Jump to content
jssmallridge

Dcom Process Failure/windows Update Error 80070216

Recommended Posts

I have been having several DCOM process failures that require Windows to reboot. I also cannot install any windows updates. I always receive a error message with the code 80070216.

 

Help would be highly appreciated!

Share this post


Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt




Please attach this file to your next reply.

Share this post


Link to post
Share on other sites
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014

Ran by Jacob (administrator) on JACOB-PC on 23-04-2014 12:46:38

Running from C:\Users\Jacob\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(1206 Lab) C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe

(FileZilla Project) C:\xampp\filezillaftp\filezillaserver.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

() C:\Program Files (x86)\puush\puush.exe

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(Thong Nguyen) C:\Program Files (x86)\PowerMenu\PowerMenu.exe

(Lenovo) C:\Windows\jmesoft\hotkey.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(SumRando) C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

() C:\Program Files\Lenovo\LVT\LVT.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(BitTorrent Inc.) C:\Users\Jacob\AppData\Roaming\uTorrent\uTorrent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)

HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)

HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)

HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe [1260128 2011-12-16] (Lenovo)

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Run: [sandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [694032 2012-06-17] (SANDBOXIE L.T.D)

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Run: [uTorrent] => C:\Users\Jacob\AppData\Roaming\uTorrent\uTorrent.exe [1266520 2014-04-22] (BitTorrent Inc.)

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-22] (Google Inc.)

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe [814984 2013-08-20] (Adobe Systems Incorporated)

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-2590400047-110076-1385065545-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk

ShortcutTarget: PowerMenu.lnk -> C:\Program Files (x86)\PowerMenu\PowerMenu.exe (Thong Nguyen)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

BHO-x32: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)

BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: ToolbarBHO Class - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll (ArcSoft Inc.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)

BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

Toolbar: HKLM-x32 - RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll (ArcSoft Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Winsock: Catalog9 01 C:\windows\SysWOW64\sslsp105.dll [74352] (SumRando)

Winsock: Catalog9 02 C:\windows\SysWOW64\sslsp105.dll [74352] (SumRando)

Winsock: Catalog9 13 C:\windows\SysWOW64\sslsp105.dll [74352] (SumRando)

Winsock: Catalog9-x64 01 C:\windows\system32\sslsp105.dll [75888] (SumRando)

Winsock: Catalog9-x64 02 C:\windows\system32\sslsp105.dll [75888] (SumRando)

Winsock: Catalog9-x64 13 C:\windows\system32\sslsp105.dll [75888] (SumRando)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\y8olt2pj.default

FF DefaultSearchEngine: AVG Secure Search

FF SelectedSearchEngine: AVG Secure Search

FF Homepage: google.com

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)

FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-394f11f19cd64b1a\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jacob\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Jacob\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml

FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2012-07-27]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2013-04-27]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]

FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-08-24]

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-08-24]

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.6.1.2

FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.6.1.2 [2013-08-27]

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-10]

FF HKLM-x32\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox

FF Extension: ArcSoft Video Downloader Extension - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox [2013-11-24]

FF HKLM-x32\...\Firefox\Extensions: [RAWThumbnailViewer@arcsoft.com.cn] - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\FireFox Extension

FF Extension: RAW Thumbnail Viewer - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\FireFox Extension [2013-11-24]

FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe

 

Chrome: 

=======



CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\Jacob\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)

CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Extension: (AdBlock) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-22]

CHR Extension: (Into The Mist) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-03-26]

CHR Extension: (Google Wallet) - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]

CHR HKCU\...\Chrome\Extension: [ngmmcbedgcbfghamlghhpbpifnbhhpik] - C:\Users\Jacob\AppData\Local\CRE\ngmmcbedgcbfghamlghhpbpifnbhhpik.crx [2014-02-22]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-02-22]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\15.6.1.2\avg.crx [2013-08-27]

CHR HKLM-x32\...\Chrome\Extension: [ngmmcbedgcbfghamlghhpbpifnbhhpik] - C:\Users\Jacob\AppData\Local\CRE\ngmmcbedgcbfghamlghhpbpifnbhhpik.crx [2013-08-27]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Jacob\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2014-02-22]

 

==================== Services (Whitelisted) =================

 

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2013-11-21] (Apache Software Foundation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)

R2 FastbootService; C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe [199264 2011-12-16] (1206 Lab)

R2 FileZilla Server; C:\xampp\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project)

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)

S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-15] (Intel Corporation)

S4 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()

S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)

S4 mysql; C:\xampp\mysql\bin\mysqld.exe [10956800 2013-09-10] ()

S4 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064 2010-08-12] ()

S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()

S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D)

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

R3 SumRandoVPNService; C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe [108144 2013-11-07] (SumRando)

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)

S4 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-16] (AVG Secure Search)

S4 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [24576 2013-06-23] (Apache Software Foundation)

S4 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [12867584 2013-06-23] ()

 

==================== Drivers (Whitelisted) ====================

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-25] (ArcSoft, Inc.)

R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [45856 2013-08-16] (AVG Technologies)

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()

R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [69216 2011-12-16] (Windows ® Win 7 DDK provider)

R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-07-24] (AnchorFree Inc.)

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)

R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D)

R3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)

R3 tun3326; C:\Windows\System32\DRIVERS\tun3326.sys [32368 2013-03-22] (The OpenVPN Project)

S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-04-23 12:46 - 2014-04-23 12:46 - 02061312 _____ (Farbar) C:\Users\Jacob\Downloads\FRST64.exe

2014-04-23 12:46 - 2014-04-23 12:46 - 00036643 _____ () C:\Users\Jacob\Downloads\FRST.txt

2014-04-23 12:46 - 2014-04-23 12:46 - 00000000 ____D () C:\FRST

2014-04-23 00:26 - 2014-04-23 08:45 - 00000000 ____D () C:\Program Files (x86)\Aurora

2014-04-23 00:07 - 2014-04-23 00:08 - 06580602 _____ () C:\Users\Jacob\Downloads\Windows6.1-KB2731771-x64.msu

2014-04-23 00:07 - 2014-04-23 00:07 - 01663018 _____ () C:\Users\Jacob\Downloads\Windows6.1-KB2729094-v2-x64.msu

2014-04-22 23:56 - 2014-04-22 23:56 - 00000134 _____ () C:\Users\Jacob\Desktop\Internet Explorer Troubleshooting.url

2014-04-22 23:55 - 2014-04-22 23:56 - 00005561 _____ () C:\windows\IE11_main.log

2014-04-22 23:54 - 2014-04-22 23:55 - 55915216 _____ (Microsoft Corporation) C:\Users\Jacob\Downloads\IE11-Windows6.1-x64-en-us.exe

2014-04-19 13:14 - 2014-04-19 13:14 - 00000037 _____ () C:\Users\Jacob\Desktop\sdffff.txt

2014-04-18 22:05 - 2014-04-18 22:05 - 00006755 _____ () C:\Users\Jacob\Downloads\yckart-jquery.base64.js-0.0.2-0-g3b41286.zip

2014-04-18 22:05 - 2013-02-19 07:20 - 00000000 ____D () C:\Users\Jacob\Desktop\yckart-jquery.base64.js-3b41286

2014-04-18 19:07 - 2014-04-18 19:07 - 00025017 _____ () C:\Users\Jacob\Desktop\Navy Federal Credit Union.htm

2014-04-18 19:07 - 2014-04-18 19:07 - 00000000 ____D () C:\Users\Jacob\Desktop\Navy Federal Credit Union_files

2014-04-15 15:12 - 2014-04-15 15:12 - 00029462 _____ () C:\Users\Jacob\Downloads\jquerychat.zip

2014-04-15 14:28 - 2014-04-15 14:28 - 00002173 _____ () C:\Users\Jacob\Downloads\download.xls

2014-04-08 22:45 - 2014-04-08 22:45 - 00000000 ____D () C:\Users\Jacob\Desktop\citizensurvey

2014-04-07 15:02 - 2014-04-07 15:07 - 154920870 _____ () C:\Users\Jacob\Downloads\WinNoOculus (1).zip

2014-04-06 23:51 - 2014-04-06 23:51 - 00007084 _____ () C:\Users\Jacob\Downloads\mctabs-jquery.zip

2014-04-06 23:51 - 2014-02-24 22:23 - 00014181 _____ () C:\Users\Jacob\Desktop\jquery-tabs.js

2014-04-06 17:15 - 2014-04-06 17:15 - 00135480 _____ () C:\Users\Jacob\Desktop\school.zip

2014-04-06 16:19 - 2014-04-06 16:19 - 00048930 _____ () C:\Users\Jacob\Desktop\it 218 final project.zip

2014-04-06 15:36 - 2014-04-06 16:19 - 00000000 ____D () C:\Users\Jacob\Desktop\it 218 final project

2014-04-05 23:08 - 2014-04-05 23:08 - 05869727 _____ () C:\Users\Jacob\Downloads\wordpress-3.8.1.tar.gz

2014-04-05 00:21 - 2014-04-05 00:21 - 00022900 _____ () C:\ComboFix.txt

2014-04-05 00:16 - 2014-04-23 12:31 - 00003920 _____ () C:\windows\setupact.log

2014-04-05 00:16 - 2014-04-05 00:17 - 05055776 _____ () C:\windows\system32\FNTCACHE.DAT

2014-04-05 00:16 - 2014-04-05 00:16 - 00000708 _____ () C:\windows\PFRO.log

2014-04-05 00:16 - 2014-04-05 00:16 - 00000000 _____ () C:\windows\setuperr.log

2014-04-05 00:05 - 2014-04-05 00:05 - 00114312 _____ () C:\Users\Jacob\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-05 00:03 - 2014-04-05 00:03 - 00015378 _____ () C:\Users\Jacob\Desktop\JRT.txt

2014-04-04 23:58 - 2014-04-04 23:58 - 01038974 _____ (Thisisu) C:\Users\Jacob\Downloads\JRT.exe

2014-04-04 23:58 - 2014-04-04 23:58 - 00000000 ____D () C:\windows\ERUNT

2014-04-04 23:56 - 2014-04-04 23:57 - 05193944 ____R (Swearware) C:\Users\Jacob\Downloads\ComboFix.exe

2014-04-04 23:53 - 2014-04-04 23:53 - 43938481 _____ () C:\Users\Jacob\Desktop\backup.zip

2014-04-04 23:44 - 2014-04-04 23:53 - 00000000 ____D () C:\Users\Jacob\Desktop\backup

2014-04-04 03:32 - 2014-04-04 03:32 - 00889416 _____ (Microsoft Corporation) C:\Users\Jacob\Downloads\dotNetFx40_Full_setup.exe

2014-04-04 03:32 - 2014-04-04 03:32 - 00051387 _____ () C:\Users\Jacob\Downloads\NETFx4RTM.htm

2014-04-02 00:36 - 2014-04-02 00:37 - 40259584 _____ () C:\Users\Jacob\Downloads\brackets-sprint-37-WIN.msi

2014-04-02 00:34 - 2014-04-02 00:42 - 00000429 _____ () C:\Users\Jacob\Desktop\index.html

2014-04-02 00:20 - 2014-04-02 00:20 - 00297387 _____ () C:\Users\Jacob\Downloads\jsoup-1.7.3.jar

2014-03-28 15:12 - 2014-03-28 15:12 - 00036134 _____ () C:\Users\Jacob\Downloads\500880ch09.zip

2014-03-26 19:54 - 2014-03-26 19:54 - 00000000 ____D () C:\Users\janna\AppData\Local\CrashDumps

2014-03-26 19:53 - 2014-03-26 19:53 - 00000000 ____D () C:\Users\janna\AppData\Roaming\Google

2014-03-26 19:53 - 2014-03-26 19:53 - 00000000 ____D () C:\Users\janna\AppData\Roaming\ArcSoft

2014-03-26 14:19 - 2014-03-26 14:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-26 14:18 - 2014-03-26 14:18 - 00000000 ____D () C:\Users\janna\AppData\Local\Apple Computer

 

==================== One Month Modified Files and Folders =======

 

2014-04-23 12:46 - 2014-04-23 12:46 - 02061312 _____ (Farbar) C:\Users\Jacob\Downloads\FRST64.exe

2014-04-23 12:46 - 2014-04-23 12:46 - 00036643 _____ () C:\Users\Jacob\Downloads\FRST.txt

2014-04-23 12:46 - 2014-04-23 12:46 - 00000000 ____D () C:\FRST

2014-04-23 12:46 - 2012-08-19 22:54 - 00000000 ____D () C:\Users\Jacob\AppData\Roaming\uTorrent

2014-04-23 12:41 - 2012-05-22 09:20 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-23 12:36 - 2013-09-05 05:25 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2590400047-110076-1385065545-1001UA.job

2014-04-23 12:35 - 2012-07-21 15:23 - 00001768 _____ () C:\windows\Sandboxie.ini

2014-04-23 12:35 - 2012-07-18 15:50 - 00000000 ____D () C:\Users\Jacob\AppData\Roaming\Skype

2014-04-23 12:32 - 2009-07-14 00:13 - 00875788 _____ () C:\windows\system32\PerfStringBackup.INI

2014-04-23 12:31 - 2014-04-05 00:16 - 00003920 _____ () C:\windows\setupact.log

2014-04-23 12:30 - 2012-07-18 15:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-04-23 11:41 - 2012-05-22 09:20 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-23 10:08 - 2012-05-22 08:24 - 01127115 _____ () C:\windows\WindowsUpdate.log

2014-04-23 08:45 - 2014-04-23 00:26 - 00000000 ____D () C:\Program Files (x86)\Aurora

2014-04-23 01:11 - 2012-07-21 02:37 - 00000000 ____D () C:\Users\Jacob\AppData\Roaming\FileZilla

2014-04-23 00:08 - 2014-04-23 00:07 - 06580602 _____ () C:\Users\Jacob\Downloads\Windows6.1-KB2731771-x64.msu

2014-04-23 00:07 - 2014-04-23 00:07 - 01663018 _____ () C:\Users\Jacob\Downloads\Windows6.1-KB2729094-v2-x64.msu

2014-04-22 23:56 - 2014-04-22 23:56 - 00000134 _____ () C:\Users\Jacob\Desktop\Internet Explorer Troubleshooting.url

2014-04-22 23:56 - 2014-04-22 23:55 - 00005561 _____ () C:\windows\IE11_main.log

2014-04-22 23:55 - 2014-04-22 23:54 - 55915216 _____ (Microsoft Corporation) C:\Users\Jacob\Downloads\IE11-Windows6.1-x64-en-us.exe

2014-04-22 23:41 - 2012-07-27 21:39 - 00000000 ____D () C:\Users\Jacob\AppData\Local\Mozilla

2014-04-22 23:41 - 2012-07-18 15:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-04-22 23:10 - 2009-07-13 23:45 - 00020480 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-22 23:10 - 2009-07-13 23:45 - 00020480 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-22 23:05 - 2013-02-25 13:01 - 00003490 _____ () C:\windows\System32\Tasks\AutoKMS

2014-04-22 18:36 - 2013-09-05 05:25 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2590400047-110076-1385065545-1001Core.job

2014-04-22 18:00 - 2013-09-04 21:32 - 00000466 _____ () C:\windows\Tasks\ParetoLogic Registration.job

2014-04-20 01:05 - 2013-09-04 21:32 - 00000440 _____ () C:\windows\Tasks\ParetoLogic Update Version2.job

2014-04-19 23:04 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-04-19 13:14 - 2014-04-19 13:14 - 00000037 _____ () C:\Users\Jacob\Desktop\sdffff.txt

2014-04-19 12:36 - 2012-05-22 09:18 - 629675008 ___SH () C:\lenovo_rapidboot.img

2014-04-18 22:05 - 2014-04-18 22:05 - 00006755 _____ () C:\Users\Jacob\Downloads\yckart-jquery.base64.js-0.0.2-0-g3b41286.zip

2014-04-18 21:42 - 2012-08-03 21:33 - 00000000 ____D () C:\eclipse

2014-04-18 21:42 - 2012-07-18 22:11 - 00000000 ____D () C:\Users\Jacob\AppData\Local\Eclipse

2014-04-18 19:07 - 2014-04-18 19:07 - 00025017 _____ () C:\Users\Jacob\Desktop\Navy Federal Credit Union.htm

2014-04-18 19:07 - 2014-04-18 19:07 - 00000000 ____D () C:\Users\Jacob\Desktop\Navy Federal Credit Union_files

2014-04-18 12:28 - 2012-12-14 19:52 - 00000000 ____D () C:\Users\Jacob\AppData\Local\Apps\2.0

2014-04-17 02:09 - 2012-07-19 19:42 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-04-15 15:12 - 2014-04-15 15:12 - 00029462 _____ () C:\Users\Jacob\Downloads\jquerychat.zip

2014-04-15 14:28 - 2014-04-15 14:28 - 00002173 _____ () C:\Users\Jacob\Downloads\download.xls

2014-04-14 00:40 - 2012-12-15 20:33 - 00000000 ____D () C:\Users\Jacob\AppData\Roaming\vlc

2014-04-08 22:45 - 2014-04-08 22:45 - 00000000 ____D () C:\Users\Jacob\Desktop\citizensurvey

2014-04-07 15:07 - 2014-04-07 15:02 - 154920870 _____ () C:\Users\Jacob\Downloads\WinNoOculus (1).zip

2014-04-07 14:16 - 2012-12-06 18:23 - 00000000 ____D () C:\Users\Jacob\Desktop\school

2014-04-06 23:51 - 2014-04-06 23:51 - 00007084 _____ () C:\Users\Jacob\Downloads\mctabs-jquery.zip

2014-04-06 17:15 - 2014-04-06 17:15 - 00135480 _____ () C:\Users\Jacob\Desktop\school.zip

2014-04-06 16:19 - 2014-04-06 16:19 - 00048930 _____ () C:\Users\Jacob\Desktop\it 218 final project.zip

2014-04-06 16:19 - 2014-04-06 15:36 - 00000000 ____D () C:\Users\Jacob\Desktop\it 218 final project

2014-04-05 23:08 - 2014-04-05 23:08 - 05869727 _____ () C:\Users\Jacob\Downloads\wordpress-3.8.1.tar.gz

2014-04-05 00:40 - 2012-08-13 18:10 - 00000000 ____D () C:\Users\Jacob\Documents\SAE.v1.14.2.x86

2014-04-05 00:34 - 2012-07-18 15:25 - 00000000 ____D () C:\Users\Jacob\AppData\Roaming\Notepad++

2014-04-05 00:21 - 2012-11-06 18:18 - 00000000 ____D () C:\Qoobox

2014-04-05 00:17 - 2014-04-05 00:16 - 05055776 _____ () C:\windows\system32\FNTCACHE.DAT

2014-04-05 00:17 - 2012-11-06 18:18 - 00000000 ____D () C:\windows\erdnt

2014-04-05 00:17 - 2009-07-13 21:34 - 00000215 _____ () C:\windows\system.ini

2014-04-05 00:16 - 2014-04-05 00:16 - 00000708 _____ () C:\windows\PFRO.log

2014-04-05 00:16 - 2014-04-05 00:16 - 00000000 _____ () C:\windows\setuperr.log

2014-04-05 00:05 - 2014-04-05 00:05 - 00114312 _____ () C:\Users\Jacob\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-05 00:03 - 2014-04-05 00:03 - 00015378 _____ () C:\Users\Jacob\Desktop\JRT.txt

2014-04-04 23:58 - 2014-04-04 23:58 - 01038974 _____ (Thisisu) C:\Users\Jacob\Downloads\JRT.exe

2014-04-04 23:58 - 2014-04-04 23:58 - 00000000 ____D () C:\windows\ERUNT

2014-04-04 23:57 - 2014-04-04 23:56 - 05193944 ____R (Swearware) C:\Users\Jacob\Downloads\ComboFix.exe

2014-04-04 23:53 - 2014-04-04 23:53 - 43938481 _____ () C:\Users\Jacob\Desktop\backup.zip

2014-04-04 23:53 - 2014-04-04 23:44 - 00000000 ____D () C:\Users\Jacob\Desktop\backup

2014-04-04 03:32 - 2014-04-04 03:32 - 00889416 _____ (Microsoft Corporation) C:\Users\Jacob\Downloads\dotNetFx40_Full_setup.exe

2014-04-04 03:32 - 2014-04-04 03:32 - 00051387 _____ () C:\Users\Jacob\Downloads\NETFx4RTM.htm

2014-04-02 00:42 - 2014-04-02 00:34 - 00000429 _____ () C:\Users\Jacob\Desktop\index.html

2014-04-02 00:39 - 2014-01-14 17:40 - 00000000 ____D () C:\Program Files (x86)\Brackets

2014-04-02 00:39 - 2013-12-16 19:33 - 00000000 ____D () C:\Users\Jacob\AppData\Roaming\Brackets

2014-04-02 00:37 - 2014-04-02 00:36 - 40259584 _____ () C:\Users\Jacob\Downloads\brackets-sprint-37-WIN.msi

2014-04-02 00:21 - 2012-12-23 04:49 - 00000000 ____D () C:\Users\Jacob\WorkspaceNotScripts

2014-04-02 00:20 - 2014-04-02 00:20 - 00297387 _____ () C:\Users\Jacob\Downloads\jsoup-1.7.3.jar

2014-04-01 19:44 - 2012-07-18 21:41 - 00000000 ____D () C:\Users\Jacob\Documents\Visual Studio 2010

2014-03-30 11:36 - 2012-05-22 09:20 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-30 11:36 - 2012-05-22 09:20 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-29 16:19 - 2012-08-27 18:10 - 00000000 ____D () C:\Users\Jacob\AppData\Local\CrashDumps

2014-03-28 15:12 - 2014-03-28 15:12 - 00036134 _____ () C:\Users\Jacob\Downloads\500880ch09.zip

2014-03-26 19:54 - 2014-03-26 19:54 - 00000000 ____D () C:\Users\janna\AppData\Local\CrashDumps

2014-03-26 19:53 - 2014-03-26 19:53 - 00000000 ____D () C:\Users\janna\AppData\Roaming\Google

2014-03-26 19:53 - 2014-03-26 19:53 - 00000000 ____D () C:\Users\janna\AppData\Roaming\ArcSoft

2014-03-26 19:53 - 2014-03-02 14:29 - 00000000 ____D () C:\Users\janna\AppData\Local\Google

2014-03-26 14:19 - 2014-03-26 14:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-26 14:19 - 2014-03-14 11:57 - 00000000 ____D () C:\Users\janna\AppData\Roaming\Apple Computer

2014-03-26 14:18 - 2014-03-26 14:18 - 00000000 ____D () C:\Users\janna\AppData\Local\Apple Computer

2014-03-24 02:12 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration

 

Files to move or delete:

====================

C:\Users\Jacob\AppData\Roaming\RSBot_Accounts.ini

C:\ProgramData\flashax10.exe

C:\Users\Jacob\jagex_cl_oldschool_LIVE.dat

C:\Users\Jacob\jagex_cl_runescape_LIVE.dat

C:\Users\Jacob\random.dat

 

 

Some content of TEMP:

====================

C:\Users\janna\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll

[2010-11-20 22:24] - [2010-11-20 22:24] - 0512512 ____A (Microsoft Corporation) 022D2022CE6FC325A922F5608D61A5B8

 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-04-20 01:38

 

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014

Ran by Jacob at 2014-04-23 12:47:04

Running from C:\Users\Jacob\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)

Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden

Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)

Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden

Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)

Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.0.314 - Adobe Systems Incorporated)

Adobe Muse (x32 Version: 7.0.314 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)

Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden

Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)

Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden

AkelPad 4.7.7 (HKLM-x32\...\AkelPad) (Version: 4.7.7 - )

Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{F5E0EA53-30F6-4F21-8B8E-1FC16A66B76A}) (Version: 2.0.2.66 - ArcSoft)

ArcSoft MediaImpression 2 (HKLM-x32\...\{30B056AF-F414-4B68-B9B0-6EFDB9FCDF18}) (Version: 2.0.29.444 - ArcSoft)

ArcSoft Panorama Maker 4 (HKLM-x32\...\{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}) (Version: 4.5.0.112 - ArcSoft)

ArcSoft Photo Book Screen Saver (HKLM-x32\...\{E2EE273D-E111-4FFD-ACD4-78E1D35E01D2}) (Version: 2.0.0.13 - ArcSoft)

ArcSoft PhotoStudio Darkroom 2 (HKLM-x32\...\{40DA94AF-34B7-4BA7-A37F-26F899C031FF}) (Version: 2.0.0.174 - ArcSoft)

ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version:  - ArcSoft)

ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version:  - ArcSoft)

ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version:  - ArcSoft)

ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version:  - ArcSoft)

ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version:  - ArcSoft)

ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version:  - ArcSoft)

ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version:  - ArcSoft)

ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version:  - ArcSoft)

ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version:  - ArcSoft)

ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version:  - ArcSoft)

ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version:  - ArcSoft)

ArcSoft Print Creations (HKLM-x32\...\{F03EC055-F34E-4F6B-A684-8A370E11A304}) (Version: 3.0.255.500 - ArcSoft)

ArcSoft RAW Thumbnail Viewer (HKLM-x32\...\{82FAC25D-D0E1-4D60-9268-F3DD958BF052}) (Version: 2.0.0.11 - ArcSoft)

ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{363188E4-1A27-4DE6-BA48-823D2E205385}) (Version: 1.1.0.17 - ArcSoft)

ArcSoft Video Downloader (HKLM-x32\...\{C8B44566-839A-459C-A73D-49764CE216CC}) (Version: 2.0.0.39 - ArcSoft)

ArcSoft WebCam Companion 3 (HKLM-x32\...\{55FB8585-9F5F-482E-BDE3-57F338C1DE97}) (Version: 3.0.15.182 - ArcSoft)

Aurora 30.0a2 (x86 en-US) (HKLM-x32\...\Aurora 30.0a2 (x86 en-US)) (Version: 30.0a2 - Mozilla)

AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)

Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden

Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brackets (HKLM-x32\...\{C815B499-431A-46EA-A745-9473CFECF23E}) (Version: 0.37 - brackets.io)

Call of Duty® 4 - Modern Warfare (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)

Call of Duty® 4 - Modern Warfare (x32 Version: 1.00.0000 - Activision) Hidden

Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)

Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)

Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.44.1 - Citrix Systems, Inc.)

Citrix online plug-in (DV) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden

Citrix online plug-in (HDX) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden

Citrix online plug-in (USB) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden

Citrix online plug-in (Web) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden

CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)

CodeBlocks (HKCU\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)

CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)

Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)

CPUID CPU-Z 1.65.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)

Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)

Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)

EZ JCom (HKLM-x32\...\EZJcom) (Version:  - )

Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)

Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden

Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)

Foxit Reader (HKLM-x32\...\{27E3028E-06C8-4C09-8C3E-07F7F508304E}) (Version: 5.3.1.606 - Foxit Corporation)

Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.3.610 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.3.610 - DVDVideoSoft Ltd.)

GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)

GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.2.6.4 - GitHub, Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden

GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.896 - Citrix Online, a division of Citrix Systems, Inc.)

Gyazo 1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Toshiyuki Masui)

HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)

IntelliJ IDEA Community Edition 12.0.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 12.0.2) (Version: 123.123 - JetBrains s.r.o.)

Internet Explorer Toolbar 4.7 by SweetPacks (HKLM-x32\...\{80F3F10B-A177-4494-93CE-98090D819093}) (Version: 4.7.0008 - SweetIM Technologies Ltd.) <==== ATTENTION

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)

Java SE Development Kit 7 Update 6 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170060}) (Version: 1.7.0.60 - Oracle)

Java SE Development Kit 7 Update 6 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170060}) (Version: 1.7.0.60 - Oracle)

Java 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

JavaFX 2.1.1 SDK (HKLM-x32\...\{2222706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

JavaFX Scene Builder 1.0 (64-bit) (HKLM\...\{5150F19E-0992-418F-BA0A-ED656880DF97}) (Version: 1.0 - Oracle)

JFormDesigner 5.1 (HKCU\...\JFormDesigner) (Version: 5.1 - FormDev Software GmbH)

join.me (HKCU\...\JoinMe) (Version: 1.13.1.118 - LogMeIn, Inc.)

JuiceboxBuilder-Lite (HKLM-x32\...\JuiceboxBuilder-Lite) (Version: 1.2.0 - SimpleViewer Inc)

JuiceboxBuilder-Lite (x32 Version: 1.2.0 - SimpleViewer Inc) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)

Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.4.11.0608 - Lenovo)

Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.3426 - Lenovo)

Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.5317a - CyberLink Corp.)

Lenovo Power2Go (x32 Version: 6.0.5317a - CyberLink Corp.) Hidden

Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)

Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.2431 - CyberLink Corp.)

Lenovo Rescue System (Version: 3.0.2431 - CyberLink Corp.) Hidden

Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0008.00 - Lenovo Group Limited)

LiveWeb (HKLM-x32\...\{F0A7B33E-C872-42C8-B1A9-55450809DAFF}) (Version: 4.00 - Shyam Pillai)

LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden

LuaEdit 2010 (x86 - 3.0.10.0) (HKLM-x32\...\LuaEdit 2010_is1) (Version:  - Open Source)

LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 1.00.1202 - Lenovo)

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)

Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)

Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden

Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden

Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)

Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)

Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)

Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31125 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31130 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden

Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{9600393b-6ede-469b-a522-689fce1461d1}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)

Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden

Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 14.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 en-US)) (Version: 14.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0a2 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)

Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)

NetBeans IDE 7.2 (HKLM\...\nbi-nb-base-7.2.0.0.201207171143) (Version: 7.2 - NetBeans.org)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.5 - )

ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.1008 - ooVoo LLC.)

OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )

OpenVPN Client (HKLM-x32\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies)

Oracle VM VirtualBox 4.1.18 (HKLM\...\{4EE61784-10C6-4B7C-A0B2-5BED17B05741}) (Version: 4.1.18 - Oracle Corporation)

Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)

Palringo (HKLM-x32\...\Palringo) (Version:  - Palringo Limited)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )

ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)

Pazera Free MP4 to AVI Converter 1.6 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Jacek Pazera)

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Pivot Stickfigure Animator version 2.2.6 (HKLM-x32\...\Pivot Stickfigure Animator_is1) (Version: 2.2.6 - )

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.2 - Power Software Ltd)

PowerMenu 1.51 (HKLM-x32\...\PowerMenu) (Version: 1.51 - Thong Nguyen)

PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden

Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)

Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

PuTTY version 0.62 (HKLM-x32\...\PuTTY_is1) (Version: 0.62 - Simon Tatham)

puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)

PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden

Python 2.7.5 (HKLM-x32\...\{DBDD570E-0952-475F-9453-AB88F3DD5659}) (Version: 2.7.5150 - Python Software Foundation)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Rapidboot Advanced (HKLM-x32\...\Rapidboot Advanced) (Version: 1.00.0502 - Lenovo)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)

ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

RuneScape Launcher 1.2.2 (HKLM-x32\...\{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}) (Version: 1.2.2 - Jagex Ltd)

Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D)

SCAR CDE 2.02 (HKLM-x32\...\SCAR 2.02_is1) (Version:  - Aivars Irmejs)

SciTE4AutoIt3 6/10/2012 (HKLM-x32\...\SciTE4AutoIt3) (Version: 6/10/2012 - Jos van der Zande)

Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)

Simba 0.99 (HKLM-x32\...\{524C9B9A-B57F-4FEC-89BE-292202EBA44D}_is1) (Version:  - )

Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Solar 2 Demo (HKLM-x32\...\{9A304435-E368-4F10-AB64-D6C1481D9AF9}) (Version: 1.1.0.0 - Murudai)

Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )

Sublime Text Build 3047 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)

SumRando (HKLM-x32\...\SumRandoSumRando) (Version: 1.0.0.112 - SumRando)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)

TES Construction Set (HKLM-x32\...\{605333A6-963F-480C-A358-1301CAA6CFF6}) (Version:  - )

TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version:  - )

The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)

Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden

Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden

Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden

VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)

WampServer 2.4 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))

WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden

WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden

WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)

Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)

WhatPulse version 2.0 (HKLM-x32\...\{95CC8D5F-90A1-4285-9B2D-8D0FBCFD8D0D}_is1) (Version: 2.0 - WhatPulse)

Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

Windows Password Key 8.0 demo (HKLM-x32\...\Windows Password Key) (Version: 8.0 demo - PasswordSeeker)

Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)

WiX Toolset v3.7 Core (x32 Version: 3.7.1224.0 - Microsoft Corporation) Hidden

WiX Toolset v3.7 Managed SDK (x32 Version: 3.7.1224.0 - Microsoft Corporation) Hidden

WiX Toolset v3.7 Native 2010 SDK (x32 Version: 3.7.1224.0 - Microsoft Corporation) Hidden

WiX Toolset v3.7 Visual Studio Integration (x32 Version: 3.7.1224.0 - Microsoft Corporation) Hidden

WiX Toolset v3.7.1224.0 (HKLM-x32\...\{963ac4b4-a882-4471-8db9-c4adc7b42dc4}) (Version: 3.7.1224.0 - Microsoft Corporation)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.2.0.16826 - Blizzard Entertainment)

XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)

 

==================== Restore Points  =========================

 

19-04-2014 04:47:33 Scheduled Checkpoint

23-04-2014 04:55:44 Windows Modules Installer

23-04-2014 04:59:24 Windows Update

23-04-2014 05:07:23 Windows Update

23-04-2014 05:07:44 Windows Update

23-04-2014 05:08:52 Windows Update

23-04-2014 10:07:41 Windows Update

23-04-2014 15:08:03 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-13 21:34 - 2014-04-05 00:17 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {106781B8-800E-4873-8941-078085DC81D9} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns

Task: {5E2D9FC9-3DA0-4D06-B35D-895BD4159644} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe

Task: {61F2BB96-D97E-4E99-8AD3-4ABC6FCCF41C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)

Task: {9B748213-0AD9-4295-A895-1ADBFB21B1D0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)

Task: {A30AD82E-86A4-4BBF-A744-304E9AB0BD0A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2590400047-110076-1385065545-1001Core => C:\Users\Jacob\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-06] (Facebook Inc.)

Task: {B31406B7-FD24-46B9-927C-4C0E722299DD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2590400047-110076-1385065545-1001UA => C:\Users\Jacob\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-06] (Facebook Inc.)

Task: {B3BD4128-D1BF-4EE9-9089-E789C12B9984} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22] ()

Task: {B8EF182E-C594-43BF-BDA9-0E66CEEC759B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-22] (Google Inc.)

Task: {BEFD8DE8-4393-4B61-81A8-9197731B8C49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-22] (Google Inc.)

Task: {E32071B9-D8DD-4121-93E1-20FF91AE6C76} - System32\Tasks\OFFICE2010ACT => C:\Windows\system32\OFFICEICON.vbs

Task: {E57A2E8F-C22E-42DA-89EA-071FCF1FFDEA} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2013-02-25] ()

Task: {E74697C1-BB78-497A-8ECE-1B9FB65F31AA} - System32\Tasks\RunAsStdUser Task => C:\Users\Jacob\AppData\Local\gameflakeSA\bin\1.0.12.0\GameFlakeSA.exe <==== ATTENTION

Task: {E9EF96B8-5BF2-4015-B9C1-BB880F95A657} - System32\Tasks\AutoUpdaterTask => C:\Program Files (x86)\Auto Updater\AutoUpdater.exe [2012-07-26] ()

Task: {EAB0E7AB-974D-41AF-8A76-8CFCAAEFA2E8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2590400047-110076-1385065545-1001Core.job => C:\Users\Jacob\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2590400047-110076-1385065545-1001UA.job => C:\Users\Jacob\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\ParetoLogic Registration.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll

Task: C:\windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe

 

==================== Loaded Modules (whitelisted) =============

 

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2012-06-18 10:24 - 2012-06-18 10:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2011-12-23 04:54 - 2011-12-15 01:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-01-10 13:41 - 2013-07-14 13:18 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe

2012-05-22 09:15 - 2011-12-02 20:57 - 00140640 _____ () C:\Program Files\Lenovo\LVT\LVT.exe

2012-05-22 09:15 - 2011-12-02 20:55 - 00044032 _____ () C:\Program Files\Lenovo\LVT\CarouselControl.dll

2013-12-13 17:33 - 2013-07-08 06:34 - 00114688 _____ () C:\xampp\apache\bin\pcre.dll

2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-05-22 09:18 - 2011-12-16 02:47 - 00031328 ____N () C:\Program Files (x86)\Lenovo\Rapidboot\FBServiceps.dll

2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-07-18 21:57 - 2012-07-18 21:57 - 00172544 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2c3ee4339f14af1e4dfc45a8964dedfb\IsdiInterop.ni.dll

2012-05-22 08:25 - 2011-05-20 09:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2014-04-11 02:44 - 2014-04-01 20:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll

2014-02-11 14:29 - 2014-02-11 14:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2014-04-11 02:44 - 2014-04-01 20:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll

2014-04-11 02:44 - 2014-04-01 20:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll

2014-04-11 02:44 - 2014-04-01 20:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll

2014-04-11 02:44 - 2014-04-01 20:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll

2014-04-11 02:44 - 2014-04-01 20:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll

2010-01-02 09:42 - 2010-01-02 09:42 - 00018207 _____ () C:\Program Files (x86)\FileZilla FTP Client\mingwm10.dll

2014-04-23 00:26 - 2014-04-23 00:26 - 03987568 _____ () C:\Program Files (x86)\Aurora\mozjs.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

 

==================== Disabled items from MSCONFIG ==============

 

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: Apple Mobile Device => 2

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: GoToAssist => 3

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: gusvc => 3

MSCONFIG\Services: hshld => 2

MSCONFIG\Services: HssSrv => 2

MSCONFIG\Services: HssTrayService => 3

MSCONFIG\Services: HssWd => 2

MSCONFIG\Services: iPod Service => 3

MSCONFIG\Services: jhi_service => 2

MSCONFIG\Services: JME Keyboard => 2

MSCONFIG\Services: LMS => 2

MSCONFIG\Services: MBAMScheduler => 2

MSCONFIG\Services: MBAMService => 2

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: mysql => 2

MSCONFIG\Services: OpenVPNAccessClient => 2

MSCONFIG\Services: rpcapd => 3

MSCONFIG\Services: Skype C2C Service => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: Steam Client Service => 3

MSCONFIG\Services: SwitchBoard => 3

MSCONFIG\Services: UNS => 2

MSCONFIG\Services: vToolbarUpdater15.5.0 => 2

MSCONFIG\Services: wampapache => 3

MSCONFIG\Services: wampmysqld => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OpenVPN Client.lnk => C:\windows\pss\OpenVPN Client.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Jacob^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED

MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"

MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

MSCONFIG\startupreg: Drivers => C:\Users\Jacob\AppData\Local\Temp\crss.scr

MSCONFIG\startupreg: Facebook Update => "C:\Users\Jacob\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: jmesoft => C:\Windows\jmesoft\ServiceLoader.exe

MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized

MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

MSCONFIG\startupreg: Speech Recognition => "C:\windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: TempReader => C:\Users\Jacob\AppData\Roaming\Microsoft\TempFile.exe

MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

MSCONFIG\startupreg: whatpulse => "C:\Program Files (x86)\WhatPulse2\whatpulse.exe"

MSCONFIG\startupreg: winupdater => C:\Windupdt\winupdate.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Realtek USB 2.0 Card Reader

Description: Realtek USB 2.0 Card Reader

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: Realtek

Service: RSUSBSTOR

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (04/19/2014 11:05:28 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/19/2014 11:04:09 PM) (Source: MSSQL$SQLEXPRESS) (User: )

Description: The log scan number (25:32:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

 

Error: (04/19/2014 00:52:52 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/19/2014 00:51:43 PM) (Source: MSSQL$SQLEXPRESS) (User: )

Description: The log scan number (25:32:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

 

Error: (04/18/2014 06:37:16 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/18/2014 06:36:25 PM) (Source: MSSQL$SQLEXPRESS) (User: )

Description: The log scan number (25:32:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.

 

Error: (04/16/2014 06:37:56 PM) (Source: Google Update) (User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

Error: (04/13/2014 09:36:18 PM) (Source: Google Update) (User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

Error: (04/13/2014 06:37:53 PM) (Source: Google Update) (User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

Error: (04/13/2014 03:37:53 PM) (Source: Google Update) (User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

 

System errors:

=============

Error: (04/23/2014 00:09:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80070216: Update for Windows (KB2731771).

 

Error: (04/23/2014 00:08:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80070216: Update for Windows (KB2729094).

 

Error: (04/23/2014 00:02:45 AM) (Source: DCOM) (User: )

Description: {8CEC58AE-07A1-11D9-B15E-000D56BFE6EE}

 

Error: (04/19/2014 11:04:09 PM) (Source: Service Control Manager) (User: )

Description: The SQL Server (SQLEXPRESS) service terminated with service-specific error %%3414.

 

Error: (04/19/2014 00:51:43 PM) (Source: Service Control Manager) (User: )

Description: The Power service terminated with the following error: 

%%4203

 

Error: (04/19/2014 00:51:43 PM) (Source: Service Control Manager) (User: )

Description: The SQL Server (SQLEXPRESS) service terminated with service-specific error %%3414.

 

Error: (04/18/2014 06:40:22 PM) (Source: volsnap) (User: )

Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

 

Error: (04/18/2014 06:36:28 PM) (Source: Service Control Manager) (User: )

Description: The SQL Server (SQLEXPRESS) service terminated with service-specific error %%3414.

 

Error: (04/18/2014 06:36:12 PM) (Source: Service Control Manager) (User: )

Description: The Power service terminated with the following error: 

%%4203

 

Error: (04/08/2014 07:03:02 AM) (Source: Service Control Manager) (User: )

Description: The SQL Server (SQLEXPRESS) service terminated with service-specific error %%3414.

 

 

Microsoft Office Sessions:

=========================

Error: (04/19/2014 11:05:28 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/19/2014 11:04:09 PM) (Source: MSSQL$SQLEXPRESS)(User: )

Description: (25:32:1)model

 

Error: (04/19/2014 00:52:52 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/19/2014 00:51:43 PM) (Source: MSSQL$SQLEXPRESS)(User: )

Description: (25:32:1)model

 

Error: (04/18/2014 06:37:16 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/18/2014 06:36:25 PM) (Source: MSSQL$SQLEXPRESS)(User: )

Description: (25:32:1)model

 

Error: (04/16/2014 06:37:56 PM) (Source: Google Update)(User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

Error: (04/13/2014 09:36:18 PM) (Source: Google Update)(User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

Error: (04/13/2014 06:37:53 PM) (Source: Google Update)(User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

Error: (04/13/2014 03:37:53 PM) (Source: Google Update)(User: Jacob-PC)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.


Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http s

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-04-05 00:14:31.400

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-04-05 00:14:31.400

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-10-01 05:36:03.642

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-10-01 05:36:03.632

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-29 23:37:29.642

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-29 23:37:29.633

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-29 22:24:21.652

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-29 22:24:21.643

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-29 22:22:21.485

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-09-29 22:22:21.476

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 53%

Total physical RAM: 6038.88 MB

Available physical RAM: 2805.75 MB

Total Pagefile: 12075.94 MB

Available Pagefile: 8661.76 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:906.34 GB) (Free:565.43 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1747BF04)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=906 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=25 GB) - (Type=12)

 

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

12:48:10.0332 0x08e0  TDSS rootkit removing tool 3.0.0.32 Apr 21 2014 18:31:25

12:48:32.0695 0x08e0  ============================================================

12:48:32.0695 0x08e0  Current date / time: 2014/04/23 12:48:32.0695

12:48:32.0695 0x08e0  SystemInfo:

12:48:32.0695 0x08e0  

12:48:32.0695 0x08e0  OS Version: 6.1.7601 ServicePack: 1.0

12:48:32.0695 0x08e0  Product type: Workstation

12:48:32.0695 0x08e0  ComputerName: JACOB-PC

12:48:32.0695 0x08e0  UserName: Jacob

12:48:32.0695 0x08e0  Windows directory: C:\windows

12:48:32.0695 0x08e0  System windows directory: C:\windows

12:48:32.0695 0x08e0  Running under WOW64

12:48:32.0695 0x08e0  Processor architecture: Intel x64

12:48:32.0695 0x08e0  Number of processors: 4

12:48:32.0695 0x08e0  Page size: 0x1000

12:48:32.0696 0x08e0  Boot type: Normal boot

12:48:32.0696 0x08e0  ============================================================

12:48:32.0985 0x08e0  KLMD registered as C:\windows\system32\drivers\66815013.sys

12:48:33.0104 0x08e0  System UUID: {9463B3CF-F3E4-E43D-B8F2-75B76F79D614}

12:48:33.0463 0x08e0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:48:33.0474 0x08e0  ============================================================

12:48:33.0474 0x08e0  \Device\Harddisk0\DR0:

12:48:33.0474 0x08e0  MBR partitions:

12:48:33.0474 0x08e0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

12:48:33.0474 0x08e0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800

12:48:33.0474 0x08e0  ============================================================

12:48:33.0495 0x08e0  C: <-> \Device\Harddisk0\DR0\Partition2

12:48:33.0495 0x08e0  ============================================================

12:48:33.0496 0x08e0  Initialize success

12:48:33.0496 0x08e0  ============================================================

12:48:44.0045 0x1a84  ============================================================

12:48:44.0045 0x1a84  Scan started

12:48:44.0045 0x1a84  Mode: Manual; 

12:48:44.0045 0x1a84  ============================================================

12:48:44.0045 0x1a84  KSN ping started

12:48:47.0851 0x1a84  KSN ping finished: true

12:48:48.0080 0x1a84  ================ Scan system memory ========================

12:48:48.0081 0x1a84  System memory - ok

12:48:48.0083 0x1a84  ================ Scan services =============================

12:48:48.0241 0x1a84  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys

12:48:48.0247 0x1a84  1394ohci - ok

12:48:48.0374 0x1a84  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

12:48:48.0377 0x1a84  ACDaemon - ok

12:48:48.0396 0x1a84  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys

12:48:48.0402 0x1a84  ACPI - ok

12:48:48.0407 0x1a84  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys

12:48:48.0408 0x1a84  AcpiPmi - ok

12:48:48.0543 0x1a84  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:48:48.0545 0x1a84  AdobeARMservice - ok

12:48:48.0652 0x1a84  [ 476BB014F3F68C0C15EDDD5B444DA8FF, 94E8FDC4390672C31081EACF3B3AE57486ED06669C4120F139DB3A62AAE77071 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

12:48:48.0656 0x1a84  AdobeFlashPlayerUpdateSvc - ok

12:48:48.0698 0x1a84  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys

12:48:48.0707 0x1a84  adp94xx - ok

12:48:48.0729 0x1a84  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys

12:48:48.0735 0x1a84  adpahci - ok

12:48:48.0754 0x1a84  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys

12:48:48.0758 0x1a84  adpu320 - ok

12:48:48.0784 0x1a84  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll

12:48:48.0787 0x1a84  AeLookupSvc - ok

12:48:48.0828 0x1a84  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\windows\system32\drivers\afd.sys

12:48:48.0838 0x1a84  AFD - ok

12:48:48.0849 0x1a84  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys

12:48:48.0851 0x1a84  agp440 - ok

12:48:48.0871 0x1a84  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe

12:48:48.0874 0x1a84  ALG - ok

12:48:48.0879 0x1a84  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys

12:48:48.0879 0x1a84  aliide - ok

12:48:48.0882 0x1a84  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys

12:48:48.0883 0x1a84  amdide - ok

12:48:48.0889 0x1a84  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys

12:48:48.0890 0x1a84  AmdK8 - ok

12:48:48.0896 0x1a84  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys

12:48:48.0898 0x1a84  AmdPPM - ok

12:48:48.0938 0x1a84  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys

12:48:48.0942 0x1a84  amdsata - ok

12:48:48.0955 0x1a84  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys

12:48:48.0960 0x1a84  amdsbs - ok

12:48:48.0971 0x1a84  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys

12:48:48.0971 0x1a84  amdxata - ok

12:48:49.0048 0x1a84  [ 01B32228059E865F207CCE46C209517A, 75B28472FEE0D65AF5A985E3D6D3D66784D9BAD095415C2CB5EBE84E26948417 ] Apache2.4       C:\xampp\apache\bin\httpd.exe

12:48:49.0049 0x1a84  Apache2.4 - ok

12:48:49.0065 0x1a84  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys

12:48:49.0067 0x1a84  AppID - ok

12:48:49.0080 0x1a84  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll

12:48:49.0082 0x1a84  AppIDSvc - ok

12:48:49.0095 0x1a84  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\windows\System32\appinfo.dll

12:48:49.0098 0x1a84  Appinfo - ok

12:48:49.0172 0x1a84  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:48:49.0174 0x1a84  Apple Mobile Device - ok

12:48:49.0217 0x1a84  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys

12:48:49.0219 0x1a84  arc - ok

12:48:49.0224 0x1a84  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys

12:48:49.0226 0x1a84  arcsas - ok

12:48:49.0253 0x1a84  [ 1CE3822B05A5E229286A15EA39369870, B5825DA3AB2F312A57E4E2632EA7BC373497DE5BAC1F605EA2C9B5175FBF7B8F ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys

12:48:49.0255 0x1a84  ArcSoftKsUFilter - ok

12:48:49.0340 0x1a84  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

12:48:49.0342 0x1a84  aspnet_state - ok

12:48:49.0369 0x1a84  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys

12:48:49.0370 0x1a84  AsyncMac - ok

12:48:49.0392 0x1a84  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys

12:48:49.0393 0x1a84  atapi - ok

12:48:49.0505 0x1a84  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\windows\system32\DRIVERS\atikmdag.sys

12:48:49.0616 0x1a84  atikmdag - ok

12:48:49.0645 0x1a84  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

12:48:49.0658 0x1a84  AudioEndpointBuilder - ok

12:48:49.0676 0x1a84  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll

12:48:49.0687 0x1a84  AudioSrv - ok

12:48:49.0750 0x1a84  [ 5E20DDCD957E55270C804BC00CD188E5, 417319DD7408205E8BA8CF46648C45AC99A17E12D56985D52850D5918DAD21F1 ] avgtp           C:\windows\system32\drivers\avgtpx64.sys

12:48:49.0752 0x1a84  avgtp - ok

12:48:49.0766 0x1a84  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll

12:48:49.0769 0x1a84  AxInstSV - ok

12:48:49.0792 0x1a84  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys

12:48:49.0801 0x1a84  b06bdrv - ok

12:48:49.0819 0x1a84  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys

12:48:49.0825 0x1a84  b57nd60a - ok

12:48:49.0831 0x1a84  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll

12:48:49.0833 0x1a84  BDESVC - ok

12:48:49.0836 0x1a84  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys

12:48:49.0836 0x1a84  Beep - ok

12:48:49.0869 0x1a84  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll

12:48:49.0883 0x1a84  BFE - ok

12:48:49.0922 0x1a84  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\system32\qmgr.dll

12:48:49.0939 0x1a84  BITS - ok

12:48:49.0950 0x1a84  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys

12:48:49.0952 0x1a84  blbdrive - ok

12:48:50.0009 0x1a84  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:48:50.0019 0x1a84  Bonjour Service - ok

12:48:50.0034 0x1a84  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys

12:48:50.0036 0x1a84  bowser - ok

12:48:50.0042 0x1a84  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys

12:48:50.0042 0x1a84  BrFiltLo - ok

12:48:50.0051 0x1a84  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys

12:48:50.0053 0x1a84  BrFiltUp - ok

12:48:50.0071 0x1a84  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys

12:48:50.0073 0x1a84  BridgeMP - ok

12:48:50.0088 0x1a84  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\windows\System32\browser.dll

12:48:50.0091 0x1a84  Browser - ok

12:48:50.0108 0x1a84  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys

12:48:50.0114 0x1a84  Brserid - ok

12:48:50.0118 0x1a84  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys

12:48:50.0119 0x1a84  BrSerWdm - ok

12:48:50.0123 0x1a84  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys

12:48:50.0124 0x1a84  BrUsbMdm - ok

12:48:50.0128 0x1a84  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys

12:48:50.0129 0x1a84  BrUsbSer - ok

12:48:50.0136 0x1a84  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys

12:48:50.0137 0x1a84  BTHMODEM - ok

12:48:50.0153 0x1a84  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll

12:48:50.0155 0x1a84  bthserv - ok

12:48:50.0282 0x1a84  [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

12:48:50.0314 0x1a84  c2cautoupdatesvc - ok

12:48:50.0382 0x1a84  [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

12:48:50.0423 0x1a84  c2cpnrsvc - ok

12:48:50.0444 0x1a84  catchme - ok

12:48:50.0460 0x1a84  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys

12:48:50.0463 0x1a84  cdfs - ok

12:48:50.0480 0x1a84  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys

12:48:50.0483 0x1a84  cdrom - ok

12:48:50.0490 0x1a84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll

12:48:50.0492 0x1a84  CertPropSvc - ok

12:48:50.0501 0x1a84  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys

12:48:50.0503 0x1a84  circlass - ok

12:48:50.0520 0x1a84  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys

12:48:50.0527 0x1a84  CLFS - ok

12:48:50.0557 0x1a84  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:48:50.0559 0x1a84  clr_optimization_v2.0.50727_32 - ok

12:48:50.0583 0x1a84  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:48:50.0586 0x1a84  clr_optimization_v2.0.50727_64 - ok

12:48:50.0665 0x1a84  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:48:50.0668 0x1a84  clr_optimization_v4.0.30319_32 - ok

12:48:50.0678 0x1a84  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:48:50.0681 0x1a84  clr_optimization_v4.0.30319_64 - ok

12:48:50.0689 0x1a84  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys

12:48:50.0690 0x1a84  CmBatt - ok

12:48:50.0695 0x1a84  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys

12:48:50.0696 0x1a84  cmdide - ok

12:48:50.0724 0x1a84  [ C4943B6C962E4B82197542447AD599F4, C854B2C4B525CF175E83ACF70712C378E826EBC1E87E591937BE9698DCD0019D ] CNG             C:\windows\system32\Drivers\cng.sys

12:48:50.0733 0x1a84  CNG - ok

12:48:50.0760 0x1a84  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys

12:48:50.0762 0x1a84  Compbatt - ok

12:48:50.0771 0x1a84  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys

12:48:50.0772 0x1a84  CompositeBus - ok

12:48:50.0775 0x1a84  COMSysApp - ok

12:48:50.0850 0x1a84  [ 4F19119C392210244FC0108E76939DC5, 95613A562C020BAEB2A011C2603900DC9AE718D869B4ED9E6070D40F2E2D0ACE ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe

12:48:50.0856 0x1a84  cphs - ok

12:48:50.0919 0x1a84  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys

12:48:50.0920 0x1a84  cpudrv64 - ok

12:48:50.0937 0x1a84  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys

12:48:50.0938 0x1a84  crcdisk - ok

12:48:50.0950 0x1a84  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\windows\system32\cryptsvc.dll

12:48:50.0954 0x1a84  CryptSvc - ok

12:48:50.0995 0x1a84  [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys

12:48:50.0998 0x1a84  ctxusbm - ok

12:48:51.0023 0x1a84  [ 022D2022CE6FC325A922F5608D61A5B8, B831242E37AECC720F09E1E37F5917A417AF933874C2DBADCE0CC9AB4196B798 ] DcomLaunch      C:\windows\system32\rpcss.dll

12:48:51.0033 0x1a84  DcomLaunch - detected Trojan.Win64.Patched.bj ( 0 )

12:48:53.0987 0x1a84  DcomLaunch ( Trojan.Win64.Patched.bj ) - infected

12:48:53.0987 0x1a84  Force sending object to P2P due to detect: C:\windows\system32\rpcss.dll

12:48:58.0533 0x1a84  Object send P2P result: true

12:49:01.0337 0x1a84  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll

12:49:01.0344 0x1a84  defragsvc - ok

12:49:01.0360 0x1a84  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys

12:49:01.0363 0x1a84  DfsC - ok

12:49:01.0375 0x1a84  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll

12:49:01.0382 0x1a84  Dhcp - ok

12:49:01.0386 0x1a84  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys

12:49:01.0387 0x1a84  discache - ok

12:49:01.0415 0x1a84  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys

12:49:01.0417 0x1a84  Disk - ok

12:49:01.0436 0x1a84  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll

12:49:01.0440 0x1a84  Dnscache - ok

12:49:01.0452 0x1a84  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll

12:49:01.0457 0x1a84  dot3svc - ok

12:49:01.0468 0x1a84  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll

12:49:01.0471 0x1a84  DPS - ok

12:49:01.0488 0x1a84  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys

12:49:01.0489 0x1a84  drmkaud - ok

12:49:01.0522 0x1a84  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys

12:49:01.0541 0x1a84  DXGKrnl - ok

12:49:01.0561 0x1a84  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll

12:49:01.0564 0x1a84  EapHost - ok

12:49:01.0639 0x1a84  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys

12:49:01.0713 0x1a84  ebdrv - ok

12:49:01.0728 0x1a84  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\windows\System32\lsass.exe

12:49:01.0730 0x1a84  EFS - ok

12:49:01.0772 0x1a84  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe

12:49:01.0785 0x1a84  ehRecvr - ok

12:49:01.0799 0x1a84  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe

12:49:01.0802 0x1a84  ehSched - ok

12:49:01.0823 0x1a84  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys

12:49:01.0833 0x1a84  elxstor - ok

12:49:01.0836 0x1a84  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys

12:49:01.0837 0x1a84  ErrDev - ok

12:49:01.0858 0x1a84  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll

12:49:01.0867 0x1a84  EventSystem - ok

12:49:01.0873 0x1a84  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys

12:49:01.0878 0x1a84  exfat - ok

12:49:01.0911 0x1a84  [ 86A1CE37C4BE57FE1D064424C3715361, D7807EEA0D8D258EB20EFB00009A41152C6A08F6D7EF7CBD0CD62FF9D3D579F1 ] Fastboot        C:\windows\system32\DRIVERS\Fastboot.sys

12:49:01.0913 0x1a84  Fastboot - ok

12:49:01.0949 0x1a84  [ D2AAD045C465FB33F791F89923CA22AF, D392687BDE3BDE146A4658F0B8907840A74CD5778AA7A969EFADE03046602E1E ] FastbootService C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe

12:49:01.0953 0x1a84  FastbootService - ok

12:49:01.0966 0x1a84  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys

12:49:01.0971 0x1a84  fastfat - ok

12:49:01.0992 0x1a84  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe

12:49:02.0006 0x1a84  Fax - ok

12:49:02.0018 0x1a84  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys

12:49:02.0019 0x1a84  fdc - ok

12:49:02.0034 0x1a84  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll

12:49:02.0036 0x1a84  fdPHost - ok

12:49:02.0047 0x1a84  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll

12:49:02.0049 0x1a84  FDResPub - ok

12:49:02.0057 0x1a84  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys

12:49:02.0059 0x1a84  FileInfo - ok

12:49:02.0063 0x1a84  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys

12:49:02.0064 0x1a84  Filetrace - ok

12:49:02.0143 0x1a84  [ 7E76EED28B8B8696B7F7ED5F757AA304, 4D42711B63F90FF9AF3D6C8E4EDB3FF08CAB6FE5131D9A43F4D10D1CA51F7378 ] FileZilla Server C:\xampp\filezillaftp\filezillaserver.exe

12:49:02.0156 0x1a84  FileZilla Server - ok

12:49:02.0161 0x1a84  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys

12:49:02.0162 0x1a84  flpydisk - ok

12:49:02.0179 0x1a84  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys

12:49:02.0185 0x1a84  FltMgr - ok

12:49:02.0237 0x1a84  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\windows\system32\FntCache.dll

12:49:02.0262 0x1a84  FontCache - ok

12:49:02.0293 0x1a84  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:49:02.0295 0x1a84  FontCache3.0.0.0 - ok

12:49:02.0305 0x1a84  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys

12:49:02.0307 0x1a84  FsDepends - ok

12:49:02.0341 0x1a84  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys

12:49:02.0342 0x1a84  fssfltr - ok

12:49:02.0406 0x1a84  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

12:49:02.0440 0x1a84  fsssvc - ok

12:49:02.0466 0x1a84  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys

12:49:02.0467 0x1a84  Fs_Rec - ok

12:49:02.0553 0x1a84  [ 895BA1CFF25E867CE5A52073E905C93B, A417065E831B768BD76364EC1E5FEDAADF172DCD1E6C2A134CB311EDDC2DC477 ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe

12:49:02.0557 0x1a84  fussvc - ok

12:49:02.0567 0x1a84  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys

12:49:02.0571 0x1a84  fvevol - ok

12:49:02.0585 0x1a84  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys

12:49:02.0588 0x1a84  gagp30kx - ok

12:49:02.0628 0x1a84  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys

12:49:02.0629 0x1a84  GEARAspiWDM - ok

12:49:02.0717 0x1a84  [ C6B9F48D46C13389EA2AF2065AE66612, BFB2CFF1B9BFE55E027F01C3714DF9BF8E0C5CFD0EF0BF6B8DA029D98C1288D7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe

12:49:02.0719 0x1a84  GoToAssist - ok

12:49:02.0750 0x1a84  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll

12:49:02.0765 0x1a84  gpsvc - ok

12:49:02.0800 0x1a84  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:49:02.0802 0x1a84  gupdate - ok

12:49:02.0814 0x1a84  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:49:02.0817 0x1a84  gupdatem - ok

12:49:02.0834 0x1a84  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

12:49:02.0838 0x1a84  gusvc - ok

12:49:02.0851 0x1a84  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys

12:49:02.0853 0x1a84  hcw85cir - ok

12:49:02.0872 0x1a84  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

12:49:02.0879 0x1a84  HdAudAddService - ok

12:49:02.0897 0x1a84  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys

12:49:02.0900 0x1a84  HDAudBus - ok

12:49:02.0912 0x1a84  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys

12:49:02.0913 0x1a84  HidBatt - ok

12:49:02.0923 0x1a84  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys

12:49:02.0925 0x1a84  HidBth - ok

12:49:02.0931 0x1a84  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys

12:49:02.0932 0x1a84  HidIr - ok

12:49:02.0947 0x1a84  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll

12:49:02.0949 0x1a84  hidserv - ok

12:49:02.0963 0x1a84  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys

12:49:02.0964 0x1a84  HidUsb - ok

12:49:02.0975 0x1a84  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll

12:49:02.0979 0x1a84  hkmsvc - ok

12:49:02.0996 0x1a84  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll

12:49:03.0002 0x1a84  HomeGroupListener - ok

12:49:03.0017 0x1a84  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll

12:49:03.0022 0x1a84  HomeGroupProvider - ok

12:49:03.0028 0x1a84  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys

12:49:03.0030 0x1a84  HpSAMD - ok

12:49:03.0068 0x1a84  [ BBC89DA4065BDCE34257BE95B2F636EE, 75614CC1C92BD61ED3AEC6432D3F863CA816EE10132DF3ED5508D19506231F64 ] HssDRV6         C:\windows\system32\DRIVERS\hssdrv6.sys

12:49:03.0070 0x1a84  HssDRV6 - ok

12:49:03.0090 0x1a84  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys

12:49:03.0105 0x1a84  HTTP - ok

12:49:03.0111 0x1a84  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys

12:49:03.0112 0x1a84  hwpolicy - ok

12:49:03.0128 0x1a84  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys

12:49:03.0131 0x1a84  i8042prt - ok

12:49:03.0173 0x1a84  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys

12:49:03.0182 0x1a84  iaStor - ok

12:49:03.0203 0x1a84  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

12:49:03.0203 0x1a84  IAStorDataMgrSvc - ok

12:49:03.0224 0x1a84  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys

12:49:03.0232 0x1a84  iaStorV - ok

12:49:03.0279 0x1a84  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

12:49:03.0283 0x1a84  ICCS - ok

12:49:03.0324 0x1a84  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:49:03.0340 0x1a84  idsvc - ok

12:49:03.0481 0x1a84  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys

12:49:03.0601 0x1a84  igfx - ok

12:49:03.0615 0x1a84  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys

12:49:03.0617 0x1a84  iirsp - ok

12:49:03.0642 0x1a84  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\windows\System32\ikeext.dll

12:49:03.0659 0x1a84  IKEEXT - ok

12:49:03.0743 0x1a84  [ 651972B4061F940DC154C6F7B948B76A, CF171B7A9AD3B906754E87E3A1EFB8B5ACD7E58E284797F0C90A9AB2ACFEA9CE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

12:49:03.0811 0x1a84  IntcAzAudAddService - ok

12:49:03.0829 0x1a84  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys

12:49:03.0836 0x1a84  IntcDAud - ok

12:49:03.0892 0x1a84  [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

12:49:03.0904 0x1a84  Intel® Capability Licensing Service Interface - ok

12:49:03.0914 0x1a84  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys

12:49:03.0915 0x1a84  intelide - ok

12:49:03.0922 0x1a84  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys

12:49:03.0923 0x1a84  intelppm - ok

12:49:03.0935 0x1a84  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll

12:49:03.0939 0x1a84  IPBusEnum - ok

12:49:03.0950 0x1a84  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys

12:49:03.0953 0x1a84  IpFilterDriver - ok

12:49:03.0970 0x1a84  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll

12:49:03.0981 0x1a84  iphlpsvc - ok

12:49:03.0986 0x1a84  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys

12:49:03.0988 0x1a84  IPMIDRV - ok

12:49:03.0993 0x1a84  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys

12:49:03.0996 0x1a84  IPNAT - ok

12:49:04.0043 0x1a84  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

12:49:04.0055 0x1a84  iPod Service - ok

12:49:04.0064 0x1a84  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys

12:49:04.0065 0x1a84  IRENUM - ok

12:49:04.0077 0x1a84  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys

12:49:04.0078 0x1a84  isapnp - ok

12:49:04.0094 0x1a84  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys

12:49:04.0102 0x1a84  iScsiPrt - ok

12:49:04.0119 0x1a84  [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

12:49:04.0122 0x1a84  jhi_service - ok

12:49:04.0133 0x1a84  [ 1DED0D0AA513E2A5862B20A520D3A1E1, F592F890B8B4F8A152ABE395AA851AE46AFC4C447DADB38816344F9E0C4826B9 ] JME Keyboard    C:\Windows\jmesoft\Service.exe

12:49:04.0148 0x1a84  JME Keyboard - ok

12:49:04.0162 0x1a84  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys

12:49:04.0165 0x1a84  kbdclass - ok

12:49:04.0170 0x1a84  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys

12:49:04.0172 0x1a84  kbdhid - ok

12:49:04.0177 0x1a84  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\windows\system32\lsass.exe

12:49:04.0179 0x1a84  KeyIso - ok

12:49:04.0196 0x1a84  [ DA1E991A61CFDD755A589E206B97644B, 25581D8C0F18ED8D1A8536E9E4BCE3D3AE88E6F74E4BB3C749553F0AADD6C289 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys

12:49:04.0199 0x1a84  KSecDD - ok

12:49:04.0212 0x1a84  [ 7E33198D956943A4F11A5474C1E9106F, 4E9694A67549F0156B675AFAAAA10B0A77F4DB5BE9915722132ACF5529172C52 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys

12:49:04.0215 0x1a84  KSecPkg - ok

12:49:04.0220 0x1a84  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys

12:49:04.0221 0x1a84  ksthunk - ok

12:49:04.0246 0x1a84  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll

12:49:04.0254 0x1a84  KtmRm - ok

12:49:04.0283 0x1a84  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll

12:49:04.0288 0x1a84  LanmanServer - ok

12:49:04.0322 0x1a84  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

12:49:04.0326 0x1a84  LanmanWorkstation - ok

12:49:04.0332 0x1a84  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys

12:49:04.0334 0x1a84  lltdio - ok

12:49:04.0353 0x1a84  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll

12:49:04.0359 0x1a84  lltdsvc - ok

12:49:04.0386 0x1a84  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll

12:49:04.0387 0x1a84  lmhosts - ok

12:49:04.0404 0x1a84  [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

12:49:04.0409 0x1a84  LMS - ok

12:49:04.0419 0x1a84  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys

12:49:04.0422 0x1a84  LSI_FC - ok

12:49:04.0428 0x1a84  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys

12:49:04.0431 0x1a84  LSI_SAS - ok

12:49:04.0443 0x1a84  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys

12:49:04.0446 0x1a84  LSI_SAS2 - ok

12:49:04.0456 0x1a84  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys

12:49:04.0459 0x1a84  LSI_SCSI - ok

12:49:04.0471 0x1a84  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys

12:49:04.0474 0x1a84  luafv - ok

12:49:04.0522 0x1a84  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\windows\system32\drivers\mbam.sys

12:49:04.0524 0x1a84  MBAMProtector - ok

12:49:04.0582 0x1a84  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

12:49:04.0590 0x1a84  MBAMScheduler - ok

12:49:04.0615 0x1a84  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

12:49:04.0629 0x1a84  MBAMService - ok

12:49:04.0658 0x1a84  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll

12:49:04.0661 0x1a84  Mcx2Svc - ok

12:49:04.0665 0x1a84  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys

12:49:04.0666 0x1a84  megasas - ok

12:49:04.0679 0x1a84  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys

12:49:04.0685 0x1a84  MegaSR - ok

12:49:04.0695 0x1a84  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys

12:49:04.0696 0x1a84  MEIx64 - ok

12:49:04.0770 0x1a84  Microsoft SharePoint Workspace Audit Service - ok

12:49:04.0792 0x1a84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll

12:49:04.0795 0x1a84  MMCSS - ok

12:49:04.0799 0x1a84  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys

12:49:04.0800 0x1a84  Modem - ok

12:49:04.0803 0x1a84  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys

12:49:04.0804 0x1a84  monitor - ok

12:49:04.0843 0x1a84  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys

12:49:04.0844 0x1a84  mouclass - ok

12:49:04.0852 0x1a84  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys

12:49:04.0855 0x1a84  mouhid - ok

12:49:04.0867 0x1a84  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys

12:49:04.0869 0x1a84  mountmgr - ok

12:49:04.0894 0x1a84  [ AF56E122D5FB65DB061F9543817BE386, 5FB62525065D8CD9C7070C683C8DE6C2E40CCA22641453D81CF24464F244C67F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

12:49:04.0898 0x1a84  MozillaMaintenance - ok

12:49:04.0904 0x1a84  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys

12:49:04.0908 0x1a84  mpio - ok

12:49:04.0936 0x1a84  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys

12:49:04.0938 0x1a84  mpsdrv - ok

Share this post


Link to post
Share on other sites
 


12:49:04.0960 0x1a84  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll

12:49:04.0977 0x1a84  MpsSvc - ok

12:49:04.0999 0x1a84  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys

12:49:05.0002 0x1a84  MRxDAV - ok

12:49:05.0022 0x1a84  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys

12:49:05.0025 0x1a84  mrxsmb - ok

12:49:05.0038 0x1a84  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys

12:49:05.0043 0x1a84  mrxsmb10 - ok

12:49:05.0051 0x1a84  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys

12:49:05.0054 0x1a84  mrxsmb20 - ok

12:49:05.0059 0x1a84  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys

12:49:05.0060 0x1a84  msahci - ok

12:49:05.0072 0x1a84  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys

12:49:05.0076 0x1a84  msdsm - ok

12:49:05.0091 0x1a84  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe

12:49:05.0095 0x1a84  MSDTC - ok

12:49:05.0111 0x1a84  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys

12:49:05.0111 0x1a84  Msfs - ok

12:49:05.0134 0x1a84  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys

12:49:05.0135 0x1a84  mshidkmdf - ok

12:49:05.0138 0x1a84  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys

12:49:05.0138 0x1a84  msisadrv - ok

12:49:05.0157 0x1a84  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll

12:49:05.0161 0x1a84  MSiSCSI - ok

12:49:05.0164 0x1a84  msiserver - ok

12:49:05.0179 0x1a84  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys

12:49:05.0180 0x1a84  MSKSSRV - ok

12:49:05.0185 0x1a84  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys

12:49:05.0186 0x1a84  MSPCLOCK - ok

12:49:05.0189 0x1a84  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys

12:49:05.0189 0x1a84  MSPQM - ok

12:49:05.0205 0x1a84  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys

12:49:05.0212 0x1a84  MsRPC - ok

12:49:05.0221 0x1a84  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys

12:49:05.0222 0x1a84  mssmbios - ok

12:49:05.0292 0x1a84  MSSQL$SQLEXPRESS - ok

12:49:05.0336 0x1a84  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

12:49:05.0338 0x1a84  MSSQLServerADHelper100 - ok

12:49:05.0349 0x1a84  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys

12:49:05.0351 0x1a84  MSTEE - ok

12:49:05.0361 0x1a84  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys

12:49:05.0363 0x1a84  MTConfig - ok

12:49:05.0377 0x1a84  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys

12:49:05.0378 0x1a84  Mup - ok

12:49:05.0452 0x1a84  mysql - ok

12:49:05.0471 0x1a84  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll

12:49:05.0482 0x1a84  napagent - ok

12:49:05.0503 0x1a84  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys

12:49:05.0509 0x1a84  NativeWifiP - ok

12:49:05.0545 0x1a84  [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol           C:\windows\system32\DRIVERS\NBVol.sys

12:49:05.0547 0x1a84  NBVol - ok

12:49:05.0557 0x1a84  [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp         C:\windows\system32\DRIVERS\NBVolUp.sys

12:49:05.0558 0x1a84  NBVolUp - ok

12:49:05.0600 0x1a84  [ C38B8AE57F78915905064A9A24DC1586, 5A24A490AC5DB4FCC745182BDBAEA8836E8FBEC635609AE4CF51DAC3A30A8221 ] NDIS            C:\windows\system32\drivers\ndis.sys

12:49:05.0619 0x1a84  NDIS - ok

12:49:05.0634 0x1a84  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys

12:49:05.0635 0x1a84  NdisCap - ok

12:49:05.0639 0x1a84  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys

12:49:05.0640 0x1a84  NdisTapi - ok

12:49:05.0648 0x1a84  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys

12:49:05.0651 0x1a84  Ndisuio - ok

12:49:05.0665 0x1a84  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys

12:49:05.0669 0x1a84  NdisWan - ok

12:49:05.0683 0x1a84  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys

12:49:05.0685 0x1a84  NDProxy - ok

12:49:05.0695 0x1a84  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys

12:49:05.0696 0x1a84  NetBIOS - ok

12:49:05.0709 0x1a84  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys

12:49:05.0714 0x1a84  NetBT - ok

12:49:05.0727 0x1a84  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\windows\system32\lsass.exe

12:49:05.0728 0x1a84  Netlogon - ok

12:49:05.0745 0x1a84  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll

12:49:05.0754 0x1a84  Netman - ok

12:49:05.0800 0x1a84  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:49:05.0803 0x1a84  NetMsmqActivator - ok

12:49:05.0808 0x1a84  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:49:05.0811 0x1a84  NetPipeActivator - ok

12:49:05.0832 0x1a84  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll

12:49:05.0842 0x1a84  netprofm - ok

12:49:05.0848 0x1a84  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:49:05.0850 0x1a84  NetTcpActivator - ok

12:49:05.0856 0x1a84  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:49:05.0859 0x1a84  NetTcpPortSharing - ok

12:49:05.0908 0x1a84  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys

12:49:05.0910 0x1a84  nfrd960 - ok

12:49:05.0928 0x1a84  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\windows\System32\nlasvc.dll

12:49:05.0935 0x1a84  NlaSvc - ok

12:49:05.0970 0x1a84  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\windows\system32\drivers\npf.sys

12:49:05.0971 0x1a84  NPF - ok

12:49:05.0980 0x1a84  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys

12:49:05.0981 0x1a84  Npfs - ok

12:49:05.0994 0x1a84  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll

12:49:05.0996 0x1a84  nsi - ok

12:49:06.0006 0x1a84  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys

12:49:06.0007 0x1a84  nsiproxy - ok

12:49:06.0049 0x1a84  [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys

12:49:06.0091 0x1a84  Ntfs - ok

12:49:06.0103 0x1a84  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys

12:49:06.0105 0x1a84  Null - ok

12:49:06.0118 0x1a84  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys

12:49:06.0121 0x1a84  nvraid - ok

12:49:06.0139 0x1a84  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys

12:49:06.0151 0x1a84  nvstor - ok

12:49:06.0163 0x1a84  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys

12:49:06.0166 0x1a84  nv_agp - ok

12:49:06.0171 0x1a84  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys

12:49:06.0173 0x1a84  ohci1394 - ok

12:49:06.0229 0x1a84  [ 8C02B0CC65BEE71124A565062BA77B39, C3B4965D62995195A776581BA0750FA72833F4E2E1F8F9DC683F562C13A9E20C ] OpenVPNAccessClient C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe

12:49:06.0231 0x1a84  OpenVPNAccessClient - ok

12:49:06.0303 0x1a84  [ EC322186D8FCE3D632F3F597D67747DD, 3011E02C695B006EF9A82ACC030953B9BEA6CE9AD28D63E4AA7FB4CC14F05CF2 ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe

12:49:06.0304 0x1a84  OpenVPNService - ok

12:49:06.0350 0x1a84  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:49:06.0353 0x1a84  ose - ok

12:49:06.0536 0x1a84  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

12:49:06.0653 0x1a84  osppsvc - ok

12:49:06.0704 0x1a84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll

12:49:06.0711 0x1a84  p2pimsvc - ok

12:49:06.0726 0x1a84  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll

12:49:06.0735 0x1a84  p2psvc - ok

12:49:06.0740 0x1a84  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys

12:49:06.0742 0x1a84  Parport - ok

12:49:06.0776 0x1a84  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\windows\system32\drivers\partmgr.sys

12:49:06.0778 0x1a84  partmgr - ok

12:49:06.0787 0x1a84  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll

12:49:06.0792 0x1a84  PcaSvc - ok

12:49:06.0803 0x1a84  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys

12:49:06.0807 0x1a84  pci - ok

12:49:06.0821 0x1a84  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys

12:49:06.0822 0x1a84  pciide - ok

12:49:06.0829 0x1a84  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys

12:49:06.0833 0x1a84  pcmcia - ok

12:49:06.0841 0x1a84  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys

12:49:06.0842 0x1a84  pcw - ok

12:49:06.0866 0x1a84  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys

12:49:06.0879 0x1a84  PEAUTH - ok

12:49:06.0964 0x1a84  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe

12:49:06.0966 0x1a84  PerfHost - ok

12:49:07.0006 0x1a84  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll

12:49:07.0040 0x1a84  pla - ok

12:49:07.0074 0x1a84  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll

12:49:07.0082 0x1a84  PlugPlay - ok

12:49:07.0097 0x1a84  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll

12:49:07.0100 0x1a84  PNRPAutoReg - ok

12:49:07.0110 0x1a84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll

12:49:07.0116 0x1a84  PNRPsvc - ok

12:49:07.0150 0x1a84  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll

12:49:07.0160 0x1a84  PolicyAgent - ok

12:49:07.0177 0x1a84  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll

12:49:07.0181 0x1a84  Power - ok

12:49:07.0193 0x1a84  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys

12:49:07.0196 0x1a84  PptpMiniport - ok

12:49:07.0206 0x1a84  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys

12:49:07.0208 0x1a84  Processor - ok

12:49:07.0228 0x1a84  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\windows\system32\profsvc.dll

12:49:07.0233 0x1a84  ProfSvc - ok

12:49:07.0244 0x1a84  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\windows\system32\lsass.exe

12:49:07.0245 0x1a84  ProtectedStorage - ok

12:49:07.0259 0x1a84  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys

12:49:07.0261 0x1a84  Psched - ok

12:49:07.0297 0x1a84  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys

12:49:07.0298 0x1a84  PxHlpa64 - ok

12:49:07.0343 0x1a84  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys

12:49:07.0377 0x1a84  ql2300 - ok

12:49:07.0383 0x1a84  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys

12:49:07.0386 0x1a84  ql40xx - ok

12:49:07.0411 0x1a84  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll

12:49:07.0417 0x1a84  QWAVE - ok

12:49:07.0421 0x1a84  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys

12:49:07.0422 0x1a84  QWAVEdrv - ok

12:49:07.0427 0x1a84  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys

12:49:07.0428 0x1a84  RasAcd - ok

12:49:07.0445 0x1a84  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys

12:49:07.0447 0x1a84  RasAgileVpn - ok

12:49:07.0461 0x1a84  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll

12:49:07.0465 0x1a84  RasAuto - ok

12:49:07.0473 0x1a84  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys

12:49:07.0477 0x1a84  Rasl2tp - ok

12:49:07.0492 0x1a84  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll

12:49:07.0500 0x1a84  RasMan - ok

12:49:07.0511 0x1a84  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys

12:49:07.0514 0x1a84  RasPppoe - ok

12:49:07.0532 0x1a84  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys

12:49:07.0534 0x1a84  RasSstp - ok

12:49:07.0545 0x1a84  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys

12:49:07.0551 0x1a84  rdbss - ok

12:49:07.0564 0x1a84  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys

12:49:07.0566 0x1a84  rdpbus - ok

12:49:07.0572 0x1a84  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys

12:49:07.0572 0x1a84  RDPCDD - ok

12:49:07.0580 0x1a84  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys

12:49:07.0580 0x1a84  RDPENCDD - ok

12:49:07.0586 0x1a84  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys

12:49:07.0587 0x1a84  RDPREFMP - ok

12:49:07.0612 0x1a84  [ 6D76E6433574B058ADCB0C50DF834492, A063D9F3771CBA3C2CA85B3D267C267C310698DEB2818E9C524B55CD74F921DB ] RDPWD           C:\windows\system32\drivers\RDPWD.sys

12:49:07.0616 0x1a84  RDPWD - ok

12:49:07.0631 0x1a84  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys

12:49:07.0636 0x1a84  rdyboost - ok

12:49:07.0658 0x1a84  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll

12:49:07.0662 0x1a84  RemoteAccess - ok

12:49:07.0672 0x1a84  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll

12:49:07.0676 0x1a84  RemoteRegistry - ok

12:49:07.0708 0x1a84  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe

12:49:07.0711 0x1a84  rpcapd - ok

12:49:07.0716 0x1a84  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll

12:49:07.0718 0x1a84  RpcEptMapper - ok

12:49:07.0729 0x1a84  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe

12:49:07.0730 0x1a84  RpcLocator - ok

12:49:07.0767 0x1a84  [ 022D2022CE6FC325A922F5608D61A5B8, B831242E37AECC720F09E1E37F5917A417AF933874C2DBADCE0CC9AB4196B798 ] RpcSs           C:\windows\system32\rpcss.dll

12:49:07.0776 0x1a84  RpcSs - detected Trojan.Win64.Patched.bj ( 0 )

12:49:07.0777 0x1a84  RpcSs ( Trojan.Win64.Patched.bj ) - infected

12:49:07.0777 0x1a84  Force sending object to P2P due to detect: C:\windows\system32\rpcss.dll

12:49:10.0742 0x1a84  Object send P2P result: true

12:49:13.0572 0x1a84  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\windows\system32\DRIVERS\RsFx0103.sys

12:49:13.0579 0x1a84  RsFx0103 - ok

12:49:13.0595 0x1a84  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys

12:49:13.0597 0x1a84  rspndr - ok

12:49:13.0615 0x1a84  [ 9BEB5F18A418FF70659CE2E356829568, 8E327A99E68B5F9028778F5845719D00C590882B8609AF66D97DA880D537C937 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys

12:49:13.0620 0x1a84  RSUSBSTOR - ok

12:49:13.0652 0x1a84  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys

12:49:13.0664 0x1a84  RTL8167 - ok

12:49:13.0676 0x1a84  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\windows\system32\lsass.exe

12:49:13.0677 0x1a84  SamSs - ok

12:49:13.0712 0x1a84  [ 495588414F5C62C333F1A69E17E5FB9F, F16FA9EE19BA1B519EBC371282F913FE0E42AEED226D149C6F37976466D61CA8 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys

12:49:13.0715 0x1a84  SbieDrv - ok

12:49:13.0744 0x1a84  [ 099007B7A80E1917FFA110CE7785A3C9, 04B877099A151F226C378FB000185FA4B3CB96FF858ED2801A9440D7625F0E52 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe

12:49:13.0746 0x1a84  SbieSvc - ok

12:49:13.0762 0x1a84  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys

12:49:13.0764 0x1a84  sbp2port - ok

12:49:13.0781 0x1a84  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll

12:49:13.0786 0x1a84  SCardSvr - ok

12:49:13.0828 0x1a84  [ EFD61BD67E5CE72CA5CE8BB6AD3E1FDB, 95D1FC1903143E34EA7F7D8AE6E5565BA8869C6811924B3A87EE3CF2399DB320 ] SCDEmu          C:\windows\system32\drivers\SCDEmu.sys

12:49:13.0832 0x1a84  SCDEmu - ok

12:49:13.0844 0x1a84  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys

12:49:13.0846 0x1a84  scfilter - ok

12:49:13.0875 0x1a84  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll

12:49:13.0900 0x1a84  Schedule - ok

12:49:13.0915 0x1a84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll

12:49:13.0916 0x1a84  SCPolicySvc - ok

12:49:13.0939 0x1a84  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll

12:49:13.0944 0x1a84  SDRSVC - ok

12:49:13.0950 0x1a84  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys

12:49:13.0951 0x1a84  secdrv - ok

12:49:13.0960 0x1a84  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll

12:49:13.0962 0x1a84  seclogon - ok

12:49:13.0974 0x1a84  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll

12:49:13.0977 0x1a84  SENS - ok

12:49:13.0982 0x1a84  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll

12:49:13.0983 0x1a84  SensrSvc - ok

12:49:13.0990 0x1a84  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys

12:49:13.0991 0x1a84  Serenum - ok

12:49:14.0000 0x1a84  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys

12:49:14.0003 0x1a84  Serial - ok

12:49:14.0006 0x1a84  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys

12:49:14.0007 0x1a84  sermouse - ok

12:49:14.0028 0x1a84  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll

12:49:14.0031 0x1a84  SessionEnv - ok

12:49:14.0034 0x1a84  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys

12:49:14.0035 0x1a84  sffdisk - ok

12:49:14.0038 0x1a84  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys

12:49:14.0039 0x1a84  sffp_mmc - ok

12:49:14.0043 0x1a84  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys

12:49:14.0044 0x1a84  sffp_sd - ok

12:49:14.0048 0x1a84  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys

12:49:14.0049 0x1a84  sfloppy - ok

12:49:14.0074 0x1a84  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll

12:49:14.0081 0x1a84  SharedAccess - ok

12:49:14.0094 0x1a84  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll

12:49:14.0102 0x1a84  ShellHWDetection - ok

12:49:14.0114 0x1a84  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys

12:49:14.0115 0x1a84  SiSRaid2 - ok

12:49:14.0125 0x1a84  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys

12:49:14.0127 0x1a84  SiSRaid4 - ok

12:49:14.0169 0x1a84  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

12:49:14.0172 0x1a84  SkypeUpdate - ok

12:49:14.0177 0x1a84  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys

12:49:14.0180 0x1a84  Smb - ok

12:49:14.0210 0x1a84  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe

12:49:14.0212 0x1a84  SNMPTRAP - ok

12:49:14.0217 0x1a84  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys

12:49:14.0217 0x1a84  spldr - ok

12:49:14.0241 0x1a84  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\windows\System32\spoolsv.exe

12:49:14.0252 0x1a84  Spooler - ok

12:49:14.0345 0x1a84  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe

12:49:14.0421 0x1a84  sppsvc - ok

12:49:14.0436 0x1a84  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll

12:49:14.0439 0x1a84  sppuinotify - ok

12:49:14.0523 0x1a84  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

12:49:14.0532 0x1a84  SQLAgent$SQLEXPRESS - ok

12:49:14.0581 0x1a84  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

12:49:14.0586 0x1a84  SQLBrowser - ok

12:49:14.0632 0x1a84  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

12:49:14.0635 0x1a84  SQLWriter - ok

12:49:14.0662 0x1a84  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys

12:49:14.0671 0x1a84  srv - ok

12:49:14.0692 0x1a84  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys

12:49:14.0699 0x1a84  srv2 - ok

12:49:14.0716 0x1a84  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys

12:49:14.0720 0x1a84  srvnet - ok

12:49:14.0729 0x1a84  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll

12:49:14.0734 0x1a84  SSDPSRV - ok

12:49:14.0743 0x1a84  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll

12:49:14.0746 0x1a84  SstpSvc - ok

12:49:14.0771 0x1a84  Steam Client Service - ok

12:49:14.0786 0x1a84  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys

12:49:14.0787 0x1a84  stexstor - ok

12:49:14.0811 0x1a84  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll

12:49:14.0823 0x1a84  stisvc - ok

12:49:14.0863 0x1a84  [ 85F4237E308B5DA4A34B1C11BFFCF516, CCA4975F525DB1939B68B6282567AA9C19FA75B3CBCE387CFEAA903BBCBE40D6 ] SumRandoVPNService C:\Program Files (x86)\SumRando\SumRando\misc\vpnmanagesvc.exe

12:49:14.0866 0x1a84  SumRandoVPNService - ok

12:49:14.0875 0x1a84  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys

12:49:14.0876 0x1a84  swenum - ok

12:49:14.0962 0x1a84  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

12:49:14.0972 0x1a84  SwitchBoard - ok

12:49:14.0995 0x1a84  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll

12:49:15.0006 0x1a84  swprv - ok

12:49:15.0052 0x1a84  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll

12:49:15.0095 0x1a84  SysMain - ok

12:49:15.0108 0x1a84  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll

12:49:15.0111 0x1a84  TabletInputService - ok

12:49:15.0136 0x1a84  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys

12:49:15.0138 0x1a84  tap0901 - ok

12:49:15.0167 0x1a84  [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss          C:\windows\system32\DRIVERS\taphss.sys

12:49:15.0169 0x1a84  taphss - ok

12:49:15.0184 0x1a84  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll

12:49:15.0191 0x1a84  TapiSrv - ok

12:49:15.0224 0x1a84  [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD, 58F14DAA0EA21EA2F2A1D3D62C88BD8E5A0E0EF498B7B8D367BEEADE6A46843C ] tapoas          C:\windows\system32\DRIVERS\tapoas.sys

12:49:15.0225 0x1a84  tapoas - ok

12:49:15.0238 0x1a84  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll

12:49:15.0242 0x1a84  TBS - ok

12:49:15.0329 0x1a84  [ FC62769E7BFF2896035AEED399108162, 82170042482E6D843F96D52AF6920F172B1D46D03456EF2E66C1D919EE0E3B46 ] Tcpip           C:\windows\system32\drivers\tcpip.sys

12:49:15.0371 0x1a84  Tcpip - ok

12:49:15.0421 0x1a84  [ FC62769E7BFF2896035AEED399108162, 82170042482E6D843F96D52AF6920F172B1D46D03456EF2E66C1D919EE0E3B46 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys

12:49:15.0449 0x1a84  TCPIP6 - ok

12:49:15.0466 0x1a84  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys

12:49:15.0468 0x1a84  tcpipreg - ok

12:49:15.0483 0x1a84  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys

12:49:15.0484 0x1a84  TDPIPE - ok

12:49:15.0507 0x1a84  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys

12:49:15.0509 0x1a84  TDTCP - ok

12:49:15.0527 0x1a84  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys

12:49:15.0530 0x1a84  tdx - ok

12:49:15.0598 0x1a84  [ BB676D2C7AD5E7131D12417E4691F9B9, C6DE7D8C08C2F059C696E9D63FC55692C8CB37FECF92F5A863D7D2C5AF3B425F ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe

12:49:15.0602 0x1a84  Te.Service - ok

12:49:15.0783 0x1a84  [ CC907C2FB839D3F92690A25FF8E463BE, 3CEE9BEA1ACB1086389AA4817D996431716EFEB4432EC4D59EEF1BA710C15B8C ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

12:49:15.0892 0x1a84  TeamViewer9 - ok

12:49:15.0913 0x1a84  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys

12:49:15.0915 0x1a84  TermDD - ok

12:49:15.0939 0x1a84  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll

12:49:15.0953 0x1a84  TermService - ok

12:49:15.0962 0x1a84  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll

12:49:15.0965 0x1a84  Themes - ok

12:49:15.0982 0x1a84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll

12:49:15.0984 0x1a84  THREADORDER - ok

12:49:15.0991 0x1a84  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll

12:49:15.0995 0x1a84  TrkWks - ok

12:49:16.0037 0x1a84  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

12:49:16.0041 0x1a84  TrustedInstaller - ok

12:49:16.0052 0x1a84  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys

12:49:16.0054 0x1a84  tssecsrv - ok

12:49:16.0061 0x1a84  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys

12:49:16.0063 0x1a84  TsUsbFlt - ok

12:49:16.0067 0x1a84  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys

12:49:16.0068 0x1a84  TsUsbGD - ok

12:49:16.0105 0x1a84  [ 54988945DEBAE6DC83F138228AD7DA63, C68CE81C1D60A4F97CE271F22D41E38E1BC641DE811FDD1EAA364F949CCA6798 ] tun3326         C:\windows\system32\DRIVERS\tun3326.sys

12:49:16.0107 0x1a84  tun3326 - ok

12:49:16.0116 0x1a84  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys

12:49:16.0119 0x1a84  tunnel - ok

12:49:16.0130 0x1a84  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys

12:49:16.0133 0x1a84  uagp35 - ok

12:49:16.0152 0x1a84  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys

12:49:16.0159 0x1a84  udfs - ok

12:49:16.0170 0x1a84  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe

12:49:16.0172 0x1a84  UI0Detect - ok

12:49:16.0193 0x1a84  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys

12:49:16.0195 0x1a84  uliagpkx - ok

12:49:16.0214 0x1a84  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys

12:49:16.0215 0x1a84  umbus - ok

12:49:16.0218 0x1a84  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys

12:49:16.0219 0x1a84  UmPass - ok

12:49:16.0267 0x1a84  [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

12:49:16.0274 0x1a84  UNS - ok

12:49:16.0288 0x1a84  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll

12:49:16.0297 0x1a84  upnphost - ok

12:49:16.0338 0x1a84  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys

12:49:16.0340 0x1a84  USBAAPL64 - ok

12:49:16.0384 0x1a84  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys

12:49:16.0387 0x1a84  usbaudio - ok

12:49:16.0399 0x1a84  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys

12:49:16.0402 0x1a84  usbccgp - ok

12:49:16.0413 0x1a84  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\windows\system32\drivers\usbcir.sys

12:49:16.0416 0x1a84  usbcir - ok

12:49:16.0429 0x1a84  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\windows\system32\drivers\usbehci.sys

12:49:16.0431 0x1a84  usbehci - ok

12:49:16.0447 0x1a84  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys

12:49:16.0454 0x1a84  usbhub - ok

12:49:16.0461 0x1a84  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\windows\system32\drivers\usbohci.sys

12:49:16.0462 0x1a84  usbohci - ok

12:49:16.0472 0x1a84  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\drivers\usbprint.sys

12:49:16.0473 0x1a84  usbprint - ok

12:49:16.0485 0x1a84  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS

12:49:16.0487 0x1a84  USBSTOR - ok

12:49:16.0490 0x1a84  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys

12:49:16.0492 0x1a84  usbuhci - ok

12:49:16.0521 0x1a84  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys

12:49:16.0524 0x1a84  usbvideo - ok

12:49:16.0559 0x1a84  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\windows\system32\DRIVERS\usb8023x.sys

12:49:16.0560 0x1a84  usb_rndisx - ok

12:49:16.0571 0x1a84  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll

12:49:16.0573 0x1a84  UxSms - ok

12:49:16.0584 0x1a84  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\windows\system32\lsass.exe

12:49:16.0585 0x1a84  VaultSvc - ok

12:49:16.0627 0x1a84  [ ED492636EE26EC43DAA4BAA7EF0DA7AD, 1F5D37F13EE4528B6B5339A304808904E2ADB9A3BC80DB3F8F0A193213797A5A ] VBoxDrv         C:\windows\system32\DRIVERS\VBoxDrv.sys

12:49:16.0632 0x1a84  VBoxDrv - ok

12:49:16.0642 0x1a84  [ 58E2365E7FD880624F648C63C5D22009, 9E00C2EF3488B7477AFF75FA62F2B66FD54166C19DCA594216B23EB046335FF0 ] VBoxNetAdp      C:\windows\system32\DRIVERS\VBoxNetAdp.sys

12:49:16.0645 0x1a84  VBoxNetAdp - ok

12:49:16.0654 0x1a84  [ 5160910CE602710D7E87F1B35487E7DB, EB21837B9D482A5E3C63A67B46485628438F0E72863013458300B2FB31954222 ] VBoxNetFlt      C:\windows\system32\DRIVERS\VBoxNetFlt.sys

12:49:16.0658 0x1a84  VBoxNetFlt - ok

12:49:16.0678 0x1a84  [ 99906A079A6C24D4B8B0DBED02B7869B, 2AB7DCD157AA3A7FB76E66B5FE52491218B0BC8251942799FC2A0BEE024F60E0 ] VBoxUSBMon      C:\windows\system32\DRIVERS\VBoxUSBMon.sys

12:49:16.0682 0x1a84  VBoxUSBMon - ok

12:49:16.0686 0x1a84  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys

12:49:16.0687 0x1a84  vdrvroot - ok

12:49:16.0705 0x1a84  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe

12:49:16.0716 0x1a84  vds - ok

12:49:16.0731 0x1a84  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys

12:49:16.0732 0x1a84  vga - ok

12:49:16.0742 0x1a84  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys

12:49:16.0744 0x1a84  VgaSave - ok

12:49:16.0762 0x1a84  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys

12:49:16.0766 0x1a84  vhdmp - ok

12:49:16.0776 0x1a84  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys

12:49:16.0777 0x1a84  viaide - ok

12:49:16.0788 0x1a84  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys

12:49:16.0790 0x1a84  volmgr - ok

12:49:16.0804 0x1a84  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys

12:49:16.0811 0x1a84  volmgrx - ok

12:49:16.0822 0x1a84  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys

12:49:16.0827 0x1a84  volsnap - ok

12:49:16.0848 0x1a84  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys

12:49:16.0851 0x1a84  vsmraid - ok

12:49:16.0939 0x1a84  [ 1928B9CA20F51BFBBAD54D2C2C447B13, BA9DADBD030ECE0A1CFAEB1ACCB5A54532A02CE2DEA505EE071D4D7A0F3501FB ] VSPerfDrv100    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys

12:49:16.0941 0x1a84  VSPerfDrv100 - ok

12:49:17.0043 0x1a84  [ F972436B5ED08069A1E7D623B77C226A, FA01505B5EC392ADE55019C22588D2F3608CBF9A6B03A44203F3587D372F8342 ] VSPerfDrv110    C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys

12:49:17.0045 0x1a84  VSPerfDrv110 - ok

12:49:17.0085 0x1a84  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe

12:49:17.0127 0x1a84  VSS - ok

12:49:17.0278 0x1a84  [ DCE9CC4129E1DAC6AAE25C6050E20A16, 17A0F8F583756D8CF00513195D3E9A9FF726AC68EE0A817134EB56690A96F6D7 ] vToolbarUpdater15.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

12:49:17.0312 0x1a84  vToolbarUpdater15.5.0 - ok

12:49:17.0328 0x1a84  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys

12:49:17.0329 0x1a84  vwifibus - ok

12:49:17.0351 0x1a84  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll

12:49:17.0359 0x1a84  W32Time - ok

12:49:17.0365 0x1a84  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys

12:49:17.0366 0x1a84  WacomPen - ok

12:49:17.0476 0x1a84  [ D970AF80B98927A8C63DBA235E69DF7E, CA8A3ADF3A64B63AB88EA07D452FB12D3498B05C4DFF10434FBFE8A3E688C50B ] wampapache      c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe

12:49:17.0478 0x1a84  wampapache - ok

12:49:17.0539 0x1a84  wampmysqld - ok

12:49:17.0559 0x1a84  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys

12:49:17.0562 0x1a84  WANARP - ok

12:49:17.0566 0x1a84  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys

12:49:17.0568 0x1a84  Wanarpv6 - ok

12:49:17.0635 0x1a84  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe

12:49:17.0669 0x1a84  wbengine - ok

12:49:17.0690 0x1a84  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll

12:49:17.0695 0x1a84  WbioSrvc - ok

12:49:17.0711 0x1a84  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll

12:49:17.0719 0x1a84  wcncsvc - ok

12:49:17.0729 0x1a84  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

12:49:17.0732 0x1a84  WcsPlugInService - ok

12:49:17.0735 0x1a84  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys

12:49:17.0736 0x1a84  Wd - ok

12:49:17.0777 0x1a84  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys

12:49:17.0790 0x1a84  Wdf01000 - ok

12:49:17.0811 0x1a84  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll

12:49:17.0814 0x1a84  WdiServiceHost - ok

12:49:17.0820 0x1a84  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll

12:49:17.0823 0x1a84  WdiSystemHost - ok

12:49:17.0843 0x1a84  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\windows\System32\webclnt.dll

12:49:17.0849 0x1a84  WebClient - ok

12:49:17.0860 0x1a84  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll

12:49:17.0866 0x1a84  Wecsvc - ok

12:49:17.0876 0x1a84  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll

12:49:17.0880 0x1a84  wercplsupport - ok

12:49:17.0890 0x1a84  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll

12:49:17.0893 0x1a84  WerSvc - ok

12:49:17.0901 0x1a84  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys

12:49:17.0903 0x1a84  WfpLwf - ok

12:49:17.0911 0x1a84  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys

12:49:17.0913 0x1a84  WIMMount - ok

12:49:17.0921 0x1a84  WinDefend - ok

12:49:17.0925 0x1a84  WinHttpAutoProxySvc - ok

12:49:17.0965 0x1a84  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll

12:49:17.0970 0x1a84  Winmgmt - ok

12:49:18.0023 0x1a84  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll

12:49:18.0068 0x1a84  WinRM - ok

12:49:18.0113 0x1a84  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys

12:49:18.0114 0x1a84  WinUsb - ok

12:49:18.0139 0x1a84  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll

12:49:18.0157 0x1a84  Wlansvc - ok

12:49:18.0207 0x1a84  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

12:49:18.0209 0x1a84  wlcrasvc - ok

12:49:18.0289 0x1a84  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

12:49:18.0341 0x1a84  wlidsvc - ok

12:49:18.0350 0x1a84  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys

12:49:18.0351 0x1a84  WmiAcpi - ok

12:49:18.0370 0x1a84  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe

12:49:18.0374 0x1a84  wmiApSrv - ok

12:49:18.0386 0x1a84  WMPNetworkSvc - ok

12:49:18.0391 0x1a84  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll

12:49:18.0393 0x1a84  WPCSvc - ok

12:49:18.0405 0x1a84  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll

12:49:18.0410 0x1a84  WPDBusEnum - ok

12:49:18.0420 0x1a84  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys

12:49:18.0420 0x1a84  ws2ifsl - ok

12:49:18.0434 0x1a84  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll

12:49:18.0438 0x1a84  wscsvc - ok

12:49:18.0441 0x1a84  WSearch - ok

12:49:18.0467 0x1a84  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys

12:49:18.0470 0x1a84  wsvd - ok

12:49:18.0531 0x1a84  [ 9DF12EDBC698B0BC353B3EF84861E430, 5777972DC6242096EE2D4DAEEFC822DE9077560322DED7B9696BB23B7C240403 ] wuauserv        C:\windows\system32\wuaueng.dll

12:49:18.0587 0x1a84  wuauserv - ok

12:49:18.0600 0x1a84  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys

12:49:18.0604 0x1a84  WudfPf - ok

12:49:18.0620 0x1a84  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys

12:49:18.0624 0x1a84  WUDFRd - ok

12:49:18.0635 0x1a84  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\windows\System32\WUDFSvc.dll

12:49:18.0639 0x1a84  wudfsvc - ok

12:49:18.0653 0x1a84  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\windows\System32\wwansvc.dll

12:49:18.0659 0x1a84  WwanSvc - ok

12:49:18.0719 0x1a84  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\windows\system32\DRIVERS\xnacc.sys

12:49:18.0732 0x1a84  xnacc - ok

12:49:18.0765 0x1a84  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\windows\system32\DRIVERS\yk62x64.sys

12:49:18.0772 0x1a84  yukonw7 - ok

12:49:18.0790 0x1a84  ================ Scan global ===============================

12:49:18.0807 0x1a84  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll

12:49:18.0833 0x1a84  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\windows\system32\winsrv.dll

12:49:18.0844 0x1a84  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\windows\system32\winsrv.dll

12:49:18.0870 0x1a84  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll

12:49:18.0884 0x1a84  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe

12:49:18.0889 0x1a84  [ Global ] - ok

12:49:18.0890 0x1a84  ================ Scan MBR ==================================

12:49:18.0899 0x1a84  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

12:49:19.0005 0x1a84  \Device\Harddisk0\DR0 - ok

12:49:19.0005 0x1a84  ================ Scan VBR ==================================

12:49:19.0009 0x1a84  [ FA93C3805BC9A29B02CFCDB965CE2677 ] \Device\Harddisk0\DR0\Partition1

12:49:19.0055 0x1a84  \Device\Harddisk0\DR0\Partition1 - ok

12:49:19.0057 0x1a84  [ 655E77283E321AE1C42BA07DA4076607 ] \Device\Harddisk0\DR0\Partition2

12:49:19.0090 0x1a84  \Device\Harddisk0\DR0\Partition2 - ok

12:49:19.0091 0x1a84  Waiting for KSN requests completion. In queue: 153

12:49:20.0091 0x1a84  Waiting for KSN requests completion. In queue: 153

12:49:21.0091 0x1a84  Waiting for KSN requests completion. In queue: 153

12:49:22.0127 0x1a84  Win FW state via NFP2: enabled

12:49:24.0897 0x1a84  ============================================================

12:49:24.0897 0x1a84  Scan finished

12:49:24.0897 0x1a84  ============================================================

12:49:24.0905 0x1a48  Detected object count: 2

12:49:24.0905 0x1a48  Actual detected object count: 2

12:49:48.0918 0x1a48  DcomLaunch ( Trojan.Win64.Patched.bj ) - skipped by user

12:49:48.0918 0x1a48  DcomLaunch ( Trojan.Win64.Patched.bj ) - User select action: Skip 

12:49:48.0918 0x1a48  RpcSs ( Trojan.Win64.Patched.bj ) - skipped by user

12:49:48.0918 0x1a48  RpcSs ( Trojan.Win64.Patched.bj ) - User select action: Skip 

Share this post


Link to post
Share on other sites

Hi there,

my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

 

HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.

 

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

 

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please attach this file to your next reply.

 

 

I have posted everything in the order you asked. Attached to this post are the TDSSKiller results. 

TDSSKiller.3.0.0.32_23.04.2014_12.48.10_log.txt

Share this post


Link to post
Share on other sites

Per the request from the user, this thread is closed and the member will re-post once all the peer to peer software has been removed.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.