Jump to content

Recommended Posts

Hello there!

 

I have been noticing quite a few clones of windows services, and the system runs like crap.

 

dllhost.exe

unsecapp.exe

userinit.exe

csrss.exe

 

dllhost.exe is often 3-5, the others are normally just 2.

 

I ran combofix a while ago and it pinned userinit.exe as infected and restored it.  The others still seem to be cloned.

 

I have attached the FRST logs.

Addition.txt

FRST.txt

Link to post
Share on other sites

Hi & :welcome:
My name is Jürgen and I will be assisting you with your Malware related problems. medieval.gif

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Step 1

Please run scan with mbam.pngMalwarebytes Anti-Malware

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

mbameng.gif

Link to post
Share on other sites

<mbam-log>

 

<header>

 

<date>2015/01/25 16:33:17 -0500</date>

 

<logfile>mbam-log-2015-01-25 (16-33-16).xml</logfile>

 

<isadmin>yes</isadmin>

 

</header>

 

<engine>

<version>2.00.4.1028</version>

<malware-database>v2015.01.25.10</malware-database>

<rootkit-database>v2015.01.14.01</rootkit-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>

 

<system>

 

<osversion>Windows 7 Service Pack 1</osversion>

 

<arch>x64</arch>

 

<username>Glu</username>

 

<filesys>NTFS</filesys>

 

</system>

 

<summary>

<type>threat</type>

<result>completed</result>

<objects>367563</objects>

<time>1396</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>0</folders>

<files>0</files>

<sectors>0</sectors>

</summary>

 

<options>

 

<memory>enabled</memory>

 

<startup>enabled</startup>

 

<filesystem>enabled</filesystem>

 

<archives>enabled</archives>

 

<rootkits>enabled</rootkits>

 

<deeprootkit>disabled</deeprootkit>

 

<heuristics>enabled</heuristics>

 

<pup>warn</pup>

 

<pum>enabled</pum>

 

</options>

 

<items> </items>

 

</mbam-log>

Link to post
Share on other sites

How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

Link to post
Share on other sites

Oops, you asked me to copy and paste.  My apologies!!  Here is FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Glu (administrator) on GLU-PC on 25-01-2015 17:24:43
Running from C:\Users\Glu\Desktop
Loaded Profiles: Glu (Available profiles: Glu)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-07-16] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2014-11-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-12] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [sugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [sugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [sugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [sugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> DefaultScope {46C8B549-0359-43EA-B8D5-A76101EBE8FB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> {46C8B549-0359-43EA-B8D5-A76101EBE8FB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> {7F7058DC-2A2E-4DD7-B46E-F3A97ACA9B6C} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{6716A415-200C-4AF3-969E-EA43E1C2A18D}: [NameServer] 10.27.3.2,10.25.3.2

FireFox:
========
FF ProfilePath: C:\Users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1980527506-3698054450-3991177797-1002: @Google.com/GoogleEarthPlugin -> C:\Users\Glu\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin HKU\S-1-5-21-1980527506-3698054450-3991177797-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: EPUBReader - C:\Users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-01-17]
FF Extension: DownloadHelper - C:\Users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-07]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-21] (Avast Software)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2014-08-20] (Juniper Networks)
S4 jnprTdi_807_50111; C:\Windows\system32\Drivers\jnprTdi_807_50111.sys [108344 2014-10-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2014-08-20] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2014-08-20] (Juniper Networks, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-25] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-21] (Avast Software)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254464 2012-09-26] (Jungo)
U3 BcmSqlStartupSvc; No ImagePath
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
S3 intaud_WaveExtensible; system32\drivers\intelaud.sys [X]
U2 IviRegMgr; No ImagePath
S3 iwdbus; system32\DRIVERS\iwdbus.sys [X]
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 17:24 - 2015-01-25 17:25 - 00016012 _____ () C:\Users\Glu\Desktop\FRST.txt
2015-01-25 17:12 - 2015-01-25 17:12 - 00000237 _____ () C:\Users\Glu\Desktop\maybe hti.txt
2015-01-25 17:11 - 2015-01-25 17:11 - 00000340 _____ () C:\Users\Glu\Desktop\Mbam scan.txt
2015-01-25 17:01 - 2015-01-25 17:01 - 00000340 _____ () C:\Users\Glu\Desktop\klklkk.txt
2015-01-25 16:56 - 2015-01-25 16:56 - 00002488 _____ () C:\Users\Glu\Desktop\mbam-log-2015-01-25 (16-33-16).xml
2015-01-25 16:11 - 2015-01-25 16:11 - 00000247 _____ () C:\Windows\system32\2015-01-25-21-11-13.098-aswFe.exe-1060.log
2015-01-25 16:06 - 2015-01-25 16:11 - 00000247 _____ () C:\Windows\system32\2015-01-25-21-06-03.030-aswFe.exe-3844.log
2015-01-25 16:05 - 2015-01-25 16:06 - 00000197 _____ () C:\Windows\system32\2015-01-25-21-05-57.046-AvastVBoxSVC.exe-244.log
2015-01-25 15:54 - 2015-01-25 15:54 - 02129920 _____ (Farbar) C:\Users\Glu\Desktop\FRST64.exe
2015-01-25 15:51 - 2015-01-25 15:51 - 00000197 _____ () C:\Windows\system32\2015-01-25-20-51-09.050-AvastVBoxSVC.exe-2932.log
2015-01-25 15:46 - 2015-01-25 15:46 - 00030371 _____ () C:\ComboFix.txt
2015-01-25 15:25 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-25 15:25 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-25 15:25 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-25 15:24 - 2015-01-25 15:46 - 00000000 ____D () C:\Qoobox
2015-01-25 15:23 - 2015-01-25 15:44 - 00000000 ____D () C:\Windows\erdnt
2015-01-24 10:23 - 2015-01-24 10:23 - 00015565 _____ () C:\Users\Glu\AppData\Local\recently-used.xbel
2015-01-24 08:02 - 2015-01-24 08:03 - 00000197 _____ () C:\Windows\system32\2015-01-24-13-02-51.012-AvastVBoxSVC.exe-2952.log
2015-01-24 05:38 - 2015-01-24 13:05 - 00248239 _____ () C:\Users\Glu\Desktop\ResumeVWX_v2015.vwx
2015-01-24 05:38 - 2015-01-24 05:38 - 00000000 ____D () C:\Users\Glu\.pdfsam
2015-01-24 05:29 - 2015-01-24 05:32 - 00000000 ____D () C:\Users\Glu\Desktop\BOUND BOOK
2015-01-24 05:17 - 2015-01-24 05:17 - 12038814 _____ () C:\Users\Glu\Desktop\page01.tif
2015-01-24 05:17 - 2015-01-24 05:17 - 10665758 _____ () C:\Users\Glu\Desktop\page04.tif
2015-01-24 05:17 - 2015-01-24 05:17 - 10204290 _____ () C:\Users\Glu\Desktop\page06.tif
2015-01-24 05:17 - 2015-01-24 05:17 - 00000000 ____D () C:\Users\Glu\Desktop\Large Single Prints
2015-01-24 05:15 - 2015-01-24 05:17 - 41372160 _____ () C:\Users\Glu\Desktop\BIG PHOTOS.pub
2015-01-24 04:50 - 2015-01-24 04:50 - 00000000 ____D () C:\Users\Glu\Desktop\PDFSAM
2015-01-24 04:48 - 2015-01-24 04:49 - 15704291 _____ () C:\Users\Glu\Downloads\pdfsam-2.2.4-out.zip
2015-01-24 04:30 - 2015-01-24 04:47 - 00000000 ____D () C:\Users\Glu\Desktop\PRINTING
2015-01-24 04:21 - 2015-01-24 04:21 - 00000197 _____ () C:\Windows\system32\2015-01-24-09-21-23.089-AvastVBoxSVC.exe-2704.log
2015-01-24 03:54 - 2015-01-24 03:54 - 00000000 ____D () C:\Users\Glu\Desktop\C Portfolio Jan24
2015-01-24 03:00 - 2015-01-24 03:16 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\XnView
2015-01-24 02:59 - 2015-01-24 03:00 - 00000934 _____ () C:\Users\Glu\Desktop\XnView.lnk
2015-01-24 02:59 - 2015-01-24 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2015-01-24 02:59 - 2015-01-24 02:59 - 00000000 ____D () C:\Program Files (x86)\XnView
2015-01-24 02:58 - 2015-01-24 02:58 - 04872664 _____ (Gougelet Pierre-e ) C:\Users\Glu\Downloads\XnView-win.exe
2015-01-24 01:32 - 2015-01-24 01:32 - 00000197 _____ () C:\Windows\system32\2015-01-24-06-32-35.053-AvastVBoxSVC.exe-2396.log
2015-01-24 00:34 - 2015-01-24 00:37 - 361312435 _____ () C:\Users\Glu\Desktop\Shane_Pruitt_Brevard_Music_Festival_Whole_Set.mp4
2015-01-23 20:00 - 2015-01-23 20:01 - 317507520 _____ () C:\Users\Glu\Desktop\EUROPE_-_Live_Stockholm_Solna_25_05_1986_VHS_Complete_show.mp4
2015-01-23 18:19 - 2015-01-23 18:19 - 00000197 _____ () C:\Windows\system32\2015-01-23-23-19-14.051-AvastVBoxSVC.exe-2400.log
2015-01-23 11:29 - 2015-01-23 11:29 - 00000197 _____ () C:\Windows\system32\2015-01-23-16-29-49.041-AvastVBoxSVC.exe-2920.log
2015-01-23 01:59 - 2015-01-23 12:45 - 00169576 _____ () C:\Users\Glu\Desktop\Your moms logo.vwx
2015-01-22 09:17 - 2015-01-22 09:18 - 00000197 _____ () C:\Windows\system32\2015-01-22-14-17-50.007-AvastVBoxSVC.exe-2636.log
2015-01-22 00:13 - 2015-01-22 00:13 - 00000197 _____ () C:\Windows\system32\2015-01-22-05-13-54.016-AvastVBoxSVC.exe-2380.log
2015-01-21 14:44 - 2015-01-21 14:44 - 00000247 _____ () C:\Windows\system32\2015-01-21-19-44-07.088-aswFe.exe-3236.log
2015-01-21 14:38 - 2015-01-21 14:44 - 00000247 _____ () C:\Windows\system32\2015-01-21-19-38-27.077-aswFe.exe-3708.log
2015-01-21 14:38 - 2015-01-21 14:38 - 00000197 _____ () C:\Windows\system32\2015-01-21-19-38-21.010-AvastVBoxSVC.exe-1612.log
2015-01-20 09:10 - 2015-01-20 09:19 - 00030238 _____ () C:\Users\Glu\Desktop\revised NEW LDLT CCM LX Contact V7.1 15Jan2015.xlsx
2015-01-20 08:58 - 2015-01-20 09:35 - 00000000 ____D () C:\Users\Glu\Desktop\PAN SCENIC
2015-01-20 08:47 - 2015-01-20 10:55 - 00000000 ____D () C:\Users\Glu\Desktop\SOUND PROJECT
2015-01-20 08:46 - 2015-01-20 08:46 - 00000197 _____ () C:\Windows\system32\2015-01-20-13-46-23.060-AvastVBoxSVC.exe-2520.log
2015-01-20 02:00 - 2015-01-20 02:00 - 00082636 _____ () C:\Users\Glu\Downloads\Accessories.zip
2015-01-20 02:00 - 2015-01-20 02:00 - 00017595 _____ () C:\Users\Glu\Downloads\Fspots.zip
2015-01-20 01:38 - 2015-01-20 01:38 - 42120729 _____ () C:\Users\Glu\Downloads\Legally Blonde Lighting Plot - FINAL.vwx
2015-01-19 22:40 - 2015-01-20 03:27 - 11285690 _____ () C:\Users\Glu\Desktop\The Brown v2015.vwx
2015-01-19 04:06 - 2015-01-19 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks2015
2015-01-19 04:00 - 2015-01-19 04:11 - 00000000 ____D () C:\Program Files\Vectorworks2015
2015-01-19 02:57 - 2015-01-19 03:03 - 1220014055 _____ () C:\Users\Glu\Downloads\Vectorworks2015-SP2-SeriesE-win.zip
2015-01-19 02:24 - 2015-01-19 03:52 - 15110879 _____ () C:\Users\Glu\Desktop\PAN Plot Chris 19JAN.vwx
2015-01-19 02:06 - 2015-01-18 21:36 - 06287070 _____ () C:\Users\Glu\Desktop\Peter Pan GP 1-18.vwx
2015-01-18 23:02 - 2015-01-18 23:02 - 00000197 _____ () C:\Windows\system32\2015-01-19-04-02-30.090-AvastVBoxSVC.exe-2432.log
2015-01-18 14:06 - 2015-01-18 14:06 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Glu\Desktop\mbar-1.08.2.1001.exe
2015-01-18 13:52 - 2015-01-18 13:52 - 00000197 _____ () C:\Windows\system32\2015-01-18-18-52-02.089-AvastVBoxSVC.exe-2476.log
2015-01-17 15:02 - 2015-01-17 15:02 - 00000197 _____ () C:\Windows\system32\2015-01-17-20-02-20.092-AvastVBoxSVC.exe-2976.log
2015-01-17 03:49 - 2015-01-17 03:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-17 00:12 - 2015-01-17 03:13 - 01818115 _____ () C:\Users\Glu\Desktop\PAN SECTION 17JAN CHRIS UPDATE.vwx
2015-01-16 17:28 - 2015-01-16 17:28 - 00000197 _____ () C:\Windows\system32\2015-01-16-22-28-11.089-AvastVBoxSVC.exe-2892.log
2015-01-16 17:02 - 2015-01-20 06:12 - 00000000 ____D () C:\Users\Glu\AppData\Local\CrashDumps
2015-01-16 17:02 - 2015-01-16 17:02 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Epson
2015-01-16 16:58 - 2015-01-25 16:17 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2015-01-16 16:58 - 2015-01-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-16 16:58 - 2015-01-16 17:21 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-01-16 13:05 - 2015-01-16 13:05 - 00000197 _____ () C:\Windows\system32\2015-01-16-18-05-05.052-AvastVBoxSVC.exe-2400.log
2015-01-16 09:24 - 2015-01-16 09:24 - 00000197 _____ () C:\Windows\system32\2015-01-16-14-24-07.066-AvastVBoxSVC.exe-2704.log
2015-01-15 20:02 - 2015-01-15 20:02 - 00000197 _____ () C:\Windows\system32\2015-01-16-01-02-03.099-AvastVBoxSVC.exe-2380.log
2015-01-15 19:36 - 2015-01-15 19:36 - 05609736 ____R (Swearware) C:\Users\Glu\Desktop\ComboFix.exe
2015-01-15 19:16 - 2015-01-15 19:16 - 00000197 _____ () C:\Windows\system32\2015-01-16-00-16-44.044-AvastVBoxSVC.exe-2360.log
2015-01-15 19:08 - 2015-01-15 19:51 - 00000000 ____D () C:\AdwCleaner
2015-01-15 19:05 - 2015-01-15 19:05 - 00000247 _____ () C:\Windows\system32\2015-01-16-00-05-02.019-aswFe.exe-2472.log
2015-01-15 18:54 - 2015-01-15 18:54 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Glu\Desktop\SpyHunter-Installer.exe
2015-01-15 18:52 - 2015-01-15 19:04 - 00000247 _____ () C:\Windows\system32\2015-01-15-23-52-14.045-aswFe.exe-4472.log
2015-01-15 18:52 - 2015-01-15 18:52 - 00000197 _____ () C:\Windows\system32\2015-01-15-23-52-01.093-AvastVBoxSVC.exe-3380.log
2015-01-15 18:48 - 2015-01-15 18:49 - 15340120 _____ () C:\Users\Glu\Downloads\RogueKiller.exe
2015-01-15 18:45 - 2015-01-25 17:24 - 00000000 ____D () C:\FRST
2015-01-15 09:09 - 2015-01-15 09:09 - 00000197 _____ () C:\Windows\system32\2015-01-15-14-09-58.052-AvastVBoxSVC.exe-2396.log
2015-01-15 00:12 - 2015-01-15 00:12 - 00000197 _____ () C:\Windows\system32\2015-01-15-05-12-40.007-AvastVBoxSVC.exe-2992.log
2015-01-14 19:57 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:57 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 19:57 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 19:57 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 19:57 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 19:57 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 19:57 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 19:57 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 19:57 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 19:57 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 19:57 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 19:57 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 19:57 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 19:38 - 2015-01-14 19:39 - 00000197 _____ () C:\Windows\system32\2015-01-15-00-38-58.006-AvastVBoxSVC.exe-2432.log
2015-01-14 12:31 - 2015-01-14 12:32 - 00000197 _____ () C:\Windows\system32\2015-01-14-17-31-24.026-AvastVBoxSVC.exe-2504.log
2015-01-13 22:57 - 2015-01-13 22:57 - 00000197 _____ () C:\Windows\system32\2015-01-14-03-57-29.003-AvastVBoxSVC.exe-2400.log
2015-01-13 22:25 - 2015-01-19 22:27 - 00000000 ____D () C:\Users\Glu\Desktop\THE ACTUAL BROWN
2015-01-13 17:59 - 2015-01-13 18:00 - 00000197 _____ () C:\Windows\system32\2015-01-13-22-59-16.080-AvastVBoxSVC.exe-3056.log
2015-01-13 11:03 - 2015-01-13 11:04 - 00000197 _____ () C:\Windows\system32\2015-01-13-16-03-59.029-AvastVBoxSVC.exe-2824.log
2015-01-13 08:55 - 2015-01-13 08:55 - 00000197 _____ () C:\Windows\system32\2015-01-13-13-55-16.057-AvastVBoxSVC.exe-2676.log
2015-01-13 06:40 - 2015-01-13 06:41 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-40-36.037-AvastVBoxSVC.exe-2516.log
2015-01-12 06:55 - 2015-01-12 06:56 - 00000197 _____ () C:\Windows\system32\2015-01-12-11-55-37.077-AvastVBoxSVC.exe-2688.log
2015-01-11 17:46 - 2015-01-11 17:46 - 00000197 _____ () C:\Windows\system32\2015-01-11-22-46-36.052-AvastVBoxSVC.exe-2472.log
2015-01-11 11:18 - 2001-09-12 22:02 - 00099490 ____N () C:\Users\Glu\Downloads\204_Spiral_staircase.dwg
2015-01-11 11:13 - 2015-01-11 11:13 - 00035545 _____ () C:\Users\Glu\Downloads\204_Spiral_staircase.zip
2015-01-11 07:00 - 2015-01-11 07:00 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-00-03.005-AvastVBoxSVC.exe-2640.log
2015-01-11 02:31 - 2015-01-19 01:55 - 00000000 ____D () C:\Users\Glu\Desktop\NKU YES FESTIVAL
2015-01-11 02:30 - 2015-01-24 05:41 - 00000000 ____D () C:\Users\Glu\Desktop\PORTFOLIO SHOWCASE
2015-01-11 02:30 - 2015-01-11 02:30 - 00000000 ____D () C:\Users\Glu\Desktop\LIGHTING 7
2015-01-11 02:29 - 2015-01-11 02:29 - 00000000 ____D () C:\Users\Glu\Desktop\SCRIPT ANALYSIS
2015-01-11 02:28 - 2015-01-12 07:45 - 00000000 ____D () C:\Users\Glu\Desktop\TEACHING INTRO 2015
2015-01-11 02:28 - 2015-01-11 02:28 - 00000000 ____D () C:\Users\Glu\Desktop\MAYSVILLE PLAYERS
2015-01-10 10:13 - 2015-01-10 10:13 - 00000197 _____ () C:\Windows\system32\2015-01-10-15-13-39.061-AvastVBoxSVC.exe-2464.log
2015-01-10 04:19 - 2015-01-10 04:20 - 00000197 _____ () C:\Windows\system32\2015-01-10-09-19-52.059-AvastVBoxSVC.exe-2456.log
2015-01-09 17:00 - 2015-01-09 17:00 - 00000197 _____ () C:\Windows\system32\2015-01-09-22-00-19.000-AvastVBoxSVC.exe-2656.log
2015-01-09 09:31 - 2015-01-09 09:31 - 00000197 _____ () C:\Windows\system32\2015-01-09-14-31-03.063-AvastVBoxSVC.exe-2540.log
2015-01-08 19:24 - 2015-01-08 19:24 - 00000197 _____ () C:\Windows\system32\2015-01-09-00-24-37.056-AvastVBoxSVC.exe-2488.log
2015-01-08 13:15 - 2015-01-08 13:15 - 00000197 _____ () C:\Windows\system32\2015-01-08-18-15-15.072-AvastVBoxSVC.exe-2408.log
2015-01-08 07:21 - 2015-01-08 07:21 - 00000197 _____ () C:\Windows\system32\2015-01-08-12-21-17.055-AvastVBoxSVC.exe-2456.log
2015-01-08 01:29 - 2015-01-08 01:29 - 00000000 __SHD () C:\Users\Glu\AppData\Local\EmieBrowserModeList
2015-01-08 01:26 - 2008-12-26 12:56 - 00021504 _____ (Avnex) C:\Windows\system32\Drivers\vcsvad.sys
2015-01-07 09:54 - 2015-01-07 09:55 - 00000197 _____ () C:\Windows\system32\2015-01-07-14-54-58.069-AvastVBoxSVC.exe-2612.log
2015-01-07 00:32 - 2015-01-07 00:32 - 00000197 _____ () C:\Windows\system32\2015-01-07-05-32-47.064-AvastVBoxSVC.exe-2404.log
2015-01-06 15:22 - 2015-01-06 15:22 - 00000197 _____ () C:\Windows\system32\2015-01-06-20-22-55.054-AvastVBoxSVC.exe-2392.log
2015-01-06 11:17 - 2015-01-18 01:22 - 00024576 _____ () C:\Users\Glu\Desktop\Class Schedule Last_First S15.xls
2015-01-06 10:31 - 2015-01-06 10:31 - 00000197 _____ () C:\Windows\system32\2015-01-06-15-31-52.031-AvastVBoxSVC.exe-2464.log
2015-01-05 23:54 - 2015-01-05 23:54 - 00000197 _____ () C:\Windows\system32\2015-01-06-04-54-22.079-AvastVBoxSVC.exe-2744.log
2015-01-04 08:44 - 2015-01-04 08:45 - 00000197 _____ () C:\Windows\system32\2015-01-04-13-44-25.055-AvastVBoxSVC.exe-2832.log
2015-01-03 18:06 - 2015-01-03 18:06 - 00000197 _____ () C:\Windows\system32\2015-01-03-23-06-00.059-AvastVBoxSVC.exe-2848.log
2015-01-03 12:14 - 2015-01-03 12:14 - 00000197 _____ () C:\Windows\system32\2015-01-03-17-14-03.039-AvastVBoxSVC.exe-3068.log
2015-01-02 19:16 - 2015-01-02 19:16 - 00000197 _____ () C:\Windows\system32\2015-01-03-00-16-06.002-AvastVBoxSVC.exe-3012.log
2015-01-02 10:47 - 2015-01-02 10:47 - 00000197 _____ () C:\Windows\system32\2015-01-02-15-47-28.032-AvastVBoxSVC.exe-2312.log
2015-01-01 17:55 - 2015-01-01 17:55 - 00000197 _____ () C:\Windows\system32\2015-01-01-22-55-18.057-AvastVBoxSVC.exe-2268.log
2015-01-01 09:27 - 2015-01-01 09:27 - 00000000 ____D () C:\Users\Public\Juniper Networks
2015-01-01 09:27 - 2014-10-06 22:14 - 00108344 _____ (Juniper Networks, Inc.) C:\Windows\system32\Drivers\jnprTdi_807_50111.sys
2015-01-01 09:26 - 2015-01-01 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
2015-01-01 09:26 - 2014-08-20 03:54 - 00507192 _____ (Juniper Networks) C:\Windows\system32\Drivers\jnprns.sys
2015-01-01 09:24 - 2015-01-01 09:24 - 00000000 ____D () C:\Program Files (x86)\Juniper Networks
2015-01-01 08:05 - 2015-01-01 08:05 - 00000197 _____ () C:\Windows\system32\2015-01-01-13-05-21.065-AvastVBoxSVC.exe-1948.log
2014-12-31 19:39 - 2014-12-31 19:39 - 00000197 _____ () C:\Windows\system32\2015-01-01-00-39-13.084-AvastVBoxSVC.exe-2508.log
2014-12-31 16:57 - 2014-12-31 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-12-31 14:56 - 2014-12-16 00:18 - 00014219 _____ () C:\Users\Glu\Desktop\P Pan Breakdown 15DEC.xlsx
2014-12-31 11:44 - 2015-01-23 21:34 - 00000000 ____D () C:\Users\Glu\Desktop\PORTFOLIO IMAGES
2014-12-31 08:19 - 2014-12-31 08:20 - 00000197 _____ () C:\Windows\system32\2014-12-31-13-19-52.081-AvastVBoxSVC.exe-2556.log
2014-12-30 08:25 - 2014-12-30 08:26 - 00000197 _____ () C:\Windows\system32\2014-12-30-13-25-45.075-AvastVBoxSVC.exe-3012.log
2014-12-30 00:20 - 2014-12-30 00:20 - 00000197 _____ () C:\Windows\system32\2014-12-30-05-20-03.028-AvastVBoxSVC.exe-2940.log
2014-12-29 22:11 - 2014-12-29 22:11 - 00000197 _____ () C:\Windows\system32\2014-12-30-03-11-04.098-AvastVBoxSVC.exe-2496.log
2014-12-29 11:07 - 2014-12-29 11:07 - 00000197 _____ () C:\Windows\system32\2014-12-29-16-07-37.011-AvastVBoxSVC.exe-2444.log
2014-12-29 10:49 - 2014-12-29 10:49 - 00000197 _____ () C:\Windows\system32\2014-12-29-15-49-02.090-AvastVBoxSVC.exe-2456.log
2014-12-29 08:19 - 2014-12-29 08:19 - 00000197 _____ () C:\Windows\system32\2014-12-29-13-19-48.069-AvastVBoxSVC.exe-2228.log
2014-12-28 20:24 - 2014-12-28 20:25 - 00000197 _____ () C:\Windows\system32\2014-12-29-01-24-16.042-AvastVBoxSVC.exe-2444.log
2014-12-28 14:06 - 2014-12-28 14:06 - 00000197 _____ () C:\Windows\system32\2014-12-28-19-06-00.060-AvastVBoxSVC.exe-2284.log
2014-12-28 11:39 - 2014-12-28 11:39 - 00000197 _____ () C:\Windows\system32\2014-12-28-16-39-21.046-AvastVBoxSVC.exe-2588.log
2014-12-26 20:43 - 2014-12-26 20:43 - 00000197 _____ () C:\Windows\system32\2014-12-27-01-43-55.096-AvastVBoxSVC.exe-2416.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 17:12 - 2014-08-11 20:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 16:16 - 2012-09-08 00:32 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Adobe
2015-01-25 15:47 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:47 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:46 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 15:46 - 2009-07-13 22:20 - 00000000 ___HD () C:\Users\Default
2015-01-25 15:44 - 2014-03-18 18:12 - 01158907 ____N () C:\Windows\WindowsUpdate.log
2015-01-25 15:40 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 15:20 - 2012-09-09 22:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 15:20 - 2012-09-09 22:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 00:56 - 2012-12-23 22:28 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Skype
2015-01-25 00:45 - 2012-09-08 18:20 - 00000000 ___RD () C:\Users\Glu\Dropbox
2015-01-25 00:38 - 2013-09-10 10:02 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\vlc
2015-01-25 00:29 - 2012-09-08 18:19 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Dropbox
2015-01-24 13:04 - 2013-12-15 13:54 - 00000000 ____D () C:\Users\Glu\Desktop\VW Backup
2015-01-24 13:04 - 2013-03-07 12:27 - 00000000 ____D () C:\Users\Glu\.gimp-2.8
2015-01-24 10:23 - 2013-11-02 13:45 - 00000000 ____D () C:\Users\Glu\AppData\Local\gtk-2.0
2015-01-24 07:41 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 05:38 - 2012-09-08 00:13 - 00000000 ____D () C:\Users\Glu
2015-01-24 05:25 - 2012-09-28 07:11 - 00000000 ____D () C:\Users\Glu\Desktop\Lighting
2015-01-24 04:35 - 2013-08-16 10:49 - 00000000 ____D () C:\Users\Glu\Desktop\Personal
2015-01-20 09:36 - 2013-08-30 17:39 - 00000000 ____D () C:\Users\Glu\AppData\Local\cache
2015-01-20 08:58 - 2014-09-02 19:10 - 00000000 ____D () C:\Users\Glu\Desktop\PETER PAN
2015-01-19 22:25 - 2012-09-07 20:25 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\MAXON
2015-01-19 14:56 - 2014-12-15 04:04 - 00000000 ____D () C:\Users\Glu\AppData\Local\Battle.net
2015-01-19 04:10 - 2014-01-05 14:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-19 01:54 - 2013-09-04 22:18 - 00000000 ____D () C:\Users\Glu\Desktop\CCM LIGHTING
2015-01-17 22:54 - 2014-08-25 15:18 - 00000000 ____D () C:\Users\Glu\dwhelper
2015-01-17 14:58 - 2012-10-14 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 20:05 - 2012-09-29 12:18 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-01-15 20:05 - 2009-07-14 00:08 - 00032646 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-14 20:07 - 2013-08-09 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 19:58 - 2012-09-08 01:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 12:32 - 2012-09-07 13:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-13 06:38 - 2014-08-11 20:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 13:42 - 2014-08-11 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-07 18:38 - 2014-08-20 22:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-07 18:38 - 2012-12-23 22:28 - 00000000 ____D () C:\ProgramData\Skype
2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 09:35 - 2014-09-09 07:16 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Juniper Networks
2015-01-01 08:21 - 2014-06-04 17:49 - 00000000 ____D () C:\Users\Glu\Desktop\Games
2014-12-31 19:23 - 2014-08-14 14:54 - 00000000 ____D () C:\Users\Glu\AppData\Local\Adobe
2014-12-31 19:23 - 2013-01-18 01:20 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-31 19:23 - 2012-09-09 22:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-31 16:57 - 2013-03-30 16:15 - 00000000 ____D () C:\Users\Glu\AppData\Local\Google
2014-12-29 11:28 - 2013-03-17 12:08 - 00000000 ____D () C:\Program Files\Defraggler
2014-12-29 11:00 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-29 10:57 - 2012-09-07 20:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-28 22:51 - 2012-09-26 19:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-28 15:14 - 2014-12-15 04:06 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft

==================== Files in the root of some directories =======

2013-01-19 16:55 - 2013-01-19 16:55 - 0000169 _____ () C:\Users\Glu\AppData\Roaming\vmsprefs
2013-03-01 21:45 - 2013-03-01 21:45 - 0000236 _____ () C:\Users\Glu\AppData\Local\LaunchHomeCenter.log
2015-01-24 10:23 - 2015-01-24 10:23 - 0015565 _____ () C:\Users\Glu\AppData\Local\recently-used.xbel
2012-09-07 14:29 - 2012-09-12 14:41 - 0007597 _____ () C:\Users\Glu\AppData\Local\resmon.resmoncfg
2013-10-19 22:12 - 2013-10-19 22:13 - 0000000 _____ () C:\Users\Glu\AppData\Local\Templayermap.cfg
2013-10-19 22:12 - 2013-10-19 22:13 - 0000000 _____ () C:\Users\Glu\AppData\Local\Tempmatmap.cfg
2014-02-06 12:09 - 2014-02-06 12:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-05-24 20:13 - 2014-08-08 20:06 - 0008763 _____ () C:\ProgramData\hpzinstall.log
2013-08-29 22:14 - 2013-08-29 22:14 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Glu\jagex_cl_runescape_LIVE.dat
C:\Users\Glu\random.dat


Some content of TEMP:
====================
C:\Users\Glu\AppData\Local\Temp\GLB1A2B.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 03:48

==================== End Of Log ============================

Link to post
Share on other sites

Here is Addition!

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Glu at 2015-01-25 17:25:31
Running from C:\Users\Glu\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoCAD 2014 - English (Version: 19.1.108.1 - Autodesk) Hidden
AutoCAD 2014 - English (Version: 19.1.42.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.42.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.6.12.800 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.42.0 - Autodesk)
Autodesk AutoCAD 2014 - English SP1 (HKLM\...\AutoCAD 2014 - English SP1) (Version: 1 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\QmFsZHVyc0dhdGVJSUVuaGFuY2VkRWRpdGlvbg==_is1) (Version: 1 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Brain Workshop 4.8.4 (HKLM-x32\...\Brain Workshop_is1) (Version: 4.8.4 - Paul Hoskinson & Jonathan Toomim)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dropbox (HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Eos Family (HKLM-x32\...\{0BBE42EB-7BB3-4BC4-817E-2438503CDE1B}) (Version: 2.0.1.9.0.41 - ETC)
Eos Family Fixture Library (HKLM-x32\...\{BABBBF7B-E332-4A4B-87B5-59B7031674D0}) (Version: 9.1.0.0.0.4 - ETC)
FTL version 1.5.4 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.5.4 - Subset Games)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
hppLaserJetService (x32 Version: 001.200.00001 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
Ikaruga (HKLM-x32\...\SWthcnVnYQ==_is1) (Version: 1 - )
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2778 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Juniper_Setup_Client) (Version: 8.0.7.50111 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.50111 - Juniper Networks, Inc.)
Junos Pulse Core Components (x32 Version: 5.0.50111 - Juniper Networks) Hidden
Junos Pulse Drivers Add-On (Version: 5.0.50111 - Juniper Networks) Hidden
Junos Pulse Host Checker Plugin Add-On (x32 Version: 5.0.50111 - Juniper Networks) Hidden
Junos Pulse Tunnel Manager Add-On (x32 Version: 5.0.50111 - Juniper Networks) Hidden
Junos Pulse UAC/NC Components (x32 Version: 5.0.50111 - Juniper Networks) Hidden
LEE Filters Swatchball (HKLM-x32\...\LEEFiltersSwatchball.5D87249445F7747C74478D6C1E8099E412A2F9F3.1) (Version: 1.1.0 - LEE Filters)
LEE Filters Swatchball (x32 Version: 1.1.0 - LEE Filters) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.117 - Realtek Semiconductor Corp.)
Lightwright 5.0.44 (build 496) (HKLM-x32\...\{EE25EB4B-E2D7-4F84-80C3-19D665B54AFC}_is1) (Version:  - John McKernon Software)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Palette RFU 3.0 (HKLM-x32\...\{995D9615-7D20-495C-9173-756403EC5425}) (Version: 3.0.0 - Strand Lighting)
Palette Software (HKLM-x32\...\Palette Software) (Version:  - Horizon Control Inc.)
PDF Merge (HKLM-x32\...\{50217A00-46B2-40E3-8664-5C93BFFA03B0}) (Version: 1.0.0 - Free PDF Soulutions)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Sid Meier's Civilization 4 - Beyond the Sword (HKLM-x32\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.13 - Firaxis Games)
Sid Meier's Civilization 4 - Warlords (HKLM-x32\...\{3E4B349F-10B5-4586-9D99-489A90A8B228}) (Version: 2.13 - Firaxis Games)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.0 - Synaptics Incorporated)
Torchlight 2 (HKLM-x32\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.1.1.1 - )
VC8 CRT (Version: 8.0.50727.762 - Juniper Networks) Hidden
Vectorworks 2014 Help (HKLM-x32\...\net.nemetschek.vectorworks.2014.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2014 Help (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2014 Help for SP3 and later (HKLM-x32\...\net.nemetschek.vectorworks.2014.help.eng.DD0D70E5B9E8485014EBEBD850EFDEAAF59E37CF.1) (Version: 3.0 - UNKNOWN)
Vectorworks 2014 Help for SP3 and later (x32 Version: 3.0 - UNKNOWN) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Warcraft III) (Version:  - )
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XnView 2.25 (HKLM-x32\...\XnView_is1) (Version: 2.25 - Gougelet Pierre-e)
Yawcam 0.4.1 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

26-12-2014 20:52:12 Windows Update
28-12-2014 22:49:46 Removed Adobe Download Assistant
28-12-2014 22:50:18 Removed Adobe Help Manager
29-12-2014 11:00:08 Removed Grand Theft Auto IV
29-12-2014 11:02:48 Removed Rockstar Games Social Club
30-12-2014 08:30:44 Windows Update
31-12-2014 16:56:28 Installed Google Earth.
31-12-2014 19:17:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
31-12-2014 19:18:29 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
31-12-2014 19:18:53 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
31-12-2014 19:20:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
06-01-2015 19:41:17 Windows Update
08-01-2015 01:27:16 Device Driver Package Install: AVNEX Ltd. Sound, video and game controllers
13-01-2015 22:23:46 Windows Update
14-01-2015 19:57:41 Windows Update
16-01-2015 17:01:46 Installed FAX Utility
16-01-2015 17:15:56 Installed FAX Utility
16-01-2015 17:19:32 Removed Epson Event Manager
16-01-2015 17:21:19 Removed Epson Customer Participation
19-01-2015 04:08:02 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
19-01-2015 04:10:13 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
20-01-2015 09:30:52 Windows Update
23-01-2015 16:40:41 Windows Update
25-01-2015 15:25:32 ComboFix created restore point
25-01-2015 16:17:43 Removed Download Navigator

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2015-01-25 15:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {246C1ABA-385E-444A-BE81-7AE226C4D29D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {29258516-20B9-48C8-954C-88206CD30763} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {4F71C89C-4CD0-4D16-8D5D-B2AEAE93C679} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6EFC8824-EA2C-42E4-B3BD-4594E799ED0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {8497A834-44D0-47D8-A29F-A0600405402B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-21] (AVAST Software)
Task: {85502570-98B2-4012-9931-E4489FDC34E7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

==================== Loaded Modules (whitelisted) =============

2013-10-23 13:56 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2012-11-09 10:57 - 2012-11-09 10:57 - 00034304 _____ () C:\Windows\System32\sxp2ml6.dll
2014-06-10 12:19 - 2014-06-10 12:19 - 08892072 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-12-21 14:06 - 2014-12-21 14:06 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-21 14:06 - 2014-12-21 14:06 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-01-25 15:18 - 2015-01-25 15:18 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012500\algo.dll
2014-12-21 14:06 - 2014-12-21 14:06 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2012-09-26 19:22 - 2014-11-12 19:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-10 12:19 - 2014-06-10 12:19 - 08892072 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Glu:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:28BF1793
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Glu\Application Data:gs5sys
AlternateDataStreams: C:\Users\Glu\Cookies:gs5sys
AlternateDataStreams: C:\Users\Glu\Local Settings:gs5sys
AlternateDataStreams: C:\Users\Glu\Local Settings:KT9ZLdXp7Q7fPpQv4oBxmnx8
AlternateDataStreams: C:\Users\Glu\Templates:gs5sys
AlternateDataStreams: C:\Users\Glu\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Glu\Desktop\P Pan Breakdown 15DEC.xlsx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Glu\Desktop\Peter Pan GP 1-18.vwx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Glu\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local:KT9ZLdXp7Q7fPpQv4oBxmnx8
AlternateDataStreams: C:\Users\Glu\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local\Application Data:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local\Application Data:KT9ZLdXp7Q7fPpQv4oBxmnx8
AlternateDataStreams: C:\Users\Glu\AppData\Local\eTsoqtB5GZxFF:bybsWXclzocaWlfLzPMHqo6n
AlternateDataStreams: C:\Users\Glu\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local\Temp:8N7fj3YyMaqMDskTTMjSg
AlternateDataStreams: C:\Users\Glu\AppData\Local\xcK3c5Dim9vR:xvxD46gmLUIyARNW54iE
AlternateDataStreams: C:\Users\Glu\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1980527506-3698054450-3991177797-500 - Administrator - Disabled)
Glu (S-1-5-21-1980527506-3698054450-3991177797-1002 - Administrator - Enabled) => C:\Users\Glu
Guest (S-1-5-21-1980527506-3698054450-3991177797-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1980527506-3698054450-3991177797-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® Centrino® Wireless-N 2200
Description: Intel® Centrino® Wireless-N 2200
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 03:38:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 03:15:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (2276) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Glu\AppData\Local\Microsoft\Windows\WebCache\V0100002.log.

Error: (01/25/2015 03:14:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 00:10:17 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-02-17T01:44:17Z. Error Code: 0x80070032.

Error: (01/24/2015 07:59:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 07:07:59 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-02-17T01:44:59Z. Error Code: 0x80070032.

Error: (01/24/2015 05:23:51 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-02-17T01:44:51Z. Error Code: 0x80070032.

Error: (01/24/2015 04:34:35 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-02-17T01:44:35Z. Error Code: 0x80070032.

Error: (01/24/2015 04:18:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 03:02:25 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-02-17T01:44:25Z. Error Code: 0x80070032.


System errors:
=============
Error: (01/25/2015 03:36:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (01/25/2015 03:32:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (01/24/2015 00:24:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (01/24/2015 07:04:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (01/24/2015 04:29:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (01/24/2015 04:20:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (01/24/2015 02:39:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (01/24/2015 02:39:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (01/24/2015 01:31:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (01/23/2015 10:24:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}


Microsoft Office Sessions:
=========================
Error: (01/25/2015 03:38:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 03:15:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost2276WebCacheLocal: C:\Users\Glu\AppData\Local\Microsoft\Windows\WebCache\V0100002.log-1811

Error: (01/25/2015 03:14:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 00:10:17 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322015-02-17T01:44:17Z

Error: (01/24/2015 07:59:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 07:07:59 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322015-02-17T01:44:59Z

Error: (01/24/2015 05:23:51 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322015-02-17T01:44:51Z

Error: (01/24/2015 04:34:35 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322015-02-17T01:44:35Z

Error: (01/24/2015 04:18:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 03:02:25 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322015-02-17T01:44:25Z


CodeIntegrity Errors:
===================================
  Date: 2015-01-25 00:43:51.876
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-25 00:43:51.534
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-25 00:43:30.042
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-25 00:43:29.315
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-22 22:51:04.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-22 22:51:03.885
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-22 22:37:14.370
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-22 22:37:14.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-22 22:36:20.700
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-22 22:36:20.536
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 26%
Total physical RAM: 6046.36 MB
Available physical RAM: 4433.86 MB
Total Pagefile: 12090.89 MB
Available Pagefile: 10653.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:653.44 GB) (Free:119.36 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:25.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D118CC53)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=653.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End Of Log ============================

Link to post
Share on other sites

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:

    CloseProcesses:HKLM-x32\...\Run: [] => [X]HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Policies\Explorer: [] ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No FileShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No FileShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No FileShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No FileHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-1980527506-3698054450-3991177797-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No FileBHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No FileToolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No FileFF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No Filecmd: type C:\ComboFix.txtAlternateDataStreams: C:\ProgramData:gs5sysAlternateDataStreams: C:\Users\All Users:gs5sysAlternateDataStreams: C:\Users\Glu:gs5sysAlternateDataStreams: C:\ProgramData\Application Data:gs5sysAlternateDataStreams: C:\ProgramData\Temp:28BF1793AlternateDataStreams: C:\ProgramData\Templates:gs5sysAlternateDataStreams: C:\Users\Glu\Application Data:gs5sysAlternateDataStreams: C:\Users\Glu\Cookies:gs5sysAlternateDataStreams: C:\Users\Glu\Local Settings:gs5sysAlternateDataStreams: C:\Users\Glu\Local Settings:KT9ZLdXp7Q7fPpQv4oBxmnx8AlternateDataStreams: C:\Users\Glu\Templates:gs5sysAlternateDataStreams: C:\Users\Glu\Desktop\desktop.ini:gs5sysAlternateDataStreams: C:\Users\Glu\Desktop\P Pan Breakdown 15DEC.xlsx:com.dropbox.attributesAlternateDataStreams: C:\Users\Glu\Desktop\Peter Pan GP 1-18.vwx:com.dropbox.attributesAlternateDataStreams: C:\Users\Glu\AppData\Local:gs5sysAlternateDataStreams: C:\Users\Glu\AppData\Local:KT9ZLdXp7Q7fPpQv4oBxmnx8AlternateDataStreams: C:\Users\Glu\AppData\Roaming:gs5sysAlternateDataStreams: C:\Users\Glu\AppData\Local\Application Data:gs5sysAlternateDataStreams: C:\Users\Glu\AppData\Local\Application Data:KT9ZLdXp7Q7fPpQv4oBxmnx8AlternateDataStreams: C:\Users\Glu\AppData\Local\eTsoqtB5GZxFF:bybsWXclzocaWlfLzPMHqo6nAlternateDataStreams: C:\Users\Glu\AppData\Local\History:gs5sysAlternateDataStreams: C:\Users\Glu\AppData\Local\Temp:8N7fj3YyMaqMDskTTMjSgAlternateDataStreams: C:\Users\Glu\AppData\Local\xcK3c5Dim9vR:xvxD46gmLUIyARNW54iEAlternateDataStreams: C:\Users\Glu\Documents\desktop.ini:gs5sysAlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sysCreateRestorePoint:
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

Step 2

After the Reboot:

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Glu (administrator) on GLU-PC on 25-01-2015 17:55:50
Running from C:\Users\Glu\Desktop
Loaded Profiles: Glu (Available profiles: Glu)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-07-16] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2014-11-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-12] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> DefaultScope {46C8B549-0359-43EA-B8D5-A76101EBE8FB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> {46C8B549-0359-43EA-B8D5-A76101EBE8FB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH
SearchScopes: HKU\S-1-5-21-1980527506-3698054450-3991177797-1002 -> {7F7058DC-2A2E-4DD7-B46E-F3A97ACA9B6C} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{6716A415-200C-4AF3-969E-EA43E1C2A18D}: [NameServer] 10.27.3.2,10.25.3.2

FireFox:
========
FF ProfilePath: C:\Users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1980527506-3698054450-3991177797-1002: @Google.com/GoogleEarthPlugin -> C:\Users\Glu\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin HKU\S-1-5-21-1980527506-3698054450-3991177797-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: EPUBReader - C:\Users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-01-17]
FF Extension: DownloadHelper - C:\Users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-07]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-21] (Avast Software)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2014-08-20] (Juniper Networks)
S4 jnprTdi_807_50111; C:\Windows\system32\Drivers\jnprTdi_807_50111.sys [108344 2014-10-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2014-08-20] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2014-08-20] (Juniper Networks, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-25] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-21] (Avast Software)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254464 2012-09-26] (Jungo)
U3 BcmSqlStartupSvc; No ImagePath
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
S3 intaud_WaveExtensible; system32\drivers\intelaud.sys [X]
U2 IviRegMgr; No ImagePath
S3 iwdbus; system32\DRIVERS\iwdbus.sys [X]
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 17:55 - 2015-01-25 17:58 - 00014722 _____ () C:\Users\Glu\Desktop\FRST.txt
2015-01-25 17:54 - 2015-01-25 17:55 - 00000197 _____ () C:\Windows\system32\2015-01-25-22-54-29.019-AvastVBoxSVC.exe-3032.log
2015-01-25 17:50 - 2015-01-25 17:53 - 06356296 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-25 17:50 - 2015-01-25 17:50 - 00000056 _____ () C:\Windows\setupact.log
2015-01-25 17:50 - 2015-01-25 17:50 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-25 17:47 - 2015-01-25 17:47 - 00003083 _____ () C:\Users\Glu\Desktop\fix.txt
2015-01-25 17:12 - 2015-01-25 17:12 - 00000237 _____ () C:\Users\Glu\Desktop\maybe hti.txt
2015-01-25 17:11 - 2015-01-25 17:11 - 00000340 _____ () C:\Users\Glu\Desktop\Mbam scan.txt
2015-01-25 17:01 - 2015-01-25 17:01 - 00000340 _____ () C:\Users\Glu\Desktop\klklkk.txt
2015-01-25 16:56 - 2015-01-25 16:56 - 00002488 _____ () C:\Users\Glu\Desktop\mbam-log-2015-01-25 (16-33-16).xml
2015-01-25 16:11 - 2015-01-25 16:11 - 00000247 _____ () C:\Windows\system32\2015-01-25-21-11-13.098-aswFe.exe-1060.log
2015-01-25 16:06 - 2015-01-25 16:11 - 00000247 _____ () C:\Windows\system32\2015-01-25-21-06-03.030-aswFe.exe-3844.log
2015-01-25 16:05 - 2015-01-25 16:06 - 00000197 _____ () C:\Windows\system32\2015-01-25-21-05-57.046-AvastVBoxSVC.exe-244.log
2015-01-25 15:54 - 2015-01-25 15:54 - 02129920 _____ (Farbar) C:\Users\Glu\Desktop\FRST64.exe
2015-01-25 15:51 - 2015-01-25 15:51 - 00000197 _____ () C:\Windows\system32\2015-01-25-20-51-09.050-AvastVBoxSVC.exe-2932.log
2015-01-25 15:46 - 2015-01-25 15:46 - 00030371 _____ () C:\ComboFix.txt
2015-01-25 15:25 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-25 15:25 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-25 15:25 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-25 15:25 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-25 15:24 - 2015-01-25 15:46 - 00000000 ____D () C:\Qoobox
2015-01-25 15:23 - 2015-01-25 15:44 - 00000000 ____D () C:\Windows\erdnt
2015-01-24 10:23 - 2015-01-24 10:23 - 00015565 _____ () C:\Users\Glu\AppData\Local\recently-used.xbel
2015-01-24 08:02 - 2015-01-24 08:03 - 00000197 _____ () C:\Windows\system32\2015-01-24-13-02-51.012-AvastVBoxSVC.exe-2952.log
2015-01-24 05:38 - 2015-01-24 13:05 - 00248239 _____ () C:\Users\Glu\Desktop\ResumeVWX_v2015.vwx
2015-01-24 05:38 - 2015-01-24 05:38 - 00000000 ____D () C:\Users\Glu\.pdfsam
2015-01-24 05:29 - 2015-01-24 05:32 - 00000000 ____D () C:\Users\Glu\Desktop\BOUND BOOK
2015-01-24 05:17 - 2015-01-24 05:17 - 12038814 _____ () C:\Users\Glu\Desktop\page01.tif
2015-01-24 05:17 - 2015-01-24 05:17 - 10665758 _____ () C:\Users\Glu\Desktop\page04.tif
2015-01-24 05:17 - 2015-01-24 05:17 - 10204290 _____ () C:\Users\Glu\Desktop\page06.tif
2015-01-24 05:17 - 2015-01-24 05:17 - 00000000 ____D () C:\Users\Glu\Desktop\Large Single Prints
2015-01-24 05:15 - 2015-01-24 05:17 - 41372160 _____ () C:\Users\Glu\Desktop\BIG PHOTOS.pub
2015-01-24 04:50 - 2015-01-24 04:50 - 00000000 ____D () C:\Users\Glu\Desktop\PDFSAM
2015-01-24 04:48 - 2015-01-24 04:49 - 15704291 _____ () C:\Users\Glu\Downloads\pdfsam-2.2.4-out.zip
2015-01-24 04:30 - 2015-01-24 04:47 - 00000000 ____D () C:\Users\Glu\Desktop\PRINTING
2015-01-24 04:21 - 2015-01-24 04:21 - 00000197 _____ () C:\Windows\system32\2015-01-24-09-21-23.089-AvastVBoxSVC.exe-2704.log
2015-01-24 03:54 - 2015-01-24 03:54 - 00000000 ____D () C:\Users\Glu\Desktop\C Portfolio Jan24
2015-01-24 03:00 - 2015-01-24 03:16 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\XnView
2015-01-24 02:59 - 2015-01-24 03:00 - 00000934 _____ () C:\Users\Glu\Desktop\XnView.lnk
2015-01-24 02:59 - 2015-01-24 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2015-01-24 02:59 - 2015-01-24 02:59 - 00000000 ____D () C:\Program Files (x86)\XnView
2015-01-24 02:58 - 2015-01-24 02:58 - 04872664 _____ (Gougelet Pierre-e ) C:\Users\Glu\Downloads\XnView-win.exe
2015-01-24 01:32 - 2015-01-24 01:32 - 00000197 _____ () C:\Windows\system32\2015-01-24-06-32-35.053-AvastVBoxSVC.exe-2396.log
2015-01-24 00:34 - 2015-01-24 00:37 - 361312435 _____ () C:\Users\Glu\Desktop\Shane_Pruitt_Brevard_Music_Festival_Whole_Set.mp4
2015-01-23 20:00 - 2015-01-23 20:01 - 317507520 _____ () C:\Users\Glu\Desktop\EUROPE_-_Live_Stockholm_Solna_25_05_1986_VHS_Complete_show.mp4
2015-01-23 18:19 - 2015-01-23 18:19 - 00000197 _____ () C:\Windows\system32\2015-01-23-23-19-14.051-AvastVBoxSVC.exe-2400.log
2015-01-23 11:29 - 2015-01-23 11:29 - 00000197 _____ () C:\Windows\system32\2015-01-23-16-29-49.041-AvastVBoxSVC.exe-2920.log
2015-01-23 01:59 - 2015-01-23 12:45 - 00169576 _____ () C:\Users\Glu\Desktop\Your moms logo.vwx
2015-01-22 09:17 - 2015-01-22 09:18 - 00000197 _____ () C:\Windows\system32\2015-01-22-14-17-50.007-AvastVBoxSVC.exe-2636.log
2015-01-22 00:13 - 2015-01-22 00:13 - 00000197 _____ () C:\Windows\system32\2015-01-22-05-13-54.016-AvastVBoxSVC.exe-2380.log
2015-01-21 14:44 - 2015-01-21 14:44 - 00000247 _____ () C:\Windows\system32\2015-01-21-19-44-07.088-aswFe.exe-3236.log
2015-01-21 14:38 - 2015-01-21 14:44 - 00000247 _____ () C:\Windows\system32\2015-01-21-19-38-27.077-aswFe.exe-3708.log
2015-01-21 14:38 - 2015-01-21 14:38 - 00000197 _____ () C:\Windows\system32\2015-01-21-19-38-21.010-AvastVBoxSVC.exe-1612.log
2015-01-20 09:10 - 2015-01-20 09:19 - 00030238 _____ () C:\Users\Glu\Desktop\revised NEW LDLT CCM LX Contact V7.1 15Jan2015.xlsx
2015-01-20 08:58 - 2015-01-20 09:35 - 00000000 ____D () C:\Users\Glu\Desktop\PAN SCENIC
2015-01-20 08:47 - 2015-01-20 10:55 - 00000000 ____D () C:\Users\Glu\Desktop\SOUND PROJECT
2015-01-20 08:46 - 2015-01-20 08:46 - 00000197 _____ () C:\Windows\system32\2015-01-20-13-46-23.060-AvastVBoxSVC.exe-2520.log
2015-01-20 02:00 - 2015-01-20 02:00 - 00082636 _____ () C:\Users\Glu\Downloads\Accessories.zip
2015-01-20 02:00 - 2015-01-20 02:00 - 00017595 _____ () C:\Users\Glu\Downloads\Fspots.zip
2015-01-20 01:38 - 2015-01-20 01:38 - 42120729 _____ () C:\Users\Glu\Downloads\Legally Blonde Lighting Plot - FINAL.vwx
2015-01-19 22:40 - 2015-01-20 03:27 - 11285690 _____ () C:\Users\Glu\Desktop\The Brown v2015.vwx
2015-01-19 04:06 - 2015-01-19 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks2015
2015-01-19 04:00 - 2015-01-19 04:11 - 00000000 ____D () C:\Program Files\Vectorworks2015
2015-01-19 02:57 - 2015-01-19 03:03 - 1220014055 _____ () C:\Users\Glu\Downloads\Vectorworks2015-SP2-SeriesE-win.zip
2015-01-19 02:24 - 2015-01-19 03:52 - 15110879 _____ () C:\Users\Glu\Desktop\PAN Plot Chris 19JAN.vwx
2015-01-19 02:06 - 2015-01-18 21:36 - 06287070 _____ () C:\Users\Glu\Desktop\Peter Pan GP 1-18.vwx
2015-01-18 23:02 - 2015-01-18 23:02 - 00000197 _____ () C:\Windows\system32\2015-01-19-04-02-30.090-AvastVBoxSVC.exe-2432.log
2015-01-18 14:06 - 2015-01-18 14:06 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Glu\Desktop\mbar-1.08.2.1001.exe
2015-01-18 13:52 - 2015-01-18 13:52 - 00000197 _____ () C:\Windows\system32\2015-01-18-18-52-02.089-AvastVBoxSVC.exe-2476.log
2015-01-17 15:02 - 2015-01-17 15:02 - 00000197 _____ () C:\Windows\system32\2015-01-17-20-02-20.092-AvastVBoxSVC.exe-2976.log
2015-01-17 03:49 - 2015-01-17 03:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-17 00:12 - 2015-01-17 03:13 - 01818115 _____ () C:\Users\Glu\Desktop\PAN SECTION 17JAN CHRIS UPDATE.vwx
2015-01-16 17:28 - 2015-01-16 17:28 - 00000197 _____ () C:\Windows\system32\2015-01-16-22-28-11.089-AvastVBoxSVC.exe-2892.log
2015-01-16 17:02 - 2015-01-20 06:12 - 00000000 ____D () C:\Users\Glu\AppData\Local\CrashDumps
2015-01-16 17:02 - 2015-01-16 17:02 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Epson
2015-01-16 16:58 - 2015-01-25 16:17 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2015-01-16 16:58 - 2015-01-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-16 16:58 - 2015-01-16 17:21 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-01-16 13:05 - 2015-01-16 13:05 - 00000197 _____ () C:\Windows\system32\2015-01-16-18-05-05.052-AvastVBoxSVC.exe-2400.log
2015-01-16 09:24 - 2015-01-16 09:24 - 00000197 _____ () C:\Windows\system32\2015-01-16-14-24-07.066-AvastVBoxSVC.exe-2704.log
2015-01-15 20:02 - 2015-01-15 20:02 - 00000197 _____ () C:\Windows\system32\2015-01-16-01-02-03.099-AvastVBoxSVC.exe-2380.log
2015-01-15 19:36 - 2015-01-15 19:36 - 05609736 ____R (Swearware) C:\Users\Glu\Desktop\ComboFix.exe
2015-01-15 19:16 - 2015-01-15 19:16 - 00000197 _____ () C:\Windows\system32\2015-01-16-00-16-44.044-AvastVBoxSVC.exe-2360.log
2015-01-15 19:08 - 2015-01-15 19:51 - 00000000 ____D () C:\AdwCleaner
2015-01-15 19:05 - 2015-01-15 19:05 - 00000247 _____ () C:\Windows\system32\2015-01-16-00-05-02.019-aswFe.exe-2472.log
2015-01-15 18:54 - 2015-01-15 18:54 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Glu\Desktop\SpyHunter-Installer.exe
2015-01-15 18:52 - 2015-01-15 19:04 - 00000247 _____ () C:\Windows\system32\2015-01-15-23-52-14.045-aswFe.exe-4472.log
2015-01-15 18:52 - 2015-01-15 18:52 - 00000197 _____ () C:\Windows\system32\2015-01-15-23-52-01.093-AvastVBoxSVC.exe-3380.log
2015-01-15 18:48 - 2015-01-15 18:49 - 15340120 _____ () C:\Users\Glu\Downloads\RogueKiller.exe
2015-01-15 18:45 - 2015-01-25 17:55 - 00000000 ____D () C:\FRST
2015-01-15 09:09 - 2015-01-15 09:09 - 00000197 _____ () C:\Windows\system32\2015-01-15-14-09-58.052-AvastVBoxSVC.exe-2396.log
2015-01-15 00:12 - 2015-01-15 00:12 - 00000197 _____ () C:\Windows\system32\2015-01-15-05-12-40.007-AvastVBoxSVC.exe-2992.log
2015-01-14 19:57 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:57 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 19:57 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 19:57 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 19:57 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 19:57 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 19:57 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 19:57 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 19:57 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 19:57 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 19:57 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 19:57 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 19:57 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 19:38 - 2015-01-14 19:39 - 00000197 _____ () C:\Windows\system32\2015-01-15-00-38-58.006-AvastVBoxSVC.exe-2432.log
2015-01-14 12:31 - 2015-01-14 12:32 - 00000197 _____ () C:\Windows\system32\2015-01-14-17-31-24.026-AvastVBoxSVC.exe-2504.log
2015-01-13 22:57 - 2015-01-13 22:57 - 00000197 _____ () C:\Windows\system32\2015-01-14-03-57-29.003-AvastVBoxSVC.exe-2400.log
2015-01-13 22:25 - 2015-01-19 22:27 - 00000000 ____D () C:\Users\Glu\Desktop\THE ACTUAL BROWN
2015-01-13 17:59 - 2015-01-13 18:00 - 00000197 _____ () C:\Windows\system32\2015-01-13-22-59-16.080-AvastVBoxSVC.exe-3056.log
2015-01-13 11:03 - 2015-01-13 11:04 - 00000197 _____ () C:\Windows\system32\2015-01-13-16-03-59.029-AvastVBoxSVC.exe-2824.log
2015-01-13 08:55 - 2015-01-13 08:55 - 00000197 _____ () C:\Windows\system32\2015-01-13-13-55-16.057-AvastVBoxSVC.exe-2676.log
2015-01-13 06:40 - 2015-01-13 06:41 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-40-36.037-AvastVBoxSVC.exe-2516.log
2015-01-12 06:55 - 2015-01-12 06:56 - 00000197 _____ () C:\Windows\system32\2015-01-12-11-55-37.077-AvastVBoxSVC.exe-2688.log
2015-01-11 17:46 - 2015-01-11 17:46 - 00000197 _____ () C:\Windows\system32\2015-01-11-22-46-36.052-AvastVBoxSVC.exe-2472.log
2015-01-11 11:18 - 2001-09-12 22:02 - 00099490 ____N () C:\Users\Glu\Downloads\204_Spiral_staircase.dwg
2015-01-11 11:13 - 2015-01-11 11:13 - 00035545 _____ () C:\Users\Glu\Downloads\204_Spiral_staircase.zip
2015-01-11 07:00 - 2015-01-11 07:00 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-00-03.005-AvastVBoxSVC.exe-2640.log
2015-01-11 02:31 - 2015-01-19 01:55 - 00000000 ____D () C:\Users\Glu\Desktop\NKU YES FESTIVAL
2015-01-11 02:30 - 2015-01-24 05:41 - 00000000 ____D () C:\Users\Glu\Desktop\PORTFOLIO SHOWCASE
2015-01-11 02:30 - 2015-01-11 02:30 - 00000000 ____D () C:\Users\Glu\Desktop\LIGHTING 7
2015-01-11 02:29 - 2015-01-11 02:29 - 00000000 ____D () C:\Users\Glu\Desktop\SCRIPT ANALYSIS
2015-01-11 02:28 - 2015-01-12 07:45 - 00000000 ____D () C:\Users\Glu\Desktop\TEACHING INTRO 2015
2015-01-11 02:28 - 2015-01-11 02:28 - 00000000 ____D () C:\Users\Glu\Desktop\MAYSVILLE PLAYERS
2015-01-10 10:13 - 2015-01-10 10:13 - 00000197 _____ () C:\Windows\system32\2015-01-10-15-13-39.061-AvastVBoxSVC.exe-2464.log
2015-01-10 04:19 - 2015-01-10 04:20 - 00000197 _____ () C:\Windows\system32\2015-01-10-09-19-52.059-AvastVBoxSVC.exe-2456.log
2015-01-09 17:00 - 2015-01-09 17:00 - 00000197 _____ () C:\Windows\system32\2015-01-09-22-00-19.000-AvastVBoxSVC.exe-2656.log
2015-01-09 09:31 - 2015-01-09 09:31 - 00000197 _____ () C:\Windows\system32\2015-01-09-14-31-03.063-AvastVBoxSVC.exe-2540.log
2015-01-08 19:24 - 2015-01-08 19:24 - 00000197 _____ () C:\Windows\system32\2015-01-09-00-24-37.056-AvastVBoxSVC.exe-2488.log
2015-01-08 13:15 - 2015-01-08 13:15 - 00000197 _____ () C:\Windows\system32\2015-01-08-18-15-15.072-AvastVBoxSVC.exe-2408.log
2015-01-08 07:21 - 2015-01-08 07:21 - 00000197 _____ () C:\Windows\system32\2015-01-08-12-21-17.055-AvastVBoxSVC.exe-2456.log
2015-01-08 01:29 - 2015-01-08 01:29 - 00000000 __SHD () C:\Users\Glu\AppData\Local\EmieBrowserModeList
2015-01-08 01:26 - 2008-12-26 12:56 - 00021504 _____ (Avnex) C:\Windows\system32\Drivers\vcsvad.sys
2015-01-07 09:54 - 2015-01-07 09:55 - 00000197 _____ () C:\Windows\system32\2015-01-07-14-54-58.069-AvastVBoxSVC.exe-2612.log
2015-01-07 00:32 - 2015-01-07 00:32 - 00000197 _____ () C:\Windows\system32\2015-01-07-05-32-47.064-AvastVBoxSVC.exe-2404.log
2015-01-06 15:22 - 2015-01-06 15:22 - 00000197 _____ () C:\Windows\system32\2015-01-06-20-22-55.054-AvastVBoxSVC.exe-2392.log
2015-01-06 11:17 - 2015-01-18 01:22 - 00024576 _____ () C:\Users\Glu\Desktop\Class Schedule Last_First S15.xls
2015-01-06 10:31 - 2015-01-06 10:31 - 00000197 _____ () C:\Windows\system32\2015-01-06-15-31-52.031-AvastVBoxSVC.exe-2464.log
2015-01-05 23:54 - 2015-01-05 23:54 - 00000197 _____ () C:\Windows\system32\2015-01-06-04-54-22.079-AvastVBoxSVC.exe-2744.log
2015-01-04 08:44 - 2015-01-04 08:45 - 00000197 _____ () C:\Windows\system32\2015-01-04-13-44-25.055-AvastVBoxSVC.exe-2832.log
2015-01-03 18:06 - 2015-01-03 18:06 - 00000197 _____ () C:\Windows\system32\2015-01-03-23-06-00.059-AvastVBoxSVC.exe-2848.log
2015-01-03 12:14 - 2015-01-03 12:14 - 00000197 _____ () C:\Windows\system32\2015-01-03-17-14-03.039-AvastVBoxSVC.exe-3068.log
2015-01-02 19:16 - 2015-01-02 19:16 - 00000197 _____ () C:\Windows\system32\2015-01-03-00-16-06.002-AvastVBoxSVC.exe-3012.log
2015-01-02 10:47 - 2015-01-02 10:47 - 00000197 _____ () C:\Windows\system32\2015-01-02-15-47-28.032-AvastVBoxSVC.exe-2312.log
2015-01-01 17:55 - 2015-01-01 17:55 - 00000197 _____ () C:\Windows\system32\2015-01-01-22-55-18.057-AvastVBoxSVC.exe-2268.log
2015-01-01 09:27 - 2015-01-01 09:27 - 00000000 ____D () C:\Users\Public\Juniper Networks
2015-01-01 09:27 - 2014-10-06 22:14 - 00108344 _____ (Juniper Networks, Inc.) C:\Windows\system32\Drivers\jnprTdi_807_50111.sys
2015-01-01 09:26 - 2015-01-01 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
2015-01-01 09:26 - 2014-08-20 03:54 - 00507192 _____ (Juniper Networks) C:\Windows\system32\Drivers\jnprns.sys
2015-01-01 09:24 - 2015-01-01 09:24 - 00000000 ____D () C:\Program Files (x86)\Juniper Networks
2015-01-01 08:05 - 2015-01-01 08:05 - 00000197 _____ () C:\Windows\system32\2015-01-01-13-05-21.065-AvastVBoxSVC.exe-1948.log
2014-12-31 19:39 - 2014-12-31 19:39 - 00000197 _____ () C:\Windows\system32\2015-01-01-00-39-13.084-AvastVBoxSVC.exe-2508.log
2014-12-31 16:57 - 2014-12-31 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-12-31 14:56 - 2014-12-16 00:18 - 00014219 _____ () C:\Users\Glu\Desktop\P Pan Breakdown 15DEC.xlsx
2014-12-31 11:44 - 2015-01-23 21:34 - 00000000 ____D () C:\Users\Glu\Desktop\PORTFOLIO IMAGES
2014-12-31 08:19 - 2014-12-31 08:20 - 00000197 _____ () C:\Windows\system32\2014-12-31-13-19-52.081-AvastVBoxSVC.exe-2556.log
2014-12-30 08:25 - 2014-12-30 08:26 - 00000197 _____ () C:\Windows\system32\2014-12-30-13-25-45.075-AvastVBoxSVC.exe-3012.log
2014-12-30 00:20 - 2014-12-30 00:20 - 00000197 _____ () C:\Windows\system32\2014-12-30-05-20-03.028-AvastVBoxSVC.exe-2940.log
2014-12-29 22:11 - 2014-12-29 22:11 - 00000197 _____ () C:\Windows\system32\2014-12-30-03-11-04.098-AvastVBoxSVC.exe-2496.log
2014-12-29 11:07 - 2014-12-29 11:07 - 00000197 _____ () C:\Windows\system32\2014-12-29-16-07-37.011-AvastVBoxSVC.exe-2444.log
2014-12-29 10:49 - 2014-12-29 10:49 - 00000197 _____ () C:\Windows\system32\2014-12-29-15-49-02.090-AvastVBoxSVC.exe-2456.log
2014-12-29 08:19 - 2014-12-29 08:19 - 00000197 _____ () C:\Windows\system32\2014-12-29-13-19-48.069-AvastVBoxSVC.exe-2228.log
2014-12-28 20:24 - 2014-12-28 20:25 - 00000197 _____ () C:\Windows\system32\2014-12-29-01-24-16.042-AvastVBoxSVC.exe-2444.log
2014-12-28 14:06 - 2014-12-28 14:06 - 00000197 _____ () C:\Windows\system32\2014-12-28-19-06-00.060-AvastVBoxSVC.exe-2284.log
2014-12-28 11:39 - 2014-12-28 11:39 - 00000197 _____ () C:\Windows\system32\2014-12-28-16-39-21.046-AvastVBoxSVC.exe-2588.log
2014-12-26 20:43 - 2014-12-26 20:43 - 00000197 _____ () C:\Windows\system32\2014-12-27-01-43-55.096-AvastVBoxSVC.exe-2416.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 17:58 - 2014-03-18 18:12 - 01164185 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 17:12 - 2014-08-11 20:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 16:16 - 2012-09-08 00:32 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Adobe
2015-01-25 15:47 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:47 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 15:46 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 15:46 - 2009-07-13 22:20 - 00000000 ___HD () C:\Users\Default
2015-01-25 15:40 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 15:20 - 2012-09-09 22:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 15:20 - 2012-09-09 22:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 00:56 - 2012-12-23 22:28 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Skype
2015-01-25 00:45 - 2012-09-08 18:20 - 00000000 ___RD () C:\Users\Glu\Dropbox
2015-01-25 00:38 - 2013-09-10 10:02 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\vlc
2015-01-25 00:29 - 2012-09-08 18:19 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Dropbox
2015-01-24 13:04 - 2013-12-15 13:54 - 00000000 ____D () C:\Users\Glu\Desktop\VW Backup
2015-01-24 13:04 - 2013-03-07 12:27 - 00000000 ____D () C:\Users\Glu\.gimp-2.8
2015-01-24 10:23 - 2013-11-02 13:45 - 00000000 ____D () C:\Users\Glu\AppData\Local\gtk-2.0
2015-01-24 07:41 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 05:38 - 2012-09-08 00:13 - 00000000 ____D () C:\Users\Glu
2015-01-24 05:25 - 2012-09-28 07:11 - 00000000 ____D () C:\Users\Glu\Desktop\Lighting
2015-01-24 04:35 - 2013-08-16 10:49 - 00000000 ____D () C:\Users\Glu\Desktop\Personal
2015-01-20 09:36 - 2013-08-30 17:39 - 00000000 ____D () C:\Users\Glu\AppData\Local\cache
2015-01-20 08:58 - 2014-09-02 19:10 - 00000000 ____D () C:\Users\Glu\Desktop\PETER PAN
2015-01-19 22:25 - 2012-09-07 20:25 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\MAXON
2015-01-19 14:56 - 2014-12-15 04:04 - 00000000 ____D () C:\Users\Glu\AppData\Local\Battle.net
2015-01-19 04:10 - 2014-01-05 14:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-19 01:54 - 2013-09-04 22:18 - 00000000 ____D () C:\Users\Glu\Desktop\CCM LIGHTING
2015-01-17 22:54 - 2014-08-25 15:18 - 00000000 ____D () C:\Users\Glu\dwhelper
2015-01-17 14:58 - 2012-10-14 12:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 20:05 - 2012-09-29 12:18 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-01-15 20:05 - 2009-07-14 00:08 - 00032646 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-14 20:07 - 2013-08-09 21:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 19:58 - 2012-09-08 01:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 12:32 - 2012-09-07 13:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-13 06:38 - 2014-08-11 20:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 13:42 - 2014-08-11 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-07 18:38 - 2014-08-20 22:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-07 18:38 - 2012-12-23 22:28 - 00000000 ____D () C:\ProgramData\Skype
2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 09:35 - 2014-09-09 07:16 - 00000000 ____D () C:\Users\Glu\AppData\Roaming\Juniper Networks
2015-01-01 08:21 - 2014-06-04 17:49 - 00000000 ____D () C:\Users\Glu\Desktop\Games
2014-12-31 19:23 - 2014-08-14 14:54 - 00000000 ____D () C:\Users\Glu\AppData\Local\Adobe
2014-12-31 19:23 - 2013-01-18 01:20 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-31 19:23 - 2012-09-09 22:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-31 16:57 - 2013-03-30 16:15 - 00000000 ____D () C:\Users\Glu\AppData\Local\Google
2014-12-29 11:28 - 2013-03-17 12:08 - 00000000 ____D () C:\Program Files\Defraggler
2014-12-29 11:00 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-29 10:57 - 2012-09-07 20:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-28 22:51 - 2012-09-26 19:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-28 15:14 - 2014-12-15 04:06 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft

==================== Files in the root of some directories =======

2013-01-19 16:55 - 2013-01-19 16:55 - 0000169 _____ () C:\Users\Glu\AppData\Roaming\vmsprefs
2013-03-01 21:45 - 2013-03-01 21:45 - 0000236 _____ () C:\Users\Glu\AppData\Local\LaunchHomeCenter.log
2015-01-24 10:23 - 2015-01-24 10:23 - 0015565 _____ () C:\Users\Glu\AppData\Local\recently-used.xbel
2012-09-07 14:29 - 2012-09-12 14:41 - 0007597 _____ () C:\Users\Glu\AppData\Local\resmon.resmoncfg
2013-10-19 22:12 - 2013-10-19 22:13 - 0000000 _____ () C:\Users\Glu\AppData\Local\Templayermap.cfg
2013-10-19 22:12 - 2013-10-19 22:13 - 0000000 _____ () C:\Users\Glu\AppData\Local\Tempmatmap.cfg
2014-02-06 12:09 - 2014-02-06 12:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-05-24 20:13 - 2014-08-08 20:06 - 0008763 _____ () C:\ProgramData\hpzinstall.log
2013-08-29 22:14 - 2013-08-29 22:14 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Glu\jagex_cl_runescape_LIVE.dat
C:\Users\Glu\random.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 03:48

==================== End Of Log ============================

Link to post
Share on other sites

Here is the FIXLOG

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by Glu at 2015-01-25 17:49:00 Run:1
Running from C:\Users\Glu\Desktop
Loaded Profiles: Glu (Available profiles: Glu)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [sugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [sugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [sugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [sugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
cmd: type C:\ComboFix.txt
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Glu:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:28BF1793
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Glu\Application Data:gs5sys
AlternateDataStreams: C:\Users\Glu\Cookies:gs5sys
AlternateDataStreams: C:\Users\Glu\Local Settings:gs5sys
AlternateDataStreams: C:\Users\Glu\Local Settings:KT9ZLdXp7Q7fPpQv4oBxmnx8
AlternateDataStreams: C:\Users\Glu\Templates:gs5sys
AlternateDataStreams: C:\Users\Glu\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Glu\Desktop\P Pan Breakdown 15DEC.xlsx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Glu\Desktop\Peter Pan GP 1-18.vwx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Glu\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local:KT9ZLdXp7Q7fPpQv4oBxmnx8
AlternateDataStreams: C:\Users\Glu\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local\Application Data:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local\Application Data:KT9ZLdXp7Q7fPpQv4oBxmnx8
AlternateDataStreams: C:\Users\Glu\AppData\Local\eTsoqtB5GZxFF:bybsWXclzocaWlfLzPMHqo6n
AlternateDataStreams: C:\Users\Glu\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\Glu\AppData\Local\Temp:8N7fj3YyMaqMDskTTMjSg
AlternateDataStreams: C:\Users\Glu\AppData\Local\xcK3c5Dim9vR:xvxD46gmLUIyARNW54iE
AlternateDataStreams: C:\Users\Glu\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => Key deleted successfully.
HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => Key deleted successfully.
HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => Key deleted successfully.
HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => Key deleted successfully.
HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1980527506-3698054450-3991177797-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.

=========  type C:\ComboFix.txt =========

ComboFix 15-01-08.01 - Glu 01/25/2015  15:27:29.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6046.4013 [GMT -5:00]
Running from: c:\users\Glu\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Glu\AppData\Local\assembly\tmp
c:\windows\msdownld.tmp
.
Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected
Restored copy from - c:\combofix\HarddiskVolumeShadowCopy9_!Windows!SysWOW64!userinit.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-12-25 to 2015-01-25  )))))))))))))))))))))))))))))))
.
.
2015-01-24 10:38 . 2015-01-24 10:38    --------    d-----w-    c:\users\Glu\.pdfsam
2015-01-24 08:00 . 2015-01-24 08:16    --------    d-----w-    c:\users\Glu\AppData\Roaming\XnView
2015-01-24 07:59 . 2015-01-24 07:59    --------    d-----w-    c:\program files (x86)\XnView
2015-01-23 21:41 . 2014-12-02 10:26    11870360    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{290F004C-976D-4AD4-AEC2-45CD0FDAF1DF}\mpengine.dll
2015-01-19 09:00 . 2015-01-19 09:11    --------    d-----w-    c:\program files\Vectorworks2015
2015-01-16 22:02 . 2015-01-20 11:12    --------    d-----w-    c:\users\Glu\AppData\Local\CrashDumps
2015-01-16 22:02 . 2015-01-16 22:02    --------    d-----w-    c:\users\Glu\AppData\Roaming\Epson
2015-01-16 21:58 . 2015-01-16 22:21    --------    d-----w-    c:\program files (x86)\EPSON
2015-01-16 21:58 . 2015-01-16 21:58    --------    d-----w-    c:\program files (x86)\Common Files\EPSON
2015-01-16 21:58 . 2015-01-16 22:20    --------    d-----w-    c:\program files (x86)\EPSON Software
2015-01-16 00:08 . 2015-01-16 00:51    --------    d-----w-    C:\AdwCleaner
2015-01-15 23:45 . 2015-01-15 23:51    --------    d-----w-    C:\FRST
2015-01-08 06:29 . 2015-01-08 06:29    --------    d-sh--w-    c:\users\Glu\AppData\Local\EmieBrowserModeList
2015-01-08 06:26 . 2015-01-08 06:26    --------    d-----w-    c:\users\Glu\AppData\Roaming\Avnex
2015-01-08 06:26 . 2008-12-26 17:56    21504    ----a-w-    c:\windows\system32\drivers\vcsvad.sys
2015-01-08 06:26 . 2015-01-08 06:37    --------    d-----w-    c:\program files (x86)\ AV Vcs 7.0 DIAMOND
2015-01-01 14:27 . 2015-01-01 14:27    --------    d-----w-    c:\users\Public\Juniper Networks
2015-01-01 14:27 . 2014-10-07 03:14    108344    ----a-w-    c:\windows\system32\drivers\jnprTdi_807_50111.sys
2015-01-01 14:26 . 2014-08-20 08:54    507192    ----a-w-    c:\windows\system32\drivers\jnprns.sys
2015-01-01 14:24 . 2015-01-01 14:24    --------    d-----w-    c:\program files (x86)\Juniper Networks
2015-01-01 14:23 . 2015-01-01 14:27    --------    d-----w-    c:\program files (x86)\Common Files\Juniper Networks
2015-01-01 00:17 . 2015-01-01 00:22    --------    d-----w-    c:\program files\Common Files\Adobe
2015-01-01 00:14 . 2015-01-01 00:14    --------    d-----w-    c:\program files\Adobe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 20:20 . 2012-09-10 03:08    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-25 20:20 . 2012-09-10 03:08    701616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-24 09:49 . 2014-08-12 01:00    129752    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-15 00:58 . 2012-09-08 06:18    113365784    ----a-w-    c:\windows\system32\MRT.exe
2015-01-06 09:36 . 2010-11-21 03:27    298120    ------w-    c:\windows\system32\MpSigStub.exe
2014-12-21 19:07 . 2012-09-07 18:31    1050432    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2014-12-21 19:07 . 2014-03-15 22:20    116728    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2014-12-21 19:07 . 2013-04-13 03:58    267632    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-12-21 19:07 . 2012-09-07 18:32    436624    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2014-12-21 19:07 . 2014-12-21 19:07    364512    ----a-w-    c:\windows\system32\aswBoot.exe
2014-12-21 19:07 . 2014-08-06 16:51    29208    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-12-21 19:07 . 2013-04-13 03:58    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-12-21 19:07 . 2012-09-07 18:32    93568    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-12-21 19:07 . 2012-09-07 18:31    83280    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-12-21 19:07 . 2014-12-21 19:07    43152    ----a-w-    c:\windows\avastSS.scr
2014-12-13 05:09 . 2014-12-17 20:17    144384    ----a-w-    c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-17 20:17    115712    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2014-12-01 07:35 . 2014-12-01 07:35    178800    ----a-w-    c:\windows\SysWow64\CmdLineExt_x64.dll
2014-11-29 22:13 . 2014-11-29 22:14    98216    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-27 01:43 . 2014-12-10 17:11    389296    ----a-w-    c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-10 17:11    25059840    ----a-w-    c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 17:11    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 17:11    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 17:11    66560    ----a-w-    c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 17:11    580096    ----a-w-    c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 17:11    48640    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 17:11    2885120    ----a-w-    c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 17:11    88064    ----a-w-    c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 17:11    54784    ----a-w-    c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 17:11    34304    ----a-w-    c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 17:11    633856    ----a-w-    c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 17:11    114688    ----a-w-    c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 17:11    814080    ----a-w-    c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 17:11    6039552    ----a-w-    c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 17:11    968704    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 17:11    490496    ----a-w-    c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 17:11    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 17:11    77824    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 17:11    199680    ----a-w-    c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 17:11    92160    ----a-w-    c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 17:11    501248    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 17:11    62464    ----a-w-    c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 17:11    47616    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 17:11    64000    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 17:11    316928    ----a-w-    c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 17:11    620032    ----a-w-    c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 17:11    718848    ----a-w-    c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 17:11    800768    ----a-w-    c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 17:11    1359360    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 17:11    2125312    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 17:11    14412800    ----a-w-    c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 17:11    60416    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 17:11    4299264    ----a-w-    c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 17:11    2358272    ----a-w-    c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 17:11    2052096    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 17:11    1155072    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 17:11    1548288    ----a-w-    c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 17:11    800768    ----a-w-    c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 17:11    1888256    ----a-w-    c:\windows\SysWow64\wininet.dll
2014-11-21 11:14 . 2014-08-12 01:00    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-11-21 11:14 . 2014-08-12 01:00    93400    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 11:14 . 2013-01-13 19:14    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-11-13 00:20 . 2014-12-15 17:55    989056    ----a-w-    c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-12-15 17:55    964928    ----a-w-    c:\windows\system32\NvIFR64.dll
2014-11-13 00:20 . 2014-12-15 17:55    935240    ----a-w-    c:\windows\system32\NvFBC64.dll
2014-11-13 00:20 . 2014-12-15 17:55    923792    ----a-w-    c:\windows\SysWow64\NvIFR.dll
2014-11-13 00:20 . 2014-12-15 17:55    900928    ----a-w-    c:\windows\SysWow64\NvFBC.dll
2014-11-13 00:20 . 2014-12-15 17:55    500880    ----a-w-    c:\windows\system32\nvEncodeAPI64.dll
2014-11-13 00:20 . 2014-12-15 17:55    4292416    ----a-w-    c:\windows\system32\nvcuvid.dll
2014-11-13 00:20 . 2014-12-15 17:55    418112    ----a-w-    c:\windows\SysWow64\nvEncodeAPI.dll
2014-11-13 00:20 . 2014-12-15 17:55    4011208    ----a-w-    c:\windows\SysWow64\nvcuvid.dll
2014-11-13 00:20 . 2014-12-15 17:55    393024    ----a-w-    c:\windows\system32\NvIFROpenGL.dll
2014-11-13 00:20 . 2014-12-15 17:55    352016    ----a-w-    c:\windows\system32\nvoglshim64.dll
2014-11-13 00:20 . 2014-12-15 17:55    348304    ----a-w-    c:\windows\SysWow64\NvIFROpenGL.dll
2014-11-13 00:20 . 2014-12-15 17:55    31893136    ----a-w-    c:\windows\system32\nvoglv64.dll
2014-11-13 00:20 . 2014-12-15 17:55    31560    ----a-w-    c:\windows\system32\drivers\nvpciflt.sys
2014-11-13 00:20 . 2014-12-15 17:55    303600    ----a-w-    c:\windows\SysWow64\nvoglshim32.dll
2014-11-13 00:20 . 2014-12-15 17:55    24557712    ----a-w-    c:\windows\SysWow64\nvoglv32.dll
2014-11-13 00:20 . 2014-12-15 17:55    20986592    ----a-w-    c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-12-15 17:55    19966344    ----a-w-    c:\windows\system32\nvd3dumx.dll
2014-11-13 00:20 . 2014-12-15 17:55    1876296    ----a-w-    c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-12-15 17:55    18514616    ----a-w-    c:\windows\SysWow64\nvwgf2um.dll
2014-11-13 00:20 . 2014-12-15 17:55    1540424    ----a-w-    c:\windows\system32\nvdispgenco6434475.dll
2014-11-13 00:20 . 2014-12-15 17:55    14032984    ----a-w-    c:\windows\system32\nvopencl.dll
2014-11-13 00:20 . 2014-12-15 17:55    13944952    ----a-w-    c:\windows\system32\nvcuda.dll
2014-11-13 00:20 . 2014-12-15 17:55    13213512    ----a-w-    c:\windows\system32\drivers\nvlddmkm.sys
2014-11-13 00:20 . 2014-12-15 17:55    11397744    ----a-w-    c:\windows\SysWow64\nvopencl.dll
2014-11-13 00:20 . 2014-12-15 17:55    11336432    ----a-w-    c:\windows\SysWow64\nvcuda.dll
2014-11-13 00:20 . 2014-12-15 17:55    3262784    ----a-w-    c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-12-15 17:55    20922512    ----a-w-    c:\windows\system32\nvcompiler.dll
2014-11-13 00:20 . 2014-12-15 17:55    17259664    ----a-w-    c:\windows\SysWow64\nvcompiler.dll
2014-11-13 00:20 . 2012-10-20 01:57    2874456    ----a-w-    c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2012-10-20 01:57    16884632    ----a-w-    c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2012-10-20 01:57    871648    ----a-w-    c:\windows\SysWow64\nvumdshim.dll
2014-11-13 00:20 . 2012-09-27 00:22    174856    ----a-w-    c:\windows\system32\nvinitx.dll
2014-11-13 00:20 . 2012-09-27 00:22    156840    ----a-w-    c:\windows\SysWow64\nvinit.dll
2014-11-12 21:56 . 2012-09-27 00:23    6897352    ----a-w-    c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2012-09-27 00:23    3534152    ----a-w-    c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2012-09-27 00:23    934032    ----a-w-    c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2012-09-27 00:23    67072    ----a-w-    c:\windows\system32\nv3dappshextr.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-10 17:19    1730264    ----a-w-    c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-10 17:19    1730264    ----a-w-    c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-10 17:19    1730264    ----a-w-    c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    131480    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    131480    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    131480    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-09 5227112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-07-16 1317256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel Centrino Wireless Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys;c:\windows\SYSNATIVE\drivers\hpfx64fax.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 jnprva;Juniper Networks Virtual Adapter Service;c:\windows\system32\DRIVERS\jnprva.sys;c:\windows\SYSNATIVE\DRIVERS\jnprva.sys [x]
R3 JuniperAccessService;Juniper Unified Network Service;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 AMPPALR3;Intel Centrino Wireless Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R4 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R4 jnprTdi_807_50111;Juniper Networks TDI Filter Driver (jnprTdi_807_50111);c:\windows\system32\Drivers\jnprTdi_807_50111.sys;c:\windows\SYSNATIVE\Drivers\jnprTdi_807_50111.sys [x]
R4 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 jnprns;Juniper Network Service;c:\windows\system32\DRIVERS\jnprns.sys;c:\windows\SYSNATIVE\DRIVERS\jnprns.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Intel Centrino Wireless Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\DRIVERS\jnprvamgr.sys;c:\windows\SYSNATIVE\DRIVERS\jnprvamgr.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-10 17:24    2335960    ----a-w-    c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-10 17:24    2335960    ----a-w-    c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-10 17:24    2335960    ----a-w-    c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-21 19:07    860984    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    164760    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    164760    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    164760    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08    164760    ----a-w-    c:\users\Glu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.200.1
TCP: Interfaces\{6716A415-200C-4AF3-969E-EA43E1C2A18D}: NameServer = 10.27.3.2,10.25.3.2
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Glu\AppData\Roaming\Mozilla\Firefox\Profiles\p6vp32cz.default-1421369630122\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
AddRemove-{0BBE42EB-7BB3-4BC4-817E-2438503CDE1B} - c:\program files (x86)\InstallShield Installation Information\{0BBE42EB-7BB3-4BC4-817E-2438503CDE1B}\setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{32E4F0D2-C135-475E-A841-1D59A0D22989} - c:\program files (x86)\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe
AddRemove-{3E4B349F-10B5-4586-9D99-489A90A8B228} - c:\program files (x86)\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe
AddRemove-{BABBBF7B-E332-4A4B-87B5-59B7031674D0} - c:\program files (x86)\InstallShield Installation Information\{BABBBF7B-E332-4A4B-87B5-59B7031674D0}\setup.exe
AddRemove-{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4} - c:\program files (x86)\InstallShield Installation Information\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*c:\program files (x86)\VideoLAN\VLC\lua\playlist\anevia_streams.luac*4*S*c:\program files (x86)\VideoLAN\VLC\lua\playlist\anevia_streams.luac*v*S*(L*q07*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*c:\program files (x86)\VideoLAN\VLC\lua\playlist\anevia_streams.luac*4*S*c:\program files (x86)\VideoLAN\VLC\lua\playlist\anevia_streams.luac*v*S*(L*q07*\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1980527506-3698054450-3991177797-1002\Software\SecuROM\License information*]
"datasecu"=hex:4d,13,a6,49,9b,0e,4f,db,95,3e,f8,d5,66,ae,83,07,40,14,4b,a0,9e,
   87,49,21,fc,ef,7a,1a,03,a9,4e,2c,e2,6a,0f,0c,c7,79,1f,91,f5,51,59,b1,58,dc,\
"rkeysecu"=hex:61,1e,3e,c6,aa,f7,d0,f6,9e,ca,89,77,5e,04,b1,b8
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Completion time: 2015-01-25  15:45:59 - machine was rebooted
ComboFix-quarantined-files.txt  2015-01-25 20:45
.
Pre-Run: 140,234,063,872 bytes free
Post-Run: 140,138,725,376 bytes free
.
- - End Of File - - 827B01EC90C4C3C47ED89BB5F83E19E8
A36C5E4F47E84449FF07ED3517B43A31

========= End of CMD: =========

C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\Glu => ":gs5sys" ADS removed successfully.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
C:\ProgramData\Temp => ":28BF1793" ADS removed successfully.
"C:\ProgramData\Templates" => ":gs5sys" ADS not found.
"C:\Users\Glu\Application Data" => ":gs5sys" ADS not found.
"C:\Users\Glu\Cookies" => ":gs5sys" ADS not found.
"C:\Users\Glu\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\Glu\Local Settings" => ":KT9ZLdXp7Q7fPpQv4oBxmnx8" ADS not found.
"C:\Users\Glu\Templates" => ":gs5sys" ADS not found.
C:\Users\Glu\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Glu\Desktop\P Pan Breakdown 15DEC.xlsx => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Glu\Desktop\Peter Pan GP 1-18.vwx => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\Glu\AppData\Local => ":gs5sys" ADS removed successfully.
C:\Users\Glu\AppData\Local => ":KT9ZLdXp7Q7fPpQv4oBxmnx8" ADS removed successfully.
C:\Users\Glu\AppData\Roaming => ":gs5sys" ADS removed successfully.
"C:\Users\Glu\AppData\Local\Application Data" => ":gs5sys" ADS not found.
"C:\Users\Glu\AppData\Local\Application Data" => ":KT9ZLdXp7Q7fPpQv4oBxmnx8" ADS not found.
C:\Users\Glu\AppData\Local\eTsoqtB5GZxFF => ":bybsWXclzocaWlfLzPMHqo6n" ADS removed successfully.
"C:\Users\Glu\AppData\Local\History" => ":gs5sys" ADS not found.
C:\Users\Glu\AppData\Local\Temp => ":8N7fj3YyMaqMDskTTMjSg" ADS removed successfully.
C:\Users\Glu\AppData\Local\xcK3c5Dim9vR => ":xvxD46gmLUIyARNW54iE" ADS removed successfully.
C:\Users\Glu\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully.


The system needed a reboot.

==== End of Fixlog 17:49:00 ====

Link to post
Share on other sites

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).

    Copy and paste its contents in your next reply.

tdss.gif
Link to post
Share on other sites

18:16:34.0094 0x062c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:16:37.0635 0x062c  ============================================================
18:16:37.0635 0x062c  Current date / time: 2015/01/25 18:16:37.0635
18:16:37.0635 0x062c  SystemInfo:
18:16:37.0635 0x062c  
18:16:37.0635 0x062c  OS Version: 6.1.7601 ServicePack: 1.0
18:16:37.0635 0x062c  Product type: Workstation
18:16:37.0651 0x062c  ComputerName: GLU-PC
18:16:37.0651 0x062c  UserName: Glu
18:16:37.0651 0x062c  Windows directory: C:\Windows
18:16:37.0651 0x062c  System windows directory: C:\Windows
18:16:37.0651 0x062c  Running under WOW64
18:16:37.0651 0x062c  Processor architecture: Intel x64
18:16:37.0651 0x062c  Number of processors: 8
18:16:37.0651 0x062c  Page size: 0x1000
18:16:37.0651 0x062c  Boot type: Normal boot
18:16:37.0651 0x062c  ============================================================
18:16:40.0474 0x062c  KLMD registered as C:\Windows\system32\drivers\24002418.sys
18:16:40.0802 0x062c  System UUID: {B90B1A4F-933A-EC6C-DEBC-F2A0F1AF4CE1}
18:16:41.0348 0x062c  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:16:41.0363 0x062c  ============================================================
18:16:41.0363 0x062c  \Device\Harddisk0\DR0:
18:16:41.0363 0x062c  MBR partitions:
18:16:41.0363 0x062c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
18:16:41.0363 0x062c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51AE1000
18:16:41.0363 0x062c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x51B45800, BlocksNum 0x32F0000
18:16:41.0363 0x062c  ============================================================
18:16:41.0426 0x062c  C: <-> \Device\Harddisk0\DR0\Partition2
18:16:41.0488 0x062c  D: <-> \Device\Harddisk0\DR0\Partition3
18:16:41.0488 0x062c  ============================================================
18:16:41.0488 0x062c  Initialize success
18:16:41.0504 0x062c  ============================================================
18:16:54.0093 0x0d50  ============================================================
18:16:54.0093 0x0d50  Scan started
18:16:54.0093 0x0d50  Mode: Manual; SigCheck; TDLFS;
18:16:54.0093 0x0d50  ============================================================
18:16:54.0093 0x0d50  KSN ping started
18:16:56.0542 0x0d50  KSN ping finished: true
18:16:57.0775 0x0d50  ================ Scan system memory ========================
18:16:57.0775 0x0d50  System memory - ok
18:16:57.0775 0x0d50  ================ Scan services =============================
18:16:57.0977 0x0d50  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:16:58.0024 0x0d50  1394ohci - ok
18:16:58.0055 0x0d50  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:16:58.0071 0x0d50  ACPI - ok
18:16:58.0087 0x0d50  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:16:58.0102 0x0d50  AcpiPmi - ok
18:16:58.0133 0x0d50  [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
18:16:58.0149 0x0d50  ACPIVPC - ok
18:16:58.0321 0x0d50  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:16:58.0321 0x0d50  AdobeARMservice - ok
18:16:58.0352 0x0d50  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:16:58.0367 0x0d50  adp94xx - ok
18:16:58.0399 0x0d50  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:16:58.0414 0x0d50  adpahci - ok
18:16:58.0445 0x0d50  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:16:58.0461 0x0d50  adpu320 - ok
18:16:58.0477 0x0d50  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:16:58.0508 0x0d50  AeLookupSvc - ok
18:16:58.0586 0x0d50  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:16:58.0601 0x0d50  AFD - ok
18:16:58.0648 0x0d50  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:16:58.0664 0x0d50  agp440 - ok
18:16:58.0711 0x0d50  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:16:58.0726 0x0d50  ALG - ok
18:16:58.0773 0x0d50  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:16:58.0804 0x0d50  aliide - ok
18:16:58.0835 0x0d50  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:16:58.0851 0x0d50  amdide - ok
18:16:58.0882 0x0d50  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:16:58.0913 0x0d50  AmdK8 - ok
18:16:58.0960 0x0d50  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:16:58.0976 0x0d50  AmdPPM - ok
18:16:59.0023 0x0d50  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:16:59.0038 0x0d50  amdsata - ok
18:16:59.0069 0x0d50  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:16:59.0069 0x0d50  amdsbs - ok
18:16:59.0101 0x0d50  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:16:59.0116 0x0d50  amdxata - ok
18:16:59.0194 0x0d50  [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
18:16:59.0225 0x0d50  AMPPAL - ok
18:16:59.0225 0x0d50  [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
18:16:59.0241 0x0d50  AMPPALP - ok
18:16:59.0413 0x0d50  [ AB6E5B9333101E414D8F04BC570064F1, 4BB20C0ECE2C655B8E3A40E8C69A7B6974B73D3585AEDF47A0C52582D17BDAF6 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:16:59.0444 0x0d50  AMPPALR3 - ok
18:16:59.0475 0x0d50  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
18:16:59.0491 0x0d50  AppID - ok
18:16:59.0553 0x0d50  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:16:59.0584 0x0d50  AppIDSvc - ok
18:16:59.0600 0x0d50  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:16:59.0615 0x0d50  Appinfo - ok
18:16:59.0678 0x0d50  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:16:59.0693 0x0d50  arc - ok
18:16:59.0740 0x0d50  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:16:59.0756 0x0d50  arcsas - ok
18:16:59.0865 0x0d50  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:16:59.0881 0x0d50  aspnet_state - ok
18:16:59.0990 0x0d50  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:17:00.0005 0x0d50  aswHwid - ok
18:17:00.0037 0x0d50  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:17:00.0052 0x0d50  aswMonFlt - ok
18:17:00.0130 0x0d50  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:17:00.0146 0x0d50  aswRdr - ok
18:17:00.0239 0x0d50  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:17:00.0255 0x0d50  aswRvrt - ok
18:17:00.0349 0x0d50  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:17:00.0380 0x0d50  aswSnx - ok
18:17:00.0489 0x0d50  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:17:00.0520 0x0d50  aswSP - ok
18:17:00.0567 0x0d50  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:17:00.0583 0x0d50  aswStm - ok
18:17:00.0629 0x0d50  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:17:00.0645 0x0d50  aswVmm - ok
18:17:00.0661 0x0d50  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:17:00.0676 0x0d50  AsyncMac - ok
18:17:00.0692 0x0d50  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:17:00.0707 0x0d50  atapi - ok
18:17:00.0801 0x0d50  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:17:00.0817 0x0d50  AudioEndpointBuilder - ok
18:17:00.0832 0x0d50  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:17:00.0863 0x0d50  AudioSrv - ok
18:17:01.0004 0x0d50  [ 3817558D8D5BBC8B0F190CF0D7C4720F, 7CD250DD22BE0E6CF6BEA639EA8220E46158CA7DF33FF803967CEAEA7FBD14E5 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
18:17:01.0019 0x0d50  Autodesk Content Service - detected UnsignedFile.Multi.Generic ( 1 )
18:17:03.0562 0x0d50  Detect skipped due to KSN trusted
18:17:03.0562 0x0d50  Autodesk Content Service - ok
18:17:03.0625 0x0d50  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:17:03.0640 0x0d50  avast! Antivirus - ok
18:17:03.0921 0x0d50  [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
18:17:03.0983 0x0d50  AvastVBoxSvc - ok
18:17:04.0015 0x0d50  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:17:04.0030 0x0d50  AxInstSV - ok
18:17:04.0077 0x0d50  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:17:04.0093 0x0d50  b06bdrv - ok
18:17:04.0124 0x0d50  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:17:04.0139 0x0d50  b57nd60a - ok
18:17:04.0202 0x0d50  [ 326E77EA6E9BF27C7CD2837D65DB96C7, BDADECEFFF828BE1F77809788B1219B55F0C46BC83B17A62039C5EF71A657528 ] BazisVirtualCDBus C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys
18:17:04.0217 0x0d50  BazisVirtualCDBus - ok
18:17:04.0249 0x0d50  [ BC9E4469FE2CE605902D4C8BB09E8236, 13C906DEE487E46037F6DAB82CD65B49CECCA8A7BAC9E1FFD34767AA288A9B76 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
18:17:04.0249 0x0d50  bcbtums - ok
18:17:04.0280 0x0d50  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:17:04.0280 0x0d50  BDESVC - ok
18:17:04.0311 0x0d50  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:17:04.0405 0x0d50  Beep - ok
18:17:04.0467 0x0d50  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:17:04.0498 0x0d50  BFE - ok
18:17:04.0561 0x0d50  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
18:17:04.0592 0x0d50  BITS - ok
18:17:04.0592 0x0d50  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:17:04.0607 0x0d50  blbdrive - ok
18:17:04.0623 0x0d50  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:17:04.0639 0x0d50  bowser - ok
18:17:04.0670 0x0d50  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:17:04.0685 0x0d50  BrFiltLo - ok
18:17:04.0701 0x0d50  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:17:04.0732 0x0d50  BrFiltUp - ok
18:17:04.0795 0x0d50  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:17:04.0841 0x0d50  BridgeMP - ok
18:17:04.0873 0x0d50  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:17:04.0888 0x0d50  Browser - ok
18:17:04.0919 0x0d50  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:17:04.0935 0x0d50  Brserid - ok
18:17:05.0013 0x0d50  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:17:05.0029 0x0d50  BrSerWdm - ok
18:17:05.0060 0x0d50  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:17:05.0060 0x0d50  BrUsbMdm - ok
18:17:05.0075 0x0d50  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:17:05.0091 0x0d50  BrUsbSer - ok
18:17:05.0122 0x0d50  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:17:05.0122 0x0d50  BthEnum - ok
18:17:05.0138 0x0d50  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:17:05.0153 0x0d50  BTHMODEM - ok
18:17:05.0169 0x0d50  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:17:05.0185 0x0d50  BthPan - ok
18:17:05.0216 0x0d50  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
18:17:05.0231 0x0d50  BTHPORT - ok
18:17:05.0278 0x0d50  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:17:05.0325 0x0d50  bthserv - ok
18:17:05.0341 0x0d50  [ 588762F716C2B7A2054AFBC3D58E5C21, CD44B0200B2E0A81073563BE84ECF9C092F4B5E9DC166A8F0690D6272913CCB7 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:17:05.0341 0x0d50  BTHSSecurityMgr - ok
18:17:05.0356 0x0d50  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
18:17:05.0372 0x0d50  BTHUSB - ok
18:17:05.0372 0x0d50  btwampfl - ok
18:17:05.0372 0x0d50  btwaudio - ok
18:17:05.0372 0x0d50  btwavdt - ok
18:17:05.0387 0x0d50  btwl2cap - ok
18:17:05.0387 0x0d50  btwrchid - ok
18:17:05.0434 0x0d50  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:17:05.0465 0x0d50  cdfs - ok
18:17:05.0497 0x0d50  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:17:05.0512 0x0d50  cdrom - ok
18:17:05.0543 0x0d50  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:17:05.0559 0x0d50  CertPropSvc - ok
18:17:05.0575 0x0d50  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:17:05.0590 0x0d50  circlass - ok
18:17:05.0606 0x0d50  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:17:05.0621 0x0d50  CLFS - ok
18:17:05.0668 0x0d50  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:17:05.0699 0x0d50  clr_optimization_v2.0.50727_32 - ok
18:17:05.0762 0x0d50  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:17:05.0777 0x0d50  clr_optimization_v2.0.50727_64 - ok
18:17:05.0871 0x0d50  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:17:05.0887 0x0d50  clr_optimization_v4.0.30319_32 - ok
18:17:05.0949 0x0d50  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:17:05.0980 0x0d50  clr_optimization_v4.0.30319_64 - ok
18:17:05.0980 0x0d50  clwvd - ok
18:17:05.0996 0x0d50  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:17:05.0996 0x0d50  CmBatt - ok
18:17:06.0027 0x0d50  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:17:06.0043 0x0d50  cmdide - ok
18:17:06.0121 0x0d50  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:17:06.0152 0x0d50  CNG - ok
18:17:06.0167 0x0d50  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:17:06.0183 0x0d50  Compbatt - ok
18:17:06.0183 0x0d50  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:17:06.0199 0x0d50  CompositeBus - ok
18:17:06.0199 0x0d50  COMSysApp - ok
18:17:06.0261 0x0d50  [ C30FBFDB0A1B298C3D9A5EE1BBDFCB14, 3940882DF4D68B81B34B431F358E9F5247E72BE00322BF445C9A6E9E26AE9544 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:17:06.0292 0x0d50  cphs - ok
18:17:06.0308 0x0d50  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:17:06.0323 0x0d50  crcdisk - ok
18:17:06.0355 0x0d50  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:17:06.0370 0x0d50  CryptSvc - ok
18:17:06.0448 0x0d50  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:17:06.0479 0x0d50  DcomLaunch - ok
18:17:06.0511 0x0d50  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:17:06.0557 0x0d50  defragsvc - ok
18:17:06.0573 0x0d50  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:17:06.0589 0x0d50  DfsC - ok
18:17:06.0604 0x0d50  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:17:06.0620 0x0d50  Dhcp - ok
18:17:06.0651 0x0d50  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:17:06.0667 0x0d50  discache - ok
18:17:06.0682 0x0d50  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:17:06.0682 0x0d50  Disk - ok
18:17:06.0713 0x0d50  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:17:06.0729 0x0d50  Dnscache - ok
18:17:06.0760 0x0d50  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:17:06.0807 0x0d50  dot3svc - ok
18:17:06.0869 0x0d50  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:17:06.0901 0x0d50  Dot4 - ok
18:17:06.0947 0x0d50  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:17:06.0963 0x0d50  Dot4Print - ok
18:17:06.0994 0x0d50  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:17:07.0010 0x0d50  dot4usb - ok
18:17:07.0041 0x0d50  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:17:07.0072 0x0d50  DPS - ok
18:17:07.0119 0x0d50  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:17:07.0135 0x0d50  drmkaud - ok
18:17:07.0228 0x0d50  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:17:07.0244 0x0d50  DXGKrnl - ok
18:17:07.0306 0x0d50  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:17:07.0353 0x0d50  EapHost - ok
18:17:07.0493 0x0d50  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:17:07.0556 0x0d50  ebdrv - ok
18:17:07.0587 0x0d50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
18:17:07.0587 0x0d50  EFS - ok
18:17:07.0712 0x0d50  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:17:07.0743 0x0d50  ehRecvr - ok
18:17:07.0774 0x0d50  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:17:07.0790 0x0d50  ehSched - ok
18:17:07.0899 0x0d50  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:17:07.0930 0x0d50  elxstor - ok
18:17:07.0946 0x0d50  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:17:07.0961 0x0d50  ErrDev - ok
18:17:08.0008 0x0d50  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:17:08.0055 0x0d50  EventSystem - ok
18:17:08.0195 0x0d50  [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:17:08.0227 0x0d50  EvtEng - ok
18:17:08.0289 0x0d50  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:17:08.0336 0x0d50  exfat - ok
18:17:08.0351 0x0d50  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:17:08.0367 0x0d50  fastfat - ok
18:17:08.0414 0x0d50  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:17:08.0429 0x0d50  Fax - ok
18:17:08.0445 0x0d50  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:17:08.0461 0x0d50  fdc - ok
18:17:08.0492 0x0d50  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:17:08.0523 0x0d50  fdPHost - ok
18:17:08.0554 0x0d50  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:17:08.0570 0x0d50  FDResPub - ok
18:17:08.0601 0x0d50  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:17:08.0601 0x0d50  FileInfo - ok
18:17:08.0617 0x0d50  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:17:08.0632 0x0d50  Filetrace - ok
18:17:08.0851 0x0d50  [ 4ABED7916DB028C614C888D2A6826311, B7EB4838C41EA382230970854FAFC2BF5C38E4D87FECA3192E6775944EBB6F6F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:17:08.0882 0x0d50  FlexNet Licensing Service 64 - ok
18:17:08.0913 0x0d50  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:17:08.0929 0x0d50  flpydisk - ok
18:17:08.0944 0x0d50  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:17:08.0944 0x0d50  FltMgr - ok
18:17:09.0038 0x0d50  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:17:09.0069 0x0d50  FontCache - ok
18:17:09.0100 0x0d50  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:17:09.0116 0x0d50  FontCache3.0.0.0 - ok
18:17:09.0147 0x0d50  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:17:09.0147 0x0d50  FsDepends - ok
18:17:09.0178 0x0d50  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:17:09.0194 0x0d50  fssfltr - ok
18:17:09.0350 0x0d50  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:17:09.0381 0x0d50  fsssvc - ok
18:17:09.0443 0x0d50  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:17:09.0459 0x0d50  Fs_Rec - ok
18:17:09.0506 0x0d50  [ 7442BCA60ED46CC31C2F39728BBDD9AD, 0218349E24AC059C502009432A0EC51086E1F9A895E7367CAC1FC6A6C8187B2B ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
18:17:09.0521 0x0d50  FTDIBUS - ok
18:17:09.0568 0x0d50  [ 121AF3148CDDA212CFFBC4F6240699C2, 866D8CA649144502DCF2975905100ABC8BA068C6A1AAF503421B2FA97FFD2514 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
18:17:09.0584 0x0d50  FTSER2K - ok
18:17:09.0615 0x0d50  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:17:09.0646 0x0d50  fvevol - ok
18:17:09.0693 0x0d50  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:17:09.0709 0x0d50  gagp30kx - ok
18:17:09.0787 0x0d50  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:17:09.0833 0x0d50  gpsvc - ok
18:17:09.0849 0x0d50  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:17:09.0865 0x0d50  hcw85cir - ok
18:17:09.0880 0x0d50  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:17:09.0896 0x0d50  HdAudAddService - ok
18:17:09.0911 0x0d50  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:17:09.0927 0x0d50  HDAudBus - ok
18:17:10.0005 0x0d50  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:17:10.0021 0x0d50  HidBatt - ok
18:17:10.0067 0x0d50  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:17:10.0083 0x0d50  HidBth - ok
18:17:10.0099 0x0d50  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:17:10.0130 0x0d50  HidIr - ok
18:17:10.0192 0x0d50  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
18:17:10.0239 0x0d50  hidserv - ok
18:17:10.0270 0x0d50  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:17:10.0286 0x0d50  HidUsb - ok
18:17:10.0317 0x0d50  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:17:10.0348 0x0d50  hkmsvc - ok
18:17:10.0395 0x0d50  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:17:10.0411 0x0d50  HomeGroupListener - ok
18:17:10.0504 0x0d50  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:17:10.0535 0x0d50  HomeGroupProvider - ok
18:17:10.0567 0x0d50  [ DBD2BB97A574FC565B1EB5C0A03F917A, 3946F8F95C3A7371E168BC82F068E7F830A07FD545A16F47336902E174E0370A ] HPFXBULK        C:\Windows\system32\drivers\hpfx64bulk.sys
18:17:10.0567 0x0d50  HPFXBULK - ok
18:17:10.0598 0x0d50  [ 219C2A07FD07023D3905C332BF6F9BA8, D1648BB751909470D307A915F07B4F54282B94E159378CC7118D6F32478020E9 ] HPFXFAX         C:\Windows\system32\drivers\hpfx64fax.sys
18:17:10.0598 0x0d50  HPFXFAX - ok
18:17:10.0629 0x0d50  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:17:10.0645 0x0d50  HpSAMD - ok
18:17:10.0738 0x0d50  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:17:10.0785 0x0d50  HTTP - ok
18:17:10.0801 0x0d50  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:17:10.0816 0x0d50  hwpolicy - ok
18:17:10.0832 0x0d50  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:17:10.0832 0x0d50  i8042prt - ok
18:17:10.0925 0x0d50  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:17:10.0957 0x0d50  iaStor - ok
18:17:10.0988 0x0d50  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:17:10.0988 0x0d50  iaStorV - ok
18:17:11.0081 0x0d50  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:17:11.0113 0x0d50  idsvc - ok
18:17:11.0175 0x0d50  IEEtwCollectorService - ok
18:17:11.0612 0x0d50  [ 937CB7CC3E71A93771B72C8C52B9EA81, C9D1093A87452454E957C738ED176A41BD34A19412F50D319D1AD15D6749D06F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:17:11.0861 0x0d50  igfx - ok
18:17:11.0908 0x0d50  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:17:11.0924 0x0d50  iirsp - ok
18:17:12.0049 0x0d50  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:17:12.0080 0x0d50  IKEEXT - ok
18:17:12.0080 0x0d50  intaud_WaveExtensible - ok
18:17:12.0236 0x0d50  [ D830262519DDCDFC8BE34EB7047C22DC, A3D41BD7EDBAD0B64245824E920804FB98468E32A649A7983AB3C13C89144D23 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:17:12.0314 0x0d50  IntcAzAudAddService - ok
18:17:12.0345 0x0d50  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:17:12.0345 0x0d50  IntcDAud - ok
18:17:12.0423 0x0d50  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:17:12.0439 0x0d50  intelide - ok
18:17:12.0470 0x0d50  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:17:12.0485 0x0d50  intelppm - ok
18:17:12.0517 0x0d50  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:17:12.0548 0x0d50  IPBusEnum - ok
18:17:12.0563 0x0d50  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:17:12.0579 0x0d50  IpFilterDriver - ok
18:17:12.0626 0x0d50  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:17:12.0641 0x0d50  iphlpsvc - ok
18:17:12.0657 0x0d50  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:17:12.0673 0x0d50  IPMIDRV - ok
18:17:12.0688 0x0d50  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:17:12.0719 0x0d50  IPNAT - ok
18:17:12.0735 0x0d50  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:17:12.0735 0x0d50  IRENUM - ok
18:17:12.0751 0x0d50  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:17:12.0766 0x0d50  isapnp - ok
18:17:12.0844 0x0d50  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:17:12.0875 0x0d50  iScsiPrt - ok
18:17:12.0907 0x0d50  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:17:12.0922 0x0d50  iusb3hcs - ok
18:17:12.0953 0x0d50  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:17:12.0969 0x0d50  iusb3hub - ok
18:17:12.0985 0x0d50  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:17:13.0016 0x0d50  iusb3xhc - ok
18:17:13.0016 0x0d50  iwdbus - ok
18:17:13.0016 0x0d50  JMCR - ok
18:17:13.0109 0x0d50  [ FA3F365E5AC0595B80F255A04005F053, 299061C0BC6D21ABC666BA747DF1DD64E778A58599045F481B82E7033F0751DC ] jnprns          C:\Windows\system32\DRIVERS\jnprns.sys
18:17:13.0125 0x0d50  jnprns - ok
18:17:13.0156 0x0d50  [ B389392FC94D0E86A7D2914489B452AB, A4BC8BFD76ADCD3559704BA3BFDABDF31D1E6EC3EE6D6575C9B806FF9DB5A903 ] jnprTdi_807_50111 C:\Windows\system32\Drivers\jnprTdi_807_50111.sys
18:17:13.0156 0x0d50  jnprTdi_807_50111 - ok
18:17:13.0187 0x0d50  [ 44C9235408780F1F6299FA809A2C4FCE, 409E0A4212669A30E3EA14083668785C69D5F0028692F23419BCDAD00D15097A ] jnprva          C:\Windows\system32\DRIVERS\jnprva.sys
18:17:13.0187 0x0d50  jnprva - ok
18:17:13.0219 0x0d50  [ 43389A5F75966CB4715253F1B3EAD392, 68C61701DAC97EB21AFDD9457A71417C474F9EE0B0CEE6859B694266E601803C ] JnprVaMgr       C:\Windows\system32\DRIVERS\jnprvamgr.sys
18:17:13.0219 0x0d50  JnprVaMgr - ok
18:17:13.0359 0x0d50  [ 31288BE014E823EB97F4E35E82FCB886, 86ABDFC758A3FFB0A44052A680FF18272C82A65C2DE4554F6CAA836E132D2EA3 ] JuniperAccessService C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
18:17:13.0390 0x0d50  JuniperAccessService - ok
18:17:13.0406 0x0d50  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:17:13.0421 0x0d50  kbdclass - ok
18:17:13.0468 0x0d50  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:17:13.0468 0x0d50  kbdhid - ok
18:17:13.0484 0x0d50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
18:17:13.0499 0x0d50  KeyIso - ok
18:17:13.0531 0x0d50  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:17:13.0546 0x0d50  KSecDD - ok
18:17:13.0577 0x0d50  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:17:13.0577 0x0d50  KSecPkg - ok
 

Link to post
Share on other sites

18:17:13.0640 0x0d50  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:17:13.0687 0x0d50  ksthunk - ok
18:17:13.0733 0x0d50  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:17:13.0765 0x0d50  KtmRm - ok
18:17:13.0796 0x0d50  [ FC741259B7C22379EE83257D7CF91151, 37FAA2E03DFE8C04762178EC7C0AD7AB383155772EFF857D7D27225F8DF29C5B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:17:13.0811 0x0d50  L1C - ok
18:17:13.0858 0x0d50  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:17:13.0889 0x0d50  LanmanServer - ok
18:17:13.0921 0x0d50  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:17:13.0967 0x0d50  LanmanWorkstation - ok
18:17:13.0983 0x0d50  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:17:14.0014 0x0d50  lltdio - ok
18:17:14.0061 0x0d50  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:17:14.0092 0x0d50  lltdsvc - ok
18:17:14.0123 0x0d50  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:17:14.0139 0x0d50  lmhosts - ok
18:17:14.0217 0x0d50  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:17:14.0233 0x0d50  LSI_FC - ok
18:17:14.0264 0x0d50  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:17:14.0279 0x0d50  LSI_SAS - ok
18:17:14.0295 0x0d50  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:17:14.0311 0x0d50  LSI_SAS2 - ok
18:17:14.0342 0x0d50  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:17:14.0357 0x0d50  LSI_SCSI - ok
18:17:14.0389 0x0d50  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:17:14.0404 0x0d50  luafv - ok
18:17:14.0498 0x0d50  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:17:14.0513 0x0d50  MBAMSwissArmy - ok
18:17:14.0576 0x0d50  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:17:14.0607 0x0d50  Mcx2Svc - ok
18:17:14.0607 0x0d50  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:17:14.0623 0x0d50  megasas - ok
18:17:14.0654 0x0d50  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:17:14.0669 0x0d50  MegaSR - ok
18:17:14.0732 0x0d50  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:17:14.0747 0x0d50  MEIx64 - ok
18:17:14.0779 0x0d50  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:17:14.0810 0x0d50  MMCSS - ok
18:17:14.0841 0x0d50  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:17:14.0857 0x0d50  Modem - ok
18:17:14.0888 0x0d50  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:17:14.0903 0x0d50  monitor - ok
18:17:14.0903 0x0d50  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:17:14.0919 0x0d50  mouclass - ok
18:17:14.0935 0x0d50  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:17:14.0950 0x0d50  mouhid - ok
18:17:14.0950 0x0d50  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:17:14.0966 0x0d50  mountmgr - ok
18:17:14.0997 0x0d50  [ 9E587AFE2AD4873C809F1E0C598AB435, 0B0ECFF265120BCBAC37CF9B53B18462725AB991D00B90DBEE8DD9375121DA4F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:17:15.0013 0x0d50  MozillaMaintenance - ok
18:17:15.0044 0x0d50  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:17:15.0044 0x0d50  mpio - ok
18:17:15.0106 0x0d50  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:17:15.0153 0x0d50  mpsdrv - ok
18:17:15.0247 0x0d50  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:17:15.0278 0x0d50  MpsSvc - ok
18:17:15.0309 0x0d50  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:17:15.0325 0x0d50  MRxDAV - ok
18:17:15.0387 0x0d50  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:17:15.0418 0x0d50  mrxsmb - ok
18:17:15.0449 0x0d50  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:17:15.0465 0x0d50  mrxsmb10 - ok
18:17:15.0481 0x0d50  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:17:15.0481 0x0d50  mrxsmb20 - ok
18:17:15.0543 0x0d50  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:17:15.0559 0x0d50  msahci - ok
18:17:15.0590 0x0d50  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:17:15.0605 0x0d50  msdsm - ok
18:17:15.0621 0x0d50  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:17:15.0637 0x0d50  MSDTC - ok
18:17:15.0652 0x0d50  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:17:15.0683 0x0d50  Msfs - ok
18:17:15.0715 0x0d50  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:17:15.0730 0x0d50  mshidkmdf - ok
18:17:15.0746 0x0d50  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:17:15.0746 0x0d50  msisadrv - ok
18:17:15.0793 0x0d50  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:17:15.0839 0x0d50  MSiSCSI - ok
18:17:15.0839 0x0d50  msiserver - ok
18:17:15.0855 0x0d50  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:17:15.0871 0x0d50  MSKSSRV - ok
18:17:15.0902 0x0d50  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:17:15.0917 0x0d50  MSPCLOCK - ok
18:17:15.0933 0x0d50  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:17:15.0964 0x0d50  MSPQM - ok
18:17:16.0011 0x0d50  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:17:16.0042 0x0d50  MsRPC - ok
18:17:16.0073 0x0d50  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:17:16.0073 0x0d50  mssmbios - ok
18:17:16.0105 0x0d50  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:17:16.0151 0x0d50  MSTEE - ok
18:17:16.0167 0x0d50  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:17:16.0167 0x0d50  MTConfig - ok
18:17:16.0183 0x0d50  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:17:16.0198 0x0d50  Mup - ok
18:17:16.0245 0x0d50  [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:17:16.0261 0x0d50  MyWiFiDHCPDNS - ok
18:17:16.0354 0x0d50  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:17:16.0385 0x0d50  napagent - ok
18:17:16.0417 0x0d50  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:17:16.0432 0x0d50  NativeWifiP - ok
18:17:16.0541 0x0d50  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:17:16.0573 0x0d50  NDIS - ok
18:17:16.0604 0x0d50  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:17:16.0619 0x0d50  NdisCap - ok
18:17:16.0666 0x0d50  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:17:16.0713 0x0d50  NdisTapi - ok
18:17:16.0729 0x0d50  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:17:16.0744 0x0d50  Ndisuio - ok
18:17:16.0760 0x0d50  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:17:16.0791 0x0d50  NdisWan - ok
18:17:16.0791 0x0d50  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:17:16.0822 0x0d50  NDProxy - ok
18:17:16.0885 0x0d50  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:17:16.0900 0x0d50  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:17:19.0537 0x0d50  Detect skipped due to KSN trusted
18:17:19.0537 0x0d50  Net Driver HPZ12 - ok
18:17:19.0583 0x0d50  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:17:19.0630 0x0d50  NetBIOS - ok
18:17:19.0646 0x0d50  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:17:19.0677 0x0d50  NetBT - ok
18:17:19.0693 0x0d50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
18:17:19.0693 0x0d50  Netlogon - ok
18:17:19.0724 0x0d50  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:17:19.0755 0x0d50  Netman - ok
18:17:19.0849 0x0d50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:19.0880 0x0d50  NetMsmqActivator - ok
18:17:19.0880 0x0d50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:19.0895 0x0d50  NetPipeActivator - ok
18:17:19.0927 0x0d50  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:17:19.0958 0x0d50  netprofm - ok
18:17:19.0958 0x0d50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:19.0958 0x0d50  NetTcpActivator - ok
18:17:19.0973 0x0d50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:19.0973 0x0d50  NetTcpPortSharing - ok
18:17:20.0301 0x0d50  [ B51E9AD4F4E4F8DBE0AB882756BC5DAB, 74E975F3BF39B360C466A0CEEEF545D1B814EE1AEFF6B2FCDD81A33FA276FBF3 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
18:17:20.0488 0x0d50  NETwNs64 - ok
18:17:20.0535 0x0d50  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:17:20.0551 0x0d50  nfrd960 - ok
18:17:20.0582 0x0d50  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:17:20.0582 0x0d50  NlaSvc - ok
18:17:20.0644 0x0d50  [ 35DE38E9AD9A05A4B9D48AD19BB5A746, 1D793F5159AC1AFCF816086257AD28E652F5D571808D1E1DCE97A9A1E38329AC ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
18:17:20.0660 0x0d50  nlsX86cc - ok
18:17:20.0722 0x0d50  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:17:20.0769 0x0d50  Npfs - ok
18:17:20.0800 0x0d50  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:17:20.0816 0x0d50  nsi - ok
18:17:20.0831 0x0d50  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:17:20.0863 0x0d50  nsiproxy - ok
18:17:20.0941 0x0d50  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:17:20.0972 0x0d50  Ntfs - ok
18:17:21.0003 0x0d50  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:17:21.0034 0x0d50  Null - ok
18:17:21.0362 0x0d50  [ 185B4FFECD886A424B57B58AE173FBBE, 7CFD51694091035639B900EC64FAD62CC1E5F3DC520F59CC27540B170A957C60 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:17:21.0580 0x0d50  nvlddmkm - ok
18:17:21.0736 0x0d50  [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:17:21.0767 0x0d50  NvNetworkService - ok
18:17:21.0799 0x0d50  [ F4F8000C893987C22CE7B49B47DB1B1C, 064A73D80B75B41316F3D5D6DD4ECEEC8C04D4EF4CCE4BA237EAEF56A7613F24 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:17:21.0799 0x0d50  nvpciflt - ok
18:17:21.0908 0x0d50  [ E1CE82592245B9E9621F17FBF457DB4E, 98B021623B10EBF7ED370BC2516D8377C09E9E2BB49BD96F492F55006B1B8CC4 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:17:21.0939 0x0d50  nvsvc - ok
18:17:22.0033 0x0d50  [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:17:22.0048 0x0d50  nvvad_WaveExtensible - ok
18:17:22.0079 0x0d50  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:17:22.0079 0x0d50  ohci1394 - ok
18:17:22.0126 0x0d50  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:17:22.0142 0x0d50  ose - ok
18:17:22.0391 0x0d50  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:17:22.0469 0x0d50  osppsvc - ok
18:17:22.0516 0x0d50  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:17:22.0532 0x0d50  p2pimsvc - ok
18:17:22.0579 0x0d50  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:17:22.0594 0x0d50  p2psvc - ok
18:17:22.0625 0x0d50  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:17:22.0641 0x0d50  Parport - ok
18:17:22.0672 0x0d50  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:17:22.0672 0x0d50  partmgr - ok
18:17:22.0688 0x0d50  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:17:22.0703 0x0d50  PcaSvc - ok
18:17:22.0735 0x0d50  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:17:22.0735 0x0d50  pci - ok
18:17:22.0766 0x0d50  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:17:22.0781 0x0d50  pciide - ok
18:17:22.0813 0x0d50  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:17:22.0844 0x0d50  pcmcia - ok
18:17:22.0844 0x0d50  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:17:22.0859 0x0d50  pcw - ok
18:17:22.0906 0x0d50  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:17:22.0937 0x0d50  PEAUTH - ok
18:17:22.0953 0x0d50  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:17:22.0953 0x0d50  PerfHost - ok
18:17:23.0062 0x0d50  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:17:23.0109 0x0d50  pla - ok
18:17:23.0171 0x0d50  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:17:23.0203 0x0d50  PlugPlay - ok
18:17:23.0327 0x0d50  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:17:23.0343 0x0d50  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:17:25.0979 0x0d50  Detect skipped due to KSN trusted
18:17:25.0979 0x0d50  Pml Driver HPZ12 - ok
18:17:26.0011 0x0d50  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:17:26.0026 0x0d50  PNRPAutoReg - ok
18:17:26.0104 0x0d50  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:17:26.0135 0x0d50  PNRPsvc - ok
18:17:26.0167 0x0d50  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:17:26.0182 0x0d50  PolicyAgent - ok
18:17:26.0213 0x0d50  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:17:26.0245 0x0d50  Power - ok
18:17:26.0276 0x0d50  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:17:26.0291 0x0d50  PptpMiniport - ok
18:17:26.0307 0x0d50  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:17:26.0323 0x0d50  Processor - ok
18:17:26.0354 0x0d50  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:17:26.0369 0x0d50  ProfSvc - ok
18:17:26.0385 0x0d50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:17:26.0385 0x0d50  ProtectedStorage - ok
18:17:26.0401 0x0d50  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:17:26.0432 0x0d50  Psched - ok
18:17:26.0479 0x0d50  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:17:26.0494 0x0d50  PxHlpa64 - ok
18:17:26.0572 0x0d50  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:17:26.0603 0x0d50  ql2300 - ok
18:17:26.0650 0x0d50  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:17:26.0666 0x0d50  ql40xx - ok
18:17:26.0728 0x0d50  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:17:26.0759 0x0d50  QWAVE - ok
18:17:26.0806 0x0d50  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:17:26.0822 0x0d50  QWAVEdrv - ok
18:17:26.0837 0x0d50  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:17:26.0869 0x0d50  RasAcd - ok
18:17:26.0915 0x0d50  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:17:26.0947 0x0d50  RasAgileVpn - ok
18:17:26.0978 0x0d50  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:17:27.0009 0x0d50  RasAuto - ok
18:17:27.0025 0x0d50  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:17:27.0056 0x0d50  Rasl2tp - ok
18:17:27.0087 0x0d50  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:17:27.0118 0x0d50  RasMan - ok
18:17:27.0165 0x0d50  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:17:27.0212 0x0d50  RasPppoe - ok
18:17:27.0227 0x0d50  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:17:27.0259 0x0d50  RasSstp - ok
18:17:27.0274 0x0d50  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:17:27.0305 0x0d50  rdbss - ok
18:17:27.0321 0x0d50  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:17:27.0337 0x0d50  rdpbus - ok
18:17:27.0352 0x0d50  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:17:27.0383 0x0d50  RDPCDD - ok
18:17:27.0383 0x0d50  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:17:27.0415 0x0d50  RDPENCDD - ok
18:17:27.0415 0x0d50  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:17:27.0430 0x0d50  RDPREFMP - ok
18:17:27.0571 0x0d50  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:17:27.0586 0x0d50  RdpVideoMiniport - ok
18:17:27.0633 0x0d50  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:17:27.0664 0x0d50  RDPWD - ok
18:17:27.0680 0x0d50  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:17:27.0680 0x0d50  rdyboost - ok
18:17:27.0727 0x0d50  [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:17:27.0758 0x0d50  RegSrvc - ok
18:17:27.0805 0x0d50  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:17:27.0851 0x0d50  RemoteAccess - ok
18:17:27.0883 0x0d50  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:17:27.0914 0x0d50  RemoteRegistry - ok
18:17:27.0945 0x0d50  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:17:27.0961 0x0d50  RFCOMM - ok
18:17:28.0023 0x0d50  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:17:28.0070 0x0d50  RpcEptMapper - ok
18:17:28.0101 0x0d50  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:17:28.0101 0x0d50  RpcLocator - ok
18:17:28.0132 0x0d50  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:17:28.0163 0x0d50  RpcSs - ok
18:17:28.0241 0x0d50  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:17:28.0288 0x0d50  rspndr - ok
18:17:28.0522 0x0d50  [ C736749AC756503C0F94D94F5BC39B0E, 1CE0D359C377E7557C3B215ED95420286FD64688FD0CF98290CCDFFFCD2C6386 ] rtsuvc          C:\Windows\system32\DRIVERS\rtsuvc.sys
18:17:28.0647 0x0d50  rtsuvc - ok
18:17:28.0678 0x0d50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
18:17:28.0678 0x0d50  SamSs - ok
18:17:28.0709 0x0d50  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:17:28.0709 0x0d50  sbp2port - ok
18:17:28.0756 0x0d50  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:17:28.0803 0x0d50  SCardSvr - ok
18:17:28.0850 0x0d50  [ 3570E8B9016621C5BC8754B026DDB3B8, A8D2CCB00877EBDC3C9168065D4F13C104DAFF1FCFC932CD49C75F5C0D10DCF6 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
18:17:28.0865 0x0d50  SCDEmu - ok
18:17:28.0881 0x0d50  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:17:28.0912 0x0d50  scfilter - ok
18:17:28.0990 0x0d50  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:17:29.0021 0x0d50  Schedule - ok
18:17:29.0053 0x0d50  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:17:29.0084 0x0d50  SCPolicySvc - ok
18:17:29.0099 0x0d50  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:17:29.0115 0x0d50  sdbus - ok
18:17:29.0146 0x0d50  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:17:29.0162 0x0d50  SDRSVC - ok
18:17:29.0193 0x0d50  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:17:29.0224 0x0d50  secdrv - ok
18:17:29.0271 0x0d50  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:17:29.0287 0x0d50  seclogon - ok
18:17:29.0302 0x0d50  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
18:17:29.0333 0x0d50  SENS - ok
18:17:29.0349 0x0d50  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:17:29.0365 0x0d50  SensrSvc - ok
18:17:29.0380 0x0d50  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:17:29.0380 0x0d50  Serenum - ok
18:17:29.0396 0x0d50  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:17:29.0411 0x0d50  Serial - ok
18:17:29.0427 0x0d50  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:17:29.0427 0x0d50  sermouse - ok
18:17:29.0458 0x0d50  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:17:29.0489 0x0d50  SessionEnv - ok
18:17:29.0536 0x0d50  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
18:17:29.0567 0x0d50  sffdisk - ok
18:17:29.0583 0x0d50  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:17:29.0599 0x0d50  sffp_mmc - ok
18:17:29.0614 0x0d50  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
18:17:29.0630 0x0d50  sffp_sd - ok
18:17:29.0645 0x0d50  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:17:29.0645 0x0d50  sfloppy - ok
18:17:29.0708 0x0d50  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:17:29.0755 0x0d50  SharedAccess - ok
18:17:29.0801 0x0d50  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:17:29.0848 0x0d50  ShellHWDetection - ok
18:17:29.0879 0x0d50  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:17:29.0879 0x0d50  SiSRaid2 - ok
18:17:29.0895 0x0d50  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:17:29.0895 0x0d50  SiSRaid4 - ok
18:17:29.0989 0x0d50  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:17:30.0004 0x0d50  SkypeUpdate - ok
18:17:30.0035 0x0d50  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:17:30.0051 0x0d50  Smb - ok
18:17:30.0067 0x0d50  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:17:30.0082 0x0d50  SNMPTRAP - ok
18:17:30.0113 0x0d50  [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan        C:\Windows\syswow64\speedfan.sys
18:17:30.0129 0x0d50  speedfan - ok
18:17:30.0145 0x0d50  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:17:30.0145 0x0d50  spldr - ok
18:17:30.0207 0x0d50  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:17:30.0238 0x0d50  Spooler - ok
18:17:30.0363 0x0d50  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:17:30.0441 0x0d50  sppsvc - ok
18:17:30.0488 0x0d50  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:17:30.0535 0x0d50  sppuinotify - ok
18:17:30.0566 0x0d50  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:17:30.0581 0x0d50  srv - ok
18:17:30.0628 0x0d50  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:17:30.0644 0x0d50  srv2 - ok
18:17:30.0659 0x0d50  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:17:30.0675 0x0d50  srvnet - ok
18:17:30.0706 0x0d50  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:17:30.0722 0x0d50  SSDPSRV - ok
18:17:30.0737 0x0d50  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:17:30.0769 0x0d50  SstpSvc - ok
18:17:30.0784 0x0d50  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:17:30.0800 0x0d50  stexstor - ok
18:17:30.0847 0x0d50  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:17:30.0862 0x0d50  StillCam - ok
18:17:30.0925 0x0d50  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:17:30.0956 0x0d50  stisvc - ok
18:17:30.0971 0x0d50  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:17:30.0987 0x0d50  swenum - ok
18:17:31.0003 0x0d50  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:17:31.0034 0x0d50  swprv - ok
18:17:31.0065 0x0d50  [ E6A9BD45EF10EFA2EB2D380A32FBA7B6, 520798E914A0C99E59FBBF05E4DC98A0C6DEEBE3D799CC99DF5456A9E3D7A0A1 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:17:31.0081 0x0d50  SynTP - ok
18:17:31.0143 0x0d50  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:17:31.0174 0x0d50  SysMain - ok
18:17:31.0221 0x0d50  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:17:31.0237 0x0d50  TabletInputService - ok
18:17:31.0268 0x0d50  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:17:31.0299 0x0d50  TapiSrv - ok
18:17:31.0330 0x0d50  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:17:31.0346 0x0d50  TBS - ok
18:17:31.0455 0x0d50  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:17:31.0486 0x0d50  Tcpip - ok
18:17:31.0533 0x0d50  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:17:31.0564 0x0d50  TCPIP6 - ok
18:17:31.0595 0x0d50  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:17:31.0611 0x0d50  tcpipreg - ok
18:17:31.0642 0x0d50  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:17:31.0642 0x0d50  TDPIPE - ok
18:17:31.0689 0x0d50  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:17:31.0720 0x0d50  TDTCP - ok
18:17:31.0751 0x0d50  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:17:31.0783 0x0d50  tdx - ok
18:17:31.0798 0x0d50  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:17:31.0814 0x0d50  TermDD - ok
18:17:31.0892 0x0d50  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:17:31.0923 0x0d50  TermService - ok
18:17:31.0970 0x0d50  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:17:31.0970 0x0d50  Themes - ok
18:17:32.0001 0x0d50  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:17:32.0017 0x0d50  THREADORDER - ok
18:17:32.0032 0x0d50  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:17:32.0048 0x0d50  TPM - ok
18:17:32.0063 0x0d50  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:17:32.0095 0x0d50  TrkWks - ok
18:17:32.0141 0x0d50  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:17:32.0157 0x0d50  TrustedInstaller - ok
18:17:32.0188 0x0d50  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:17:32.0204 0x0d50  tssecsrv - ok
18:17:32.0235 0x0d50  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:17:32.0235 0x0d50  TsUsbFlt - ok
18:17:32.0282 0x0d50  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:17:32.0297 0x0d50  TsUsbGD - ok
18:17:32.0344 0x0d50  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:17:32.0391 0x0d50  tunnel - ok
18:17:32.0407 0x0d50  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:17:32.0422 0x0d50  uagp35 - ok
18:17:32.0453 0x0d50  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:17:32.0469 0x0d50  udfs - ok
18:17:32.0516 0x0d50  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:17:32.0531 0x0d50  UI0Detect - ok
18:17:32.0547 0x0d50  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:17:32.0547 0x0d50  uliagpkx - ok
18:17:32.0563 0x0d50  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:17:32.0578 0x0d50  umbus - ok
18:17:32.0594 0x0d50  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:17:32.0609 0x0d50  UmPass - ok
18:17:32.0656 0x0d50  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:17:32.0703 0x0d50  upnphost - ok
18:17:32.0750 0x0d50  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:17:32.0765 0x0d50  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
18:17:35.0386 0x0d50  Detect skipped due to KSN trusted
18:17:35.0386 0x0d50  USBAAPL64 - ok
18:17:35.0433 0x0d50  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:17:35.0449 0x0d50  usbccgp - ok
18:17:35.0495 0x0d50  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:17:35.0511 0x0d50  usbcir - ok
18:17:35.0558 0x0d50  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:17:35.0573 0x0d50  usbehci - ok
18:17:35.0605 0x0d50  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:17:35.0605 0x0d50  usbhub - ok
18:17:35.0651 0x0d50  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:17:35.0667 0x0d50  usbohci - ok
18:17:35.0698 0x0d50  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:17:35.0729 0x0d50  usbprint - ok
18:17:35.0776 0x0d50  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:17:35.0807 0x0d50  usbscan - ok
18:17:35.0823 0x0d50  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:17:35.0839 0x0d50  USBSTOR - ok
18:17:35.0854 0x0d50  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:17:35.0854 0x0d50  usbuhci - ok
18:17:35.0885 0x0d50  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:17:35.0901 0x0d50  usbvideo - ok
18:17:35.0932 0x0d50  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:17:35.0948 0x0d50  UxSms - ok
18:17:35.0979 0x0d50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
18:17:35.0979 0x0d50  VaultSvc - ok
18:17:36.0104 0x0d50  [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
18:17:36.0135 0x0d50  VBoxAswDrv - ok
18:17:36.0182 0x0d50  [ 3A4B01C2BDB07DFEF29B0B369487503A, 83305F55930F355AB71A30509DC313AA3CD856D4B30ED804AF626636F9CD1A6B ] VCSVADHWSer     C:\Windows\system32\DRIVERS\vcsvad.sys
18:17:36.0213 0x0d50  VCSVADHWSer - ok
18:17:36.0244 0x0d50  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:17:36.0260 0x0d50  vdrvroot - ok
18:17:36.0307 0x0d50  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:17:36.0338 0x0d50  vds - ok
18:17:36.0353 0x0d50  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:17:36.0369 0x0d50  vga - ok
18:17:36.0385 0x0d50  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:17:36.0416 0x0d50  VgaSave - ok
18:17:36.0447 0x0d50  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:17:36.0463 0x0d50  vhdmp - ok
18:17:36.0494 0x0d50  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:17:36.0525 0x0d50  viaide - ok
18:17:36.0541 0x0d50  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:17:36.0556 0x0d50  volmgr - ok
18:17:36.0587 0x0d50  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:17:36.0603 0x0d50  volmgrx - ok
18:17:36.0603 0x0d50  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:17:36.0619 0x0d50  volsnap - ok
18:17:36.0634 0x0d50  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:17:36.0650 0x0d50  vsmraid - ok
18:17:36.0728 0x0d50  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:17:36.0775 0x0d50  VSS - ok
18:17:36.0790 0x0d50  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:17:36.0806 0x0d50  vwifibus - ok
18:17:36.0837 0x0d50  [ 13A0DECD1794DE60A8427862C8669D27, 4024AF9F2F052BC80C85F5B9A671499C20AF38838206CC649E6EFE37C380D3BF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:17:36.0837 0x0d50  vwififlt - ok
18:17:36.0853 0x0d50  [ 49003B357D101CDC474937437ECF5ABC, D3EC570D616DC39FE6BF02DA1CD6C30CD07C27CC5B4B6FD6DACB5D8A4F1596A6 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:17:36.0853 0x0d50  vwifimp - ok
18:17:36.0899 0x0d50  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:17:36.0931 0x0d50  W32Time - ok
18:17:36.0962 0x0d50  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:17:36.0977 0x0d50  WacomPen - ok
18:17:36.0993 0x0d50  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:17:37.0024 0x0d50  WANARP - ok
18:17:37.0024 0x0d50  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:17:37.0055 0x0d50  Wanarpv6 - ok
18:17:37.0133 0x0d50  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:17:37.0165 0x0d50  WatAdminSvc - ok
18:17:37.0274 0x0d50  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:17:37.0305 0x0d50  wbengine - ok
18:17:37.0336 0x0d50  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:17:37.0352 0x0d50  WbioSrvc - ok
18:17:37.0383 0x0d50  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:17:37.0399 0x0d50  wcncsvc - ok
18:17:37.0414 0x0d50  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:17:37.0430 0x0d50  WcsPlugInService - ok
18:17:37.0461 0x0d50  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:17:37.0477 0x0d50  Wd - ok
18:17:37.0523 0x0d50  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:17:37.0539 0x0d50  Wdf01000 - ok
18:17:37.0555 0x0d50  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:17:37.0570 0x0d50  WdiServiceHost - ok
18:17:37.0570 0x0d50  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:17:37.0586 0x0d50  WdiSystemHost - ok
18:17:37.0648 0x0d50  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:17:37.0679 0x0d50  WebClient - ok
18:17:37.0726 0x0d50  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:17:37.0773 0x0d50  Wecsvc - ok
18:17:37.0804 0x0d50  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:17:37.0820 0x0d50  wercplsupport - ok
18:17:37.0835 0x0d50  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:17:37.0867 0x0d50  WerSvc - ok
18:17:37.0882 0x0d50  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:17:37.0913 0x0d50  WfpLwf - ok
18:17:37.0929 0x0d50  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:17:37.0929 0x0d50  WIMMount - ok
18:17:37.0960 0x0d50  WinDefend - ok
18:17:37.0991 0x0d50  [ 4DE7D61CF51F4C8261D119CFBDB70243, A88BF58108AAF149FF30B93E3C58785AB1F414FD883FE87211F95AD4A91861DE ] WinDriver6      C:\Windows\system32\drivers\windrvr6.sys
18:17:38.0007 0x0d50  WinDriver6 - ok
18:17:38.0007 0x0d50  WinHttpAutoProxySvc - ok
18:17:38.0054 0x0d50  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:17:38.0101 0x0d50  Winmgmt - ok
18:17:38.0210 0x0d50  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:17:38.0257 0x0d50  WinRM - ok
18:17:38.0319 0x0d50  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:17:38.0335 0x0d50  WinUsb - ok
18:17:38.0381 0x0d50  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:17:38.0413 0x0d50  Wlansvc - ok
18:17:38.0444 0x0d50  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:17:38.0475 0x0d50  wlcrasvc - ok
18:17:38.0631 0x0d50  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:17:38.0662 0x0d50  wlidsvc - ok
18:17:38.0709 0x0d50  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:17:38.0725 0x0d50  WmiAcpi - ok
18:17:38.0771 0x0d50  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:17:38.0771 0x0d50  wmiApSrv - ok
18:17:38.0803 0x0d50  WMPNetworkSvc - ok
18:17:38.0834 0x0d50  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:17:38.0865 0x0d50  WPCSvc - ok
18:17:38.0881 0x0d50  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:17:38.0896 0x0d50  WPDBusEnum - ok
18:17:38.0927 0x0d50  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:17:38.0943 0x0d50  ws2ifsl - ok
18:17:38.0974 0x0d50  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
18:17:38.0990 0x0d50  wscsvc - ok
18:17:38.0990 0x0d50  WSearch - ok
18:17:39.0037 0x0d50  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
18:17:39.0068 0x0d50  wsvd - ok
18:17:39.0177 0x0d50  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:17:39.0224 0x0d50  wuauserv - ok
18:17:39.0239 0x0d50  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:17:39.0255 0x0d50  WudfPf - ok
18:17:39.0286 0x0d50  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:17:39.0302 0x0d50  WUDFRd - ok
18:17:39.0349 0x0d50  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:17:39.0364 0x0d50  wudfsvc - ok
18:17:39.0411 0x0d50  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:17:39.0427 0x0d50  WwanSvc - ok
18:17:39.0567 0x0d50  [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:17:39.0583 0x0d50  ZeroConfigService - ok
18:17:39.0614 0x0d50  ================ Scan global ===============================
18:17:39.0661 0x0d50  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:17:39.0723 0x0d50  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:17:39.0739 0x0d50  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:17:39.0770 0x0d50  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:17:39.0801 0x0d50  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:17:39.0801 0x0d50  [ Global ] - ok
18:17:39.0801 0x0d50  ================ Scan MBR ==================================
18:17:39.0832 0x0d50  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:17:40.0066 0x0d50  \Device\Harddisk0\DR0 - ok
18:17:40.0082 0x0d50  ================ Scan VBR ==================================
18:17:40.0082 0x0d50  [ F550CE8ABACBE2D8F5789D70AE09692E ] \Device\Harddisk0\DR0\Partition1
18:17:40.0082 0x0d50  \Device\Harddisk0\DR0\Partition1 - ok
18:17:40.0082 0x0d50  [ CBF2A5307AA29A17CA918FEE034E5812 ] \Device\Harddisk0\DR0\Partition2
18:17:40.0082 0x0d50  \Device\Harddisk0\DR0\Partition2 - ok
18:17:40.0082 0x0d50  [ 33E1F1D711C26FA0B0C57705BC926A96 ] \Device\Harddisk0\DR0\Partition3
18:17:40.0097 0x0d50  \Device\Harddisk0\DR0\Partition3 - ok
18:17:40.0097 0x0d50  ================ Scan generic autorun ======================
18:17:40.0269 0x0d50  [ 312C7978F0A42DB0475CE31D884DCE88, 53DBEF2473F39754BB1BC352DB9A32607FD3A2E2DC5E7AA6AE821CABEC00CCD1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:17:40.0456 0x0d50  AvastUI.exe - ok
18:17:40.0472 0x0d50  Waiting for KSN requests completion. In queue: 112
18:17:41.0486 0x0d50  Waiting for KSN requests completion. In queue: 112
18:17:42.0500 0x0d50  Waiting for KSN requests completion. In queue: 112
18:17:43.0561 0x0d50  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x40000 ( disabled : updated )
18:17:43.0592 0x0d50  Win FW state via NFP2: enabled
18:17:46.0088 0x0d50  ============================================================
18:17:46.0088 0x0d50  Scan finished
18:17:46.0088 0x0d50  ============================================================
18:17:46.0088 0x0f08  Detected object count: 0
18:17:46.0088 0x0f08  Actual detected object count: 0
 

Link to post
Share on other sites

Very good!

Let's do a final check up:

Step 1

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png

    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!

eset.gif

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.