Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

sysmon.exe and clientmon.exe virus | Please Help


  • This topic is locked This topic is locked
29 replies to this topic

#1 JoshmanPlays

JoshmanPlays

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 25 December 2015 - 02:45 AM

Hi there, I'm pretty new to all this virus stuff and today I clicked yes to a  file called update.exe as it just popped up as my computer loaded up and I just ignored it as a update for windows or something and after clicking yes nothing really happened. Then in the system tray my anti virus (AVG) disappeared and some other programs, things started to get weird as my extensions on chrome all crashed and I couldn't get on Windows defender or AVG as when I clicked on them nothing appeared. 

 

After a while of researching sysmon.exe I tried installing numerous antivirus programs to get rid of it but It didn't detect anything so I knew something was definitely wrong. I managed to find the folder where sysmon.exe was stored and it was in ProgramData on the C: drive on a folder on its own and I could delete it as it get saying I didn't have permissions and I changed the permissions so I was administrator and it still wouldn't remove. Trying to stop the process on task manager also didn't work as it said access is denied and just nothing would work. 

 

I began to panic and plugged a pen drive into my computer and started copying all my important photos onto the pen drive, while coping over lots of files it took a while so I got in the shower and when I came back to check all the files which had been transferred onto the pen drive were gone and instead there was a .bat file and some other random .exe files, I instantly deleted them and unplugged the pen drive. 

 

After nothing would work I had to go to work so I left Windows Microsoft malicious software removal tool running on a full computer scan and when I got back after a about 6 hours it was completed and no virus/malware/Trojans were detected so I looked on task manager and the sysmon.exe had gone so I thought it had removed it self. When I came back to check I noticed a strange file called clientmon.exe was running so I tried stopping the process but it said access is denied and I will not go, I've tried everything and I downloaded avast and it wont even open, not even the installer, AVG still wont load anything and apparently I dont have file permissions to even access the AVG folder in the Programs x86 its like the virus is trying to keep me from getting at any type of anti virus. 

 

I really need to get this fixed as it's Christmas today and it would mean so much if someone could help me out

 

Thank you,

Josh.



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 25 December 2015 - 11:00 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 25 December 2015 - 06:41 PM

FRST.txt : 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
Ran by Josh (administrator) on JOSH-COMPUTER (25-12-2015 19:14:59)
Running from C:\Users\Josh\Desktop
Loaded Profiles: Josh (Available Profiles: Josh & fbwuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\ProgramData\416691\sysmon.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Users\Josh\AppData\Roaming\windows\svchost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
() C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.5\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.45\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.177\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-18] (Alienware)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,"C:\Windows\system32\clientmon.exe" [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\Run: [windows] => C:\Users\Josh\AppData\Roaming\windows\svchost.exe [11288 2015-12-24] (Microsoft Corporation)
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\MountPoints2: {11402a5d-fc7f-11e2-b93c-7845c4fe0ba2} - G:\Autorun.exe
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\MountPoints2: {4d9b4fb0-71ac-11e5-8778-7845c4fe0ba2} - D:\SETUP.EXE
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\Winlogon: [Shell] explorer.exe,"C:\Users\Josh\AppData\Roaming\clientmon.exe" <==== ATTENTION
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [186328 2015-11-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164520 2015-11-10] (NVIDIA Corporation)
IFEO\AvastSvc.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\AvastUI.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avcenter.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avconfig.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avgnt.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avguard.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avguix.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avp.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\avscan.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\bdagent.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\blindman.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\ccuac.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\ComboFix.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\egui.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\GameScannerService.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\hijackthis.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\instup.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\keyscrambler.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\loggingserver.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\mbam.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\mbamgui.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\mbampt.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\mbamscheduler.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\mbamservice.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\MpCmdRun.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\MSASCui.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\MsMpEng.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\msseces.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\rstrui.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\SDFiles.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\SDMain.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\SDWinSec.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\spybotsd.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\ToolbarUpdater.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\vprot.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\wireshark.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\WtuSystemSupport.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
IFEO\zlclient.exe: [Debugger] C:\Program Files (x86)\clientmon.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.hta [2015-12-24] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-4212100984-1092788654-150177127-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555
Hosts: 192.168.1.13 prod.cloud.rockstargames.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{40F5BF2D-93F6-430A-950B-59073D98BBAF}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_42&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0AyCtCzzzz0D0E0ByByDtN0D0Tzu0StCtAzztCtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyCzytD0DtB0BtCtCtGyD0EyE0AtG0E0F0B0BtGyBtAtD0BtGtBtAzy0CtDyCzztD0EzztCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtD0EtC0FtDtBzztGtByB0BtBtGyE0ByCtDtG0Azz0FtAtGtA0C0Azy0FtBzz0C0D0EyB0F2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzytC%26cr%3D1350379243%26a%3Dwncy_pwrisofs_15_42%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.alienwarearena.com/welcome-uk
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-4212100984-1092788654-150177127-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_42&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0AyCtCzzzz0D0E0ByByDtN0D0Tzu0StCtAzztCtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyCzytD0DtB0BtCtCtGyD0EyE0AtG0E0F0B0BtGyBtAtD0BtGtBtAzy0CtDyCzztD0EzztCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtD0EtC0FtDtBzztGtByB0BtBtGyE0ByCtDtG0Azz0FtAtGtA0C0Azy0FtBzz0C0D0EyB0F2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzytC%26cr%3D1350379243%26a%3Dwncy_pwrisofs_15_42%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4212100984-1092788654-150177127-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://mysearch.avg.com/search?cid={C540FDC3-4F0C-4B45-8685-2E7B7C16650C}&mid=85233a4c711947d38c5aa90c821ae251-b81509094b29194eaf553d9885564c89793b80dc&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-09-09 15:28:22&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4212100984-1092788654-150177127-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_42&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0AyCtCzzzz0D0E0ByByDtN0D0Tzu0StCtAzztCtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyCzytD0DtB0BtCtCtGyD0EyE0AtG0E0F0B0BtGyBtAtD0BtGtBtAzy0CtDyCzztD0EzztCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtD0EtC0FtDtBzztGtByB0BtBtGyE0ByCtDtG0Azz0FtAtGtA0C0Azy0FtBzz0C0D0EyB0F2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzytC%26cr%3D1350379243%26a%3Dwncy_pwrisofs_15_42%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4212100984-1092788654-150177127-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=o0&geo=GB&ver=21&locale=en_GB&gct=kwd&qsrc=2869
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll => No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-25] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_42&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0AyCtCzzzz0D0E0ByByDtN0D0Tzu0StCtAzztCtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyCzytD0DtB0BtCtCtGyD0EyE0AtG0E0F0B0BtGyBtAtD0BtGtBtAzy0CtDyCzztD0EzztCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtD0EtC0FtDtBzztGtByB0BtBtGyE0ByCtDtG0Azz0FtAtGtA0C0Azy0FtBzz0C0D0EyB0F2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzytC%26cr%3D1350379243%26a%3Dwncy_pwrisofs_15_42%26os%3DWindows%2B7%2BHome%2BPremium
CHR StartupUrls: Default -> "hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_42&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CzzyDyDyC0AyCtCzzzz0D0E0ByByDtN0D0Tzu0StCtAzztCtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyCzytD0DtB0BtCtCtGyD0EyE0AtG0E0F0B0BtGyBtAtD0BtGtBtAzy0CtDyCzztD0EzztCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtD0EtC0FtDtBzztGtByB0BtBtGyE0ByCtDtG0Azz0FtAtGtA0C0Azy0FtBzz0C0D0EyB0F2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzytC%26cr%3D1350379243%26a%3Dwncy_pwrisofs_15_42%26os%3DWindows%2B7%2BHome%2BPremium","hxxp://mysearch.avg.com?cid={CBF0035F-A5DC-4B33-976B-CD0317AA34AD}&mid=85233a4c711947d38c5aa90c821ae251-b81509094b29194eaf553d9885564c89793b80dc&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-06-21 09:51:46&v=3.1.0.7&pid=wtu&sg=&sap=hp"
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Steam inventory helper) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-22]
CHR Extension: (Google Search) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Auto Clicker) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\daoghdmcjpjomfalbgjonallnfkhdccg [2014-01-28]
CHR Extension: (Google Sheets) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (LoungeDestroyer) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-12-23]
CHR Extension: (Google Docs Offline) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (agar.io server browser) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-05-13]
CHR Extension: (CS:GO Lounge Bump Bot) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfkidfnhjcjjamcbdepeohblphlamgk [2015-04-04]
CHR Extension: (StayFocusd) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2015-06-02]
CHR Extension: (Skype) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Refresh Monkey) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-11-11]
CHR Extension: (DevTools Autosave) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlejngncgiocofkcbnnpaieapabmanfl [2015-09-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [13168 2012-06-18] (Alienware)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1268256 2015-12-15] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123096 2015-01-17] (altPUG LLC)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-29] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-26] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-07-27] (Hi-Rez Studios) [File not signed]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1169616 2015-07-22] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-07-22] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [589520 2015-07-22] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [524800 2014-11-12] () [File not signed]
R2 MSI_ODD_Service; c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe [76800 2011-10-05] (Micro-Star Int'l Co., Ltd.) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-08] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-11] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [0 2015-12-24] () <==== ATTENTION (zero byte File/Folder)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [0 2015-12-24] () <==== ATTENTION (zero byte File/Folder)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2011-11-29] (Atheros) [File not signed]
S2 avgsvc; "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2015-10-13] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-25] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows ® Win 7 DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows ® Win 7 DDK provider)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows ® Win 7 DDK provider)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-07] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-25 19:14 - 2015-12-25 19:16 - 00039552 _____ C:\Users\Josh\Desktop\FRST.txt
2015-12-25 19:14 - 2015-12-25 19:14 - 00000000 ____D C:\FRST
2015-12-25 19:11 - 2015-12-25 19:11 - 02370560 _____ (Farbar) C:\Users\Josh\Desktop\FRST64.exe
2015-12-25 13:00 - 2015-12-25 13:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-25 12:28 - 2015-12-24 16:47 - 00005120 _____ C:\Windows\SysWOW64\clientmon.exe
2015-12-25 12:11 - 2015-12-25 12:11 - 00089192 _____ C:\Windows\ntbtlog.txt
2015-12-25 05:31 - 2015-12-25 07:07 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Enigma Software Group
2015-12-25 05:31 - 2015-12-25 05:31 - 00000000 _____ C:\autoexec.bat
2015-12-25 05:30 - 2015-12-25 05:30 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-12-25 02:40 - 2015-12-25 02:40 - 00003160 _____ C:\Windows\System32\Tasks\{292E95D2-C07A-4610-B900-1F41DE5BA0DF}
2015-12-25 02:23 - 2015-12-25 12:18 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Imminent
2015-12-25 02:23 - 2015-12-25 02:23 - 00001579 _____ C:\ProgramData\XML
2015-12-24 19:08 - 2015-12-24 19:08 - 00000000 ____D C:\Users\Josh\AppData\Roaming\windows
2015-12-24 19:06 - 2015-12-25 02:49 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Solvusoft
2015-12-24 19:06 - 2015-12-24 19:06 - 00011288 _____ (Microsoft Corporation) C:\svchost.exe
2015-12-24 19:05 - 2015-11-25 13:01 - 00021624 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2015-12-24 19:00 - 2015-12-24 19:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-24 18:20 - 2015-12-24 18:20 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-24 16:48 - 2015-12-25 12:20 - 00003282 _____ C:\Windows\System32\Tasks\System Monitor
2015-12-22 14:32 - 2015-12-25 02:22 - 00000000 _RSHD C:\ProgramData\416691
2015-12-22 14:32 - 2015-12-22 14:32 - 00000006 ____S C:\ProgramData\1d8784c7a421d340cfd179503fe59ddc798a351c
2015-12-22 14:32 - 2015-12-22 14:32 - 00000000 _RSHD C:\ProgramData\416791
2015-12-10 15:08 - 2015-12-10 15:08 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-12-09 15:36 - 2015-11-20 18:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 15:36 - 2015-11-20 18:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 15:36 - 2015-11-20 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 15:36 - 2015-11-20 18:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 15:36 - 2015-11-20 18:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 15:36 - 2015-11-20 18:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 15:36 - 2015-11-20 18:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 15:36 - 2015-11-20 18:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 15:36 - 2015-11-20 18:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 15:36 - 2015-11-10 18:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 15:36 - 2015-11-10 18:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 15:36 - 2015-11-10 18:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 15:36 - 2015-11-10 18:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 15:36 - 2015-11-10 18:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 15:36 - 2015-11-10 17:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 15:36 - 2015-11-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 15:36 - 2015-11-05 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 15:36 - 2015-11-03 19:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 15:36 - 2015-11-03 18:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 15:35 - 2015-11-11 21:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 15:35 - 2015-11-11 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 15:35 - 2015-11-11 18:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 15:35 - 2015-11-11 18:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 15:35 - 2015-11-11 18:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 15:35 - 2015-11-11 18:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 15:35 - 2015-11-11 16:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 15:35 - 2015-11-11 16:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 15:35 - 2015-11-11 15:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 15:35 - 2015-11-11 15:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 15:35 - 2015-11-11 15:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 15:35 - 2015-11-11 15:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 15:35 - 2015-11-11 14:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 15:35 - 2015-11-10 00:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 15:35 - 2015-11-10 00:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 15:35 - 2015-11-10 00:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 15:35 - 2015-11-10 00:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 15:35 - 2015-11-10 00:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 15:35 - 2015-11-10 00:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 15:35 - 2015-11-10 00:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 15:35 - 2015-11-10 00:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 15:35 - 2015-11-10 00:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 15:35 - 2015-11-10 00:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 15:35 - 2015-11-10 00:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 15:35 - 2015-11-10 00:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 15:35 - 2015-11-10 00:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 15:35 - 2015-11-09 23:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 15:35 - 2015-11-09 23:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 15:35 - 2015-11-09 23:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 15:35 - 2015-11-09 23:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 15:35 - 2015-11-09 23:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 15:35 - 2015-11-09 23:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 15:35 - 2015-11-09 23:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 15:35 - 2015-11-09 23:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 15:35 - 2015-11-09 23:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 15:35 - 2015-11-09 23:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 15:35 - 2015-11-09 23:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 15:35 - 2015-11-08 22:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 15:35 - 2015-11-08 22:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 15:35 - 2015-11-08 22:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 15:35 - 2015-11-08 22:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 15:35 - 2015-11-08 22:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 15:35 - 2015-11-08 22:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 15:35 - 2015-11-08 22:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 15:35 - 2015-11-08 22:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 15:35 - 2015-11-08 22:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 15:35 - 2015-11-08 22:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 15:35 - 2015-11-08 22:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 15:35 - 2015-11-08 22:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 15:35 - 2015-11-08 22:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 15:35 - 2015-11-08 22:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 15:35 - 2015-11-08 22:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 15:35 - 2015-11-08 22:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 15:35 - 2015-11-08 21:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 15:35 - 2015-11-08 21:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 15:35 - 2015-11-08 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 15:35 - 2015-11-08 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 15:35 - 2015-11-08 21:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 15:35 - 2015-11-08 21:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 15:35 - 2015-11-08 21:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 15:35 - 2015-11-08 21:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 15:35 - 2015-11-08 21:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 15:35 - 2015-11-08 21:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 15:35 - 2015-11-08 21:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 15:35 - 2015-11-08 21:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 15:35 - 2015-11-08 20:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 15:35 - 2015-11-08 20:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 15:35 - 2015-11-08 20:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 15:35 - 2015-11-05 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 15:35 - 2015-11-05 19:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 15:35 - 2015-11-05 09:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 15:35 - 2015-11-03 19:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 15:35 - 2015-11-03 18:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-06 20:51 - 2015-12-06 21:02 - 00000228 _____ C:\Users\Josh\Desktop\Wine Bar Money.txt
2015-12-04 00:48 - 2015-12-04 13:48 - 02393088 _____ C:\Users\Josh\Desktop\Good Site.bmpr
2015-12-03 17:06 - 2015-12-03 17:06 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Balsamiq Mockups 3.lnk
2015-12-03 17:06 - 2015-12-03 17:06 - 00000000 ____D C:\Users\Josh\AppData\Roaming\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1
2015-12-03 17:06 - 2015-12-03 17:06 - 00000000 ____D C:\Program Files (x86)\Balsamiq Mockups 3
2015-11-26 02:55 - 2015-11-26 02:55 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-11-26 02:55 - 2015-11-26 02:55 - 00000000 ____D C:\Windows\system32\NV
2015-11-26 02:36 - 2015-11-05 14:41 - 00102704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-26 02:32 - 2015-08-05 17:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-11-26 02:32 - 2015-08-05 17:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-11-26 02:30 - 2015-10-08 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-26 02:30 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-26 02:30 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-26 02:30 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-26 02:30 - 2015-10-08 23:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-26 02:30 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-26 02:30 - 2015-10-08 23:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-26 02:30 - 2015-10-08 23:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-26 02:30 - 2015-10-08 19:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-26 02:30 - 2015-10-08 18:52 - 00419928 _____ C:\Windows\system32\locale.nls
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-25 19:14 - 2009-07-14 03:20 - 00000000 ____D C:\Windows
2015-12-25 19:11 - 2013-07-22 11:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-25 19:04 - 2014-02-25 21:04 - 00000911 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {9F0C0E7F-FA05-4687-9D8F-C10292C661B7}.job
2015-12-25 19:04 - 2014-02-25 21:04 - 00000725 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {9F0C0E7F-FA05-4687-9D8F-C10292C661B7}.job
2015-12-25 19:04 - 2009-07-14 05:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-25 18:47 - 2013-12-10 21:46 - 00000000 ____D C:\Users\Josh\AppData\Roaming\TS3Client
2015-12-25 18:21 - 2013-07-26 10:10 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-25 12:26 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-25 12:26 - 2009-07-14 04:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-25 12:18 - 2014-06-20 15:58 - 00000000 __SHD C:\Users\Josh\IntelGraphicsProfiles
2015-12-25 12:17 - 2013-07-26 10:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-25 12:17 - 2013-07-22 19:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-25 12:17 - 2013-07-22 10:22 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-12-25 12:17 - 2013-07-22 10:22 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-12-25 12:17 - 2013-07-22 10:14 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2015-12-25 12:17 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-25 12:09 - 2013-10-27 13:18 - 00000000 ____D C:\ProgramData\MFAData
2015-12-25 12:07 - 2014-12-25 01:54 - 00000000 ____D C:\Users\Josh\AppData\Local\TSVNCache
2015-12-25 11:16 - 2015-11-12 17:16 - 00003504 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-12-25 07:10 - 2013-07-22 10:17 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-25 07:08 - 2013-08-16 18:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-25 07:08 - 2009-07-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-25 04:38 - 2015-10-20 20:45 - 00000000 ____D C:\Users\Josh\Documents\NCSOFT
2015-12-25 04:38 - 2015-10-20 17:18 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2015-12-25 04:38 - 2015-10-20 17:17 - 00000000 ____D C:\Users\Josh\AppData\Local\NCSOFT
2015-12-25 02:43 - 2015-10-27 13:13 - 00000000 ____D C:\Users\Josh\AppData\Local\AvgSetupLog
2015-12-25 02:00 - 2013-07-26 10:35 - 00000000 ____D C:\Users\Josh\AppData\Local\Adobe
2015-12-24 17:24 - 2009-07-14 05:13 - 00875362 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-24 17:24 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2015-12-24 17:08 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-24 16:49 - 2013-10-01 14:44 - 00000000 ____D C:\Users\Josh\AppData\Local\CrashDumps
2015-12-24 16:49 - 2013-08-14 16:07 - 00000000 ____D C:\Users\Josh\AppData\Local\Akamai
2015-12-24 16:49 - 2013-07-26 10:01 - 00000000 ____D C:\Users\Josh
2015-12-21 19:08 - 2013-07-22 19:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-19 03:01 - 2015-04-05 00:43 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-19 03:01 - 2015-04-05 00:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-16 18:32 - 2015-09-09 15:27 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-12-15 21:02 - 2013-08-23 10:27 - 00000000 ____D C:\Users\Josh\Desktop\Nikon Pictures
2015-12-13 23:51 - 2013-07-26 21:50 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Skype
2015-12-11 14:05 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 14:06 - 2009-07-14 04:45 - 05174368 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 14:05 - 2014-01-10 22:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 14:05 - 2014-01-10 22:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 03:30 - 2015-10-13 18:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-10 03:29 - 2013-10-29 22:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 03:29 - 2009-07-14 02:34 - 00000510 _____ C:\Windows\win.ini
2015-12-10 03:26 - 2014-01-10 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 03:22 - 2013-08-15 00:10 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 03:10 - 2015-09-09 15:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-09 16:11 - 2013-07-22 11:01 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 16:11 - 2013-07-22 11:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 16:11 - 2013-07-22 11:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 01:51 - 2015-11-20 16:53 - 00111520 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-12-09 01:51 - 2014-06-14 19:40 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-12-09 01:51 - 2014-06-14 19:40 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-12-09 01:51 - 2014-06-14 18:25 - 01846016 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-12-09 01:51 - 2014-06-14 18:25 - 01530240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-12-05 04:21 - 2014-06-04 18:47 - 00000000 ____D C:\Users\Josh\AppData\Local\Battle.net
2015-12-05 04:16 - 2015-07-15 23:49 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-05 04:16 - 2013-07-26 10:10 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 18:38 - 2014-06-08 19:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-04 18:21 - 2014-06-04 18:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-02 13:18 - 2010-11-21 03:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-29 02:34 - 2011-02-10 14:02 - 00000000 ____D C:\Windows\panther
2015-11-26 02:55 - 2014-06-20 15:57 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-11-26 02:44 - 2011-02-10 16:10 - 00859228 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-26 02:37 - 2014-06-14 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-26 02:37 - 2013-07-22 10:14 - 00000000 ____D C:\Temp
 
==================== Files in the root of some directories =======
 
2013-09-11 18:08 - 2014-06-04 10:58 - 0000132 _____ () C:\Users\Josh\AppData\Roaming\Adobe PNG Format CC Prefs
2015-05-04 01:16 - 2015-10-12 21:10 - 0000132 _____ () C:\Users\Josh\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-21 20:42 - 2015-01-21 20:42 - 0000132 _____ () C:\Users\Josh\AppData\Roaming\Adobe Targa Format CS6 Prefs
2014-04-16 22:47 - 2014-04-18 14:43 - 0001403 _____ () C:\Users\Josh\AppData\Roaming\SpeedRunnersLog.txt
2014-08-22 15:55 - 2014-08-22 15:55 - 0001181 _____ () C:\Users\Josh\AppData\Roaming\trace_FilterInstaller.1.txt
2014-08-22 15:55 - 2015-03-03 00:07 - 0000919 _____ () C:\Users\Josh\AppData\Roaming\trace_FilterInstaller.txt
2014-08-22 15:55 - 2015-03-03 00:07 - 0000000 _____ () C:\Users\Josh\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-01-18 01:09 - 2015-01-21 18:50 - 0000025 ____H () C:\Users\Josh\AppData\Roaming\uninst.log
2013-11-12 20:39 - 2013-11-12 21:31 - 0001456 _____ () C:\Users\Josh\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-03-20 17:26 - 2014-03-20 17:26 - 0001446 _____ () C:\Users\Josh\AppData\Local\recently-used.xbel
2013-08-01 18:07 - 2015-08-21 16:17 - 0007607 _____ () C:\Users\Josh\AppData\Local\Resmon.ResmonCfg
2015-01-18 01:09 - 2015-01-21 18:50 - 0000025 ____H () C:\Users\Josh\AppData\Local\uninst.log
2015-12-22 14:32 - 2015-12-22 14:32 - 0000006 ____S () C:\ProgramData\1d8784c7a421d340cfd179503fe59ddc798a351c
2014-06-20 15:51 - 2014-06-20 15:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-19 23:40 - 2015-07-19 23:41 - 0001610 _____ () C:\ProgramData\HirezPipeError.txt
2015-01-18 01:09 - 2015-01-21 18:50 - 0000025 ____H () C:\ProgramData\temp25.log
2015-12-25 02:23 - 2015-12-25 02:23 - 0001579 _____ () C:\ProgramData\XML
 
Some files in TEMP:
====================
C:\Users\Josh\AppData\Local\Temp\46464.exe
C:\Users\Josh\AppData\Local\Temp\53029.exe
C:\Users\Josh\AppData\Local\Temp\svchost.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-20 00:34
 
==================== End of FRST.txt ============================
 
Addition.txt : 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-12-2015
Ran by Josh (2015-12-25 19:16:23)
Running from C:\Users\Josh\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-07-26 10:01:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4212100984-1092788654-150177127-500 - Administrator - Disabled)
fbwuser (S-1-5-21-4212100984-1092788654-150177127-1003 - Limited - Disabled) => C:\Users\fbwuser
Guest (S-1-5-21-4212100984-1092788654-150177127-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4212100984-1092788654-150177127-1002 - Limited - Enabled)
Josh (S-1-5-21-4212100984-1092788654-150177127-1000 - Administrator - Enabled) => C:\Users\Josh
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{ACBE8264-9018-49B8-9041-3A74E2596BF3}) (Version: 2.8.9.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.9.0 - Alienware Corp.) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
Balsamiq Mockups 3 (HKLM-x32\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.3.1 - Balsamiq SRL)
Balsamiq Mockups 3 (x32 Version: 3.3.1 - Balsamiq SRL) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BitTorrent (HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\BitTorrent) (Version: 7.8.1.30016 - BitTorrent Inc.)
Bloodline Champions (HKLM-x32\...\Steam App 6370) (Version:  - Stunlock Studios)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debian-Installer loader (HKLM-x32\...\Debian-Installer Loader) (Version: 0.7.4.7+deb7u2 - The Debian Project)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell System Detect (HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
f.lux (HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\Flux) (Version:  - )
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FXCM Trading Station (x32 Version: 111313 - FXCM) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 for SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Heroku version 3.9.1 (HKLM-x32\...\Heroku_is1) (Version: 3.9.1 - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotspot Shield 4.15.4 (HKLM-x32\...\HotspotShield) (Version: 4.15.4 - AnchorFree Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KinoniDrivers 2.8.1 (HKLM-x32\...\KinoniDrivers) (Version: 2.8.1 - Kinoni)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.5 - Micro-Star Int'l Co., Ltd.)
MSI ODD Monitor (x32 Version: 1.0.0.5 - Micro-Star Int'l Co., Ltd.) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
PSP Video 9 6 (HKLM-x32\...\PSP Video 9) (Version: 6 - Red Kawa)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Python 3.3.2 (HKLM-x32\...\{92389DE9-939E-341B-A076-1D52D7DBCA71}) (Version: 3.3.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.1.31.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27405 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version:  - Code}{atch)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Security Monitor Pro 5.1 (HKLM-x32\...\Security Monitor Pro DotNet5_is1) (Version:  - DeskShare Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.11.2894.0 - Hi-Rez Studios)
Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION) <==== ATTENTION
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.10.4584 - Enigma Software Group, LLC)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
TortoiseSVN 1.8.10.26129 (64 bit) (HKLM\...\{A9E679EC-8FD4-49D8-A5A5-ACE462515A9E}) (Version: 1.8.26129 - TortoiseSVN)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{B5B98340-0296-11E2-8B8E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xpadder version 5.7 (HKLM-x32\...\{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1) (Version: 5.7 - Xpadder, Inc.)
XSplit Broadcaster (HKLM-x32\...\{781B7F3D-8107-4049-80C0-16FF46420184}) (Version: 1.3.1306.2101 - SplitMediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4212100984-1092788654-150177127-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06EFA20A-787C-4E47-92AF-9FBFC33C1058} - System32\Tasks\{7D59B241-72F9-410D-8DF3-D131AB20C916} => C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe [2015-12-22] ()
Task: {08ECF8A1-3138-45C0-89A5-7C288047E768} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {1AE13244-EE06-4CA8-BC02-81C1057DC588} - System32\Tasks\System Monitor => C:\ProgramData\416691\sysmon.exe [2015-12-24] ()
Task: {1F8F9AFF-8C1C-48B3-8FA4-FDA9EB18D93A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {2F7306F2-77A6-4B7F-8155-E2517ABED12D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {49040988-9628-4EF8-8227-923BAF9A7582} - System32\Tasks\{544DE1DE-870C-4649-8156-4DD2D59A2F2D} => pcalua.exe -a C:\Users\Josh\Desktop\Downloads\vcredist_x64.exe -d C:\Users\Josh\Desktop\Downloads
Task: {5154A389-9D8A-4171-82CC-83BB9FF89221} - System32\Tasks\{A2D74380-ED18-43B4-AD92-0ACE499F544E} => pcalua.exe -a "C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
Task: {5E416BB5-52CB-4836-B8B9-4B8C8041C738} - System32\Tasks\{C41B2962-57DF-4ADD-A03B-44DF986A4792} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall WORD /dll OSETUP.DLL
Task: {6225D6F3-BF42-424B-9E09-A0B775631E41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {6859FD21-C56F-4E13-B9F5-A076AC9B0493} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
Task: {6CFAE5E2-3960-4C77-9A9E-18D1D99A6D96} - System32\Tasks\EPSON XP-412 413 415 Series Update {9F0C0E7F-FA05-4687-9D8F-C10292C661B7} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-04-26] (SEIKO EPSON CORPORATION)
Task: {81BA35C2-DE09-4BEC-9FDE-F297DC8EAC41} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {86EA175F-C392-4059-BE8A-E43C44120CEC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {88E5B732-A74B-40A7-9ABE-D80087A07552} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9C778112-D677-44D3-9AF3-78DBB7D456BB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {9D0F7F41-167B-4019-8244-FE4A4387EB9C} - System32\Tasks\{292E95D2-C07A-4610-B900-1F41DE5BA0DF} => pcalua.exe -a "C:\Program Files (x86)\AVG\Setup\avgsetupx.exe" -c /mode=offline /uninstall=av
Task: {9E347238-E8DE-4A44-A5E4-8E860064A62C} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {9F0C0E7F-FA05-4687-9D8F-C10292C661B7} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-04-26] (SEIKO EPSON CORPORATION)
Task: {A6DA4355-5579-45B9-A2C3-CA1639D0309F} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {AC99E9B1-136F-48E8-AC61-9D46BA77CB93} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-10-29] (PC-Doctor, Inc.)
Task: {AE41D87D-B760-4500-A348-0D14C0760F4B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BCFEFC2A-42F2-4C6A-BBBC-CBA5AA1A29A9} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {CC338D92-8D83-466C-88B0-75AFCA54F956} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D014CCB2-7452-4EDA-8B1C-7A91DCA5A534} - System32\Tasks\{855EE558-E367-481B-8E98-9F708C306997} => C:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe [2015-10-09] ()
Task: {D5059DC3-3815-4091-891C-A40289DE29F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E4781335-E339-48C7-9AC0-A23EC533843B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-10-29] (PC-Doctor, Inc.)
Task: {E4A20F42-AE33-41E1-8826-21C4A6B5ED3F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E5F51150-CCD9-473A-9616-AE51AE304C82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {EFFA9509-0EBA-447B-A35D-4E5EA4DC4DC6} - System32\Tasks\AdobeAAMUpdater-1.0-Josh-Computer-Josh => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {9F0C0E7F-FA05-4687-9D8F-C10292C661B7}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {9F0C0E7F-FA05-4687-9D8F-C10292C661B7}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{9F0C0E7F-FA05-4687-9D8F-C10292C661B7} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-07-22 19:12 - 2015-11-10 01:24 - 00020808 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-22 19:56 - 2015-11-05 15:13 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 13:26 - 2015-05-15 13:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 13:26 - 2015-05-15 13:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-12-17 21:31 - 2014-12-17 21:31 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-12-17 21:30 - 2014-12-17 21:30 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2015-12-25 02:22 - 2015-12-24 16:47 - 00005120 _____ () C:\ProgramData\416691\sysmon.exe
2015-07-22 21:39 - 2015-07-22 21:39 - 00589520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-11-12 09:20 - 2014-11-12 09:20 - 00524800 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
2015-12-21 19:06 - 2015-12-09 01:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2013-08-17 07:47 - 2014-10-11 15:04 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-22 10:14 - 2012-01-26 19:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-03-14 18:09 - 2015-10-11 00:04 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2013-10-23 12:15 - 2015-10-11 00:04 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-10-23 12:15 - 2015-10-11 00:04 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-10-23 12:15 - 2015-10-11 00:04 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-06-13 22:55 - 2015-06-13 22:55 - 00486912 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2013-10-23 12:15 - 2015-10-11 00:04 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-14 18:09 - 2015-10-11 00:04 - 00317440 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-03-14 18:09 - 2015-10-11 00:04 - 01709056 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2014-01-21 16:54 - 2015-09-16 18:44 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-12-09 16:23 - 2015-12-09 16:23 - 02307064 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.5\deploy\LoLLauncher.exe
2015-10-14 14:15 - 2015-12-09 16:30 - 04225528 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.45\deploy\LoLPatcher.exe
2015-09-16 19:09 - 2015-09-16 19:09 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.177\deploy\LolClient.exe
2015-06-03 22:57 - 2015-06-03 22:57 - 01749200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2015-07-22 22:02 - 2015-07-22 22:02 - 00616144 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.15.4.dll
2015-04-25 01:03 - 2015-04-25 01:03 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 20:02 - 2009-03-27 20:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 20:02 - 2009-03-27 20:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2015-03-30 17:25 - 2015-12-09 01:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-07-22 19:12 - 2015-11-10 01:24 - 00020624 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-22 11:06 - 2012-03-06 12:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-08-07 19:25 - 2013-08-07 19:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-12-17 20:53 - 2014-12-17 20:53 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-14 14:16 - 2015-12-09 16:30 - 01465848 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.45\deploy\RiotLauncher.dll
2014-12-17 20:53 - 2014-12-17 20:53 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2015-09-30 17:24 - 2015-09-30 17:24 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.177\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-09-30 17:24 - 2015-09-30 17:24 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.177\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2015-12-16 22:24 - 2015-12-11 03:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 22:24 - 2015-12-11 03:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
AlternateDataStreams: C:\ProgramData\TEMP:FD268286
AlternateDataStreams: C:\Users\Josh\AppData\Local\Temp:cJ67orQ7ViNhMCF5uFbmAP2ro
AlternateDataStreams: C:\Users\Josh\AppData\Local\Temp:JqUUDYzm331vqKKj9euGpZZLA
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4212100984-1092788654-150177127-1000\...\sony.com -> sony.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 02:34 - 2013-12-13 14:17 - 00000867 ____N C:\Windows\system32\Drivers\etc\hosts
 
192.168.1.13 prod.cloud.rockstargames.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4212100984-1092788654-150177127-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{BA47DF73-1F63-4B08-BA8E-65C53E5508E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2295F5B6-6C61-4DD9-9D14-F98C2D892148}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BF07010E-D526-4722-BCF9-914038BF432A}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{815DFF54-00FD-4127-8442-5B1A5851A6DF}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9856F45E-EA66-4C21-ACE0-CCF429E08C2D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC2A9121-6468-40A1-98AE-7AACE8CB34A2}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{1F9065E8-6253-481E-9FF1-CAD74596846B}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{82A2DE03-31C1-407A-8E75-A142CCB9B5D8}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{BAB2A76B-7AEB-46BC-AA54-CB5350AFAFFA}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{868ED7B9-E6A9-4CBB-BE68-E8632DB6FF00}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{94996F1F-3199-40F3-86E0-58FDD2572B4F}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{15EB3A5C-DB91-4F1B-A633-24D6B2763CEB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{9A0BE149-A273-4281-BAC8-2D30AD80357C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{F83B8DF1-BBCF-4193-A501-CD15F8213300}C:\users\josh\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\josh\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3187D4E8-006B-4393-B50C-1CBC6AAEBC23}C:\users\josh\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\josh\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4B5B8F62-5B98-47A9-89DF-55C4126DFF91}] => (Allow) C:\Program Files (x86)\Deskshare\Security Monitor Pro 5\Security Monitor Pro.exe
FirewallRules: [{D170DD85-2717-476A-B34B-6C3FE5026128}] => (Allow) C:\Program Files (x86)\Deskshare\Security Monitor Pro 5\Security Monitor Pro.exe
FirewallRules: [{2A57131D-A24C-4DF4-B5B4-029BFD1347ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59D35152-A747-4F6F-BFC8-26D505E7076E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A04CDB71-A5C1-4B4B-A0D4-915E5C5CF307}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{446BC7B3-0184-41E9-8F46-AA9C8EEE6365}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A65865E7-A770-4AEA-8B3E-A2A259B94E70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{06C8B494-8D65-48AD-A6EC-1D9063E3C655}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9672844A-B189-48FB-90F1-502566C20C6D}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{92A0CBDF-0D8E-4E7B-AB66-746EC3484AA0}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{16C37275-715C-4448-9ED5-7918EB24C871}C:\users\josh\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\josh\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{ADA6683E-1120-4E26-B260-95D5FFADFA1C}C:\users\josh\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\josh\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5C5C3425-ED6B-4439-A48F-8834932BBC8C}C:\program files\java\jdk1.7.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{61D792D9-2174-4479-B12B-0622F9FD68B0}C:\program files\java\jdk1.7.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_40\bin\javaw.exe
FirewallRules: [{81E5F11D-CBC2-4383-B0FC-8EBC65FADAEC}] => (Block) C:\program files\java\jdk1.7.0_40\bin\javaw.exe
FirewallRules: [{E9746FC4-A290-43D2-A9C1-26A069E8ACD7}] => (Block) C:\program files\java\jdk1.7.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{01546FB4-F4FF-44DD-84DC-82E6121DF1BA}C:\program files\java\jdk1.7.0_40\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_40\jre\bin\java.exe
FirewallRules: [UDP Query User{96284C9C-651B-458D-9B17-3B996FAFA970}C:\program files\java\jdk1.7.0_40\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_40\jre\bin\java.exe
FirewallRules: [{50498DD6-8F30-4B48-AAAF-F1B2CEEAC501}] => (Block) C:\program files\java\jdk1.7.0_40\jre\bin\java.exe
FirewallRules: [{E81A4718-EBF5-479B-8F8A-098F181EFD73}] => (Block) C:\program files\java\jdk1.7.0_40\jre\bin\java.exe
FirewallRules: [{C7F25351-8E49-4329-BC96-6BCFBF2C4047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{90AFF79B-DA1C-46A1-B77E-4F7DF2F323F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{0264801C-BA73-449F-932E-55E1BD9CD5BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C266F3D0-A5CC-4BDE-9425-345F83C6243B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4356D21A-B78B-4920-9332-F843D1D69B36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{5A2BA547-49AF-4110-A3A3-77FDA9AAF177}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{62BEC2DE-CD33-4C41-B1A9-72849E6176F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{12C9C786-B367-404C-8BF4-FCC9ADE888BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{9997808A-EF67-4BFA-AF31-D23362C5E560}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{E0F3A9A2-60CE-4606-88A9-71E1A274735A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{295C09A5-40A0-4AE6-B218-A6610DE47109}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5EB0AB5F-BA76-4543-B603-95C3BC3EF986}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6789E810-1F8B-4302-94B0-2894B1391B51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4743406F-65B7-4A32-81BF-E3473EE1D65D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{83CD7ADB-815E-498F-89B0-21274135629A}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{64F0C7EE-E738-4488-A721-914969610259}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{DC12B582-A197-49B6-B2A7-BDF637D5A272}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FB942DE8-A9A3-4FC5-8C64-1C0687CEE37D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{1EB99372-E761-4147-9EDC-35379BE8976C}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{6FE2F01A-6432-48F6-A662-6DD4AEC32312}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{7D21A33C-93F7-4814-A001-3E115E5BF2BF}] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{D35E4A5B-ADA8-47C9-B23D-C8A82E52F7F2}] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{74F87E4B-B995-4FDF-8E37-880E163A8618}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A43DF692-69D9-42EF-9849-280EAC073574}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3251DB4D-4249-4A62-8B6D-DF26509ECD09}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{BC73886D-A942-491E-96B6-4C749B99CBD5}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{26F29B2E-F8AA-4CD6-8335-19DFD5FC0A66}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{A91D56B6-8910-4A61-9531-BCA8A5F797C2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{7A633F0F-109C-4474-8993-B765B1173357}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{61CB2695-FB75-46EF-9F87-8B205D4ABFF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{25ECFCF7-5278-48CE-9717-57AA783CC5D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{F4955D0C-9520-4945-9E60-7A2547EA1CA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{69415E53-66E5-4546-B84F-03278B9F7D8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{7644FFFE-3B35-4B8F-AB41-4488E17BF34D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{24B37D71-B2FA-4F09-860B-6EC82820534C}C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe
FirewallRules: [UDP Query User{6189E6C3-88C2-43B9-921D-F64B45AF7E31}C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe
FirewallRules: [TCP Query User{9A0AEECD-D7D7-4930-B9F0-E9106D676718}C:\program files (x86)\modern\call of duty - world at war\codwaw.exe] => (Allow) C:\program files (x86)\modern\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{F8953F81-4CDB-4934-B1E8-D30A2FDDB3A2}C:\program files (x86)\modern\call of duty - world at war\codwaw.exe] => (Allow) C:\program files (x86)\modern\call of duty - world at war\codwaw.exe
FirewallRules: [{BD86C6D3-3638-4949-8B1E-B9A39C9FA809}] => (Allow) C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{05FCEE41-2851-4CB8-8672-71FB998D5E57}] => (Allow) C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2163C2CA-93C8-4667-9669-51A33B9CE621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{453EB145-49C3-425E-9F12-651297B3D280}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{279EB9B9-270D-4509-AD0A-109546F4B7F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{CCF00560-2B91-4D0C-B6E5-4155E8958571}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{E97D3BF8-4333-4D1A-8873-B03CA64015DF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8080E25B-1136-467F-946E-24374D7032B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{219F6DE7-9565-4029-9C9E-FB764A9194EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{621A572F-6221-4BE6-ABF6-04BCEE75809C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{F1DB2930-0198-432E-B32E-88EE84B96CAE}C:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1071BFDD-D36D-4D83-B95E-360E7E143629}C:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{758A6FCB-409C-4AD7-9ECE-68F6A3D959B4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{82D60D10-56B8-43EC-9BAB-B64B39D7704C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06ADBB6B-C4D1-443C-B8DF-760A3E7751A4}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{BC7683A1-DAE7-41EA-B7D5-2F792AC6A198}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0E7A9DBE-A70D-4047-AF81-D9E373D200FF}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C19BF5B4-78EE-40B3-B982-B2832046C4DE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B1FEBAD4-1FBA-43BF-B78F-B794B2E21CDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{26EB3AC4-1511-4C6D-A3E0-1AC9FF8BAD60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E120A773-1B5C-43A9-B91E-F053951D0272}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
FirewallRules: [{6224E27D-FB10-402C-A640-61FB1148D0D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
FirewallRules: [TCP Query User{1A035D11-2422-4C92-9501-E61CD717D54D}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [UDP Query User{E9E06E44-A5C3-4BA8-9115-A32219034ACE}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [TCP Query User{D1D09A47-AC3E-48E2-A326-02C178C7E92C}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [UDP Query User{590E40F0-977F-4DFC-8A99-D6CD9F335267}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [{71AF23A7-24DD-4615-9293-7C54D734E3D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{B307DB3B-F4F8-40C6-BB9C-01BA59F2FE6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [TCP Query User{1070E570-3E8B-4C48-B106-3B67D8310D82}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{D07E037C-EE76-47FD-9F86-56ED5508CD4E}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{3E30076B-1DAE-4072-AB88-49217B7871C6}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{B745987E-7EE9-4D00-A1CA-C55BDEC6A7DA}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{EA50C9F0-7573-467F-A897-C700211D0883}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F38EDB87-37CD-41C7-8F03-585299C37388}] => (Allow) LPort=2869
FirewallRules: [{26043199-42FC-4294-A88F-885A4F14A85C}] => (Allow) LPort=1900
FirewallRules: [{36834CDA-0478-4DCD-9131-F276968021CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{645648CA-5D3F-442A-A6F5-84547ABC74C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{6DE327DB-D9BB-4E8A-B9BA-27DAAA172A15}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{C6CCF6B6-CF20-4545-96D5-287AB583A80C}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{87D487F0-BA31-4251-AF7F-769963D86039}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{F7FD8D50-5D92-4BA8-8FA2-92C63E493667}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{32C06FC7-ED00-4EEC-894B-27FFBF44B51E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{7AA5FE01-4ECD-4522-8BF5-152C293F33A6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2B0F80CC-D963-41C7-98E5-F0E97232A806}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{790379FA-7340-4B8F-81B8-65ACD06FEE26}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{DE5A4F18-32EF-4CB2-A270-A0CA540FDED0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{BCEE0855-2CED-4968-B824-7FFA19EDC266}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{A1EF9F56-44A2-4699-B630-F4BBCFA4D6F0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{2F859492-68F1-4CC4-988C-6702ADEFA45F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{834942A8-1595-4812-AE4B-D882770E0CAE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{12B80A50-E655-473E-A61F-7AD4D7383662}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B1E3591A-B859-44B7-B4E3-381A98022D4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AE704DBD-1786-4935-AD1A-C5B930B972D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{297C7103-F2CF-47C6-9504-26820ECDF94A}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3598B97E-DED0-416B-9934-635D48C563D0}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{3AD4FD52-CF3B-4938-8B91-68411CDA43D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{5CD46142-D547-4550-8A3E-645E89DCC2DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{CE49267F-474E-4607-9419-4F9FB4AF5EBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{CCFF041D-496E-4808-A8E2-6B5BB4A87BD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [TCP Query User{BEB0BFF3-97BD-4B91-8474-FFFEB061E3F4}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{D1EF5935-C264-41E3-8973-7E88649144A0}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [{8CAF2E8D-AA6D-4536-9E94-1C28C0ED5215}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ACECDDD9-F1CC-467A-A08D-A838FC15234B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21BFDBC5-EEE0-4FD7-97FE-6AC053081656}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C0082DBD-C62E-4B07-999C-419E08D695FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3902B220-B73D-4F13-96E7-5BCE70D3CEAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B6039F5-CC21-45A3-9D32-D39D4EDE16E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2025DB1D-FD0E-4491-8C1B-004432CF2053}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{43732435-9A8C-491B-9D8C-4B424393BAA9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2CEF290E-C8B0-4EDD-BF01-84880966DE8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{3E8E8ECA-755C-4998-A44D-A33C6106CC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{66AAC1AE-8AEA-4267-9861-F60F7D41D577}] => (Allow) C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
FirewallRules: [{7B19ADFE-02A2-4231-BD1F-AC69D95CCED5}] => (Allow) C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
FirewallRules: [{934BAE20-B21D-4236-9FC5-0F9DED468EE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7C8517FF-7770-4203-9A27-C6199920C12D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A59459C2-316D-41F8-A3C1-343D93C44137}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4ECCF7CE-69F1-48D7-AAF1-148095EC20E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B214B8E5-5F5F-401B-BAF8-90E683A11D23}] => (Allow) C:\Users\Josh\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{863ED8E3-91C8-442E-AEAD-8D97377ADA37}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E4A3C705-60B3-4852-B08C-4DF25B0B3288}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{67381650-0FAA-4A1A-AE9B-017CE11BE2FB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B8B2A09D-C3C3-4BA9-A32F-EBB956AE4C52}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C6285B35-16ED-4919-B90B-38DE2CEBF446}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F9EA7E39-CE9C-47F1-9E53-A05FD020DFC1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B743797C-6595-4333-BE47-71F2D01AAB9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{F34E4F48-FD3A-4A58-967E-0EF56D314C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{783F1249-7498-4106-B9DF-9523110C6DC6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9DA0CEF2-677E-4D47-89F0-1DB581BB4130}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{1B1EBE40-87E3-4A7E-8A7B-D6BE5D7516D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{F531C2CF-5174-403F-AD13-A0D33A124544}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{603E23C2-6093-4A7F-9857-CD922F323052}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{7E5AE2F5-1042-4FD1-A077-F55A0733BAFC}] => (Allow) C:\Users\Josh\AppData\Local\Chromium\Application\chrome.exe
 
==================== Restore Points =========================
 
24-12-2015 19:23:12 WinThruster Thu, Dec 24, 15  19:23
25-12-2015 02:41:19 Removed AVG
25-12-2015 02:43:28 Removed AVG 2016
25-12-2015 10:39:10 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/25/2015 12:19:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (12/25/2015 10:39:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG TDI Driver.
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/25/2015 10:39:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG Anti-Rootkit Driver.
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/25/2015 10:39:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSHA.
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/25/2015 10:39:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/25/2015 02:43:45 AM) (Source: MsiInstaller) (EventID: 1043) (User: NT AUTHORITY)
Description: Failed to end a Windows Installer transaction {BCA7CC8C-745B-4340-B3A8-BC79A8498107}. Error 1622 occurred while ending the transaction.
 
Error: (12/25/2015 02:43:45 AM) (Source: MsiInstaller) (EventID: 1043) (User: NT AUTHORITY)
Description: Failed to end a Windows Installer transaction {BCA7CC8C-745B-4340-B3A8-BC79A8498107}. Error 1622 occurred while ending the transaction.
 
Error: (12/25/2015 02:43:45 AM) (Source: MsiInstaller) (EventID: 1043) (User: NT AUTHORITY)
Description: Failed to end a Windows Installer transaction {BCA7CC8C-745B-4340-B3A8-BC79A8498107}. Error 1622 occurred while ending the transaction.
 
Error: (12/25/2015 02:43:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG TDI Driver.
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/25/2015 02:43:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVG Anti-Rootkit Driver.
 
System Error:
The system cannot find the file specified.
.
 
 
System errors:
=============
Error: (12/25/2015 12:18:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/25/2015 12:17:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater40.2.4 service failed to start due to the following error: 
%%5
 
Error: (12/25/2015 12:17:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Scanner service failed to start due to the following error: 
%%5
 
Error: (12/25/2015 12:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error: 
%%2
 
Error: (12/25/2015 12:17:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error: 
%%5
 
Error: (12/25/2015 12:17:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WtuSystemSupport service failed to start due to the following error: 
%%5
 
Error: (12/25/2015 12:14:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/25/2015 12:14:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/25/2015 12:14:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (12/25/2015 12:13:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
 
CodeIntegrity:
===================================
  Date: 2015-12-25 12:16:55.736
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:16:55.689
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:16:55.642
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:16:55.627
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:09:18.711
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:09:18.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:09:18.633
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 12:09:18.617
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 17:02:26.138
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 17:02:26.107
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\kinonivd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 64%
Total physical RAM: 6039.2 MB
Available physical RAM: 2161.5 MB
Total Virtual: 12076.61 MB
Available Virtual: 5462.89 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:922.13 GB) (Free:356 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AF897440)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 26 December 2015 - 10:44 AM

Hi,

please uninstall Spyhunter 4.

Step 1

Upload File(s) to virustotal.png
I want you to upload the following file(s) to an online virus-scanner to scan.
  • Click the Choose File button.
  • Please copy/paste the following text into the 'File name:' box:
    C:\Program Files (x86)\clientmon.exe
  • Click Open then click the Scan it! button just below.
  • This will scan the file. Please be patient.
  • If you get a message saying File already analyzed: click Reanalyse
  • Copy and Paste the link of the result page in your reply.
Follow the procedure for the following file(s) too:
C:\Users\Josh\AppData\Roaming\windows\svchost.exe
C:\ProgramData\416691\sysmon.exe
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 26 December 2015 - 12:44 PM

C:\ProgramData\416691\sysmon.exe  :

 

 

Antivirus Result Update Antiy-AVL Trojan[Dropper]/Win32.Sysn 20151226 Kaspersky Trojan-Dropper.Win32.Sysn.bhsc 20151226 Rising PE:Malware.Generic/QRS!1.9E2D [F] 20151226 Panda Generic Suspicious 20151226 McAfee-GW-Edition BehavesLike.Win32.Downloader.zt 20151226 ALYac   20151226 AVG   20151226 AVware   20151226 Ad-Aware   20151224 AegisLab   20151226 Agnitum   20151226 AhnLab-V3   20151226 Alibaba   20151208 Arcabit   20151226 Avast   20151226 Avira   20151226 Baidu-International   20151226 BitDefender   20151226 Bkav   20151226 ByteHero   20151226 CAT-QuickHeal   20151226 CMC   20151217 ClamAV   20151226 Comodo   20151226 Cyren   20151226 DrWeb   20151226 ESET-NOD32   20151226 Emsisoft   20151226 F-Prot   20151226 F-Secure   20151225 Fortinet   20151226 GData   20151226 Ikarus   20151226 Jiangmin   20151226 K7AntiVirus   20151226 K7GW   20151226 Malwarebytes   20151226 McAfee   20151226 MicroWorld-eScan   20151226 Microsoft   20151226 NANO-Antivirus   20151226 SUPERAntiSpyware   20151226 Sophos   20151226 Symantec   20151225 Tencent   20151226 TheHacker   20151223 TrendMicro   20151226 TrendMicro-HouseCall   20151226 VBA32   20151225 VIPRE   20151226 ViRobot   20151226 Zillya   20151225 Zoner   20151226 nProtect   20151224

 

C:\Users\Josh\AppData\Roaming\windows\svchost.exe 

 

 

Antivirus Result Update ALYac   20151226 AVG   20151226 AVware   20151226 Ad-Aware   20151224 AegisLab   20151226 Agnitum   20151226 AhnLab-V3   20151226 Alibaba   20151208 Antiy-AVL   20151226 Arcabit   20151226 Avast   20151226 Avira   20151226 Baidu-International   20151226 BitDefender   20151226 Bkav   20151226 ByteHero   20151226 CAT-QuickHeal   20151226 CMC   20151217 ClamAV   20151226 Comodo   20151226 Cyren   20151226 DrWeb   20151226 ESET-NOD32   20151226 Emsisoft   20151226 F-Prot   20151226 F-Secure   20151225 Fortinet   20151226 GData   20151226 Ikarus   20151226 Jiangmin   20151226 K7AntiVirus   20151226 K7GW   20151226 Kaspersky   20151226 Malwarebytes   20151226 McAfee   20151226 McAfee-GW-Edition   20151226 MicroWorld-eScan   20151226 Microsoft   20151226 NANO-Antivirus   20151226 Panda   20151226 Rising   20151226 SUPERAntiSpyware   20151226 Sophos   20151226 Symantec   20151225 Tencent   20151226 TheHacker   20151223 TrendMicro   20151226 TrendMicro-HouseCall   20151226 VBA32   20151225 VIPRE   20151226 ViRobot   20151226 Zillya   20151225 Zoner   20151226 nProtect   20151224

#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 26 December 2015 - 12:46 PM

Copy and Paste the link of the result page in your reply.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 26 December 2015 - 12:49 PM

Sorry haha

 

https://www.virustotal.com/en/file/ffb62b306769c0ae4083befecd05908d9dcdf6a9996a65bbbc4d4f234bc92b6f/analysis/1451151664/

 

https://www.virustotal.com/en/file/c998b07a687b66e43746ef0c2536a2b2e4459dc8a54f00804eee9a9fb3527536/analysis/1451152138/



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 26 December 2015 - 01:04 PM

warning.gif Malware Warning

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

tdss.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 26 December 2015 - 02:10 PM

Here you go, thank you so much for helping btw. I'll try and donate through your paypal link soon when it's fixed
 
19:05:14.0714 0x1d54  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:05:14.0714 0x1d54  UEFI system
19:05:43.0800 0x1d54  ============================================================
19:05:43.0800 0x1d54  Current date / time: 2015/12/26 19:05:43.0800
19:05:43.0800 0x1d54  SystemInfo:
19:05:43.0800 0x1d54  
19:05:43.0800 0x1d54  OS Version: 6.1.7601 ServicePack: 1.0
19:05:43.0800 0x1d54  Product type: Workstation
19:05:43.0800 0x1d54  ComputerName: JOSH-COMPUTER
19:05:43.0800 0x1d54  UserName: Josh
19:05:43.0800 0x1d54  Windows directory: C:\Windows
19:05:43.0800 0x1d54  System windows directory: C:\Windows
19:05:43.0800 0x1d54  Running under WOW64
19:05:43.0800 0x1d54  Processor architecture: Intel x64
19:05:43.0800 0x1d54  Number of processors: 4
19:05:43.0800 0x1d54  Page size: 0x1000
19:05:43.0800 0x1d54  Boot type: Normal boot
19:05:43.0800 0x1d54  ============================================================
19:05:46.0350 0x1d54  KLMD registered as C:\Windows\system32\drivers\23306404.sys
19:05:46.0568 0x1d54  System UUID: {CBAEC322-D7F5-8F8A-B78D-984FB4190AB9}
19:05:46.0995 0x1d54  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:05:46.0997 0x1d54  ============================================================
19:05:46.0997 0x1d54  \Device\Harddisk0\DR0:
19:05:46.0998 0x1d54  GPT partitions:
19:05:47.0020 0x1d54  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B2AB4619-6168-4887-95A5-A1255C4D9E76}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
19:05:47.0020 0x1d54  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {110AE257-68DC-4113-9389-09F7751AD654}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
19:05:47.0020 0x1d54  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2C198E6C-1145-4F87-AC72-D8392C0921B7}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
19:05:47.0020 0x1d54  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6D431700-0987-4715-9A84-4C6EB65BB7E7}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0x1177000
19:05:47.0020 0x1d54  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D72E96F4-2BE9-4DD7-85CE-F9C04B70AE63}, Name: Basic data partition, StartLBA 0x12C5800, BlocksNum 0x73441000
19:05:47.0020 0x1d54  MBR partitions:
19:05:47.0020 0x1d54  ============================================================
19:05:47.0028 0x1d54  C: <-> \Device\Harddisk0\DR0\Partition5
19:05:47.0057 0x1d54  ============================================================
19:05:47.0057 0x1d54  Initialize success
19:05:47.0057 0x1d54  ============================================================
19:07:00.0832 0x23b8  ============================================================
19:07:00.0832 0x23b8  Scan started
19:07:00.0832 0x23b8  Mode: Manual; SigCheck; TDLFS; 
19:07:00.0832 0x23b8  ============================================================
19:07:00.0832 0x23b8  KSN ping started
19:07:03.0630 0x23b8  KSN ping finished: true
19:07:04.0619 0x23b8  ================ Scan system memory ========================
19:07:04.0619 0x23b8  System memory - ok
19:07:04.0619 0x23b8  ================ Scan services =============================
19:07:04.0714 0x23b8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:07:04.0958 0x23b8  1394ohci - ok
19:07:05.0001 0x23b8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:07:05.0016 0x23b8  ACPI - ok
19:07:05.0032 0x23b8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:07:05.0074 0x23b8  AcpiPmi - ok
19:07:05.0157 0x23b8  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:05.0167 0x23b8  AdobeARMservice - ok
19:07:05.0254 0x23b8  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:05.0267 0x23b8  AdobeFlashPlayerUpdateSvc - ok
19:07:05.0282 0x23b8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:07:05.0301 0x23b8  adp94xx - ok
19:07:05.0323 0x23b8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:07:05.0338 0x23b8  adpahci - ok
19:07:05.0355 0x23b8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:07:05.0368 0x23b8  adpu320 - ok
19:07:05.0439 0x23b8  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:07:05.0546 0x23b8  AeLookupSvc - ok
19:07:05.0599 0x23b8  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:07:05.0608 0x23b8  AERTFilters - ok
19:07:05.0653 0x23b8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
19:07:05.0706 0x23b8  AFD - ok
19:07:05.0723 0x23b8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:07:05.0739 0x23b8  agp440 - ok
19:07:05.0767 0x23b8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:07:05.0838 0x23b8  ALG - ok
19:07:05.0990 0x23b8  [ 6E3300EC67EDB3485D96E81CED73089A, 6463F088894E07611438F4B330C4EF44BA8137BD849FAAC5B54653B200A52B50 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
19:07:05.0997 0x23b8  AlienFusionService - ok
19:07:06.0006 0x23b8  [ 6AC953CD695B37CDABA6C822106F47EF, E2F3AD48855773EFB3A0F950A9C2F44A4746B6BC0A27B6DFE91E974B4B107B1E ] AlienFXWindowsService C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
19:07:06.0013 0x23b8  AlienFXWindowsService - ok
19:07:06.0049 0x23b8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:07:06.0056 0x23b8  aliide - ok
19:07:06.0089 0x23b8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:07:06.0099 0x23b8  amdide - ok
19:07:06.0114 0x23b8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:07:06.0138 0x23b8  AmdK8 - ok
19:07:06.0167 0x23b8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:07:06.0195 0x23b8  AmdPPM - ok
19:07:06.0233 0x23b8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:07:06.0244 0x23b8  amdsata - ok
19:07:06.0257 0x23b8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:07:06.0274 0x23b8  amdsbs - ok
19:07:06.0292 0x23b8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:07:06.0301 0x23b8  amdxata - ok
19:07:06.0339 0x23b8  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
19:07:06.0417 0x23b8  AppID - ok
19:07:06.0457 0x23b8  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:07:06.0479 0x23b8  AppIDSvc - ok
19:07:06.0496 0x23b8  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
19:07:06.0552 0x23b8  Appinfo - ok
19:07:06.0646 0x23b8  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:07:06.0653 0x23b8  Apple Mobile Device Service - ok
19:07:06.0669 0x23b8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:07:06.0678 0x23b8  arc - ok
19:07:06.0688 0x23b8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:07:06.0696 0x23b8  arcsas - ok
19:07:06.0769 0x23b8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:07:06.0807 0x23b8  aspnet_state - ok
19:07:06.0836 0x23b8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:06.0993 0x23b8  AsyncMac - ok
19:07:07.0033 0x23b8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:07:07.0039 0x23b8  atapi - ok
19:07:07.0118 0x23b8  [ 7D0398396727195CC73D703001D3CFF4, 5175C5061AB201F688538E1C6849F42BB987121C0FB9189BB8616E8573522969 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:07:07.0231 0x23b8  athr - ok
19:07:07.0287 0x23b8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:07:07.0366 0x23b8  AudioEndpointBuilder - ok
19:07:07.0383 0x23b8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:07:07.0403 0x23b8  AudioSrv - ok
19:07:07.0495 0x23b8  [ 5E3C595A18B70417858BB37A3B3F6039, 374D76D2D7C684881501A48FF00CE6E0742FE75E411212EAA72543CC94CE184F ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
19:07:07.0497 0x23b8  Suspicious file ( NoAccess ): C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe. md5: 5E3C595A18B70417858BB37A3B3F6039, sha256: 374D76D2D7C684881501A48FF00CE6E0742FE75E411212EAA72543CC94CE184F
19:07:07.0500 0x23b8  avgsvc - detected LockedFile.Multi.Generic ( 1 )
19:07:10.0144 0x23b8  Detect skipped due to KSN trusted
19:07:10.0144 0x23b8  avgsvc - ok
19:07:10.0153 0x23b8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:07:10.0205 0x23b8  AxInstSV - ok
19:07:10.0228 0x23b8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:07:10.0299 0x23b8  b06bdrv - ok
19:07:10.0319 0x23b8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:10.0364 0x23b8  b57nd60a - ok
19:07:10.0393 0x23b8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:07:10.0426 0x23b8  BDESVC - ok
19:07:10.0434 0x23b8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:07:10.0484 0x23b8  Beep - ok
19:07:10.0616 0x23b8  [ A217C899ADEE4D9112E629782B02FE09, 0C9F7AC489D90EC57391ACDB0853BD808315DB107138F729FB16218951C747A9 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:07:10.0664 0x23b8  BEService - ok
19:07:10.0698 0x23b8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:07:10.0795 0x23b8  BFE - ok
19:07:10.0847 0x23b8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:07:11.0166 0x23b8  BITS - ok
19:07:11.0185 0x23b8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:07:11.0194 0x23b8  blbdrive - ok
19:07:11.0276 0x23b8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:07:11.0290 0x23b8  Bonjour Service - ok
19:07:11.0306 0x23b8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:07:11.0359 0x23b8  bowser - ok
19:07:11.0372 0x23b8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:07:11.0426 0x23b8  BrFiltLo - ok
19:07:11.0447 0x23b8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:07:11.0477 0x23b8  BrFiltUp - ok
19:07:11.0512 0x23b8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:07:11.0565 0x23b8  Browser - ok
19:07:11.0583 0x23b8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:07:11.0646 0x23b8  Brserid - ok
19:07:11.0667 0x23b8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:07:11.0683 0x23b8  BrSerWdm - ok
19:07:11.0699 0x23b8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:07:11.0753 0x23b8  BrUsbMdm - ok
19:07:11.0772 0x23b8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:07:11.0801 0x23b8  BrUsbSer - ok
19:07:11.0821 0x23b8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:07:11.0847 0x23b8  BTHMODEM - ok
19:07:11.0864 0x23b8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:07:11.0905 0x23b8  bthserv - ok
19:07:12.0022 0x23b8  [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
19:07:12.0076 0x23b8  c2cautoupdatesvc - ok
19:07:12.0154 0x23b8  [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
19:07:12.0209 0x23b8  c2cpnrsvc - ok
19:07:12.0220 0x23b8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:07:12.0253 0x23b8  cdfs - ok
19:07:12.0267 0x23b8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:07:12.0293 0x23b8  cdrom - ok
19:07:12.0403 0x23b8  [ D992DCC716B5C7B0E138850471904579, 8A9B8788AD3968E089CB4C61221D0A63D2F134DE02186EC852CE18FD67A33322 ] celavimushost   C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe
19:07:12.0413 0x23b8  celavimushost - ok
19:07:12.0424 0x23b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:07:12.0469 0x23b8  CertPropSvc - ok
19:07:12.0485 0x23b8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:07:12.0508 0x23b8  circlass - ok
19:07:12.0546 0x23b8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:07:12.0560 0x23b8  CLFS - ok
19:07:12.0614 0x23b8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:07:12.0625 0x23b8  clr_optimization_v2.0.50727_32 - ok
19:07:12.0672 0x23b8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:07:12.0684 0x23b8  clr_optimization_v2.0.50727_64 - ok
19:07:12.0734 0x23b8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:07:12.0966 0x23b8  clr_optimization_v4.0.30319_32 - ok
19:07:13.0017 0x23b8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:07:13.0079 0x23b8  clr_optimization_v4.0.30319_64 - ok
19:07:13.0105 0x23b8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:07:13.0116 0x23b8  CmBatt - ok
19:07:13.0158 0x23b8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:07:13.0166 0x23b8  cmdide - ok
19:07:13.0211 0x23b8  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:07:13.0242 0x23b8  CNG - ok
19:07:13.0254 0x23b8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:07:13.0265 0x23b8  Compbatt - ok
19:07:13.0280 0x23b8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:07:13.0306 0x23b8  CompositeBus - ok
19:07:13.0311 0x23b8  COMSysApp - ok
19:07:13.0378 0x23b8  [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:07:13.0403 0x23b8  cphs - ok
19:07:13.0413 0x23b8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:07:13.0419 0x23b8  crcdisk - ok
19:07:13.0463 0x23b8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:07:13.0506 0x23b8  CryptSvc - ok
19:07:13.0538 0x23b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:07:13.0588 0x23b8  DcomLaunch - ok
19:07:13.0650 0x23b8  [ 3802CBF4BDDE6F99974B27EE1782E5F9, 51562209E16A1C0247D73D7BFC8827AE4A2E57AF11350379A8FBA1EC44E56E54 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
19:07:13.0656 0x23b8  DDDriver - ok
19:07:13.0679 0x23b8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:07:13.0727 0x23b8  defragsvc - ok
19:07:13.0910 0x23b8  [ A5EF2FD6F37F1D52E5164FDCB71B92E1, 9E456E75B3E18446F7211C1D2A5505F77703515108A712DA7998E21407B7CC15 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
19:07:13.0989 0x23b8  DellDataVault - ok
19:07:14.0035 0x23b8  [ 1E4C17073DBAD618FA63DEFC74E481BE, EC8FEA5E164CC972C5FF933A3FC350797B52A9010083E9D69133A7D6108483D3 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
19:07:14.0048 0x23b8  DellDataVaultWiz - ok
19:07:14.0100 0x23b8  [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
19:07:14.0119 0x23b8  DellProf - ok
19:07:14.0135 0x23b8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:07:14.0179 0x23b8  DfsC - ok
19:07:14.0199 0x23b8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:07:14.0249 0x23b8  Dhcp - ok
19:07:14.0337 0x23b8  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:07:14.0488 0x23b8  DiagTrack - ok
19:07:14.0497 0x23b8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:07:14.0540 0x23b8  discache - ok
19:07:14.0563 0x23b8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:07:14.0573 0x23b8  Disk - ok
19:07:14.0597 0x23b8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:07:14.0635 0x23b8  Dnscache - ok
19:07:14.0659 0x23b8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:07:14.0704 0x23b8  dot3svc - ok
19:07:14.0720 0x23b8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:07:14.0775 0x23b8  DPS - ok
19:07:14.0828 0x23b8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:07:14.0880 0x23b8  drmkaud - ok
19:07:14.0922 0x23b8  [ 5B4F7E7CA76F304C17BCB193FDFE9D64, 67E78F4A8AC0E4225EEFE798186FCF940CFF29575C27BBC7D608F1425E6FAC30 ] dtproscsibus    C:\Windows\system32\DRIVERS\dtproscsibus.sys
19:07:14.0936 0x23b8  dtproscsibus - ok
19:07:14.0981 0x23b8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:07:15.0014 0x23b8  DXGKrnl - ok
19:07:15.0040 0x23b8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:07:15.0087 0x23b8  EapHost - ok
19:07:15.0109 0x23b8  EasyAntiCheat - ok
19:07:15.0188 0x23b8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:07:15.0295 0x23b8  ebdrv - ok
19:07:15.0336 0x23b8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
19:07:15.0374 0x23b8  EFS - ok
19:07:15.0418 0x23b8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:07:15.0466 0x23b8  ehRecvr - ok
19:07:15.0486 0x23b8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:07:15.0514 0x23b8  ehSched - ok
19:07:15.0547 0x23b8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:07:15.0564 0x23b8  elxstor - ok
19:07:15.0611 0x23b8  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
19:07:15.0618 0x23b8  EpsonScanSvc - ok
19:07:15.0671 0x23b8  [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] EPSON_PM_RPCV4_06 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
19:07:15.0680 0x23b8  EPSON_PM_RPCV4_06 - ok
19:07:15.0695 0x23b8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:07:15.0713 0x23b8  ErrDev - ok
19:07:15.0743 0x23b8  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\Windows\system32\DRIVERS\EsgScanner.sys
19:07:15.0748 0x23b8  EsgScanner - ok
19:07:15.0783 0x23b8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:07:15.0834 0x23b8  EventSystem - ok
19:07:15.0909 0x23b8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:07:15.0966 0x23b8  exfat - ok
19:07:15.0994 0x23b8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:07:16.0046 0x23b8  fastfat - ok
19:07:16.0094 0x23b8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:07:16.0180 0x23b8  Fax - ok
19:07:16.0195 0x23b8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:07:16.0221 0x23b8  fdc - ok
19:07:16.0239 0x23b8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:07:16.0282 0x23b8  fdPHost - ok
19:07:16.0308 0x23b8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:07:16.0362 0x23b8  FDResPub - ok
19:07:16.0387 0x23b8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:07:16.0398 0x23b8  FileInfo - ok
19:07:16.0405 0x23b8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:07:16.0430 0x23b8  Filetrace - ok
19:07:16.0444 0x23b8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:07:16.0460 0x23b8  flpydisk - ok
19:07:16.0475 0x23b8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:07:16.0489 0x23b8  FltMgr - ok
19:07:16.0558 0x23b8  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
19:07:16.0662 0x23b8  FontCache - ok
19:07:16.0695 0x23b8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:07:16.0702 0x23b8  FontCache3.0.0.0 - ok
19:07:16.0705 0x23b8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:07:16.0715 0x23b8  FsDepends - ok
19:07:16.0738 0x23b8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:07:16.0747 0x23b8  Fs_Rec - ok
19:07:16.0765 0x23b8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:07:16.0782 0x23b8  fvevol - ok
19:07:16.0798 0x23b8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:07:16.0809 0x23b8  gagp30kx - ok
19:07:16.0862 0x23b8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:07:16.0869 0x23b8  GEARAspiWDM - ok
19:07:16.0964 0x23b8  [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:07:17.0030 0x23b8  GfExperienceService - ok
19:07:17.0070 0x23b8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:07:17.0129 0x23b8  gpsvc - ok
19:07:17.0208 0x23b8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:07:17.0217 0x23b8  gupdate - ok
19:07:17.0224 0x23b8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:07:17.0231 0x23b8  gupdatem - ok
19:07:17.0268 0x23b8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
19:07:17.0274 0x23b8  hamachi - ok
19:07:17.0295 0x23b8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:07:17.0354 0x23b8  hcw85cir - ok
19:07:17.0383 0x23b8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:07:17.0421 0x23b8  HdAudAddService - ok
19:07:17.0455 0x23b8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:17.0466 0x23b8  HDAudBus - ok
19:07:17.0475 0x23b8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:07:17.0495 0x23b8  HidBatt - ok
19:07:17.0505 0x23b8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:07:17.0521 0x23b8  HidBth - ok
19:07:17.0534 0x23b8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:07:17.0561 0x23b8  HidIr - ok
19:07:17.0585 0x23b8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:07:17.0628 0x23b8  hidserv - ok
19:07:17.0640 0x23b8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:07:17.0737 0x23b8  HidUsb - ok
19:07:17.0805 0x23b8  [ 8A71B31B132E9DA2201BCBF26BCA36A5, 837ED042297F782895137E0391CDDE4B9ED7F2A967E3036A30AC37F615EE1D48 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:07:17.0818 0x23b8  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
19:07:20.0453 0x23b8  Detect skipped due to KSN trusted
19:07:20.0453 0x23b8  HiPatchService - ok
19:07:20.0470 0x23b8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:07:20.0501 0x23b8  hkmsvc - ok
19:07:20.0516 0x23b8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:07:20.0559 0x23b8  HomeGroupListener - ok
19:07:20.0583 0x23b8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:07:20.0595 0x23b8  HomeGroupProvider - ok
19:07:20.0610 0x23b8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:07:20.0619 0x23b8  HpSAMD - ok
19:07:20.0734 0x23b8  [ 83A0BA4503470EE465608CDD1E506AF1, 555364D288968C636B721705CADBC21A9A3F332460512C2B8B6957DDEAB2ADEA ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
19:07:20.0787 0x23b8  hshld - ok
19:07:20.0850 0x23b8  [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
19:07:20.0955 0x23b8  HssDRV6 - ok
19:07:21.0123 0x23b8  [ 1C6585E1DC6B5473AA5B5768972086DD, 8A4A5EB795078654236D008C73B5D16A7D85393C2DA03DE7DE10F4188A2CD0EB ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
19:07:21.0131 0x23b8  HssTrayService - ok
19:07:21.0189 0x23b8  [ B932F9BDA68C4249A481C3417F4E04A9, F4E393DD4EBDE454966C7C400E2F6E7F7C4DA6295F0A4CC4165B85DECB86BEE0 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
19:07:21.0205 0x23b8  HssWd - ok
19:07:21.0256 0x23b8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:07:21.0300 0x23b8  HTTP - ok
19:07:21.0308 0x23b8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:07:21.0317 0x23b8  hwpolicy - ok
19:07:21.0331 0x23b8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:07:21.0339 0x23b8  i8042prt - ok
19:07:21.0373 0x23b8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:07:21.0389 0x23b8  iaStorV - ok
19:07:21.0439 0x23b8  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
19:07:21.0450 0x23b8  ICCS - ok
19:07:21.0511 0x23b8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:07:21.0547 0x23b8  idsvc - ok
19:07:21.0562 0x23b8  IEEtwCollectorService - ok
19:07:21.0685 0x23b8  [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:07:21.0808 0x23b8  igfx - ok
19:07:21.0833 0x23b8  [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:07:21.0857 0x23b8  igfxCUIService1.0.0.0 - ok
19:07:21.0865 0x23b8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:07:21.0872 0x23b8  iirsp - ok
19:07:21.0922 0x23b8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:07:21.0976 0x23b8  IKEEXT - ok
19:07:22.0100 0x23b8  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:07:22.0217 0x23b8  IntcAzAudAddService - ok
19:07:22.0242 0x23b8  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:07:22.0261 0x23b8  IntcDAud - ok
19:07:22.0319 0x23b8  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:07:22.0341 0x23b8  Intel® Capability Licensing Service Interface - ok
19:07:22.0390 0x23b8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:07:22.0400 0x23b8  intelide - ok
19:07:22.0409 0x23b8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:07:22.0437 0x23b8  intelppm - ok
19:07:22.0478 0x23b8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:07:22.0509 0x23b8  IPBusEnum - ok
19:07:22.0520 0x23b8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:22.0566 0x23b8  IpFilterDriver - ok
19:07:22.0607 0x23b8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:07:22.0665 0x23b8  iphlpsvc - ok
19:07:22.0681 0x23b8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:07:22.0706 0x23b8  IPMIDRV - ok
19:07:22.0720 0x23b8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:07:22.0765 0x23b8  IPNAT - ok
19:07:22.0849 0x23b8  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:07:22.0877 0x23b8  iPod Service - ok
19:07:22.0884 0x23b8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:07:22.0896 0x23b8  IRENUM - ok
19:07:22.0910 0x23b8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:07:22.0918 0x23b8  isapnp - ok
19:07:22.0933 0x23b8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:07:22.0949 0x23b8  iScsiPrt - ok
19:07:22.0974 0x23b8  [ 16FB3C63287DC1E0061101012844F26F, D469275B6843E09B889912F8CBA41DE7C2F72001C888A990850B592B535E34F1 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:07:22.0985 0x23b8  jhi_service - ok
19:07:22.0996 0x23b8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:23.0003 0x23b8  kbdclass - ok
19:07:23.0011 0x23b8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:07:23.0041 0x23b8  kbdhid - ok
19:07:23.0060 0x23b8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
19:07:23.0067 0x23b8  KeyIso - ok
19:07:23.0136 0x23b8  [ 4CBC390EDFBA8FF93632ACA68CE6334F, 43677A76A9C57CBF95F729905847F6C68C5FA0EAF2BE156E1FF233618B054D2F ] KinoniSvc       C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
19:07:23.0179 0x23b8  KinoniSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:07:26.0087 0x23b8  KinoniSvc ( UnsignedFile.Multi.Generic ) - warning
19:07:28.0832 0x23b8  [ EBF07CF11ADD83DC05BFB63736129CF1, 8BB21FB5E232B619FB193EF4DAC20F393E7BEE3317F376C47466C1180BF32107 ] kinonivd        C:\Windows\system32\DRIVERS\kinonivd.sys
19:07:28.0928 0x23b8  kinonivd - detected UnsignedFile.Multi.Generic ( 1 )
19:07:31.0563 0x23b8  kinonivd ( UnsignedFile.Multi.Generic ) - warning
19:07:34.0266 0x23b8  [ EE7072A46EF13BC48C9E5415D341A483, D47C6D51627814D5B4886B165AA17D22DF1E3CF72B0F35118B8A54361A71D431 ] KINONI_Wave     C:\Windows\system32\drivers\kinonivad.sys
19:07:34.0307 0x23b8  KINONI_Wave - detected UnsignedFile.Multi.Generic ( 1 )
19:07:36.0937 0x23b8  KINONI_Wave ( UnsignedFile.Multi.Generic ) - warning
19:07:36.0937 0x23b8  Force sending object to P2P due to detect: KINONI_Wave
19:07:39.0727 0x23b8  Object send P2P result: true
19:07:42.0414 0x23b8  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:07:42.0421 0x23b8  KSecDD - ok
19:07:42.0436 0x23b8  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:07:42.0449 0x23b8  KSecPkg - ok
19:07:42.0455 0x23b8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:07:42.0496 0x23b8  ksthunk - ok
19:07:42.0525 0x23b8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:07:42.0555 0x23b8  KtmRm - ok
19:07:42.0577 0x23b8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:07:42.0625 0x23b8  LanmanServer - ok
19:07:42.0655 0x23b8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:07:42.0704 0x23b8  LanmanWorkstation - ok
19:07:42.0710 0x23b8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:07:42.0738 0x23b8  lltdio - ok
19:07:42.0770 0x23b8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:07:42.0824 0x23b8  lltdsvc - ok
19:07:42.0853 0x23b8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:07:42.0888 0x23b8  lmhosts - ok
19:07:42.0929 0x23b8  [ 8D7E37CDE7393D59C46A3A61D30C6228, 328E374075B73560E9F45B07A3331BC2E032C33309011DC47B0959B8B8D0E937 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:07:42.0943 0x23b8  LMS - ok
19:07:42.0955 0x23b8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:07:42.0966 0x23b8  LSI_FC - ok
19:07:42.0977 0x23b8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:07:42.0985 0x23b8  LSI_SAS - ok
19:07:42.0997 0x23b8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:07:43.0005 0x23b8  LSI_SAS2 - ok
19:07:43.0012 0x23b8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:07:43.0021 0x23b8  LSI_SCSI - ok
19:07:43.0033 0x23b8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:07:43.0064 0x23b8  luafv - ok
19:07:43.0099 0x23b8  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
19:07:43.0125 0x23b8  LVRS64 - ok
19:07:43.0253 0x23b8  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
19:07:43.0387 0x23b8  LVUVC64 - ok
19:07:43.0421 0x23b8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:07:43.0447 0x23b8  Mcx2Svc - ok
19:07:43.0466 0x23b8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:07:43.0474 0x23b8  megasas - ok
19:07:43.0494 0x23b8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:07:43.0506 0x23b8  MegaSR - ok
19:07:43.0528 0x23b8  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:07:43.0536 0x23b8  MEIx64 - ok
19:07:43.0548 0x23b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:07:43.0588 0x23b8  MMCSS - ok
19:07:43.0611 0x23b8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:07:43.0651 0x23b8  Modem - ok
19:07:43.0668 0x23b8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:07:43.0692 0x23b8  monitor - ok
19:07:43.0707 0x23b8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:07:43.0714 0x23b8  mouclass - ok
19:07:43.0720 0x23b8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:07:43.0745 0x23b8  mouhid - ok
19:07:43.0759 0x23b8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:07:43.0769 0x23b8  mountmgr - ok
19:07:43.0793 0x23b8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:07:43.0805 0x23b8  mpio - ok
19:07:43.0820 0x23b8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:07:43.0855 0x23b8  mpsdrv - ok
19:07:43.0885 0x23b8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:07:43.0945 0x23b8  MpsSvc - ok
19:07:43.0983 0x23b8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:07:44.0037 0x23b8  MRxDAV - ok
19:07:44.0065 0x23b8  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:44.0114 0x23b8  mrxsmb - ok
19:07:44.0156 0x23b8  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:44.0183 0x23b8  mrxsmb10 - ok
19:07:44.0222 0x23b8  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:44.0251 0x23b8  mrxsmb20 - ok
19:07:44.0280 0x23b8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:07:44.0287 0x23b8  msahci - ok
19:07:44.0303 0x23b8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:07:44.0312 0x23b8  msdsm - ok
19:07:44.0322 0x23b8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:07:44.0337 0x23b8  MSDTC - ok
19:07:44.0346 0x23b8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:07:44.0389 0x23b8  Msfs - ok
19:07:44.0419 0x23b8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:07:44.0446 0x23b8  mshidkmdf - ok
19:07:44.0454 0x23b8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:07:44.0463 0x23b8  msisadrv - ok
19:07:44.0543 0x23b8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:07:44.0608 0x23b8  MSiSCSI - ok
19:07:44.0612 0x23b8  msiserver - ok
19:07:44.0705 0x23b8  [ 583E83D46CCEDB47476AC0DB6114136A, BDC537A50DB1514E4ABA10DDB6A4CFBD0779D6E18085EB5B55CD0E76C4A0D3DB ] MSI_ODD_Service c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
19:07:44.0726 0x23b8  MSI_ODD_Service - detected UnsignedFile.Multi.Generic ( 1 )
19:07:47.0720 0x23b8  Detect skipped due to KSN trusted
19:07:47.0720 0x23b8  MSI_ODD_Service - ok
19:07:47.0748 0x23b8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:07:47.0774 0x23b8  MSKSSRV - ok
19:07:47.0785 0x23b8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:47.0829 0x23b8  MSPCLOCK - ok
19:07:47.0861 0x23b8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:07:47.0895 0x23b8  MSPQM - ok
19:07:47.0913 0x23b8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:07:47.0926 0x23b8  MsRPC - ok
19:07:47.0939 0x23b8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:07:47.0950 0x23b8  mssmbios - ok
19:07:48.0042 0x23b8  MSSQL$SQLEXPRESS - ok
19:07:48.0163 0x23b8  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:07:48.0184 0x23b8  MSSQLServerADHelper100 - ok
19:07:48.0195 0x23b8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:07:48.0219 0x23b8  MSTEE - ok
19:07:48.0230 0x23b8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:07:48.0249 0x23b8  MTConfig - ok
19:07:48.0271 0x23b8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:07:48.0281 0x23b8  Mup - ok
19:07:48.0310 0x23b8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:07:48.0367 0x23b8  napagent - ok
19:07:48.0402 0x23b8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:07:48.0437 0x23b8  NativeWifiP - ok
19:07:48.0494 0x23b8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:07:48.0536 0x23b8  NDIS - ok
19:07:48.0545 0x23b8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:07:48.0577 0x23b8  NdisCap - ok
19:07:48.0591 0x23b8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:48.0617 0x23b8  NdisTapi - ok
19:07:48.0628 0x23b8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:48.0665 0x23b8  Ndisuio - ok
19:07:48.0685 0x23b8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:48.0733 0x23b8  NdisWan - ok
19:07:48.0756 0x23b8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:07:48.0789 0x23b8  NDProxy - ok
19:07:48.0847 0x23b8  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
19:07:48.0924 0x23b8  Netaapl - ok
19:07:48.0933 0x23b8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:07:48.0975 0x23b8  NetBIOS - ok
19:07:49.0016 0x23b8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:07:49.0061 0x23b8  NetBT - ok
19:07:49.0083 0x23b8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
19:07:49.0093 0x23b8  Netlogon - ok
19:07:49.0146 0x23b8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:07:49.0178 0x23b8  Netman - ok
19:07:49.0227 0x23b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:49.0250 0x23b8  NetMsmqActivator - ok
19:07:49.0255 0x23b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:49.0264 0x23b8  NetPipeActivator - ok
19:07:49.0284 0x23b8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:07:49.0319 0x23b8  netprofm - ok
19:07:49.0325 0x23b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:49.0334 0x23b8  NetTcpActivator - ok
19:07:49.0338 0x23b8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:07:49.0359 0x23b8  NetTcpPortSharing - ok
19:07:49.0374 0x23b8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:07:49.0383 0x23b8  nfrd960 - ok
19:07:49.0424 0x23b8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:07:49.0515 0x23b8  NlaSvc - ok
19:07:49.0581 0x23b8  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
19:07:49.0587 0x23b8  NPF - ok
19:07:49.0604 0x23b8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:07:49.0629 0x23b8  Npfs - ok
19:07:49.0643 0x23b8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:07:49.0669 0x23b8  nsi - ok
19:07:49.0681 0x23b8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:07:49.0708 0x23b8  nsiproxy - ok
19:07:49.0798 0x23b8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:07:49.0855 0x23b8  Ntfs - ok
19:07:49.0864 0x23b8  [ 3F39F013168428C8E505A7B9E6CBA8A2, 6F1FF29E2E710F6D064DC74E8E011331D807C32CC2A622CBE507FD4B4D43F8F4 ] NTIOLib_X64     C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys
19:07:49.0869 0x23b8  NTIOLib_X64 - ok
19:07:49.0873 0x23b8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:07:49.0902 0x23b8  Null - ok
19:07:49.0951 0x23b8  [ 484AB68599B0143F09A0E7758A49C8A7, E249F22BB1212456D6CBFA1155C5A283312C7E451F40D247711099530F3D92C8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:07:49.0963 0x23b8  NVHDA - ok
19:07:50.0239 0x23b8  [ B2F62BA098215B51E6FADE7FEF4C8AB2, 94E7A972C863525E67BA89575C6BDD2846783A5AE4A128C5F1A6948782D70AEF ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:07:50.0547 0x23b8  nvlddmkm - ok
19:07:50.0656 0x23b8  [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:07:50.0724 0x23b8  NvNetworkService - ok
19:07:50.0755 0x23b8  [ 84706AC1FB8CBD1A5A55EC6149840273, B66F098108127874EB7F2E9C9C457A3D124D82F9C2EC2765F428ADCE827ACC41 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
19:07:50.0763 0x23b8  nvpciflt - ok
19:07:50.0790 0x23b8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:07:50.0799 0x23b8  nvraid - ok
19:07:50.0824 0x23b8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:07:50.0834 0x23b8  nvstor - ok
19:07:50.0988 0x23b8  [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:07:51.0047 0x23b8  NvStreamKms - ok
19:07:51.0273 0x23b8  [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:07:51.0489 0x23b8  NvStreamNetworkSvc - ok
19:07:51.0656 0x23b8  [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:07:51.0879 0x23b8  NvStreamSvc - ok
19:07:51.0926 0x23b8  [ FD7B8BC709366795A15EEC9DDA9A46BD, E8D4176E7EBEEB8AB1DBC79241365CFBD07442A84B50C2477C0F0345EF5CE7D6 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
19:07:51.0940 0x23b8  NvStUSB - ok
19:07:51.0972 0x23b8  [ 509E29820AB17040DF88A42C55E0756D, D861C388BEC6F2B23E131F7F0783119A859A8E8B3982C3B60D903710DED7FB74 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:07:52.0009 0x23b8  nvsvc - ok
19:07:52.0019 0x23b8  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:07:52.0028 0x23b8  nvvad_WaveExtensible - ok
19:07:52.0048 0x23b8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:07:52.0057 0x23b8  nv_agp - ok
19:07:52.0065 0x23b8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:07:52.0087 0x23b8  ohci1394 - ok
19:07:52.0192 0x23b8  [ 7C77BE6B074F774355B582B4C8E8C850, 046208210A9BD4AE9D20A2EE1C886F740C5BC1ECACEA2F55D6627F7FDD013D21 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:07:52.0255 0x23b8  Origin Client Service - ok
19:07:52.0306 0x23b8  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:07:52.0318 0x23b8  ose64 - ok
19:07:52.0503 0x23b8  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:07:52.0666 0x23b8  osppsvc - ok
19:07:52.0710 0x23b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:07:52.0776 0x23b8  p2pimsvc - ok
19:07:52.0801 0x23b8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:07:52.0837 0x23b8  p2psvc - ok
19:07:52.0870 0x23b8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:07:52.0881 0x23b8  Parport - ok
19:07:52.0898 0x23b8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:07:52.0906 0x23b8  partmgr - ok
19:07:52.0945 0x23b8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:07:53.0016 0x23b8  PcaSvc - ok
19:07:53.0035 0x23b8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:07:53.0046 0x23b8  pci - ok
19:07:53.0080 0x23b8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:07:53.0087 0x23b8  pciide - ok
19:07:53.0110 0x23b8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:07:53.0122 0x23b8  pcmcia - ok
19:07:53.0127 0x23b8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:07:53.0134 0x23b8  pcw - ok
19:07:53.0157 0x23b8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:07:53.0207 0x23b8  PEAUTH - ok
19:07:53.0308 0x23b8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:07:53.0335 0x23b8  PerfHost - ok
19:07:53.0410 0x23b8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:07:53.0475 0x23b8  pla - ok
19:07:53.0529 0x23b8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:07:53.0585 0x23b8  PlugPlay - ok
19:07:53.0612 0x23b8  PnkBstrA - ok
19:07:53.0623 0x23b8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:07:53.0645 0x23b8  PNRPAutoReg - ok
19:07:53.0667 0x23b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:07:53.0681 0x23b8  PNRPsvc - ok
19:07:53.0716 0x23b8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:07:53.0760 0x23b8  PolicyAgent - ok
19:07:53.0777 0x23b8  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
19:07:53.0848 0x23b8  Power - ok
19:07:53.0861 0x23b8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:07:53.0913 0x23b8  PptpMiniport - ok
19:07:53.0938 0x23b8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:07:53.0949 0x23b8  Processor - ok
19:07:53.0993 0x23b8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:07:54.0080 0x23b8  ProfSvc - ok
19:07:54.0092 0x23b8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:07:54.0102 0x23b8  ProtectedStorage - ok
19:07:54.0117 0x23b8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:07:54.0141 0x23b8  Psched - ok
19:07:54.0187 0x23b8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:07:54.0239 0x23b8  ql2300 - ok
19:07:54.0250 0x23b8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:07:54.0259 0x23b8  ql40xx - ok
19:07:54.0276 0x23b8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:07:54.0294 0x23b8  QWAVE - ok
19:07:54.0303 0x23b8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:07:54.0332 0x23b8  QWAVEdrv - ok
19:07:54.0354 0x23b8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:07:54.0377 0x23b8  RasAcd - ok
19:07:54.0391 0x23b8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:07:54.0435 0x23b8  RasAgileVpn - ok
19:07:54.0461 0x23b8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:07:54.0503 0x23b8  RasAuto - ok
19:07:54.0526 0x23b8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:54.0553 0x23b8  Rasl2tp - ok
19:07:54.0565 0x23b8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:07:54.0600 0x23b8  RasMan - ok
19:07:54.0613 0x23b8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:54.0657 0x23b8  RasPppoe - ok
19:07:54.0662 0x23b8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:07:54.0703 0x23b8  RasSstp - ok
19:07:54.0751 0x23b8  Razer Game Scanner Service - ok
19:07:54.0803 0x23b8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:07:54.0876 0x23b8  rdbss - ok
19:07:54.0910 0x23b8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:07:54.0927 0x23b8  rdpbus - ok
19:07:54.0933 0x23b8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:54.0966 0x23b8  RDPCDD - ok
19:07:54.0972 0x23b8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:07:55.0024 0x23b8  RDPENCDD - ok
19:07:55.0044 0x23b8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:07:55.0095 0x23b8  RDPREFMP - ok
19:07:55.0184 0x23b8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:07:55.0279 0x23b8  RdpVideoMiniport - ok
19:07:55.0319 0x23b8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:07:55.0398 0x23b8  RDPWD - ok
19:07:55.0421 0x23b8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:07:55.0432 0x23b8  rdyboost - ok
19:07:55.0451 0x23b8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:07:55.0489 0x23b8  RemoteAccess - ok
19:07:55.0507 0x23b8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:07:55.0548 0x23b8  RemoteRegistry - ok
19:07:55.0577 0x23b8  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:07:55.0637 0x23b8  RimUsb - ok
19:07:55.0680 0x23b8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
19:07:55.0690 0x23b8  rpcapd - ok
19:07:55.0704 0x23b8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:07:55.0736 0x23b8  RpcEptMapper - ok
19:07:55.0748 0x23b8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:07:55.0758 0x23b8  RpcLocator - ok
19:07:55.0780 0x23b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:07:55.0814 0x23b8  RpcSs - ok
19:07:55.0932 0x23b8  [ C9FE05A63C500ABE3AFA5786504C4D36, F076B57B9EF6A179A37D5E00E1891236025D451CF067D2F1A1CBA2113218FEB6 ] RsFx0105        C:\Windows\system32\DRIVERS\RsFx0105.sys
19:07:55.0970 0x23b8  RsFx0105 - ok
19:07:56.0006 0x23b8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:07:56.0051 0x23b8  rspndr - ok
19:07:56.0086 0x23b8  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:07:56.0100 0x23b8  RtkAudioService - ok
19:07:56.0152 0x23b8  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:07:56.0172 0x23b8  RTL8167 - ok
19:07:56.0199 0x23b8  [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
19:07:56.0207 0x23b8  rusb3hub - ok
19:07:56.0227 0x23b8  [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
19:07:56.0236 0x23b8  rusb3xhc - ok
19:07:56.0278 0x23b8  [ 5709A79EC6011BF109C7167DDC6EC603, BB6B939C5FD8CD3E88FD115C1D4ABF7E05FC33A03C041079CC7F078C8FA43FE7 ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
19:07:56.0286 0x23b8  rzendpt - ok
19:07:56.0322 0x23b8  [ B5019713CEE4CE9E6C0BF0E4142F0A5B, C3A532300622DFDCBDAEE31A9E8CCA063F7B6A6A581E35D2631A2A667848B936 ] RzKLService     C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
19:07:56.0330 0x23b8  RzKLService - ok
19:07:56.0363 0x23b8  [ 2ADA9F126235A56EDC9F90C888E4D142, 4CE692D045F6F8A7A1D309376648E81066F6EBAF94580F2ED0B0FFC1FE6FE44E ] RZMAELSTROMVADService C:\Windows\system32\drivers\RzMaelstromVAD.sys
19:07:56.0417 0x23b8  RZMAELSTROMVADService - ok
19:07:56.0456 0x23b8  [ 0C90E6CEA576095888E779E5BD9DD060, 8A13A92D5A8E577E2B919CC879FA8CFA1FAD0A6BFF0CF4FCC59B8E74AB22A673 ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
19:07:56.0462 0x23b8  rzpmgrk - ok
19:07:56.0515 0x23b8  [ 288471F132C7249F598032D03575F083, 9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
19:07:56.0525 0x23b8  rzpnk - ok
19:07:56.0572 0x23b8  [ 6F59DE8AD8A6946D9133550BA481E6AD, CE4DE15872C0E9694793FC73710A4C6A163A335C2BD44FF2EFC3B553A465B40E ] RZSURROUNDVADService C:\Windows\system32\drivers\RzSurroundVAD.sys
19:07:56.0583 0x23b8  RZSURROUNDVADService - ok
19:07:56.0622 0x23b8  [ E7E36EA112048AC5AC8AA15B6EC35109, 75AC0FF6E939FFCA1DB3E12E1CA2725AF9527867A25B3938AC5DF20620352F22 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
19:07:56.0632 0x23b8  rzudd - ok
19:07:56.0643 0x23b8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
19:07:56.0658 0x23b8  SamSs - ok
19:07:56.0670 0x23b8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:07:56.0677 0x23b8  sbp2port - ok
19:07:56.0696 0x23b8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:07:56.0730 0x23b8  SCardSvr - ok
19:07:56.0743 0x23b8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:07:56.0767 0x23b8  scfilter - ok
19:07:56.0824 0x23b8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:07:56.0895 0x23b8  Schedule - ok
19:07:56.0914 0x23b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:07:56.0939 0x23b8  SCPolicySvc - ok
19:07:56.0984 0x23b8  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
19:07:56.0990 0x23b8  ScreamBAudioSvc - ok
19:07:57.0004 0x23b8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:07:57.0053 0x23b8  SDRSVC - ok
19:07:57.0060 0x23b8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:07:57.0079 0x23b8  secdrv - ok
19:07:57.0107 0x23b8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:07:57.0154 0x23b8  seclogon - ok
19:07:57.0172 0x23b8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:07:57.0202 0x23b8  SENS - ok
19:07:57.0205 0x23b8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:07:57.0244 0x23b8  SensrSvc - ok
19:07:57.0259 0x23b8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:07:57.0286 0x23b8  Serenum - ok
19:07:57.0305 0x23b8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:07:57.0318 0x23b8  Serial - ok
19:07:57.0332 0x23b8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:07:57.0339 0x23b8  sermouse - ok
19:07:57.0362 0x23b8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:07:57.0404 0x23b8  SessionEnv - ok
19:07:57.0423 0x23b8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:07:57.0452 0x23b8  sffdisk - ok
19:07:57.0472 0x23b8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:07:57.0484 0x23b8  sffp_mmc - ok
19:07:57.0487 0x23b8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:07:57.0496 0x23b8  sffp_sd - ok
19:07:57.0500 0x23b8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:07:57.0509 0x23b8  sfloppy - ok
19:07:57.0567 0x23b8  [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService      C:\Program Files (x86)\AlienRespawn\sftservice.EXE
19:07:57.0622 0x23b8  SftService - ok
19:07:57.0661 0x23b8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:07:57.0707 0x23b8  SharedAccess - ok
19:07:57.0749 0x23b8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:07:57.0834 0x23b8  ShellHWDetection - ok
19:07:57.0851 0x23b8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:07:57.0860 0x23b8  SiSRaid2 - ok
19:07:57.0865 0x23b8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:07:57.0872 0x23b8  SiSRaid4 - ok
19:07:57.0920 0x23b8  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:07:57.0936 0x23b8  SkypeUpdate - ok
19:07:57.0944 0x23b8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:07:57.0993 0x23b8  Smb - ok
19:07:58.0016 0x23b8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:07:58.0030 0x23b8  SNMPTRAP - ok
19:07:58.0036 0x23b8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:07:58.0044 0x23b8  spldr - ok
19:07:58.0069 0x23b8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:07:58.0096 0x23b8  Spooler - ok
19:07:58.0177 0x23b8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:07:58.0306 0x23b8  sppsvc - ok
19:07:58.0334 0x23b8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:07:58.0365 0x23b8  sppuinotify - ok
19:07:58.0477 0x23b8  [ 24472B9863BB99B61A2C4C1DF3F5D121, 09C714F465EB7642D5484041B252998532B7EF556111AC11E0FBFF1259C4465A ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:07:58.0495 0x23b8  SQLAgent$SQLEXPRESS - ok
19:07:58.0584 0x23b8  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:07:58.0608 0x23b8  SQLBrowser - ok
19:07:58.0697 0x23b8  [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:07:58.0705 0x23b8  SQLWriter - ok
19:07:58.0728 0x23b8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:07:58.0755 0x23b8  srv - ok
19:07:58.0779 0x23b8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:07:58.0795 0x23b8  srv2 - ok
19:07:58.0811 0x23b8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:07:58.0822 0x23b8  srvnet - ok
19:07:58.0831 0x23b8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:07:58.0872 0x23b8  SSDPSRV - ok
19:07:58.0876 0x23b8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:07:58.0915 0x23b8  SstpSvc - ok
19:07:58.0997 0x23b8  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:07:59.0033 0x23b8  Steam Client Service - ok
19:07:59.0140 0x23b8  [ C34DC8BE844A286BA824A6D3322A7328, 5E47D1E85D249EEF189BA14899B936FCAC9DEB175E6F277997CE0C25ECD96A6F ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:07:59.0157 0x23b8  Stereo Service - ok
19:07:59.0172 0x23b8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:07:59.0181 0x23b8  stexstor - ok
19:07:59.0217 0x23b8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:07:59.0268 0x23b8  stisvc - ok
19:07:59.0363 0x23b8  [ B75D72683E471D128203A5A73A6F3772, C7E056406CADB0AE87DB87A4C4BADDDDD0D1E1BF41EACD44AD92BC3D541C7D50 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
19:07:59.0369 0x23b8  SupportAssistAgent - ok
19:07:59.0413 0x23b8  [ 9CFEFD62D86DABFAC12D1C5ED72BA6A4, 1FFE4371450F53FD774CA0349CC28F559695761C18759CEB04933FDF2FD98F65 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
19:07:59.0419 0x23b8  SWDUMon - ok
19:07:59.0427 0x23b8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:07:59.0433 0x23b8  swenum - ok
19:07:59.0532 0x23b8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:07:59.0583 0x23b8  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
19:08:02.0224 0x23b8  Detect skipped due to KSN trusted
19:08:02.0224 0x23b8  SwitchBoard - ok
19:08:02.0244 0x23b8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:08:02.0285 0x23b8  swprv - ok
19:08:02.0363 0x23b8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
19:08:02.0464 0x23b8  SysMain - ok
19:08:02.0478 0x23b8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:08:02.0509 0x23b8  TabletInputService - ok
19:08:02.0546 0x23b8  [ DE7179BCF4F557C5CB9C07F90CB3337C, 8ED327C2BFE99AAD2803E1D3A77751890F8D71D830EB5CBBC6A69554C6F2FBAB ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
19:08:02.0555 0x23b8  taphss6 - ok
19:08:02.0567 0x23b8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:08:02.0599 0x23b8  TapiSrv - ok
19:08:02.0611 0x23b8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:08:02.0635 0x23b8  TBS - ok
19:08:02.0707 0x23b8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:08:02.0764 0x23b8  Tcpip - ok
19:08:02.0814 0x23b8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:08:02.0857 0x23b8  TCPIP6 - ok
19:08:02.0872 0x23b8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:08:02.0895 0x23b8  tcpipreg - ok
19:08:02.0909 0x23b8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:08:02.0955 0x23b8  TDPIPE - ok
19:08:02.0961 0x23b8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:08:02.0968 0x23b8  TDTCP - ok
19:08:03.0007 0x23b8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:08:03.0033 0x23b8  tdx - ok
19:08:03.0205 0x23b8  [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
19:08:03.0427 0x23b8  TeamViewer - ok
19:08:03.0448 0x23b8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:08:03.0455 0x23b8  TermDD - ok
19:08:03.0508 0x23b8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:08:03.0581 0x23b8  TermService - ok
19:08:03.0587 0x23b8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:08:03.0600 0x23b8  Themes - ok
19:08:03.0613 0x23b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:08:03.0637 0x23b8  THREADORDER - ok
19:08:03.0650 0x23b8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:08:03.0693 0x23b8  TrkWks - ok
19:08:03.0727 0x23b8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:08:03.0763 0x23b8  TrustedInstaller - ok
19:08:03.0801 0x23b8  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:08:03.0851 0x23b8  tssecsrv - ok
19:08:03.0892 0x23b8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:08:03.0957 0x23b8  TsUsbFlt - ok
19:08:03.0974 0x23b8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:08:03.0992 0x23b8  TsUsbGD - ok
19:08:04.0005 0x23b8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:08:04.0048 0x23b8  tunnel - ok
19:08:04.0063 0x23b8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:08:04.0070 0x23b8  uagp35 - ok
19:08:04.0088 0x23b8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:08:04.0131 0x23b8  udfs - ok
19:08:04.0145 0x23b8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:08:04.0179 0x23b8  UI0Detect - ok
19:08:04.0199 0x23b8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:08:04.0206 0x23b8  uliagpkx - ok
19:08:04.0217 0x23b8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:08:04.0242 0x23b8  umbus - ok
19:08:04.0259 0x23b8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:08:04.0272 0x23b8  UmPass - ok
19:08:04.0380 0x23b8  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:08:04.0395 0x23b8  UMVPFSrv - ok
19:08:04.0451 0x23b8  [ F8626F1D56FA417C3B4AB6114D8471D5, C8AC74A6B0395A2C317F4600630B47D433CF483F7E516EF7356084DA1E8C3275 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:08:04.0464 0x23b8  UNS - ok
19:08:04.0485 0x23b8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:08:04.0526 0x23b8  upnphost - ok
19:08:04.0560 0x23b8  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:08:04.0616 0x23b8  USBAAPL64 - ok
19:08:04.0641 0x23b8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:08:04.0688 0x23b8  usbaudio - ok
19:08:04.0704 0x23b8  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:08:04.0783 0x23b8  usbccgp - ok
19:08:04.0817 0x23b8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:08:04.0869 0x23b8  usbcir - ok
19:08:04.0884 0x23b8  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:08:04.0933 0x23b8  usbehci - ok
19:08:04.0961 0x23b8  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:08:04.0976 0x23b8  usbhub - ok
19:08:04.0997 0x23b8  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:08:05.0005 0x23b8  usbohci - ok
19:08:05.0011 0x23b8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:08:05.0020 0x23b8  usbprint - ok
19:08:05.0040 0x23b8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:08:05.0073 0x23b8  USBSTOR - ok
19:08:05.0092 0x23b8  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:08:05.0127 0x23b8  usbuhci - ok
19:08:05.0166 0x23b8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:08:05.0199 0x23b8  usbvideo - ok
19:08:05.0225 0x23b8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:08:05.0250 0x23b8  UxSms - ok
19:08:05.0257 0x23b8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
19:08:05.0267 0x23b8  VaultSvc - ok
19:08:05.0307 0x23b8  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
19:08:05.0327 0x23b8  VClone - ok
19:08:05.0343 0x23b8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:08:05.0350 0x23b8  vdrvroot - ok
19:08:05.0374 0x23b8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:08:05.0439 0x23b8  vds - ok
19:08:05.0457 0x23b8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:08:05.0469 0x23b8  vga - ok
19:08:05.0481 0x23b8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:08:05.0504 0x23b8  VgaSave - ok
19:08:05.0519 0x23b8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:08:05.0533 0x23b8  vhdmp - ok
19:08:05.0574 0x23b8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:08:05.0581 0x23b8  viaide - ok
19:08:05.0588 0x23b8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:08:05.0602 0x23b8  volmgr - ok
19:08:05.0617 0x23b8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:08:05.0632 0x23b8  volmgrx - ok
19:08:05.0646 0x23b8  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:08:05.0659 0x23b8  volsnap - ok
19:08:05.0677 0x23b8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:08:05.0686 0x23b8  vsmraid - ok
19:08:05.0725 0x23b8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:08:05.0800 0x23b8  VSS - ok
19:08:06.0036 0x23b8  vToolbarUpdater40.2.4 - ok
19:08:06.0059 0x23b8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:08:06.0071 0x23b8  vwifibus - ok
19:08:06.0080 0x23b8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:08:06.0113 0x23b8  vwififlt - ok
19:08:06.0132 0x23b8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:08:06.0166 0x23b8  vwifimp - ok
19:08:06.0196 0x23b8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:08:06.0227 0x23b8  W32Time - ok
19:08:06.0246 0x23b8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:08:06.0277 0x23b8  WacomPen - ok
19:08:06.0301 0x23b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:08:06.0331 0x23b8  WANARP - ok
19:08:06.0334 0x23b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:08:06.0363 0x23b8  Wanarpv6 - ok
19:08:06.0415 0x23b8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:08:06.0470 0x23b8  WatAdminSvc - ok
19:08:06.0512 0x23b8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:08:06.0610 0x23b8  wbengine - ok
19:08:06.0637 0x23b8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:08:06.0666 0x23b8  WbioSrvc - ok
19:08:06.0680 0x23b8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:08:06.0702 0x23b8  wcncsvc - ok
19:08:06.0705 0x23b8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:08:06.0764 0x23b8  WcsPlugInService - ok
19:08:06.0777 0x23b8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:08:06.0784 0x23b8  Wd - ok
19:08:06.0838 0x23b8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:08:06.0875 0x23b8  Wdf01000 - ok
19:08:06.0931 0x23b8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:08:06.0973 0x23b8  WdiServiceHost - ok
19:08:06.0977 0x23b8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:08:06.0986 0x23b8  WdiSystemHost - ok
19:08:07.0027 0x23b8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
19:08:07.0077 0x23b8  WebClient - ok
19:08:07.0103 0x23b8  [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:08:07.0151 0x23b8  Wecsvc - ok
19:08:07.0164 0x23b8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:08:07.0203 0x23b8  wercplsupport - ok
19:08:07.0207 0x23b8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:08:07.0255 0x23b8  WerSvc - ok
19:08:07.0288 0x23b8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:08:07.0333 0x23b8  WfpLwf - ok
19:08:07.0357 0x23b8  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
19:08:07.0367 0x23b8  WimFltr - ok
19:08:07.0382 0x23b8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:08:07.0390 0x23b8  WIMMount - ok
19:08:07.0407 0x23b8  WinDefend - ok
19:08:07.0411 0x23b8  WinHttpAutoProxySvc - ok
19:08:07.0442 0x23b8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:08:07.0470 0x23b8  Winmgmt - ok
19:08:07.0486 0x23b8  WinRing0_1_2_0 - ok
19:08:07.0560 0x23b8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:08:07.0666 0x23b8  WinRM - ok
19:08:07.0735 0x23b8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
19:08:07.0746 0x23b8  WinUsb - ok
19:08:07.0784 0x23b8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:08:07.0840 0x23b8  Wlansvc - ok
19:08:07.0952 0x23b8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:08:08.0020 0x23b8  wlidsvc - ok
19:08:08.0038 0x23b8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:08:08.0066 0x23b8  WmiAcpi - ok
19:08:08.0096 0x23b8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:08:08.0110 0x23b8  wmiApSrv - ok
19:08:08.0125 0x23b8  WMPNetworkSvc - ok
19:08:08.0129 0x23b8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:08:08.0155 0x23b8  WPCSvc - ok
19:08:08.0166 0x23b8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:08:08.0194 0x23b8  WPDBusEnum - ok
19:08:08.0213 0x23b8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:08:08.0244 0x23b8  ws2ifsl - ok
19:08:08.0254 0x23b8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:08:08.0270 0x23b8  wscsvc - ok
19:08:08.0295 0x23b8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:08:08.0307 0x23b8  WSDPrintDevice - ok
19:08:08.0338 0x23b8  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:08:08.0399 0x23b8  WSDScan - ok
19:08:08.0405 0x23b8  WSearch - ok
19:08:08.0582 0x23b8  [ 3432C83C55A19B713459140BE7BAF0DC, C65531ADD42394A952EB5AE2BC182F00234B5CD10306E7420F1617A8B6792725 ] WtuSystemSupport C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
19:08:08.0582 0x23b8  Suspicious file ( NoAccess ): C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe. md5: 3432C83C55A19B713459140BE7BAF0DC, sha256: C65531ADD42394A952EB5AE2BC182F00234B5CD10306E7420F1617A8B6792725
19:08:08.0602 0x23b8  WtuSystemSupport - detected LockedFile.Multi.Generic ( 1 )
19:08:11.0309 0x23b8  Detect skipped due to KSN trusted
19:08:11.0309 0x23b8  WtuSystemSupport - ok
19:08:11.0397 0x23b8  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:08:11.0512 0x23b8  wuauserv - ok
19:08:11.0526 0x23b8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:08:11.0579 0x23b8  WudfPf - ok
19:08:11.0599 0x23b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
19:08:11.0610 0x23b8  WUDFRd - ok
19:08:11.0630 0x23b8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:08:11.0641 0x23b8  wudfsvc - ok
19:08:11.0687 0x23b8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:08:11.0735 0x23b8  WwanSvc - ok
19:08:11.0786 0x23b8  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:08:11.0855 0x23b8  xusb21 - ok
19:08:11.0869 0x23b8  [ 47EB29D06DC0B3C1D19B0B19BBBAD81F, 99DE753BD0B8F4F8F9384F41A2F6B67433A3662BA48F8F127CD8F655EA681DA9 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
19:08:11.0874 0x23b8  ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
19:08:13.0177 0x1c90  Object required for P2P: [ 509E29820AB17040DF88A42C55E0756D ] nvsvc
19:08:14.0520 0x23b8  Detect skipped due to KSN trusted
19:08:14.0520 0x23b8  ZAtheros Wlan Agent - ok
19:08:14.0551 0x23b8  ================ Scan global ===============================
19:08:14.0602 0x23b8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:08:14.0645 0x23b8  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:08:14.0660 0x23b8  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:08:14.0685 0x23b8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:08:14.0726 0x23b8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:08:14.0736 0x23b8  [ Global ] - ok
19:08:14.0736 0x23b8  ================ Scan MBR ==================================
19:08:14.0760 0x23b8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:08:14.0846 0x23b8  \Device\Harddisk0\DR0 - ok
19:08:14.0847 0x23b8  ================ Scan VBR ==================================
19:08:14.0848 0x23b8  [ FA09AA9DECD18600F8EBD6D85EFEC413 ] \Device\Harddisk0\DR0\Partition1
19:08:14.0883 0x23b8  \Device\Harddisk0\DR0\Partition1 - ok
19:08:14.0892 0x23b8  [ 66E0E8410AE0DDC70D765F75C7C1061B ] \Device\Harddisk0\DR0\Partition2
19:08:14.0948 0x23b8  \Device\Harddisk0\DR0\Partition2 - ok
19:08:14.0959 0x23b8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
19:08:14.0959 0x23b8  \Device\Harddisk0\DR0\Partition3 - ok
19:08:14.0974 0x23b8  [ C3AC2F3E5B778B1861140BCA43363E3C ] \Device\Harddisk0\DR0\Partition4
19:08:15.0041 0x23b8  \Device\Harddisk0\DR0\Partition4 - ok
19:08:15.0048 0x23b8  [ 372D1400401C127F2CCFEEF83774F2BE ] \Device\Harddisk0\DR0\Partition5
19:08:15.0100 0x23b8  \Device\Harddisk0\DR0\Partition5 - ok
19:08:15.0103 0x23b8  ================ Scan generic autorun ======================
19:08:15.0168 0x23b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:08:15.0240 0x23b8  Sidebar - ok
19:08:15.0260 0x23b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:08:15.0276 0x23b8  mctadmin - ok
19:08:15.0302 0x23b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:08:15.0329 0x23b8  Sidebar - ok
19:08:15.0335 0x23b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:08:15.0349 0x23b8  mctadmin - ok
19:08:15.0416 0x23b8  [ A4608BBD537F9A08108D0380B03AB5CE, FFB62B306769C0AE4083BEFECD05908D9DCDF6A9996A65BBBC4D4F234BC92B6F ] C:\Users\Josh\AppData\Roaming\windows\svchost.exe
19:08:15.0442 0x23b8  windows - detected UnsignedFile.Multi.Generic ( 1 )
19:08:15.0932 0x1c90  Object send P2P result: true
19:08:18.0080 0x23b8  windows ( UnsignedFile.Multi.Generic ) - warning
19:08:20.0775 0x23b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:08:20.0803 0x23b8  Sidebar - ok
19:08:20.0805 0x23b8  DAEMON Tools Ultra Agent - ok
19:08:21.0088 0x23b8  [ 10E89F598469C60D8C87A8218089A87D, BE40B0DAB9F19E325086605A795469FC8A501FA66E05AD4D990E3C1A0326BAEF ] C:\Users\Josh\AppData\Local\Akamai\netsession_win.exe
19:08:21.0201 0x23b8  Akamai NetSession Interface - ok
19:08:21.0207 0x23b8  DAEMON Tools Lite - ok
19:08:21.0344 0x23b8  [ 0DEEC48955C21BE596C5D9907A0707E7, 5F6E321B00DE7A56048B7E9389D314B59AB11DF47691F5C9734B084213E8BC20 ] C:\Program Files (x86)\Gyazo\GyStation.exe
19:08:21.0432 0x23b8  Gyazo - ok
19:08:21.0450 0x23b8  Skype - ok
19:08:21.0455 0x23b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:08:21.0473 0x23b8  mctadmin - ok
19:08:21.0474 0x23b8  Waiting for KSN requests completion. In queue: 2
19:08:22.0474 0x23b8  Waiting for KSN requests completion. In queue: 2
19:08:23.0474 0x23b8  Waiting for KSN requests completion. In queue: 2
19:08:24.0588 0x23b8  Win FW state via NFP2: enabled ( trusted )
19:08:27.0273 0x23b8  ============================================================
19:08:27.0273 0x23b8  Scan finished
19:08:27.0273 0x23b8  ============================================================
19:08:27.0279 0x1f0c  Detected object count: 4
19:08:27.0279 0x1f0c  Actual detected object count: 4
19:09:18.0404 0x1f0c  KinoniSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:18.0404 0x1f0c  KinoniSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:09:18.0404 0x1f0c  kinonivd ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:18.0404 0x1f0c  kinonivd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:09:18.0405 0x1f0c  KINONI_Wave ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:18.0405 0x1f0c  KINONI_Wave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:09:18.0406 0x1f0c  windows ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:18.0406 0x1f0c  windows ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 26 December 2015 - 02:13 PM

Step 1

Please download rkill.png Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If the tool does not run from any of the links provided, please let me know.
    • When finished, RKill will produce a log. Please copy and paste the log in your next reply
  • Do not reboot the computer, you will need to run the application again.
Step 2

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 26 December 2015 - 02:28 PM

RKill Log: 

Rkill 2.8.3 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/26/2015 07:20:49 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\ProgramData\416691\sysmon.exe (PID: 10752) [AU-HEUR]
 * C:\ProgramData\416791\416694\svchost.exe (PID: 11344) [SFI]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Backup Registry file created at:
 C:\Users\Josh\Desktop\rkill\rkill-12-26-2015-07-20-53.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Modified HKCU\...\Winlogon: [Shell] => explorer.exe,"C:\Users\Josh\AppData\Roaming\clientmon.exe"
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  192.168.1.13 prod.cloud.rockstargames.com
 
Program finished at: 12/26/2015 07:22:47 PM
Execution time: 0 hours(s), 1 minute(s), and 58 seconds(s)
 
 
--------------------------------------------------------------------------------------------------------------------
 
I've downloaded Combo fix to my desktop and it wont open, instead says https://gyazo.com/66bed5f820afd6b429a932aa401347ab


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 26 December 2015 - 02:32 PM

Please rename ComboFix.exe to CF.exe and try it again.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 26 December 2015 - 02:37 PM

Redownloaded it, changed the file name to CF.exe, started it up and agreed the clicked run and got an error

 

https://gyazo.com/017c7d93fc95f55c3008e8fe1cdf7f84



#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:42 PM

Posted 26 December 2015 - 02:40 PM

Please go ahead and run CF.exe nevertheless...
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 JoshmanPlays

JoshmanPlays
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 26 December 2015 - 02:48 PM

Okay it's began to scan now, came up with a blue dos screen




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users