [ DEC3FD74822AE1310062E9EAC73E8C44, 5DAB3625266AA958C1C8E57BE2503619615F74A803357CEAFA1C85B45991ECF0 ] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
23:36:22.0231 0x05d4  AlcoholAutomount - ok
23:36:23.0038 0x05d4  [ 10E89F598469C60D8C87A8218089A87D, BE40B0DAB9F19E325086605A795469FC8A501FA66E05AD4D990E3C1A0326BAEF ] C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe
23:36:23.0410 0x05d4  Akamai NetSession Interface - ok
23:36:23.0528 0x05d4  [ 75F26DE6CFCC49AD02D99BB9922D863B, 8043540932A70E7A316E3F76723087711889A0772A7E94DF03EC8FC368AD1BA6 ] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
23:36:23.0602 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - detected UnsignedFile.Multi.Generic ( 1 )
23:36:23.0602 0x05d4  Detect skipped due to KSN trusted
23:36:23.0602 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - ok
23:36:23.0837 0x05d4  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:36:23.0982 0x05d4  Spotify Web Helper - ok
23:36:24.0188 0x05d4  [ C476376D4937D1BFF6CB5E26716309F6, 5716FB04B611A871BB042CF0270395D1A6053D06FA120B6FFD13F7E087E7DACA ] C:\Program Files\ManyCam\Bin\ManyCam.exe
23:36:24.0365 0x05d4  ManyCam - ok
23:36:24.0379 0x05d4  Skype - ok
23:36:24.0383 0x05d4  DriverScanner - ok
23:36:24.0923 0x05d4  [ 1AB3E0B5D2FE2993D1333E3F0B93DBB2, A6B02FA6EA53174DD5AAB884FE30C6C973193559D620662B4185038264776BBB ] C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe
23:36:25.0307 0x05d4  V-Line - detected UnsignedFile.Multi.Generic ( 1 )
23:36:25.0307 0x05d4  V-Line ( UnsignedFile.Multi.Generic ) - warning
23:36:28.0271 0x05d4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:36:28.0444 0x05d4  mctadmin - ok
23:36:28.0524 0x05d4  [ C74E5601C2D3B80746D8489421BE4A56, 57C6ACBA6C1B91983AE3B34BFA05A9FF9300807F10DE94308AAA8525C807DBD6 ] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe
23:36:28.0592 0x05d4  CTAutoUpdate - ok
23:36:28.0751 0x05d4  [ 15BA44432E0BAC44233D1203DD33457B, 73874E1AD8D8E94EBAAAE4CEDED963A74AD0EE03D0AA660E34043DDAAFD06DCC ] C:\Program Files\Creative\Product Registration\English\InetReg.exe
23:36:28.0835 0x05d4  InetReg - ok
23:36:28.0961 0x05d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:36:29.0211 0x05d4  Sidebar - ok
23:36:29.0219 0x05d4  Google Update - ok
23:36:29.0271 0x05d4  [ 9C59BA09559E4002C18B8C139BBDF37D, EC63D01E8FB034B58176E1459315A2C518BCEF069B507C27F0830BD6133BDDAB ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE
23:36:29.0589 0x05d4  EPSON SX210 Series - detected UnsignedFile.Multi.Generic ( 1 )
23:36:29.0589 0x05d4  Detect skipped due to KSN trusted
23:36:29.0589 0x05d4  EPSON SX210 Series - ok
23:36:29.0669 0x05d4  [ DEC3FD74822AE1310062E9EAC73E8C44, 5DAB3625266AA958C1C8E57BE2503619615F74A803357CEAFA1C85B45991ECF0 ] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
23:36:29.0687 0x05d4  AlcoholAutomount - ok
23:36:30.0127 0x05d4  [ 10E89F598469C60D8C87A8218089A87D, BE40B0DAB9F19E325086605A795469FC8A501FA66E05AD4D990E3C1A0326BAEF ] C:\Users\Jack\AppData\Local\Akamai\netsession_win.exe
23:36:30.0800 0x05d4  Akamai NetSession Interface - ok
23:36:30.0949 0x05d4  [ 75F26DE6CFCC49AD02D99BB9922D863B, 8043540932A70E7A316E3F76723087711889A0772A7E94DF03EC8FC368AD1BA6 ] C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
23:36:30.0997 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - detected UnsignedFile.Multi.Generic ( 1 )
23:36:30.0997 0x05d4  Detect skipped due to KSN trusted
23:36:30.0997 0x05d4  HW_OPENEYE_OUC_T-Mobile Internet Manager - ok
23:36:31.0131 0x05d4  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Jack\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:36:31.0262 0x05d4  Spotify Web Helper - ok
23:36:31.0398 0x05d4  [ C476376D4937D1BFF6CB5E26716309F6, 5716FB04B611A871BB042CF0270395D1A6053D06FA120B6FFD13F7E087E7DACA ] C:\Program Files\ManyCam\Bin\ManyCam.exe
23:36:31.0475 0x05d4  ManyCam - ok
23:36:31.0506 0x05d4  Skype - ok
23:36:31.0512 0x05d4  DriverScanner - ok
23:36:32.0139 0x05d4  [ 1AB3E0B5D2FE2993D1333E3F0B93DBB2, A6B02FA6EA53174DD5AAB884FE30C6C973193559D620662B4185038264776BBB ] C:\Program Files\Buzz Networks\V-Line\PCSoftPhone.exe
23:36:32.0400 0x05d4  V-Line - detected UnsignedFile.Multi.Generic ( 1 )
23:36:32.0400 0x05d4  V-Line ( UnsignedFile.Multi.Generic ) - warning
23:36:34.0846 0x05d4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
23:36:34.0882 0x05d4  mctadmin - ok
23:36:34.0922 0x05d4  [ C74E5601C2D3B80746D8489421BE4A56, 57C6ACBA6C1B91983AE3B34BFA05A9FF9300807F10DE94308AAA8525C807DBD6 ] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe
23:36:34.0953 0x05d4  CTAutoUpdate - ok
23:36:34.0998 0x05d4  [ 15BA44432E0BAC44233D1203DD33457B, 73874E1AD8D8E94EBAAAE4CEDED963A74AD0EE03D0AA660E34043DDAAFD06DCC ] C:\Program Files\Creative\Product Registration\English\InetReg.exe
23:36:35.0029 0x05d4  InetReg - ok
23:36:35.0089 0x05d4  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4800 ), 0x41000 ( enabled : updated )
23:36:35.0095 0x05d4  Win FW state via NFP2: enabled
23:36:37.0480 0x05d4  ============================================================
23:36:37.0480 0x05d4  Scan finished
23:36:37.0480 0x05d4  ============================================================
23:36:37.0497 0x1f08  Detected object count: 3
23:36:37.0497 0x1f08  Actual detected object count: 3
23:37:12.0940 0x1f08  V-Line ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:12.0940 0x1f08  V-Line ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:37:12.0941 0x1f08  V-Line ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:12.0941 0x1f08  V-Line ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:37:12.0943 0x1f08  V-Line ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:12.0943 0x1f08  V-Line ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:21 AM

Posted 26 February 2015 - 04:45 AM

Step 1

Please uninstall some programs:
  • Windows 7w7.png: Click on the hidden2.png button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall: Ask Toolbar Updater
  • Reboot your computer.
Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 3

Scan with mbam.pngMalwarebytes Anti-Malware
  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
mbameng.gif

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:21 AM

Posted 03 March 2015 - 03:11 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users