Jump to content

Need Help! Malwarebytes keeps blocking malicious website


Recommended Posts

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
Post back the report which should also be located here:

 

C:\Programdata\RogueKiller\Logs <-------- W7/8

C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP

 

Let me see those logs in your next reply..

 

Kevin...

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014

Ran by Neff11h4l (administrator) on NEFF11H4L-HP on 06-11-2014 07:52:52

Running from C:\Users\Neff11h4l\Downloads

Loaded Profile: Neff11h4l (Available profiles: Neff11h4l)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe

(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe

(Hewlett-Packard Co.) C:\Program Files\hp\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Hewlett-Packard Co.) C:\Program Files\hp\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(ICQ, LLC.) C:\Program Files (x86)\ICQ7.6\ICQ.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)

HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-12] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)

HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3649040 2014-10-16] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\Run: [Google Update] => C:\Users\Neff11h4l\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-04] (Google Inc.)

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\hp\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\RunOnce: [uninstall C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\MountPoints2: {2feaf1a4-e3f0-11e1-81b0-6431502f888e} - J:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\MountPoints2: {2feaf269-e3f0-11e1-81b0-6431502f888e} - J:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\MountPoints2: {31b878f9-c0e6-11e2-b18c-6431502f888e} - J:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-1426350195-2521714455-2443115798-1001\...\MountPoints2: {ce4cb961-4c19-11e2-9d48-6431502f888e} - J:\HTC_Sync_Manager_PC.exe

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

Startup: C:\Users\Neff11h4l\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk

ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1

HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops

SearchScopes: HKCU - DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =

SearchScopes: HKCU - {56BCE0DD-A0A0-48A9-A4C9-F5C47037576B} URL = http://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11405&pf=V7&p2=%5EBBD%5EOSJ000%5EYY%5EUS&gct=&itbv=12.15.5.30&apn_uid=CA38E6A1-779A-4D87-90E2-8C1E8D0575F8&apn_ptnrs=BBD&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_11.0.9600.17207&doi=2014-08-10&trgb=IE&q={searchTerms}&psv=&pt=tb

SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =

SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =

SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =

SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = http://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 209.18.47.61 209.18.47.62

FireFox:

========

FF ProfilePath: C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @ei.UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)

FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Neff11h4l\AppData\Local\Roblox\Versions\version-ad555162e16d43e0\\NPRobloxProxy.dll ( Roblox Corporation)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF user.js: detected! => C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default\user.js

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

FF Extension: Yahoo! Toolbar - C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-24]

FF Extension: ChaCha Guide App Toolbar - C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default\Extensions\chachaguidebar@chacha.com.xpi [2012-05-30]

 

Chrome:

=======

CHR Plugin: (Shockwave Flash) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Utility Chest Installer Plugin Stub) - C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll No File

CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Roblox Launcher Plugin) - C:\Users\Neff11h4l\AppData\Local\Roblox\Versions\version-ad555162e16d43e0\\NPRobloxProxy.dll ( Roblox Corporation)

CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File

CHR Profile: C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-04]

CHR Extension: (Google Drive) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-04]

CHR Extension: (YouTube) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-04]

CHR Extension: (Google Search) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-04]

CHR Extension: (Skype Click to Call) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-04]

CHR Extension: (Google Wallet) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]

CHR Extension: (Gmail) - C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-04]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-11-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3487248 2014-10-16] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-10-16] (AVG Technologies CZ, s.r.o.)

R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177136 2014-04-28] (Coupons.com Inc.)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-06-08] (Nero AG)

R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] () [File not signed]

R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)

R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [262424 2014-10-07] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)

S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [24376 2010-03-01] ()

S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()

S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66328 2011-08-13] (Logitech Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-06] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)

S3 SIVDRIVER; C:\Windows\system32\Drivers\SIVX64.sys [57312 2008-06-14] (Ray Hinchliffe)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-06 07:52 - 2014-11-06 07:53 - 00022164 _____ () C:\Users\Neff11h4l\Downloads\FRST.txt

2014-11-06 07:52 - 2014-11-06 07:52 - 00000000 ____D () C:\FRST

2014-11-06 07:51 - 2014-11-06 07:51 - 02114560 _____ (Farbar) C:\Users\Neff11h4l\Downloads\FRST64.exe

2014-11-05 20:09 - 2014-11-05 20:09 - 00001087 _____ () C:\Users\Neff11h4l\Desktop\doom.lua

2014-11-05 20:03 - 2014-11-05 20:03 - 00842976 _____ () C:\Users\Neff11h4l\Desktop\openeuo_141101.zip

2014-11-04 19:52 - 2014-11-04 19:52 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Roaming\AVG2015

2014-11-04 19:51 - 2014-11-04 19:51 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk

2014-11-04 19:51 - 2014-11-04 19:51 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Roaming\TuneUp Software

2014-11-04 19:51 - 2014-11-04 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-11-04 19:42 - 2014-11-04 19:51 - 00000000 ____D () C:\ProgramData\AVG2015

2014-11-04 19:42 - 2014-11-04 19:42 - 00000000 ___HD () C:\$AVG

2014-11-04 19:41 - 2014-11-04 19:41 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-11-04 19:39 - 2014-11-06 06:50 - 00000000 ____D () C:\ProgramData\MFAData

2014-11-04 19:39 - 2014-11-04 19:55 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Local\Avg2015

2014-11-04 19:39 - 2014-11-04 19:39 - 04637504 _____ (AVG Technologies) C:\Users\Neff11h4l\Downloads\avg_free_stb_all_2015_5557_cnet.exe

2014-11-04 19:39 - 2014-11-04 19:39 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Local\MFAData

2014-11-04 19:34 - 2014-11-04 19:34 - 00015146 _____ () C:\Users\Neff11h4l\Desktop\hijackthis.log

2014-11-04 19:33 - 2014-11-04 19:33 - 00015146 _____ () C:\Users\Neff11h4l\Downloads\hijackthis.log

2014-11-04 19:32 - 2014-11-04 19:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Neff11h4l\Downloads\HijackThis.exe

2014-11-04 17:54 - 2014-11-06 07:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-11-04 17:53 - 2014-11-04 17:53 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-11-04 17:53 - 2014-11-04 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-11-04 17:53 - 2014-11-04 17:53 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-11-04 17:53 - 2014-11-04 17:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-11-04 17:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-11-04 17:53 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-11-04 17:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-11-04 17:51 - 2014-11-04 17:53 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Neff11h4l\Downloads\mbam-setup-2.0.3.1025.exe

2014-11-04 05:33 - 2014-11-04 06:17 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Roaming\Ansenyu

2014-11-04 05:28 - 2014-11-04 19:15 - 00000000 ____D () C:\ProgramData\ZikoGxisx

2014-11-04 05:28 - 2014-11-04 19:15 - 00000000 ____D () C:\ProgramData\JuzeYlejk

2014-11-01 08:54 - 2014-11-01 08:54 - 00000031 _____ () C:\Users\Neff11h4l\Desktop\15percent.txt

2014-10-31 14:41 - 2014-10-31 14:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-10-31 14:41 - 2014-10-31 14:41 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-10-30 20:46 - 2014-10-30 20:46 - 00842970 _____ () C:\Users\Neff11h4l\Desktop\openeuo_141030.zip

2014-10-25 15:01 - 2014-10-30 19:58 - 00009884 _____ () C:\Users\Neff11h4l\Desktop\castles spots.odt

2014-10-24 20:46 - 2014-10-24 20:46 - 00004529 _____ () C:\Users\Neff11h4l\Desktop\begging2.lua

2014-10-23 00:52 - 2014-10-22 20:20 - 01029120 _____ () C:\Users\Neff11h4l\Desktop\EasyUO.exe

2014-10-22 21:00 - 2014-10-22 21:00 - 00004449 _____ () C:\Users\Neff11h4l\Desktop\begging.lua

2014-10-15 05:45 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-10-15 05:45 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-10-15 05:45 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-10-15 05:45 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-10-15 05:45 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-10-15 05:45 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-10-15 05:45 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-10-15 05:45 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-10-15 05:45 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-10-15 05:45 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-10-15 05:45 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-10-15 05:45 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-10-15 05:45 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-10-15 05:45 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-10-15 05:45 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-10-15 05:45 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-10-15 05:45 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-10-15 05:45 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-10-15 05:45 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-10-15 05:45 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-10-15 05:45 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-10-15 05:45 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-10-15 05:45 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-10-15 05:45 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-10-15 05:45 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-10-15 05:45 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-10-15 05:45 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-10-15 05:45 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-10-15 05:45 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-10-15 05:45 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-10-15 05:45 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-10-15 05:45 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-10-15 05:45 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-15 05:45 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-10-15 05:45 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-10-15 05:45 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-10-15 05:45 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-10-15 05:45 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-10-15 05:45 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2014-10-15 05:45 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2014-10-15 05:45 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-10-15 05:45 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2014-10-15 05:45 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2014-10-15 05:45 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2014-10-15 05:45 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2014-10-15 05:45 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2014-10-15 05:45 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2014-10-15 05:45 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2014-10-15 05:45 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2014-10-15 05:45 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-10-15 05:45 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2014-10-15 05:45 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-10-15 05:45 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll

2014-10-15 05:45 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-10-15 05:45 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe

2014-10-15 05:45 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe

2014-10-15 05:45 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

2014-10-15 05:45 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2014-10-15 05:45 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2014-10-15 05:45 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-10-15 05:45 - 2014-07-06 21:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2014-10-15 05:45 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll

2014-10-15 05:45 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys

2014-10-15 05:45 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll

2014-10-15 05:45 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx

2014-10-15 05:45 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll

2014-10-15 05:45 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-10-15 05:45 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-10-15 05:45 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-10-15 05:45 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe

2014-10-15 05:45 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe

2014-10-15 05:45 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll

2014-10-15 05:45 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2014-10-15 05:45 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2014-10-15 05:45 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll

2014-10-15 05:45 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll

2014-10-15 05:45 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll

2014-10-15 05:45 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll

2014-10-15 05:45 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll

2014-10-15 05:45 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll

2014-10-15 05:45 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll

2014-10-15 05:44 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-10-15 05:44 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-10-15 05:44 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-10-15 05:44 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-10-15 05:44 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-10-15 05:44 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-10-15 05:44 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-10-15 05:44 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-10-15 05:44 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-10-15 05:44 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-10-15 05:44 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-10-15 05:44 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-10-15 05:44 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-10-15 05:44 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-10-15 05:44 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-10-15 05:44 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-10-15 05:44 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-10-15 05:44 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-10-15 05:44 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-10-15 05:44 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-10-15 05:44 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-10-15 05:44 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2014-10-15 05:44 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2014-10-15 05:44 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-10-15 05:43 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-10-15 05:43 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-10-15 05:43 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-10-15 05:43 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-10-15 05:43 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-10-15 05:43 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-10-15 05:43 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll

2014-10-15 05:43 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-10-15 05:43 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-10-15 05:43 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-10-15 05:43 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll

2014-10-15 05:43 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-10-15 05:43 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-10-15 05:43 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-10-15 05:43 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-10-10 15:14 - 2014-10-10 15:14 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-10-07 21:43 - 2014-10-07 21:43 - 00262424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-11-06 07:46 - 2013-06-04 09:44 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001UA.job

2014-11-06 07:41 - 2013-12-04 19:07 - 00000346 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job

2014-11-06 07:40 - 2011-01-20 19:05 - 01482546 _____ () C:\Windows\WindowsUpdate.log

2014-11-06 07:19 - 2011-08-13 20:14 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Roaming\ICQ

2014-11-06 07:17 - 2012-07-26 22:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-06 06:54 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-11-06 06:54 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-11-06 06:51 - 2009-07-14 00:13 - 00787616 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-11-06 06:46 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-11-06 06:46 - 2009-07-13 23:51 - 00115338 _____ () C:\Windows\setupact.log

2014-11-05 20:10 - 2011-01-21 10:03 - 00388304 _____ () C:\Windows\PFRO.log

2014-11-05 20:03 - 2014-01-06 17:10 - 00000000 ____D () C:\Users\Neff11h4l\Desktop\OpenEUO

2014-11-05 19:51 - 2014-08-25 11:11 - 00000000 ____D () C:\Users\Neff11h4l\Desktop\Santa 2014

2014-11-05 15:46 - 2013-06-04 09:44 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001Core.job

2014-11-04 20:17 - 2011-01-20 19:23 - 00000000 ____D () C:\ProgramData\PDFC

2014-11-04 19:52 - 2011-08-17 23:41 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Local\CrashDumps

2014-11-04 19:33 - 2011-08-13 13:50 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Local\VirtualStore

2014-11-04 18:45 - 2014-08-09 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-11-04 18:45 - 2011-08-14 18:17 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Roaming\Ventrilo

2014-11-04 18:45 - 2011-08-13 19:43 - 00000000 ____D () C:\Program Files (x86)\UOAssist

2014-11-04 18:45 - 2011-01-20 19:23 - 00000000 ____D () C:\ProgramData\RoxioNow

2014-11-04 18:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat

2014-11-04 18:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration

2014-11-04 18:31 - 2013-03-14 12:47 - 00000000 ____D () C:\Program Files (x86)\Java

2014-11-04 17:48 - 2011-08-13 13:50 - 00000000 ____D () C:\Users\Neff11h4l

2014-10-31 14:57 - 2013-10-20 09:52 - 00000000 ____D () C:\ProgramData\Oracle

2014-10-31 14:40 - 2012-02-14 00:39 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-31 14:40 - 2012-02-14 00:38 - 00000000 ____D () C:\ProgramData\Adobe

2014-10-31 14:38 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-10-28 05:34 - 2011-08-13 16:59 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-10-23 02:53 - 2014-04-05 21:39 - 00000000 ____D () C:\Users\Neff11h4l\Desktop\stealth 6.1.4

2014-10-20 14:41 - 2013-06-04 09:44 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001UA

2014-10-20 14:41 - 2013-06-04 09:44 - 00003510 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001Core

2014-10-16 03:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-10-16 02:27 - 2009-07-13 23:45 - 00446712 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-10-16 02:26 - 2012-06-05 16:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-16 02:24 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-10-16 02:24 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-10-16 02:07 - 2011-09-27 20:20 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-10-16 02:04 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT

2014-10-16 02:00 - 2011-08-13 17:03 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-10-15 13:28 - 2011-09-27 21:38 - 00003226 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNEFF11H4L-HP$

2014-10-15 13:28 - 2011-09-27 21:38 - 00000350 _____ () C:\Windows\Tasks\HPCeeScheduleForNEFF11H4L-HP$.job

 

Some content of TEMP:

====================

C:\Users\Neff11h4l\AppData\Local\Temp\APNSetup.exe

C:\Users\Neff11h4l\AppData\Local\Temp\COMAP.EXE

C:\Users\Neff11h4l\AppData\Local\Temp\GameuxInstallHelper.dll

C:\Users\Neff11h4l\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe

C:\Users\Neff11h4l\AppData\Local\Temp\icqsetup.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\MSN4099.exe

C:\Users\Neff11h4l\AppData\Local\Temp\SpotifyUninstall.exe

C:\Users\Neff11h4l\AppData\Local\Temp\UpdateAce File updater.exe

 

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2014-11-05 00:12

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014

Ran by Neff11h4l at 2014-11-06 07:53:48

Running from C:\Users\Neff11h4l\Downloads

Boot Mode: Normal

==========================================================

 

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden

Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Ashampoo Burning Studio 6 FREE v.6.81 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.1 - Ashampoo GmbH & Co. KG)

ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5557 - AVG Technologies)

AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden

AVG 2015 (Version: 15.0.5557 - AVG Technologies) Hidden

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden

Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.9) (Version: 5.0.0.9 - Coupons.com Incorporated)

CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION

DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)

DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden

Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

FrostWire 5.5.1 (HKLM-x32\...\FrostWire 5) (Version: 5.5.1.0 - FrostWire Team)

Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)

Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)

HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)

HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)

HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)

HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)

HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)

HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)

HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)

HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)

HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)

HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)

HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)

HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden

HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.023 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{41CE67B3-7766-4CC0-9E5A-D28DF12072E7}) (Version: 1.0.39.1 - HTC)

Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)

ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)

ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)

iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

join.me (HKCU\...\JoinMe) (Version: 1.13.0.130 - LogMeIn, Inc.)

Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)

LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden

LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)

Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)

Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden

Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)

Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden

OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)

PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)

PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden

PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)

Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)

Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden

PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)

PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden

Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden

Roblox for Neff11h4l (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)

Ultima Online Classic Client (HKLM-x32\...\Ultima Online Classic) (Version:  - Electronic Arts)

Ultima Online Enhanced Client (HKLM-x32\...\Ultima Online Enhanced) (Version:  - Electronic Arts)

UOAssist (HKLM-x32\...\UOAssist) (Version:  - )

UOCartographer 0.9 (HKLM-x32\...\UOCartographer 0.9) (Version:  - UOCartographer.com)

UOS version 1.0.5 (HKLM-x32\...\{FC6804BE-B90F-4C2B-BF21-6A4063C8FD4C}_is1) (Version: 1.0.5 - UOS, Team.)

UOWedding (HKLM-x32\...\ST6UNST #1) (Version:  - )

Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)

Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.5.29 - Earth Networks, Inc.)

Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

21-10-2014 09:55:13 Windows Update

24-10-2014 17:11:56 Windows Update

28-10-2014 18:27:11 Windows Update

31-10-2014 19:56:18 Installed Java 7 Update 71

04-11-2014 22:55:13 Windows Update

05-11-2014 00:41:28 Installed AVG 2015

05-11-2014 00:42:08 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {019AF2CF-3610-4321-B169-914D36E457C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)

Task: {0A5090FC-AAA2-4319-9166-D2CB774FE0FE} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-08-20] (CyberLink)

Task: {1F012D58-FCA1-4A36-B14F-4C864B5867ED} - System32\Tasks\HPCeeScheduleForNEFF11H4L-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)

Task: {3403D95B-39B1-4C30-9F1A-8FDDA1EDA933} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {510AC736-6880-4AD6-BA61-B203AD17EF47} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-08-10] ()

Task: {66F55201-B1B3-4D16-9A49-5A1A90A7423B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-17] (Hewlett-Packard Company)

Task: {8328A0A8-8FCF-41EE-AA31-4DEF6E6C37E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001UA => C:\Users\Neff11h4l\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.)

Task: {8395E674-9AA7-41C2-ADB7-12BB13E359CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-17] (Hewlett-Packard Company)

Task: {908F12FB-A42D-41FD-B374-2EEBEAD73E29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001Core => C:\Users\Neff11h4l\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.)

Task: {A20F0E68-861A-4999-8E65-33A67D2E30A9} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()

Task: {C363677B-DB71-497B-B933-3EAC09411D7B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001Core.job => C:\Users\Neff11h4l\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1426350195-2521714455-2443115798-1001UA.job => C:\Users\Neff11h4l\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

Task: C:\Windows\Tasks\HPCeeScheduleForNEFF11H4L-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-04-13 09:12 - 2012-04-13 09:12 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2010-09-15 13:31 - 2010-09-15 13:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

2009-06-08 19:45 - 2009-06-08 19:45 - 00098304 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-01-20 19:11 - 2011-01-20 19:11 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-06-17 16:17 - 2012-06-17 16:17 - 00023904 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2012-06-17 16:18 - 2012-06-17 16:18 - 00465672 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2012-06-17 16:18 - 2012-06-17 16:18 - 00044896 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2012-06-17 16:18 - 2012-06-17 16:18 - 00035192 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2014-09-28 07:19 - 2014-09-28 07:19 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-1426350195-2521714455-2443115798-500 - Administrator - Disabled)

Guest (S-1-5-21-1426350195-2521714455-2443115798-501 - Limited - Disabled)

Neff11h4l (S-1-5-21-1426350195-2521714455-2443115798-1001 - Administrator - Enabled) => C:\Users\Neff11h4l

 

==================== Faulty Device Manager Devices =============

 

==================== Event log errors: =========================

Application errors:

==================

Error: (11/04/2014 09:54:31 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Nero3D,processorArchitecture="x86",publicKeyToken="782f0d87cd3d50b0",type="win32",version="10.6.0.1"1".

Dependent Assembly Nero3D,processorArchitecture="x86",publicKeyToken="782f0d87cd3d50b0",type="win32",version="10.6.0.1" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (11/04/2014 09:54:11 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "NScCoreComponents,type="win32",version="5.3.0.0"1".

Dependent Assembly NScCoreComponents,type="win32",version="5.3.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (11/04/2014 07:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24

Exception code: 0xc0000024

Fault offset: 0x00000000000cd7e8

Faulting process id: 0xd0c

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (11/04/2014 05:55:23 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4

Faulting module name: mshtml.dll, version: 11.0.9600.17344, time stamp: 0x541b9323

Exception code: 0xc00000fd

Fault offset: 0x0000000000061a68

Faulting process id: 0x140c

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

Error: (11/04/2014 05:59:05 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7

Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22

Exception code: 0xc00000fd

Fault offset: 0x00094fc3

Faulting process id: 0x4cec

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

 

Error: (11/04/2014 05:58:40 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: pazego.exe, version: 15.26.59195.57440, time stamp: 0x54490412

Faulting module name: mshtml.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22

Exception code: 0xc0000005

Fault offset: 0x002cbfa5

Faulting process id: 0x5010

Faulting application start time: 0xpazego.exe0

Faulting application path: pazego.exe1

Faulting module path: pazego.exe2

Report Id: pazego.exe3

Error: (11/04/2014 05:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: msiexec.exe, version: 0.0.0.0, time stamp: 0x5457ada3

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000

Faulting process id: 0xd3c

Faulting application start time: 0xmsiexec.exe0

Faulting application path: msiexec.exe1

Faulting module path: msiexec.exe2

Report Id: msiexec.exe3

 

Error: (11/04/2014 02:13:20 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7

Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22

Exception code: 0xc00000fd

Fault offset: 0x00437ef6

Faulting process id: 0x25a4

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

Error: (11/03/2014 11:55:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7

Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22

Exception code: 0xc00000fd

Fault offset: 0x00094fbf

Faulting process id: 0x2468

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

 

Error: (11/03/2014 11:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7

Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22

Exception code: 0xc00000fd

Fault offset: 0x00094765

Faulting process id: 0x172c

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

 

System errors:

=============

Error: (11/05/2014 11:06:52 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/05/2014 08:09:50 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (11/04/2014 07:15:35 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/04/2014 06:28:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (11/04/2014 06:28:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (11/04/2014 06:28:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (11/04/2014 06:28:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (11/04/2014 06:28:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (11/04/2014 06:28:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

Error: (11/04/2014 06:27:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error:

%%1068

 

Microsoft Office Sessions:

=========================

Error: (11/04/2014 09:54:31 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Nero3D,processorArchitecture="x86",publicKeyToken="782f0d87cd3d50b0",type="win32",version="10.6.0.1"C:\Program Files (x86)\HTC\HTC Sync Manager\NEE\NeroBRServer.exe.Manifest

Error: (11/04/2014 09:54:11 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: NScCoreComponents,type="win32",version="5.3.0.0"C:\Program Files (x86)\HTC\HTC Sync Manager\ptt\NMTvWizard.exe.Manifest

 

Error: (11/04/2014 07:51:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000002400000000000cd7e8d0c01cff88dd5fc0ffcC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllea08dbd5-6485-11e4-9999-6431502f888e

Error: (11/04/2014 05:55:23 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Explorer.EXE6.1.7601.175674d672ee4mshtml.dll11.0.9600.17344541b9323c00000fd0000000000061a68140c01cff881e5e8ad9aC:\Windows\Explorer.EXEC:\Windows\System32\mshtml.dlla826141a-6475-11e4-98e7-6431502f888e

 

Error: (11/04/2014 05:59:05 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094fc34cec01cff81db397d4f3C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll97741ce4-6411-11e4-818e-6431502f888e

Error: (11/04/2014 05:58:40 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: pazego.exe15.26.59195.5744054490412mshtml.dll11.0.9600.17344541b8a22c0000005002cbfa5501001cff81e240935f9C:\Users\Neff11h4l\AppData\Roaming\Ansenyu\pazego.exeC:\Windows\SysWOW64\mshtml.dll888e0c6c-6411-11e4-818e-6431502f888e

 

Error: (11/04/2014 05:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: msiexec.exe0.0.0.05457ada3unknown0.0.0.000000000c000000500000000d3c01cff81a1909ee5bC:\ProgramData\Windows Genuine Advantage\{DC261E36-A1CB-49CD-A702-9493FE41DC19}\msiexec.exeunknown592b6296-640d-11e4-818e-6431502f888e

Error: (11/04/2014 02:13:20 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00437ef625a401cff7fdf3ae61d0C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll0e26dea1-63f2-11e4-818e-6431502f888e

 

Error: (11/03/2014 11:55:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094fbf246801cff7eb8895bb2eC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dlld44a42ec-63de-11e4-818e-6431502f888e

Error: (11/03/2014 11:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd00094765172c01cff7eaecdb7e95C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll366f7a4f-63de-11e4-818e-6431502f888e

 

CodeIntegrity Errors:

===================================

  Date: 2014-11-04 19:53:39.581

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

 

==================== Memory info ===========================

Processor: AMD Phenom II X4 840T Processor

Percentage of memory in use: 17%

Total physical RAM: 16127.29 MB

Available physical RAM: 13254.24 MB

Total Pagefile: 32254.57 MB

Available Pagefile: 29019.71 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:917.78 GB) (Free:733.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (HP_RECOVERY) (Fixed) (Total:13.62 GB) (Free:1.68 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 81F34DAF)

Partition 1: (Active) - (Size=106 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=917.8 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=13.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

RogueKiller V10.0.4.0 [Oct 29 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Neff11h4l [Administrator]

Mode : Scan -- Date : 11/06/2014  08:04:08

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤

[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} -> Found

[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | mobilegeni daemon : C:\Program Files (x86)\Mobogenie\DaemonProcess.exe  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 209.18.47.61 209.18.47.62 [uNITED STATES (US)]  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 209.18.47.61 209.18.47.62 [uNITED STATES (US)]  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 209.18.47.61 209.18.47.62 [uNITED STATES (US)]  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5B5F3A74-A8E9-4DAD-BC47-4C4AEEEE69A9} | DhcpNameServer : 192.168.2.1 209.18.47.61 209.18.47.62 [uNITED STATES (US)]  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5B5F3A74-A8E9-4DAD-BC47-4C4AEEEE69A9} | DhcpNameServer : 192.168.2.1 209.18.47.61 209.18.47.62 [uNITED STATES (US)]  -> Found

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5B5F3A74-A8E9-4DAD-BC47-4C4AEEEE69A9} | DhcpNameServer : 192.168.2.1 209.18.47.61 209.18.47.62 [uNITED STATES (US)]  -> Found

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 1 ¤¤¤

[suspicious.Path] \\Registration -- "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" (Registration ShowMessageTask2D) -> Found

 

¤¤¤ Files : 0 ¤¤¤

 

¤¤¤ Hosts File : 0 ¤¤¤

 

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

 

¤¤¤ Web browsers : 1 ¤¤¤

[PUP][FIREFX:Addon] fszqqwmx.default : Yahoo Toolbar [{635abd67-4fe9-1b23-4f01-e679fa7484c1}] -> Found

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721010CLA332 SATA Disk Device +++++

--- User ---

[MBR] 418b656d9ef0c51db3cb37f7aeafdcde

[bSP] 2df3ecd0172f5edc8e8d46ad5f3f8c42 : Unknown MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 106 MB

1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 224910 | Size: 939810 MB

2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1924958208 | Size: 13945 MB

User = LL1 ... OK

User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++

Error reading User MBR! ([15] The device is not ready. )

Error reading LL1 MBR! NOT VALID!

Error reading LL2 MBR! ([32] The request is not supported. )

 

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++

Error reading User MBR! ([15] The device is not ready. )

Error reading LL1 MBR! NOT VALID!

Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++

Error reading User MBR! ([15] The device is not ready. )

Error reading LL1 MBR! NOT VALID!

Error reading LL2 MBR! ([32] The request is not supported. )

 

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++

Error reading User MBR! ([15] The device is not ready. )

Error reading LL1 MBR! NOT VALID!

Error reading LL2 MBR! ([32] The request is not supported. )

Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en'>https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

 

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window

In the "Scan Type" window, select Quick Scan

Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

 

1) Select the Windows key and R key together to open the "Run" function

2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

 

notepad c:\windows\debug\mrt.log

 

Let me see those logs in your next reply, also give an update on any remaining issues or concerns...

 

Kevin...

 

 

 

Fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014

Ran by Neff11h4l at 2014-11-06 08:25:33 Run:1

Running from C:\Users\Neff11h4l\Downloads

Loaded Profile: Neff11h4l (Available profiles: Neff11h4l)

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

Start

2014-11-04 05:33 - 2014-11-04 06:17 - 00000000 ____D () C:\Users\Neff11h4l\AppData\Roaming\Ansenyu

2014-11-04 05:28 - 2014-11-04 19:15 - 00000000 ____D () C:\ProgramData\ZikoGxisx

2014-11-04 05:28 - 2014-11-04 19:15 - 00000000 ____D () C:\ProgramData\JuzeYlejk

C:\Users\Neff11h4l\AppData\Local\Temp\APNSetup.exe

C:\Users\Neff11h4l\AppData\Local\Temp\COMAP.EXE

C:\Users\Neff11h4l\AppData\Local\Temp\GameuxInstallHelper.dll

C:\Users\Neff11h4l\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe

C:\Users\Neff11h4l\AppData\Local\Temp\icqsetup.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Neff11h4l\AppData\Local\Temp\MSN4099.exe

C:\Users\Neff11h4l\AppData\Local\Temp\SpotifyUninstall.exe

C:\Users\Neff11h4l\AppData\Local\Temp\UpdateAce File updater.exe

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Neff11h4l\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

EmptyTemp:

End

 

*****************

C:\Users\Neff11h4l\AppData\Roaming\Ansenyu => Moved successfully.

C:\ProgramData\ZikoGxisx => Moved successfully.

C:\ProgramData\JuzeYlejk => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\APNSetup.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\COMAP.EXE => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\GameuxInstallHelper.dll => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\icqsetup.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\MSN4099.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\SpotifyUninstall.exe => Moved successfully.

C:\Users\Neff11h4l\AppData\Local\Temp\UpdateAce File updater.exe => Moved successfully.

"HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.

"HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.

"HKU\S-1-5-21-1426350195-2521714455-2443115798-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.

EmptyTemp: => Removed 6.2 GB temporary data.

 

The system needed a reboot.

==== End of Fixlog ====

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 11/6/2014

Scan Time: 9:35:47 AM

Logfile:

Administrator: Yes

 

Version: 2.00.3.1025

Malware Database: v2014.11.06.05

Rootkit Database: v2014.11.01.02

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Neff11h4l

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 345480

Time Elapsed: 20 min, 1 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

(end)

Link to post
Share on other sites

# AdwCleaner v3.311 - Report created 06/11/2014 at 10:00:13

# Updated 30/09/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Neff11h4l - NEFF11H4L-HP

# Running from : C:\Users\Neff11h4l\Downloads\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar

Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar

Folder Deleted : C:\Program Files (x86)\Mobogenie

Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility

Folder Deleted : C:\Users\Neff11h4l\AppData\Local\Mobogenie

Folder Deleted : C:\Users\Neff11h4l\Documents\Mobogenie

Folder Deleted : C:\Users\wangzhisong\AppData\Local\Mobogenie

Folder Deleted : C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Deleted : C:\Users\Neff11h4l\daemonprocess.txt

File Deleted : C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default\user.js

***** [ Scheduled Tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [iCQ Search]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar

Key Deleted : HKLM\SOFTWARE\PIP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.9

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17344

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [iCQ Search]

 

-\\ Mozilla Firefox v32.0.3 (x86 en-US)

 

[ File : C:\Users\Neff11h4l\AppData\Roaming\Mozilla\Firefox\Profiles\fszqqwmx.default\prefs.js ]

 

-\\ Google Chrome v

[ File : C:\Users\Neff11h4l\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}

Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [7280 octets] - [06/11/2014 09:58:08]

AdwCleaner[s0].txt - [6771 octets] - [06/11/2014 10:00:13]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6831 octets] ##########

Link to post
Share on other sites

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v3.22, August 2011

Started On Sat Aug 13 18:03:41 2011

->Scan ERROR: resource process://pid:4696 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sat Aug 13 18:04:24 2011

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.0, September 2011

Started On Fri Sep 16 03:00:37 2011

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Fri Sep 16 03:01:29 2011

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.0, September 2011

Started On Thu Sep 29 03:00:41 2011

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 29 03:01:34 2011

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.1, October 2011

Started On Thu Oct 13 03:04:21 2011

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Oct 13 03:04:57 2011

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.2, November 2011

Started On Thu Nov 10 03:00:52 2011

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Nov 10 03:01:42 2011

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.3, December 2011

Started On Thu Dec 15 03:01:42 2011

->Scan ERROR: resource process://pid:4360 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Dec 15 03:02:33 2011

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.4, January 2012

Started On Thu Jan 12 03:02:59 2012

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Jan 12 03:04:14 2012

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.5, February 2012

Started On Wed Feb 15 03:01:09 2012

->Scan ERROR: resource process://pid:2084 (code 0x00000005 (5))

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 15 03:02:01 2012

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.6, March 2012

Started On Wed Mar 14 03:00:52 2012

->Scan ERROR: resource process://pid:3532 (code 0x00000005 (5))

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Mar 14 03:02:07 2012

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.7, April 2012

Started On Fri Apr 13 03:01:00 2012

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 13 03:02:00 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.8, May 2012

Started On Sun May 13 03:07:07 2012

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sun May 13 03:08:25 2012

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.9, June 2012

Started On Wed Jun 13 03:05:05 2012

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 13 03:06:09 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.10, July 2012

Started On Thu Jul 12 03:02:49 2012

->Scan ERROR: resource process://pid:4276 (code 0x00000490 (1168))

->Scan ERROR: resource process://pid:4316 (code 0x00000490 (1168))

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Jul 12 03:04:18 2012

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

 

Microsoft Windows Malicious Software Removal Tool v4.11, August 2012

Started On Thu Aug 16 03:00:35 2012

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 16 03:01:59 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.12, September 2012

Started On Wed Sep 12 03:00:23 2012

->Scan ERROR: resource process://pid:3384 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 12 03:01:27 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.13, October 2012

Started On Wed Oct 10 03:01:46 2012

->Scan ERROR: resource process://pid:6600 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 10 03:03:04 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.14, November 2012

Started On Wed Nov 14 03:01:25 2012

->Scan ERROR: resource process://pid:5280 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Nov 14 03:02:43 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.15, December 2012

Started On Thu Dec 13 03:02:18 2012

->Scan ERROR: resource process://pid:120 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Dec 13 03:03:46 2012

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.16, January 2013

Started On Thu Jan 10 03:02:03 2013

->Scan ERROR: resource process://pid:116 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Jan 10 03:04:09 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.17, February 2013

Started On Thu Feb 14 03:04:19 2013

->Scan ERROR: resource process://pid:10184 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 14 03:05:45 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.18, March 2013

Started On Thu Mar 14 03:02:51 2013

->Scan ERROR: resource process://pid:3996 (code 0x00000005 (5))

->Scan ERROR: resource process://pid:19412 (code 0x00000490 (1168))

->Scan ERROR: resource process://pid:18588 (code 0x00000490 (1168))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Mar 14 03:04:14 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.19, April 2013

Started On Wed Apr 10 03:01:57 2013

->Scan ERROR: resource process://pid:4312 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 10 03:03:16 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.20, May 2013

Started On Wed May 15 03:05:49 2013

->Scan ERROR: resource process://pid:16024 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed May 15 03:07:12 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.21, June 2013

Started On Thu Jun 13 03:01:49 2013

->Scan ERROR: resource process://pid:22108 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Jun 13 03:03:10 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.22, July 2013

Started On Fri Jul 12 03:07:05 2013

->Scan ERROR: resource process://pid:8068 (code 0x00000490 (1168))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Fri Jul 12 03:08:21 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.3, August 2013 (build 5.3.9301.0)

Started On Thu Aug 15 03:01:05 2013

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 15 03:02:23 2013

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.4, September 2013 (build 5.4.9400.0)

Started On Fri Sep 13 03:02:36 2013

 

Engine: 1.1.9800.0

Signatures: 1.157.932.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Fri Sep 13 03:04:07 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.5, October 2013 (build 5.5.9502.0)

Started On Wed Oct 09 03:03:13 2013

Engine: 1.1.9901.0

Signatures: 1.159.530.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 09 03:04:28 2013

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.6, November 2013 (build 5.6.9603.0)

Started On Wed Nov 13 03:01:25 2013

 

Engine: 1.1.10003.0

Signatures: 1.161.1618.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Nov 13 03:03:17 2013

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.7, December 2013 (build 5.7.9701.0)

Started On Sun Dec 15 03:00:31 2013

Engine: 1.1.10100.0

Signatures: 1.163.1013.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sun Dec 15 03:02:18 2013

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.8, January 2014 (build 5.8.9803.0)

Started On Wed Jan 15 22:28:03 2014

 

Engine: 1.1.10201.0

Signatures: 1.165.1273.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Jan 15 22:30:35 2014

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.9, February 2014 (build 5.9.9902.0)

Started On Sun Feb 16 03:00:25 2014

Engine: 1.1.10201.0

Signatures: 1.165.3163.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 16 03:02:17 2014

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.10, March 2014 (build 5.10.10001.0)

Started On Tue Mar 18 03:00:36 2014

 

Engine: 1.1.10302.0

Signatures: 1.167.1001.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Tue Mar 18 03:02:15 2014

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.11, April 2014 (build 5.11.10100.0)

Started On Thu Apr 10 03:01:08 2014

Engine: 1.1.10401.0

Signatures: 1.169.1258.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 10 03:02:57 2014

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.12, May 2014 (build 5.12.10200.0)

Started On Wed May 14 03:01:35 2014

 

Engine: 1.1.10502.0

Signatures: 1.173.1305.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed May 14 03:03:00 2014

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.13, June 2014 (build 5.13.10300.0)

Started On Sun Jun 15 18:17:28 2014

Engine: 1.1.10600.0

Signatures: 1.175.1113.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sun Jun 15 18:19:09 2014

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.14, July 2014 (build 5.14.10402.0)

Started On Thu Jul 10 03:02:13 2014

 

Engine: 1.1.10701.0

Signatures: 1.177.949.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Jul 10 03:03:39 2014

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)

Started On Wed Aug 13 03:04:37 2014

Engine: 1.1.10802.0

Signatures: 1.179.1796.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Aug 13 03:06:20 2014

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0)

Started On Thu Sep 11 03:01:35 2014

 

Engine: 1.1.10904.0

Signatures: 1.183.882.0

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 11 03:05:12 2014

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.17, October 2014 (build 5.17.10700.0)

Started On Thu Oct 16 03:00:38 2014

Engine: 1.1.11005.0

Signatures: 1.185.2035.0

 

Results Summary:

----------------

No infection found.

Failed to submit clean hearbeat MAPS report: 0x80004005

Microsoft Windows Malicious Software Removal Tool Finished On Thu Oct 16 03:04:45 2014

 

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.17, October 2014 (build 5.17.10700.0)

Started On Thu Nov 06 12:18:16 2014

Engine: 1.1.11005.0

Signatures: 1.185.2035.0

 

Results Summary:

----------------

No infection found.

Link to post
Share on other sites

Ok for Firefox make sure to have ad blockers installed, that will help keep such nuisances away.  For Firefox I have these addons installed:

 

Webutation, Adblock Plus, Adblock Plus Pop-up Addon, Flash Block, NoScipt, Ghostery.. When Firefox is open select these keys together :- Ctrl - Shift - A that will access Addons manger, this gives access to find addons, use, start, stop or disable those features etc....

 

Before using NoScript read from this link http://noscript.net/ makes it easy to understand....

 

I have also just started using CryptoGuard by Hitman Pro, once installed it will protect all Browsers against crypto ransomware infections, is also free. Go to following link for instructions,

 

http://www.surfright.nl/en/alert/cryptoguard'>http://www.surfright.nl/en/alert/cryptoguard

 

If no remaining issues or concerns run the following to clean up:

 

Download "Delfix by Xplode" and save it to your desktop.

 

Or use the following if first link is down:

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


    Activate UAC
    Remove disinfection tools
     Create registry backup
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Part of the routine will be to create a registry back up with ERUNT,  the back up will be created here:

 

C:\Windows\ERUNT

 

When all is known to be well with your system you can delete that back up folder if you consider it as not needed...

 

Any remnant files/logs from tools we have used can be deleted…

 

Next,

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Let me know if its ok to close out...

 

Kevin...

Link to post
Share on other sites

Thanks for the update, run the following:

 

Download TDSSKiller and save it to your Desktop.

Make sure TDSSKiller.exe  is on the Desktop itself, not within a folder on the desktop.

Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

"%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
If Malicious objects are found, do NOT select Delete or Cure. Change the action to Skip, When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.
 

Next,

 

Scan with Gmer rootkit scanner

 

Please download Gmer from Here by clicking on the "Download EXE" Button.

 

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
     
            Sections
            IAT/EAT
            Show All ( should be unchecked by default )
     
  • Leave everything else as it is.
  • Close all other running Programs as well as your Browsers.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.

 

Please post the content of the ark.txt here.

 

 

**Caution**

Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

 

**If GMER crashes** Follow the instructions here and disable your security temporarily…

 

Let me see those two logs...

 

Kevin...

Link to post
Share on other sites

18:48:08.0475 0x119c  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
18:48:11.0049 0x119c  ============================================================
18:48:11.0049 0x119c  Current date / time: 2014/11/06 18:48:11.0049
18:48:11.0049 0x119c  SystemInfo:
18:48:11.0049 0x119c  
18:48:11.0049 0x119c  OS Version: 6.1.7601 ServicePack: 1.0
18:48:11.0049 0x119c  Product type: Workstation
18:48:11.0049 0x119c  ComputerName: NEFF11H4L-HP
18:48:11.0049 0x119c  UserName: Neff11h4l
18:48:11.0049 0x119c  Windows directory: C:\Windows
18:48:11.0049 0x119c  System windows directory: C:\Windows
18:48:11.0049 0x119c  Running under WOW64
18:48:11.0049 0x119c  Processor architecture: Intel x64
18:48:11.0049 0x119c  Number of processors: 4
18:48:11.0049 0x119c  Page size: 0x1000
18:48:11.0049 0x119c  Boot type: Normal boot
18:48:11.0049 0x119c  ============================================================
18:48:11.0408 0x119c  KLMD registered as C:\Windows\system32\drivers\81986515.sys
18:48:11.0860 0x119c  System UUID: {C54BC446-434F-C585-4B03-962D52AC0870}
18:48:12.0391 0x119c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:48:12.0406 0x119c  ============================================================
18:48:12.0406 0x119c  \Device\Harddisk0\DR0:
18:48:12.0406 0x119c  MBR partitions:
18:48:12.0406 0x119c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x35000
18:48:12.0406 0x119c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x36E8E, BlocksNum 0x72B912C1
18:48:12.0406 0x119c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72BC8800, BlocksNum 0x1B3C800
18:48:12.0406 0x119c  ============================================================
18:48:12.0453 0x119c  C: <-> \Device\Harddisk0\DR0\Partition2
18:48:12.0500 0x119c  D: <-> \Device\Harddisk0\DR0\Partition3
18:48:12.0500 0x119c  ============================================================
18:48:12.0500 0x119c  Initialize success
18:48:12.0500 0x119c  ============================================================
18:48:13.0904 0x1bec  ============================================================
18:48:13.0904 0x1bec  Scan started
18:48:13.0904 0x1bec  Mode: Manual;
18:48:13.0904 0x1bec  ============================================================
18:48:13.0904 0x1bec  KSN ping started
18:48:36.0851 0x1bec  KSN ping finished: true
18:48:37.0772 0x1bec  ================ Scan system memory ========================
18:48:37.0787 0x1bec  System memory - ok
18:48:37.0787 0x1bec  ================ Scan services =============================
18:48:37.0975 0x1bec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:48:37.0990 0x1bec  1394ohci - ok
18:48:38.0037 0x1bec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:48:38.0053 0x1bec  ACPI - ok
18:48:38.0053 0x1bec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:48:38.0053 0x1bec  AcpiPmi - ok
18:48:38.0177 0x1bec  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:48:38.0177 0x1bec  AdobeARMservice - ok
18:48:38.0271 0x1bec  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:48:38.0287 0x1bec  AdobeFlashPlayerUpdateSvc - ok
18:48:38.0318 0x1bec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:48:38.0333 0x1bec  adp94xx - ok
18:48:38.0349 0x1bec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:48:38.0365 0x1bec  adpahci - ok
18:48:38.0365 0x1bec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:48:38.0380 0x1bec  adpu320 - ok
18:48:38.0411 0x1bec  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:48:38.0411 0x1bec  AeLookupSvc - ok
18:48:38.0458 0x1bec  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:48:38.0474 0x1bec  AFD - ok
18:48:38.0489 0x1bec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:48:38.0489 0x1bec  agp440 - ok
18:48:38.0505 0x1bec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:48:38.0505 0x1bec  ALG - ok
18:48:38.0536 0x1bec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:48:38.0536 0x1bec  aliide - ok
18:48:38.0583 0x1bec  [ 2FDCB3E855076CE97CCB58E2CF8F2A09, 81D1738401C97F68A0F01A9036F4C7F245B8A375BF2240683A7B30C7C46531AB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:48:38.0583 0x1bec  AMD External Events Utility - ok
18:48:38.0599 0x1bec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

Link to post
Share on other sites

18:48:38.0599 0x1bec  amdide - ok

18:48:38.0614 0x1bec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

18:48:38.0614 0x1bec  AmdK8 - ok

18:48:38.0895 0x1bec  [ 9920704BF815A5B42DA5264F013AAEB7, 0E9310A634ABD6506BBC31824BF8C253F83232A689518CF941AC729DCE1EB7CF ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

18:48:39.0051 0x1bec  amdkmdag - ok

18:48:39.0082 0x1bec  [ 0D1055A47A8F5DC1CAA2701831293EBB, 49D70AE849CABAD4FA2EA58ADD8344ED232D3D541D5E8E7A4417161A62F9E2CE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

18:48:39.0098 0x1bec  amdkmdap - ok

18:48:39.0129 0x1bec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

18:48:39.0129 0x1bec  AmdPPM - ok

18:48:39.0145 0x1bec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

18:48:39.0145 0x1bec  amdsata - ok

18:48:39.0160 0x1bec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

18:48:39.0160 0x1bec  amdsbs - ok

18:48:39.0176 0x1bec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

18:48:39.0176 0x1bec  amdxata - ok

18:48:39.0191 0x1bec  [ 352476C98EF3952563A14F767491BBA9, 386EE7663E04479465145CF41A9226446E4C0473EB31FBC9A81D0500166B812A ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys

18:48:39.0207 0x1bec  amd_sata - ok

18:48:39.0223 0x1bec  [ F4805C309FE48D6939147FE5CCDB1AD4, 2F6C95401A38448460E4B0902A9026B416B2D4133239E04787E4F77152F2DE41 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys

18:48:39.0223 0x1bec  amd_xata - ok

18:48:39.0269 0x1bec  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys

18:48:39.0269 0x1bec  AppID - ok

18:48:39.0285 0x1bec  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

18:48:39.0285 0x1bec  AppIDSvc - ok

18:48:39.0301 0x1bec  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll

18:48:39.0301 0x1bec  Appinfo - ok

18:48:39.0347 0x1bec  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:48:39.0347 0x1bec  Apple Mobile Device - ok

18:48:39.0363 0x1bec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

18:48:39.0363 0x1bec  arc - ok

18:48:39.0379 0x1bec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

18:48:39.0379 0x1bec  arcsas - ok

18:48:39.0519 0x1bec  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:48:39.0535 0x1bec  aspnet_state - ok

18:48:39.0550 0x1bec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

18:48:39.0550 0x1bec  AsyncMac - ok

18:48:39.0581 0x1bec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

18:48:39.0597 0x1bec  atapi - ok

18:48:39.0613 0x1bec  [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys

18:48:39.0613 0x1bec  AtiPcie - ok

18:48:39.0706 0x1bec  [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:48:39.0737 0x1bec  AudioEndpointBuilder - ok

18:48:39.0753 0x1bec  [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

18:48:39.0753 0x1bec  AudioSrv - ok

18:48:39.0831 0x1bec  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys

18:48:39.0831 0x1bec  Avgdiska - ok

18:48:40.0065 0x1bec  [ 5B3013D32525CC51C0CFB96F30603FA8, A26E4CDCDD946DFEF62C010F93914AEC8AD84BFB5A8B30703E63AFE6B93E3292 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

18:48:40.0127 0x1bec  AVGIDSAgent - ok

18:48:40.0174 0x1bec  [ 7F6BE4B64811AFECE52FBAD85E31E378, FADC7E463103B3679C316213293A355252BF4B5F8A228A5C76CC944893752317 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys

18:48:40.0174 0x1bec  AVGIDSDriver - ok

18:48:40.0205 0x1bec  [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys

18:48:40.0205 0x1bec  AVGIDSHA - ok

18:48:40.0252 0x1bec  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys

18:48:40.0252 0x1bec  Avgldx64 - ok

18:48:40.0330 0x1bec  [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys

18:48:40.0330 0x1bec  Avgloga - ok

18:48:40.0361 0x1bec  [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys

18:48:40.0378 0x1bec  Avgmfx64 - ok

18:48:40.0413 0x1bec  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys

18:48:40.0414 0x1bec  Avgrkx64 - ok

18:48:40.0430 0x1bec  [ 0BB7ECAC81554D83A66A0B9F961BB9D0, BBCE86FE8980E06F5A92E8636D6D3F2FD7B6EF7DB999BBEB0E68A5FCB220EDC9 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys

18:48:40.0435 0x1bec  Avgtdia - ok

18:48:40.0477 0x1bec  [ 8006A6254B4DC762336E71FD61971A9D, A0A8116E49E6EA5B08B82C85C94DD795FA899F089604B73F07243E71EE4D9D0F ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

18:48:40.0484 0x1bec  avgwd - ok

18:48:40.0517 0x1bec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

18:48:40.0520 0x1bec  AxInstSV - ok

18:48:40.0560 0x1bec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

18:48:40.0569 0x1bec  b06bdrv - ok

18:48:40.0608 0x1bec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

18:48:40.0613 0x1bec  b57nd60a - ok

18:48:40.0646 0x1bec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

18:48:40.0648 0x1bec  BDESVC - ok

18:48:40.0653 0x1bec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

18:48:40.0653 0x1bec  Beep - ok

18:48:40.0699 0x1bec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

18:48:40.0712 0x1bec  BFE - ok

18:48:40.0757 0x1bec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

18:48:40.0774 0x1bec  BITS - ok

18:48:40.0794 0x1bec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

18:48:40.0795 0x1bec  blbdrive - ok

18:48:40.0881 0x1bec  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:48:40.0889 0x1bec  Bonjour Service - ok

18:48:40.0918 0x1bec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

18:48:40.0920 0x1bec  bowser - ok

18:48:40.0939 0x1bec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:48:40.0939 0x1bec  BrFiltLo - ok

18:48:40.0952 0x1bec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:48:40.0952 0x1bec  BrFiltUp - ok

18:48:40.0995 0x1bec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

18:48:40.0999 0x1bec  Browser - ok

18:48:41.0010 0x1bec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

18:48:41.0015 0x1bec  Brserid - ok

18:48:41.0022 0x1bec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

18:48:41.0023 0x1bec  BrSerWdm - ok

18:48:41.0037 0x1bec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

18:48:41.0038 0x1bec  BrUsbMdm - ok

18:48:41.0043 0x1bec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

18:48:41.0043 0x1bec  BrUsbSer - ok

18:48:41.0063 0x1bec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

18:48:41.0065 0x1bec  BTHMODEM - ok

18:48:41.0098 0x1bec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

18:48:41.0100 0x1bec  bthserv - ok

18:48:41.0113 0x1bec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

18:48:41.0115 0x1bec  cdfs - ok

18:48:41.0143 0x1bec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

18:48:41.0146 0x1bec  cdrom - ok

18:48:41.0191 0x1bec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

18:48:41.0193 0x1bec  CertPropSvc - ok

18:48:41.0199 0x1bec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

18:48:41.0200 0x1bec  circlass - ok

18:48:41.0228 0x1bec  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

18:48:41.0235 0x1bec  CLFS - ok

18:48:41.0285 0x1bec  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:48:41.0287 0x1bec  clr_optimization_v2.0.50727_32 - ok

18:48:41.0327 0x1bec  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:48:41.0329 0x1bec  clr_optimization_v2.0.50727_64 - ok

18:48:41.0403 0x1bec  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:48:41.0403 0x1bec  clr_optimization_v4.0.30319_32 - ok

18:48:41.0418 0x1bec  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:48:41.0418 0x1bec  clr_optimization_v4.0.30319_64 - ok

18:48:41.0450 0x1bec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

18:48:41.0450 0x1bec  CmBatt - ok

18:48:41.0481 0x1bec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

18:48:41.0481 0x1bec  cmdide - ok

18:48:41.0528 0x1bec  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys

18:48:41.0543 0x1bec  CNG - ok

 

Link to post
Share on other sites

18:48:41.0559 0x1bec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

18:48:41.0574 0x1bec  Compbatt - ok

18:48:41.0606 0x1bec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

18:48:41.0606 0x1bec  CompositeBus - ok

18:48:41.0606 0x1bec  COMSysApp - ok

18:48:41.0746 0x1bec  [ FD897BBC73E658C01100BB458A73AAED, BA327BC091239A595B4D5EE9858DF0A99A6C70CD91C9AC0AA70F798BFBB8A85D ] CouponPrinterService C:\Program Files (x86)\Coupons\CouponPrinterService.exe

18:48:41.0762 0x1bec  CouponPrinterService - ok

18:48:41.0793 0x1bec  [ A398ED024F739E7BE74ECFFA8A713A89, 65C7A301B5FD07248435988570DCB1352744B7DDC35B39C1D10C0B34BE170A9B ] CpqDfw          C:\Windows\system32\drivers\CpqDfw.sys

18:48:41.0793 0x1bec  CpqDfw - ok

18:48:41.0793 0x1bec  [ 10FB0FF62AF6262BF88E3607E2AE2A69, 6CF0DADA5F050EDBED15E8B67544B1E129FEF608642712E92A733F4F520429D3 ] cqcpu           C:\Windows\system32\drivers\cqcpu.sys

18:48:41.0793 0x1bec  cqcpu - ok

18:48:41.0808 0x1bec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

18:48:41.0808 0x1bec  crcdisk - ok

18:48:41.0840 0x1bec  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll

18:48:41.0855 0x1bec  CryptSvc - ok

18:48:41.0980 0x1bec  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

18:48:41.0996 0x1bec  cvhsvc - ok

18:48:42.0058 0x1bec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

18:48:42.0058 0x1bec  DcomLaunch - ok

18:48:42.0152 0x1bec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

18:48:42.0167 0x1bec  defragsvc - ok

18:48:42.0214 0x1bec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

18:48:42.0230 0x1bec  DfsC - ok

18:48:42.0261 0x1bec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

18:48:42.0261 0x1bec  Dhcp - ok

18:48:42.0292 0x1bec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

18:48:42.0292 0x1bec  discache - ok

18:48:42.0308 0x1bec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

18:48:42.0308 0x1bec  Disk - ok

18:48:42.0339 0x1bec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

18:48:42.0354 0x1bec  Dnscache - ok

18:48:42.0370 0x1bec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

18:48:42.0370 0x1bec  dot3svc - ok

18:48:42.0401 0x1bec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

18:48:42.0417 0x1bec  DPS - ok

18:48:42.0448 0x1bec  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

18:48:42.0448 0x1bec  drmkaud - ok

18:48:42.0510 0x1bec  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

18:48:42.0526 0x1bec  DXGKrnl - ok

18:48:42.0557 0x1bec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

18:48:42.0557 0x1bec  EapHost - ok

18:48:42.0666 0x1bec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

18:48:42.0713 0x1bec  ebdrv - ok

18:48:42.0760 0x1bec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe

18:48:42.0760 0x1bec  EFS - ok

18:48:42.0822 0x1bec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

18:48:42.0838 0x1bec  ehRecvr - ok

18:48:42.0869 0x1bec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

18:48:42.0869 0x1bec  ehSched - ok

18:48:42.0916 0x1bec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

18:48:42.0932 0x1bec  elxstor - ok

18:48:42.0947 0x1bec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

18:48:42.0947 0x1bec  ErrDev - ok

18:48:43.0025 0x1bec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

18:48:43.0025 0x1bec  EventSystem - ok

18:48:43.0041 0x1bec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

18:48:43.0041 0x1bec  exfat - ok

18:48:43.0041 0x1bec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

18:48:43.0041 0x1bec  fastfat - ok

18:48:43.0103 0x1bec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

18:48:43.0103 0x1bec  Fax - ok

18:48:43.0119 0x1bec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

18:48:43.0119 0x1bec  fdc - ok

18:48:43.0134 0x1bec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

18:48:43.0134 0x1bec  fdPHost - ok

18:48:43.0134 0x1bec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

18:48:43.0150 0x1bec  FDResPub - ok

18:48:43.0166 0x1bec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

18:48:43.0166 0x1bec  FileInfo - ok

18:48:43.0166 0x1bec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

18:48:43.0166 0x1bec  Filetrace - ok

18:48:43.0181 0x1bec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

18:48:43.0181 0x1bec  flpydisk - ok

18:48:43.0197 0x1bec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

18:48:43.0197 0x1bec  FltMgr - ok

18:48:43.0259 0x1bec  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll

18:48:43.0290 0x1bec  FontCache - ok

18:48:43.0322 0x1bec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:48:43.0337 0x1bec  FontCache3.0.0.0 - ok

18:48:43.0353 0x1bec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

18:48:43.0353 0x1bec  FsDepends - ok

18:48:43.0384 0x1bec  [ C2E475625F2C6F7DCDE4E920523A0573, C316D2223008BD5EA022AFB79CC21B841939FA8D511729455E787E59A27A0DE6 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys

18:48:43.0384 0x1bec  fssfltr - ok

18:48:43.0524 0x1bec  [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

18:48:43.0540 0x1bec  fsssvc - ok

18:48:43.0571 0x1bec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

18:48:43.0571 0x1bec  Fs_Rec - ok

18:48:43.0618 0x1bec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

18:48:43.0618 0x1bec  fvevol - ok

18:48:43.0649 0x1bec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

18:48:43.0649 0x1bec  gagp30kx - ok

18:48:43.0743 0x1bec  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

18:48:43.0758 0x1bec  GameConsoleService - ok

18:48:43.0790 0x1bec  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:48:43.0790 0x1bec  GEARAspiWDM - ok

18:48:43.0821 0x1bec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

18:48:43.0836 0x1bec  gpsvc - ok

18:48:43.0852 0x1bec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

18:48:43.0852 0x1bec  hcw85cir - ok

18:48:43.0914 0x1bec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:48:43.0914 0x1bec  HdAudAddService - ok

18:48:43.0977 0x1bec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

18:48:43.0977 0x1bec  HDAudBus - ok

18:48:43.0992 0x1bec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

18:48:43.0992 0x1bec  HidBatt - ok

18:48:44.0008 0x1bec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

18:48:44.0008 0x1bec  HidBth - ok

18:48:44.0055 0x1bec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

18:48:44.0055 0x1bec  HidIr - ok

18:48:44.0070 0x1bec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

18:48:44.0086 0x1bec  hidserv - ok

18:48:44.0148 0x1bec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

18:48:44.0148 0x1bec  HidUsb - ok

18:48:44.0180 0x1bec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

18:48:44.0180 0x1bec  hkmsvc - ok

18:48:44.0211 0x1bec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

18:48:44.0211 0x1bec  HomeGroupListener - ok

18:48:44.0273 0x1bec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

18:48:44.0273 0x1bec  HomeGroupProvider - ok

18:48:44.0320 0x1bec  [ 37965381364B2E106E1DD7D74CDCAA43, 94C30FA88140E802A549549856145824122F138C2697301CDCAAEEEEA3858E12 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

18:48:44.0336 0x1bec  HP Health Check Service - ok

18:48:44.0398 0x1bec  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

18:48:44.0398 0x1bec  HPClientSvc - ok

18:48:44.0460 0x1bec  [ A48A151D3FA7CB032A51453F087221C7, A74EFC7DC4F75BF29C9B459DCDF4D04F13F868D3D10F8D73606A5F03811170CA ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

18:48:44.0460 0x1bec  HPDrvMntSvc.exe - ok

18:48:44.0492 0x1bec  [ 71BD8A611E0677175D3938C9CEA7339A, 40A67671D231DAD8E9AEB5E38BCB8389192B373FD02ACCF960E9F287E1D8C9AD ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

18:48:44.0507 0x1bec  hpqwmiex - ok

18:48:44.0538 0x1bec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

18:48:44.0538 0x1bec  HpSAMD - ok

18:48:44.0570 0x1bec  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys

18:48:44.0570 0x1bec  HTCAND64 - ok

18:48:44.0632 0x1bec  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

18:48:44.0632 0x1bec  HTCMonitorService - ok

18:48:44.0648 0x1bec  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys

18:48:44.0648 0x1bec  htcnprot - ok

18:48:44.0710 0x1bec  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

18:48:44.0726 0x1bec  HTTP - ok

18:48:44.0741 0x1bec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

18:48:44.0741 0x1bec  hwpolicy - ok

18:48:44.0772 0x1bec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

18:48:44.0788 0x1bec  i8042prt - ok

18:48:44.0804 0x1bec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

18:48:44.0804 0x1bec  iaStorV - ok

18:48:44.0866 0x1bec  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:48:44.0866 0x1bec  idsvc - ok

18:48:44.0913 0x1bec  IEEtwCollectorService - ok

18:48:44.0928 0x1bec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

18:48:44.0928 0x1bec  iirsp - ok

18:48:44.0975 0x1bec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

18:48:44.0991 0x1bec  IKEEXT - ok

18:48:45.0100 0x1bec  [ 3C4B4EE54FEBB09F7E9F58776DE96DCA, 4E0320281FB9D02A4D8571597D157C0DF2A85CF17D53775D93CF3C54BEC34B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

18:48:45.0131 0x1bec  IntcAzAudAddService - ok

18:48:45.0178 0x1bec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

18:48:45.0178 0x1bec  intelide - ok

18:48:45.0194 0x1bec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

18:48:45.0194 0x1bec  intelppm - ok

18:48:45.0209 0x1bec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

18:48:45.0209 0x1bec  IPBusEnum - ok

18:48:45.0240 0x1bec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:48:45.0240 0x1bec  IpFilterDriver - ok

18:48:45.0287 0x1bec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

18:48:45.0303 0x1bec  iphlpsvc - ok

18:48:45.0334 0x1bec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

18:48:45.0334 0x1bec  IPMIDRV - ok

18:48:45.0350 0x1bec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

18:48:45.0350 0x1bec  IPNAT - ok

18:48:45.0428 0x1bec  [ 6E50CFA46527B39015B750AAD161C5CC, 93F99EF7771C56EBE41FBC0C668F686644FBDF94E31456D3F5A9A8AE2F70EAB6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

18:48:45.0459 0x1bec  iPod Service - ok

18:48:45.0474 0x1bec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

18:48:45.0474 0x1bec  IRENUM - ok

18:48:45.0490 0x1bec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

18:48:45.0490 0x1bec  isapnp - ok

18:48:45.0521 0x1bec  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

18:48:45.0521 0x1bec  iScsiPrt - ok

18:48:45.0537 0x1bec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

18:48:45.0537 0x1bec  kbdclass - ok

18:48:45.0552 0x1bec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

18:48:45.0552 0x1bec  kbdhid - ok

18:48:45.0584 0x1bec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe

18:48:45.0584 0x1bec  KeyIso - ok

18:48:45.0630 0x1bec  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

18:48:45.0630 0x1bec  KSecDD - ok

18:48:45.0646 0x1bec  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

18:48:45.0662 0x1bec  KSecPkg - ok

18:48:45.0677 0x1bec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

18:48:45.0677 0x1bec  ksthunk - ok

18:48:45.0708 0x1bec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

18:48:45.0724 0x1bec  KtmRm - ok

18:48:45.0833 0x1bec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

18:48:45.0849 0x1bec  LanmanServer - ok

18:48:45.0911 0x1bec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:48:45.0911 0x1bec  LanmanWorkstation - ok

18:48:45.0958 0x1bec  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys

18:48:45.0958 0x1bec  LGBusEnum - ok

18:48:45.0989 0x1bec  [ 6EB4AFF7873275925A6EB2EFEB5BE933, EFE82519864838407E0C7C2512DA0DEB9D83B63999D22324CD4DA74EE18CCE17 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys

18:48:45.0989 0x1bec  LGSHidFilt - ok

18:48:46.0005 0x1bec  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys

18:48:46.0005 0x1bec  LGVirHid - ok

18:48:46.0052 0x1bec  [ 7550D101BF49FDB1F92666A233EE36C4, 281EE6C9AAE0A3FDA8D0FE7CD6BA55C481B8719799A526601FEA0542345CAF18 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

18:48:46.0052 0x1bec  LightScribeService - ok

18:48:46.0083 0x1bec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

18:48:46.0083 0x1bec  lltdio - ok

18:48:46.0130 0x1bec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

18:48:46.0130 0x1bec  lltdsvc - ok

18:48:46.0145 0x1bec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

18:48:46.0145 0x1bec  lmhosts - ok

18:48:46.0176 0x1bec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

18:48:46.0176 0x1bec  LSI_FC - ok

18:48:46.0176 0x1bec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

18:48:46.0192 0x1bec  LSI_SAS - ok

18:48:46.0192 0x1bec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:48:46.0192 0x1bec  LSI_SAS2 - ok

18:48:46.0208 0x1bec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:48:46.0208 0x1bec  LSI_SCSI - ok

18:48:46.0208 0x1bec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

18:48:46.0208 0x1bec  luafv - ok

18:48:46.0254 0x1bec  [ 5C3669B71657F22E67A1D4BD49D2CBE7, 7CAE59AA6CA9CBBD70BBD707A155FB169BF3F71096275BF7C0F415B6A092C671 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

18:48:46.0254 0x1bec  MBAMProtector - ok

18:48:46.0364 0x1bec  [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

18:48:46.0395 0x1bec  MBAMScheduler - ok

18:48:46.0442 0x1bec  [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

18:48:46.0457 0x1bec  MBAMService - ok

18:48:46.0488 0x1bec  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

18:48:46.0488 0x1bec  MBAMSwissArmy - ok

18:48:46.0520 0x1bec  [ 95EF63A7827D4E3A229CBBCB42619E93, FA38DD035B2C4FC82B60868F49D45A39FBBC96096AAD5A2C8BD752A250255BA7 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

18:48:46.0520 0x1bec  MBAMWebAccessControl - ok

18:48:46.0551 0x1bec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

18:48:46.0551 0x1bec  Mcx2Svc - ok

18:48:46.0566 0x1bec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

18:48:46.0566 0x1bec  megasas - ok

18:48:46.0582 0x1bec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

18:48:46.0582 0x1bec  MegaSR - ok

18:48:46.0598 0x1bec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

18:48:46.0598 0x1bec  MMCSS - ok

18:48:46.0613 0x1bec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

18:48:46.0613 0x1bec  Modem - ok

18:48:46.0629 0x1bec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

18:48:46.0629 0x1bec  monitor - ok

18:48:46.0660 0x1bec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

18:48:46.0660 0x1bec  mouclass - ok

18:48:46.0691 0x1bec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

18:48:46.0691 0x1bec  mouhid - ok

18:48:46.0722 0x1bec  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

18:48:46.0722 0x1bec  mountmgr - ok

18:48:46.0785 0x1bec  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

18:48:46.0785 0x1bec  MozillaMaintenance - ok

18:48:46.0800 0x1bec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

18:48:46.0816 0x1bec  mpio - ok

18:48:46.0832 0x1bec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

18:48:46.0832 0x1bec  mpsdrv - ok

18:48:46.0863 0x1bec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

18:48:46.0878 0x1bec  MpsSvc - ok

18:48:46.0910 0x1bec  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

18:48:46.0925 0x1bec  MRxDAV - ok

18:48:46.0941 0x1bec  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

18:48:46.0956 0x1bec  mrxsmb - ok

18:48:46.0972 0x1bec  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:48:46.0972 0x1bec  mrxsmb10 - ok

18:48:46.0988 0x1bec  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:48:46.0988 0x1bec  mrxsmb20 - ok

18:48:47.0003 0x1bec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

18:48:47.0003 0x1bec  msahci - ok

18:48:47.0019 0x1bec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

18:48:47.0034 0x1bec  msdsm - ok

18:48:47.0050 0x1bec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

18:48:47.0050 0x1bec  MSDTC - ok

18:48:47.0066 0x1bec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

18:48:47.0066 0x1bec  Msfs - ok

18:48:47.0081 0x1bec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

18:48:47.0081 0x1bec  mshidkmdf - ok

18:48:47.0112 0x1bec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

18:48:47.0112 0x1bec  msisadrv - ok

18:48:47.0144 0x1bec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

18:48:47.0144 0x1bec  MSiSCSI - ok

18:48:47.0144 0x1bec  msiserver - ok

18:48:47.0159 0x1bec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

18:48:47.0159 0x1bec  MSKSSRV - ok

18:48:47.0175 0x1bec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

18:48:47.0175 0x1bec  MSPCLOCK - ok

18:48:47.0175 0x1bec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

18:48:47.0175 0x1bec  MSPQM - ok

18:48:47.0206 0x1bec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

18:48:47.0222 0x1bec  MsRPC - ok

18:48:47.0222 0x1bec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

18:48:47.0222 0x1bec  mssmbios - ok

18:48:47.0237 0x1bec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

18:48:47.0237 0x1bec  MSTEE - ok

18:48:47.0237 0x1bec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

18:48:47.0253 0x1bec  MTConfig - ok

18:48:47.0253 0x1bec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

18:48:47.0253 0x1bec  Mup - ok

18:48:47.0284 0x1bec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

18:48:47.0284 0x1bec  napagent - ok

18:48:47.0315 0x1bec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

18:48:47.0331 0x1bec  NativeWifiP - ok

18:48:47.0409 0x1bec  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

18:48:47.0456 0x1bec  NDIS - ok

18:48:47.0471 0x1bec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

18:48:47.0471 0x1bec  NdisCap - ok

18:48:47.0487 0x1bec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

18:48:47.0487 0x1bec  NdisTapi - ok

18:48:47.0518 0x1bec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

18:48:47.0518 0x1bec  Ndisuio - ok

18:48:47.0534 0x1bec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

18:48:47.0534 0x1bec  NdisWan - ok

18:48:47.0565 0x1bec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

18:48:47.0565 0x1bec  NDProxy - ok

18:48:47.0580 0x1bec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

18:48:47.0580 0x1bec  NetBIOS - ok

18:48:47.0596 0x1bec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

18:48:47.0596 0x1bec  NetBT - ok

18:48:47.0627 0x1bec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe

18:48:47.0627 0x1bec  Netlogon - ok

18:48:47.0674 0x1bec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

18:48:47.0674 0x1bec  Netman - ok

18:48:47.0705 0x1bec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:47.0705 0x1bec  NetMsmqActivator - ok

18:48:47.0721 0x1bec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:47.0721 0x1bec  NetPipeActivator - ok

18:48:47.0752 0x1bec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

18:48:47.0768 0x1bec  netprofm - ok

18:48:47.0861 0x1bec  [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys

18:48:47.0908 0x1bec  netr28x - ok

18:48:47.0908 0x1bec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:47.0924 0x1bec  NetTcpActivator - ok

18:48:47.0924 0x1bec  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:47.0924 0x1bec  NetTcpPortSharing - ok

18:48:47.0955 0x1bec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

18:48:47.0955 0x1bec  nfrd960 - ok

18:48:47.0970 0x1bec  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

18:48:47.0970 0x1bec  NlaSvc - ok

18:48:47.0986 0x1bec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

18:48:47.0986 0x1bec  Npfs - ok

18:48:48.0002 0x1bec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

18:48:48.0002 0x1bec  nsi - ok

18:48:48.0002 0x1bec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

18:48:48.0002 0x1bec  nsiproxy - ok

18:48:48.0064 0x1bec  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

18:48:48.0095 0x1bec  Ntfs - ok

18:48:48.0126 0x1bec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

18:48:48.0126 0x1bec  Null - ok

18:48:48.0142 0x1bec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

18:48:48.0142 0x1bec  nvraid - ok

18:48:48.0173 0x1bec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

18:48:48.0173 0x1bec  nvstor - ok

18:48:48.0204 0x1bec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

18:48:48.0204 0x1bec  nv_agp - ok

18:48:48.0220 0x1bec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

18:48:48.0220 0x1bec  ohci1394 - ok

18:48:48.0267 0x1bec  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:48:48.0267 0x1bec  ose - ok

18:48:48.0448 0x1bec  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

18:48:48.0541 0x1bec  osppsvc - ok

18:48:48.0586 0x1bec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

18:48:48.0593 0x1bec  p2pimsvc - ok

18:48:48.0617 0x1bec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

18:48:48.0627 0x1bec  p2psvc - ok

18:48:48.0655 0x1bec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

18:48:48.0657 0x1bec  Parport - ok

18:48:48.0682 0x1bec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

18:48:48.0683 0x1bec  partmgr - ok

18:48:48.0718 0x1bec  [ 9987ABA0E5DD0D46C95076B157B38C06, 476E8EDDB60B77E2EC04AED62A69FE043FE0DD7BB99C9ECFE8E8528BBAE55102 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

18:48:48.0720 0x1bec  PassThru Service - ok

18:48:48.0767 0x1bec  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll

18:48:48.0771 0x1bec  PcaSvc - ok

18:48:48.0808 0x1bec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

18:48:48.0812 0x1bec  pci - ok

18:48:48.0831 0x1bec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

18:48:48.0832 0x1bec  pciide - ok

18:48:48.0851 0x1bec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

18:48:48.0855 0x1bec  pcmcia - ok

18:48:48.0863 0x1bec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

18:48:48.0864 0x1bec  pcw - ok

18:48:48.0901 0x1bec  pdfcDispatcher - ok

18:48:48.0933 0x1bec  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

18:48:48.0946 0x1bec  PEAUTH - ok

18:48:49.0018 0x1bec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

18:48:49.0020 0x1bec  PerfHost - ok

18:48:49.0086 0x1bec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

18:48:49.0112 0x1bec  pla - ok

18:48:49.0160 0x1bec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

18:48:49.0169 0x1bec  PlugPlay - ok

18:48:49.0186 0x1bec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

18:48:49.0188 0x1bec  PNRPAutoReg - ok

18:48:49.0199 0x1bec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

18:48:49.0206 0x1bec  PNRPsvc - ok

18:48:49.0247 0x1bec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

18:48:49.0257 0x1bec  PolicyAgent - ok

18:48:49.0280 0x1bec  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

18:48:49.0284 0x1bec  Power - ok

18:48:49.0320 0x1bec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

18:48:49.0322 0x1bec  PptpMiniport - ok

18:48:49.0346 0x1bec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

18:48:49.0348 0x1bec  Processor - ok

18:48:49.0379 0x1bec  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

18:48:49.0384 0x1bec  ProfSvc - ok

18:48:49.0410 0x1bec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

18:48:49.0412 0x1bec  ProtectedStorage - ok

18:48:49.0439 0x1bec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

18:48:49.0442 0x1bec  Psched - ok

18:48:49.0509 0x1bec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

18:48:49.0537 0x1bec  ql2300 - ok

18:48:49.0547 0x1bec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

18:48:49.0550 0x1bec  ql40xx - ok

18:48:49.0573 0x1bec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

18:48:49.0579 0x1bec  QWAVE - ok

18:48:49.0585 0x1bec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

18:48:49.0586 0x1bec  QWAVEdrv - ok

18:48:49.0591 0x1bec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

18:48:49.0591 0x1bec  RasAcd - ok

18:48:49.0607 0x1bec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

18:48:49.0609 0x1bec  RasAgileVpn - ok

18:48:49.0623 0x1bec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

18:48:49.0626 0x1bec  RasAuto - ok

18:48:49.0652 0x1bec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

18:48:49.0655 0x1bec  Rasl2tp - ok

18:48:49.0704 0x1bec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

18:48:49.0712 0x1bec  RasMan - ok

18:48:49.0739 0x1bec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

18:48:49.0741 0x1bec  RasPppoe - ok

18:48:49.0748 0x1bec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

18:48:49.0750 0x1bec  RasSstp - ok

18:48:49.0774 0x1bec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

18:48:49.0781 0x1bec  rdbss - ok

18:48:49.0795 0x1bec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

18:48:49.0796 0x1bec  rdpbus - ok

18:48:49.0809 0x1bec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

18:48:49.0809 0x1bec  RDPCDD - ok

18:48:49.0817 0x1bec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

18:48:49.0818 0x1bec  RDPENCDD - ok

18:48:49.0826 0x1bec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

18:48:49.0827 0x1bec  RDPREFMP - ok

18:48:49.0914 0x1bec  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

18:48:49.0915 0x1bec  RdpVideoMiniport - ok

18:48:49.0945 0x1bec  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

18:48:49.0950 0x1bec  RDPWD - ok

18:48:49.0969 0x1bec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

18:48:49.0973 0x1bec  rdyboost - ok

18:48:50.0002 0x1bec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

18:48:50.0005 0x1bec  RemoteAccess - ok

18:48:50.0037 0x1bec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

18:48:50.0042 0x1bec  RemoteRegistry - ok

18:48:50.0104 0x1bec  [ C1568E17039B2EC2B73A4F880DDD51E5, B193BA01D3EA9EF8052F2053CB70DC528232F21FECBE78C83E8048A7F90E8951 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

18:48:50.0111 0x1bec  RoxioNow Service - ok

18:48:50.0134 0x1bec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

18:48:50.0136 0x1bec  RpcEptMapper - ok

18:48:50.0166 0x1bec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

18:48:50.0167 0x1bec  RpcLocator - ok

18:48:50.0202 0x1bec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

18:48:50.0213 0x1bec  RpcSs - ok

18:48:50.0244 0x1bec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

18:48:50.0246 0x1bec  rspndr - ok

18:48:50.0289 0x1bec  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

18:48:50.0298 0x1bec  RTL8167 - ok

18:48:50.0318 0x1bec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe

18:48:50.0320 0x1bec  SamSs - ok

18:48:50.0362 0x1bec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

18:48:50.0365 0x1bec  sbp2port - ok

18:48:50.0403 0x1bec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

18:48:50.0408 0x1bec  SCardSvr - ok

18:48:50.0424 0x1bec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

18:48:50.0425 0x1bec  scfilter - ok

18:48:50.0475 0x1bec  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

18:48:50.0497 0x1bec  Schedule - ok

18:48:50.0523 0x1bec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

18:48:50.0526 0x1bec  SCPolicySvc - ok

18:48:50.0554 0x1bec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

18:48:50.0558 0x1bec  SDRSVC - ok

18:48:50.0597 0x1bec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

18:48:50.0598 0x1bec  secdrv - ok

18:48:50.0610 0x1bec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

18:48:50.0612 0x1bec  seclogon - ok

18:48:50.0622 0x1bec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

18:48:50.0625 0x1bec  SENS - ok

1

Link to post
Share on other sites

8:48:50.0639 0x1bec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

18:48:50.0641 0x1bec  SensrSvc - ok

18:48:50.0657 0x1bec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

18:48:50.0658 0x1bec  Serenum - ok

 

18:48:50.0666 0x1bec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

18:48:50.0668 0x1bec  Serial - ok

18:48:50.0682 0x1bec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

18:48:50.0683 0x1bec  sermouse - ok

 

18:48:50.0708 0x1bec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

18:48:50.0712 0x1bec  SessionEnv - ok

18:48:50.0733 0x1bec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

18:48:50.0733 0x1bec  sffdisk - ok

 

18:48:50.0743 0x1bec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

18:48:50.0744 0x1bec  sffp_mmc - ok

18:48:50.0749 0x1bec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

18:48:50.0750 0x1bec  sffp_sd - ok

 

18:48:50.0754 0x1bec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

18:48:50.0755 0x1bec  sfloppy - ok

18:48:50.0796 0x1bec  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys

18:48:50.0812 0x1bec  Sftfs - ok

 

18:48:50.0879 0x1bec  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

18:48:50.0889 0x1bec  sftlist - ok

18:48:50.0907 0x1bec  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys

18:48:50.0912 0x1bec  Sftplay - ok

 

18:48:50.0928 0x1bec  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys

18:48:50.0930 0x1bec  Sftredir - ok

18:48:50.0944 0x1bec  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys

18:48:50.0945 0x1bec  Sftvol - ok

 

18:48:50.0967 0x1bec  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

18:48:50.0971 0x1bec  sftvsa - ok

18:48:51.0012 0x1bec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

18:48:51.0019 0x1bec  SharedAccess - ok

 

18:48:51.0044 0x1bec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:48:51.0053 0x1bec  ShellHWDetection - ok

18:48:51.0068 0x1bec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:48:51.0069 0x1bec  SiSRaid2 - ok

 

18:48:51.0076 0x1bec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

18:48:51.0078 0x1bec  SiSRaid4 - ok

18:48:51.0108 0x1bec  [ A0FD911FEEA045D4A4F5154666C76EC7, 0777AA3172E37812FDEA78D051D99CCC8CD240B5BF74D61F372F990A29F8937F ] SIVDRIVER       C:\Windows\system32\Drivers\SIVX64.sys

18:48:51.0110 0x1bec  SIVDRIVER - ok

 

18:48:51.0159 0x1bec  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

18:48:51.0163 0x1bec  SkypeUpdate - ok

18:48:51.0181 0x1bec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

18:48:51.0183 0x1bec  Smb - ok

 

18:48:51.0216 0x1bec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

18:48:51.0217 0x1bec  SNMPTRAP - ok

18:48:51.0222 0x1bec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

18:48:51.0223 0x1bec  spldr - ok

 

18:48:51.0260 0x1bec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

18:48:51.0272 0x1bec  Spooler - ok

18:48:51.0371 0x1bec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

18:48:51.0449 0x1bec  sppsvc - ok

 

18:48:51.0464 0x1bec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

18:48:51.0464 0x1bec  sppuinotify - ok

18:48:51.0480 0x1bec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

18:48:51.0496 0x1bec  srv - ok

 

18:48:51.0511 0x1bec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

18:48:51.0511 0x1bec  srv2 - ok

18:48:51.0542 0x1bec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

18:48:51.0542 0x1bec  srvnet - ok

 

18:48:51.0574 0x1bec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

18:48:51.0574 0x1bec  SSDPSRV - ok

18:48:51.0574 0x1bec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

18:48:51.0589 0x1bec  SstpSvc - ok

 

18:48:51.0605 0x1bec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

18:48:51.0605 0x1bec  stexstor - ok

18:48:51.0652 0x1bec  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

18:48:51.0652 0x1bec  StillCam - ok

 

18:48:51.0730 0x1bec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

18:48:51.0745 0x1bec  stisvc - ok

18:48:51.0761 0x1bec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys

18:48:51.0761 0x1bec  swenum - ok

 

18:48:51.0792 0x1bec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

18:48:51.0808 0x1bec  swprv - ok

18:48:51.0870 0x1bec  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

18:48:51.0901 0x1bec  SysMain - ok

 

18:48:51.0917 0x1bec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:48:51.0917 0x1bec  TabletInputService - ok

18:48:51.0948 0x1bec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

18:48:51.0948 0x1bec  TapiSrv - ok

 

18:48:51.0964 0x1bec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

18:48:51.0964 0x1bec  TBS - ok

18:48:52.0057 0x1bec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

18:48:52.0088 0x1bec  Tcpip - ok

 

18:48:52.0151 0x1bec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

18:48:52.0182 0x1bec  TCPIP6 - ok

18:48:52.0213 0x1bec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

18:48:52.0213 0x1bec  tcpipreg - ok

 

18:48:52.0229 0x1bec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

18:48:52.0229 0x1bec  TDPIPE - ok

18:48:52.0244 0x1bec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

18:48:52.0244 0x1bec  TDTCP - ok

 

18:48:52.0260 0x1bec  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

18:48:52.0276 0x1bec  tdx - ok

18:48:52.0291 0x1bec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys

18:48:52.0307 0x1bec  TermDD - ok

 

18:48:52.0354 0x1bec  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll

18:48:52.0354 0x1bec  TermService - ok

18:48:52.0400 0x1bec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

18:48:52.0400 0x1bec  Themes - ok

 

18:48:52.0416 0x1bec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

18:48:52.0416 0x1bec  THREADORDER - ok

18:48:52.0432 0x1bec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

18:48:52.0447 0x1bec  TrkWks - ok

 

18:48:52.0478 0x1bec  [ A1965DFC0CD91E7CFC42925F8F597274, 7478D7DACD94F0C3D4F0CDAC9CD71CB03CB45C503DE6B1207A51F989844CB1F3 ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys

18:48:52.0478 0x1bec  TrueSight - ok

18:48:52.0525 0x1bec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:48:52.0525 0x1bec  TrustedInstaller - ok

 

18:48:52.0556 0x1bec  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

18:48:52.0556 0x1bec  tssecsrv - ok

18:48:52.0619 0x1bec  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

18:48:52.0619 0x1bec  TsUsbFlt - ok

 

18:48:52.0666 0x1bec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

18:48:52.0666 0x1bec  tunnel - ok

18:48:52.0790 0x1bec  [ 56C10D3338B01D3FBCC5AF24B3833E1C, 99ABF0D33E2372521384DA3C98FD4A3534155AD5B6B7852EBE94E098AA3DC9B8 ] tvnserver       C:\Program Files\TightVNC\tvnserver.exe

18:48:52.0822 0x1bec  tvnserver - ok

 

18:48:52.0853 0x1bec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

18:48:52.0853 0x1bec  uagp35 - ok

18:48:52.0884 0x1bec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

18:48:52.0884 0x1bec  udfs - ok

 

18:48:52.0915 0x1bec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

18:48:52.0915 0x1bec  UI0Detect - ok

18:48:52.0946 0x1bec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

18:48:52.0946 0x1bec  uliagpkx - ok

 

18:48:52.0978 0x1bec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys

18:48:52.0978 0x1bec  umbus - ok

18:48:53.0009 0x1bec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

18:48:53.0009 0x1bec  UmPass - ok

 

18:48:53.0024 0x1bec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

18:48:53.0024 0x1bec  upnphost - ok

18:48:53.0056 0x1bec  [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

18:48:53.0071 0x1bec  USBAAPL64 - ok

 

18:48:53.0087 0x1bec  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

18:48:53.0087 0x1bec  usbaudio - ok

18:48:53.0102 0x1bec  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

18:48:53.0102 0x1bec  usbccgp - ok

 

18:48:53.0118 0x1bec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

18:48:53.0118 0x1bec  usbcir - ok

18:48:53.0149 0x1bec  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

18:48:53.0149 0x1bec  usbehci - ok

 

18:48:53.0180 0x1bec  [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys

18:48:53.0180 0x1bec  usbfilter - ok

18:48:53.0227 0x1bec  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

18:48:53.0227 0x1bec  usbhub - ok

 

18:48:53.0243 0x1bec  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

18:48:53.0243 0x1bec  usbohci - ok

18:48:53.0274 0x1bec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

18:48:53.0274 0x1bec  usbprint - ok

 

18:48:53.0274 0x1bec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:48:53.0274 0x1bec  USBSTOR - ok

18:48:53.0290 0x1bec  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

18:48:53.0290 0x1bec  usbuhci - ok

 

18:48:53.0305 0x1bec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

18:48:53.0321 0x1bec  UxSms - ok

18:48:53.0352 0x1bec  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe

18:48:53.0352 0x1bec  VaultSvc - ok

 

18:48:53.0368 0x1bec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

18:48:53.0383 0x1bec  vdrvroot - ok

18:48:53.0414 0x1bec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

18:48:53.0430 0x1bec  vds - ok

 

18:48:53.0430 0x1bec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

18:48:53.0430 0x1bec  vga - ok

18:48:53.0430 0x1bec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

18:48:53.0430 0x1bec  VgaSave - ok

 

18:48:53.0461 0x1bec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

18:48:53.0477 0x1bec  vhdmp - ok

18:48:53.0492 0x1bec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

18:48:53.0492 0x1bec  viaide - ok

 

18:48:53.0492 0x1bec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

18:48:53.0508 0x1bec  volmgr - ok

18:48:53.0539 0x1bec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

18:48:53.0539 0x1bec  volmgrx - ok

 

18:48:53.0570 0x1bec  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

18:48:53.0570 0x1bec  volsnap - ok

18:48:53.0602 0x1bec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

18:48:53.0602 0x1bec  vsmraid - ok

 

18:48:53.0664 0x1bec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

18:48:53.0695 0x1bec  VSS - ok

18:48:53.0711 0x1bec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

18:48:53.0711 0x1bec  vwifibus - ok

 

18:48:53.0726 0x1bec  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

18:48:53.0726 0x1bec  vwififlt - ok

18:48:53.0742 0x1bec  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

18:48:53.0742 0x1bec  vwifimp - ok

 

18:48:53.0789 0x1bec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

18:48:53.0789 0x1bec  W32Time - ok

18:48:53.0804 0x1bec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

18:48:53.0804 0x1bec  WacomPen - ok

 

18:48:53.0836 0x1bec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

18:48:53.0851 0x1bec  WANARP - ok

18:48:53.0851 0x1bec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

18:48:53.0851 0x1bec  Wanarpv6 - ok

 

18:48:53.0960 0x1bec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

18:48:53.0976 0x1bec  WatAdminSvc - ok

18:48:54.0038 0x1bec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

18:48:54.0054 0x1bec  wbengine - ok

 

18:48:54.0085 0x1bec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

18:48:54.0101 0x1bec  WbioSrvc - ok

18:48:54.0116 0x1bec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

18:48:54.0132 0x1bec  wcncsvc - ok

 

18:48:54.0148 0x1bec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:48:54.0148 0x1bec  WcsPlugInService - ok

18:48:54.0148 0x1bec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

18:48:54.0148 0x1bec  Wd - ok

 

18:48:54.0194 0x1bec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

18:48:54.0210 0x1bec  Wdf01000 - ok

18:48:54.0241 0x1bec  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

18:48:54.0241 0x1bec  WdiServiceHost - ok

 

18:48:54.0241 0x1bec  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

18:48:54.0241 0x1bec  WdiSystemHost - ok

18:48:54.0272 0x1bec  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

18:48:54.0272 0x1bec  WebClient - ok

 

18:48:54.0288 0x1bec  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

18:48:54.0288 0x1bec  Wecsvc - ok

18:48:54.0304 0x1bec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

18:48:54.0304 0x1bec  wercplsupport - ok

 

18:48:54.0335 0x1bec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

18:48:54.0335 0x1bec  WerSvc - ok

18:48:54.0350 0x1bec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

18:48:54.0350 0x1bec  WfpLwf - ok

 

18:48:54.0350 0x1bec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

18:48:54.0350 0x1bec  WIMMount - ok

18:48:54.0366 0x1bec  WinDefend - ok

18:48:54.0382 0x1bec  WinHttpAutoProxySvc - ok

 

18:48:54.0444 0x1bec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

18:48:54.0444 0x1bec  Winmgmt - ok

18:48:54.0506 0x1bec  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

18:48:54.0553 0x1bec  WinRM - ok

 

18:48:54.0584 0x1bec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

18:48:54.0584 0x1bec  WinUsb - ok

18:48:54.0631 0x1bec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

18:48:54.0647 0x1bec  Wlansvc - ok

 

18:48:54.0803 0x1bec  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:48:54.0834 0x1bec  wlidsvc - ok

18:48:54.0865 0x1bec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

18:48:54.0865 0x1bec  WmiAcpi - ok

 

18:48:54.0881 0x1bec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

18:48:54.0881 0x1bec  wmiApSrv - ok

18:48:54.0928 0x1bec  WMPNetworkSvc - ok

18:48:54.0943 0x1bec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

 

18:48:54.0943 0x1bec  WPCSvc - ok

18:48:54.0959 0x1bec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

18:48:54.0959 0x1bec  WPDBusEnum - ok

18:48:54.0990 0x1bec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

 

18:48:54.0990 0x1bec  ws2ifsl - ok

18:48:55.0006 0x1bec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

18:48:55.0006 0x1bec  wscsvc - ok

18:48:55.0006 0x1bec  WSearch - ok

 

18:48:55.0130 0x1bec  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll

18:48:55.0177 0x1bec  wuauserv - ok

18:48:55.0208 0x1bec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

18:48:55.0208 0x1bec  WudfPf - ok

 

18:48:55.0224 0x1bec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

18:48:55.0224 0x1bec  WUDFRd - ok

18:48:55.0255 0x1bec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

18:48:55.0255 0x1bec  wudfsvc - ok

 

18:48:55.0286 0x1bec  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

18:48:55.0286 0x1bec  WwanSvc - ok

18:48:55.0364 0x1bec  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

18:48:55.0380 0x1bec  YahooAUService - ok

 

18:48:55.0396 0x1bec  ================ Scan global ===============================

18:48:55.0427 0x1bec  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

18:48:55.0458 0x1bec  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

18:48:55.0474 0x1bec  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

 

18:48:55.0505 0x1bec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

18:48:55.0536 0x1bec  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

18:48:55.0536 0x1bec  [ Global ] - ok

18:48:55.0536 0x1bec  ================ Scan MBR ==================================

 

18:48:55.0552 0x1bec  [ 8ED45F82A523D20C40C3A913F13072A6 ] \Device\Harddisk0\DR0

18:48:55.0879 0x1bec  \Device\Harddisk0\DR0 - ok

18:48:55.0879 0x1bec  ================ Scan VBR ==================================

18:48:55.0879 0x1bec  [ 7DE669C428AA197445D1739596F6AF2C ] \Device\Harddisk0\DR0\Partition1

 

18:48:55.0942 0x1bec  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )

18:48:55.0942 0x1bec  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected

18:49:08.0968 0x1bec  [ 2AF8D63EBC52819E2EA2D44B8F74ED84 ] \Device\Harddisk0\DR0\Partition2

18:49:09.0030 0x1bec  \Device\Harddisk0\DR0\Partition2 - ok

 

18:49:09.0061 0x1bec  [ 1E46567A44350322E9F0A23061CF8D67 ] \Device\Harddisk0\DR0\Partition3

18:49:09.0061 0x1bec  \Device\Harddisk0\DR0\Partition3 - ok

18:49:09.0061 0x1bec  ================ Scan generic autorun ======================

18:49:09.0155 0x1bec  [ 74260F0ABFA90A22A964B6BDE690AAA2, 183E6601AB5740F4C0B46E3414D7B683594D2223C7F8FE67F7F4A97F95031181 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

 

18:49:09.0155 0x1bec  SmartMenu - ok

18:49:09.0373 0x1bec  [ 6B15A74A2D7BAE2452C1AD84E717B166, 5C497E0E4AD9BB61D1AAF2FBBABE6351DA4AD792F8D46C81C6B5912DD9581EE9 ] C:\Program Files\Logitech Gaming Software\LCore.exe

18:49:09.0467 0x1bec  Launch LCore - ok

18:49:09.0514 0x1bec  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

 

18:49:09.0514 0x1bec  hpsysdrv - ok

18:49:09.0638 0x1bec  [ 56C10D3338B01D3FBCC5AF24B3833E1C, 99ABF0D33E2372521384DA3C98FD4A3534155AD5B6B7852EBE94E098AA3DC9B8 ] C:\Program Files\TightVNC\tvnserver.exe

18:49:09.0670 0x1bec  tvncontrol - ok

18:49:09.0732 0x1bec  [ 432A3060E50C8F540CF52EC345B67F3F, 391DDD9096A703591BE974CCF1590B4BBE39056BC822124F86E105E858AD21A4 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

 

18:49:09.0748 0x1bec  StartCCC - ok

18:49:09.0826 0x1bec  [ 954703C65A83E2E66EE31678A30A57C3, 9519379AD7E10790C6CC9E58289727FD7A8DF5D71AE62E7F851460068E755B0E ] C:\Program Files (x86)\PDF Complete\pdfsty.exe

18:49:09.0857 0x1bec  PDF Complete - ok

18:49:09.0935 0x1bec  [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC, 8BAD14D327C60B4CBC00278802A5F6453D641EFC2EF97D90E7AB579758DF7FFC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

 

18:49:09.0935 0x1bec  iTunesHelper - ok

18:49:10.0028 0x1bec  [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7, 51F3072F9AB9C6B8FF62731834530870A517F3099D1E94E8E2F953484B7A04FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

18:49:10.0028 0x1bec  APSDaemon - ok

18:49:10.0075 0x1bec  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

 

18:49:10.0075 0x1bec  HP Software Update - ok

18:49:10.0138 0x1bec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

18:49:10.0169 0x1bec  Sidebar - ok

18:49:10.0184 0x1bec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

 

18:49:10.0184 0x1bec  mctadmin - ok

18:49:10.0216 0x1bec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

18:49:10.0231 0x1bec  Sidebar - ok

18:49:10.0247 0x1bec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

 

18:49:10.0247 0x1bec  mctadmin - ok

18:49:10.0372 0x1bec  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Neff11h4l\AppData\Local\Google\Update\GoogleUpdate.exe

18:49:10.0372 0x1bec  Google Update - ok

18:49:10.0543 0x1bec  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\hp\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe

 

18:49:10.0590 0x1bec  HP Photosmart 7520 series (NET) - ok

18:49:10.0652 0x1bec  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe

18:49:10.0668 0x1bec  Uninstall C:\Users\Neff11h4l\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64 - ok

18:49:10.0668 0x1bec  Waiting for KSN requests completion. In queue: 15

 

18:49:11.0682 0x1bec  Waiting for KSN requests completion. In queue: 15

18:49:12.0696 0x1bec  Waiting for KSN requests completion. In queue: 15

18:49:13.0710 0x1bec  Waiting for KSN requests completion. In queue: 15

18:49:14.0771 0x1bec  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5557 ), 0x41000 ( enabled : updated )

 

18:49:14.0786 0x1bec  Win FW state via NFP2: enabled

18:49:27.0828 0x1bec  ============================================================

18:49:27.0828 0x1bec  Scan finished

18:49:27.0828 0x1bec  ============================================================

18:49:27.0844 0x1434  Detected object count: 1

18:49:27.0844 0x1434  Actual detected object count: 1

 

18:49:59.0180 0x1434  \Device\Harddisk0\DR0\Partition1 - copied to quarantine

18:49:59.0243 0x1434  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot

18:49:59.0352 0x1434  \Device\Harddisk0\DR0\Partition1 - ok

18:49:59.0352 0x1434  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure

 

18:49:59.0461 0x1434  KLMD registered as C:\Windows\system32\drivers\47522114.sys

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.